Field Detail

• INSTANCE

  static final Advapi32 INSTANCE

Method Detail

• GetUserNameW

  boolean GetUserNameW(char[] buffer,
                     IntByReference len)

  Retrieves the name of the user associated with the current thread. http://msdn.microsoft.com/en-us/library/ms724432(VS.85).aspx

  Parameters:

  buffer - Buffer to receive the user's logon name.

  len - On input, the size of the buffer, on output the number of characters copied into the buffer, including the terminating null character.

  Returns:

  True if succeeded.

• LookupAccountName

  boolean LookupAccountName(String lpSystemName,
                          String lpAccountName,
                          WinNT.PSID Sid,
                          IntByReference cbSid,
                          char[] ReferencedDomainName,
                          IntByReference cchReferencedDomainName,
                          PointerByReference peUse)

  Accepts the name of a system and anaccount as input and retrieves a security identifier (SID) for the account and the name of the domain on which the account was found. http://msdn.microsoft.com/en-us/library/aa379159(VS.85).aspx

  Parameters:

  lpSystemName - Specifies the name of the system.

  lpAccountName - Specifies the account name.

  Sid - Receives the SID structure that corresponds to the account name pointed to by the lpAccountName parameter.

  cbSid - On input, this value specifies the size, in bytes, of the Sid buffer. If the function fails because the buffer is too small or if cbSid is zero, this variable receives the required buffer size.

  ReferencedDomainName - Receives the name of the domain where the account name is found.

  cchReferencedDomainName - On input, this value specifies the size, in TCHARs, of the ReferencedDomainName buffer. If the function fails because the buffer is too small, this variable receives the required buffer size, including the terminating null character.

  peUse - SID_NAME_USE enumerated type that indicates the type of the account when the function returns.

  Returns:

  True if the function was successful, False otherwise.

• LookupAccountSid

  boolean LookupAccountSid(String lpSystemName,
                         WinNT.PSID Sid,
                         char[] lpName,
                         IntByReference cchName,
                         char[] ReferencedDomainName,
                         IntByReference cchReferencedDomainName,
                         PointerByReference peUse)

  Retrieves the name of the account for this SID and the name of the first domain on which this SID is found.

  Parameters:

  lpSystemName - Specifies the target computer.

  Sid - The SID to look up.

  lpName - Buffer that receives a null-terminated string that contains the account name that corresponds to the lpSid parameter.

  cchName - On input, specifies the size, in TCHARs, of the lpName buffer. If the function fails because the buffer is too small or if cchName is zero, cchName receives the required buffer size, including the terminating null character.

  ReferencedDomainName - Pointer to a buffer that receives a null-terminated string that contains the name of the domain where the account name was found.

  cchReferencedDomainName - On input, specifies the size, in TCHARs, of the lpReferencedDomainName buffer. If the function fails because the buffer is too small or if cchReferencedDomainName is zero, cchReferencedDomainName receives the required buffer size, including the terminating null character.

  peUse - Pointer to a variable that receives a SID_NAME_USE value that indicates the type of the account.

  Returns:

  If the function succeeds, the function returns nonzero. If the function fails, it returns zero. To get extended error information, call GetLastError.

• ConvertSidToStringSid

  boolean ConvertSidToStringSid(WinNT.PSID Sid,
                              PointerByReference StringSid)

  Convert a security identifier (SID) to a string format suitable for display, storage, or transmission. http://msdn.microsoft.com/en-us/library/aa376399(VS.85).aspx

  Parameters:

  Sid - The SID structure to be converted.

  StringSid - Pointer to a variable that receives a pointer to a null-terminated SID string. To free the returned buffer, call the LocalFree function.

  Returns:

  True if the function was successful, False otherwise.

• ConvertStringSidToSid

  boolean ConvertStringSidToSid(String StringSid,
                              WinNT.PSIDByReference Sid)

  Convert a string-format security identifier (SID) into a valid, functional SID. http://msdn.microsoft.com/en-us/library/aa376402(VS.85).aspx

  Parameters:

  StringSid - The string-format SID to convert.

  Sid - Receives a pointer to the converted SID.

  Returns:

  True if the function was successful, False otherwise.

• GetLengthSid

  int GetLengthSid(WinNT.PSID pSid)

  Returns the length, in bytes, of a valid security identifier (SID). http://msdn.microsoft.com/en-us/library/aa446642(VS.85).aspx

  Parameters:

  pSid - A pointer to the SID structure whose length is returned.

  Returns:

  Length of the SID.

• IsValidSid

  boolean IsValidSid(WinNT.PSID pSid)

  The IsValidSid function validates a security identifier (SID) by verifying that the revision number is within a known range, and that the number of subauthorities is less than the maximum.

  Parameters:

  pSid - Pointer to the SID structure to validate. This parameter cannot be NULL.

  Returns:

  If the SID structure is valid, the return value is nonzero. If the SID structure is not valid, the return value is zero. There is no extended error information for this function; do not call GetLastError.

• IsWellKnownSid

  boolean IsWellKnownSid(WinNT.PSID pSid,
                       int wellKnownSidType)

  Compares a SID to a well known SID and returns TRUE if they match.

  Parameters:

  pSid - SID to test.

  wellKnownSidType - Member of the WELL_KNOWN_SID_TYPE enumeration to compare with the SID at pSid.

  Returns:

  True if the SID is of a given well known type, false otherwise.

• CreateWellKnownSid

  boolean CreateWellKnownSid(int wellKnownSidType,
                           WinNT.PSID domainSid,
                           WinNT.PSID pSid,
                           IntByReference cbSid)

  The CreateWellKnownSid function creates a SID for predefined aliases.

  Parameters:

  wellKnownSidType - Member of the WELL_KNOWN_SID_TYPE enumeration that specifies what the SID will identify.

  domainSid - Pointer to a SID that identifies the domain control to use when creating the SID. Pass NULL to use the local computer.

  pSid - Pointer to memory where CreateWellKnownSid will store the new SID.

  cbSid - Pointer to a DWORD that contains the number of bytes available at pSid. The CreateWellKnownSid function stores the number of bytes actually used at this location.

  Returns:

  If the function succeeds, the return value is nonzero. If the function fails, the return value is zero. For extended error information, call GetLastError.

• LogonUser

  boolean LogonUser(String lpszUsername,
                  String lpszDomain,
                  String lpszPassword,
                  int logonType,
                  int logonProvider,
                  WinNT.HANDLEByReference phToken)

  The LogonUser function attempts to log a user on to the local computer. The local computer is the computer from which LogonUser was called. You cannot use LogonUser to log on to a remote computer. You specify the user with a user name and domain, and authenticate the user with a plaintext password. If the function succeeds, you receive a handle to a token that represents the logged-on user. You can then use this token handle to impersonate the specified user or, in most cases, to create a process that runs in the context of the specified user.

  Parameters:

  lpszUsername - A pointer to a null-terminated string that specifies the name of the user. This is the name of the user account to log on to. If you use the user principal name (UPN) format, user@DNS_domain_name, the lpszDomain parameter must be NULL.

  lpszDomain - A pointer to a null-terminated string that specifies the name of the domain or server whose account database contains the lpszUsername account. If this parameter is NULL, the user name must be specified in UPN format. If this parameter is ".", the function validates the account using only the local account database.

  lpszPassword - A pointer to a null-terminated string that specifies the plaintext password for the user account specified by lpszUsername.

  logonType - The type of logon operation to perform.

  logonProvider - Specifies the logon provider.

  phToken - A pointer to a handle variable that receives a handle to a token that represents the specified user.

  Returns:

  If the function succeeds, the function returns nonzero. If the function fails, it returns zero. To get extended error information, call GetLastError.

• OpenThreadToken

  boolean OpenThreadToken(WinNT.HANDLE ThreadHandle,
                        int DesiredAccess,
                        boolean OpenAsSelf,
                        WinNT.HANDLEByReference TokenHandle)

  The OpenThreadToken function opens the access token associated with a thread.

  Parameters:

  ThreadHandle - Handle to the thread whose access token is opened.

  DesiredAccess - Specifies an access mask that specifies the requested types of access to the access token. These requested access types are reconciled against the token's discretionary access control list (DACL) to determine which accesses are granted or denied.

  OpenAsSelf - Indicates whether the access check is to be made against the security context of the thread calling the OpenThreadToken function or against the security context of the process for the calling thread.

  TokenHandle - Pointer to a variable that receives the handle to the newly opened access token.

  Returns:

  If the function succeeds, the return value is nonzero. If the function fails, the return value is zero. To get extended error information, call GetLastError.

• OpenProcessToken

  boolean OpenProcessToken(WinNT.HANDLE ProcessHandle,
                         int DesiredAccess,
                         WinNT.HANDLEByReference TokenHandle)

  The OpenProcessToken function opens the access token associated with a process.

  Parameters:

  ProcessHandle - Handle to the process whose access token is opened. The process must have the PROCESS_QUERY_INFORMATION access permission.

  DesiredAccess - Specifies an access mask that specifies the requested types of access to the access token. These requested access types are compared with the discretionary access control list (DACL) of the token to determine which accesses are granted or denied.

  TokenHandle - Pointer to a handle that identifies the newly opened access token when the function returns.

  Returns:

  If the function succeeds, the return value is nonzero. If the function fails, the return value is zero. To get extended error information, call GetLastError.

• DuplicateToken

  boolean DuplicateToken(WinNT.HANDLE ExistingTokenHandle,
                       int ImpersonationLevel,
                       WinNT.HANDLEByReference DuplicateTokenHandle)

  The DuplicateToken function creates a new access token that duplicates one already in existence.

  Parameters:

  ExistingTokenHandle - Handle to an access token opened with TOKEN_DUPLICATE access.

  ImpersonationLevel - Specifies a SECURITY_IMPERSONATION_LEVEL enumerated type that supplies the impersonation level of the new token.

  DuplicateTokenHandle - Pointer to a variable that receives a handle to the duplicate token. This handle has TOKEN_IMPERSONATE and TOKEN_QUERY access to the new token.

  Returns:

  If the function succeeds, the return value is nonzero. If the function fails, the return value is zero. To get extended error information, call GetLastError.

• DuplicateTokenEx

  boolean DuplicateTokenEx(WinNT.HANDLE hExistingToken,
                         int dwDesiredAccess,
                         WinBase.SECURITY_ATTRIBUTES lpTokenAttributes,
                         int ImpersonationLevel,
                         int TokenType,
                         WinNT.HANDLEByReference phNewToken)

  The DuplicateTokenEx function creates a new access token that duplicates an existing token. This function can create either a primary token or an impersonation token.

  Parameters:

  hExistingToken - A handle to an access token opened with TOKEN_DUPLICATE access.

  dwDesiredAccess - Specifies the requested access rights for the new token.

  lpTokenAttributes - A pointer to a SECURITY_ATTRIBUTES structure that specifies a security descriptor for the new token and determines whether child processes can inherit the token.

  ImpersonationLevel - Specifies a value from the SECURITY_IMPERSONATION_LEVEL enumeration that indicates the impersonation level of the new token.

  TokenType - Specifies one of the following values from the TOKEN_TYPE enumeration.

  phNewToken - A pointer to a HANDLE variable that receives the new token.

  Returns:

  If the function succeeds, the function returns a nonzero value. If the function fails, it returns zero. To get extended error information, call GetLastError.

• GetTokenInformation

  boolean GetTokenInformation(WinNT.HANDLE tokenHandle,
                            int tokenInformationClass,
                            Structure tokenInformation,
                            int tokenInformationLength,
                            IntByReference returnLength)

  Retrieves a specified type of information about an access token. The calling process must have appropriate access rights to obtain the information.

  Parameters:

  tokenHandle - Handle to an access token from which information is retrieved. If TokenInformationClass specifies TokenSource, the handle must have TOKEN_QUERY_SOURCE access. For all other TokenInformationClass values, the handle must have TOKEN_QUERY access.

  tokenInformationClass - Specifies a value from the TOKEN_INFORMATION_CLASS enumerated type to identify the type of information the function retrieves.

  tokenInformation - Pointer to a buffer the function fills with the requested information. The structure put into this buffer depends upon the type of information specified by the TokenInformationClass parameter.

  tokenInformationLength - Specifies the size, in bytes, of the buffer pointed to by the TokenInformation parameter. If TokenInformation is NULL, this parameter must be zero.

  returnLength - Pointer to a variable that receives the number of bytes needed for the buffer pointed to by the TokenInformation parameter. If this value is larger than the value specified in the TokenInformationLength parameter, the function fails and stores no data in the buffer.

  Returns:

  If the function succeeds, the return value is nonzero. If the function fails, the return value is zero. To get extended error information, call GetLastError.

• ImpersonateLoggedOnUser

  boolean ImpersonateLoggedOnUser(WinNT.HANDLE hToken)

  The ImpersonateLoggedOnUser function lets the calling thread impersonate the security context of a logged-on user. The user is represented by a token handle.

  Parameters:

  hToken - Handle to a primary or impersonation access token that represents a logged-on user. This can be a token handle returned by a call to LogonUser, CreateRestrictedToken, DuplicateToken, DuplicateTokenEx, OpenProcessToken, or OpenThreadToken functions. If hToken is a primary token, it must have TOKEN_QUERY and TOKEN_DUPLICATE access. If hToken is an impersonation token, it must have TOKEN_QUERY and TOKEN_IMPERSONATE access.

  Returns:

  If the function succeeds, the return value is nonzero.

• ImpersonateSelf

  boolean ImpersonateSelf(int ImpersonationLevel)

  The ImpersonateSelf function obtains an access token that impersonates the security context of the calling process. The token is assigned to the calling thread.

  Parameters:

  ImpersonationLevel - Specifies a SECURITY_IMPERSONATION_LEVEL enumerated type that supplies the impersonation level of the new token.

  Returns:

  If the function succeeds, the return value is nonzero.

• RevertToSelf

  boolean RevertToSelf()

  The RevertToSelf function terminates the impersonation of a client application.

  Returns:

  If the function succeeds, the return value is nonzero.

• RegOpenKeyEx

  int RegOpenKeyEx(WinReg.HKEY hKey,
                 String lpSubKey,
                 int ulOptions,
                 int samDesired,
                 WinReg.HKEYByReference phkResult)

  The RegOpenKeyEx function opens the specified registry key. Note that key names are not case sensitive.

  Parameters:

  hKey - Handle to an open key.

  lpSubKey - Pointer to a null-terminated string containing the name of the subkey to open.

  ulOptions - Reserved; must be zero.

  samDesired - Access mask that specifies the desired access rights to the key. The function fails if the security descriptor of the key does not permit the requested access for the calling process.

  phkResult - Pointer to a variable that receives a handle to the opened key. If the key is not one of the predefined registry keys, call the RegCloseKey function after you have finished using the handle.

  Returns:

  If the function succeeds, the return value is ERROR_SUCCESS. If the function fails, the return value is a nonzero error code defined in Winerror.h.

• RegQueryValueEx

  int RegQueryValueEx(WinReg.HKEY hKey,
                    String lpValueName,
                    int lpReserved,
                    IntByReference lpType,
                    char[] lpData,
                    IntByReference lpcbData)

  The RegQueryValueEx function retrieves the type and data for a specified value name associated with an open registry key.

  Parameters:

  hKey - Handle to an open key. The key must have been opened with the KEY_QUERY_VALUE access right.

  lpValueName - Pointer to a null-terminated string containing the name of the value to query. If lpValueName is NULL or an empty string, "", the function retrieves the type and data for the key's unnamed or default value, if any.

  lpReserved - Reserved; must be NULL.

  lpType - Pointer to a variable that receives a code indicating the type of data stored in the specified value.

  lpData - Pointer to a buffer that receives the value's data. This parameter can be NULL if the data is not required. If the data is a string, the function checks for a terminating null character. If one is not found, the string is stored with a null terminator if the buffer is large enough to accommodate the extra character. Otherwise, the string is stored as is.

  lpcbData - Pointer to a variable that specifies the size of the buffer pointed to by the lpData parameter, in bytes. When the function returns, this variable contains the size of the data copied to lpData. The lpcbData parameter can be NULL only if lpData is NULL. If the data has the REG_SZ, REG_MULTI_SZ or REG_EXPAND_SZ type, this size includes any terminating null character or characters. If the buffer specified by lpData parameter is not large enough to hold the data, the function returns ERROR_MORE_DATA and stores the required buffer size in the variable pointed to by lpcbData. In this case, the contents of the lpData buffer are undefined. If lpData is NULL, and lpcbData is non-NULL, the function returns ERROR_SUCCESS and stores the size of the data, in bytes, in the variable pointed to by lpcbData. This enables an application to determine the best way to allocate a buffer for the value's data.

  Returns:

  If the function succeeds, the return value is ERROR_SUCCESS. If the function fails, the return value is a nonzero error code defined in Winerror.h.

• RegQueryValueEx

  int RegQueryValueEx(WinReg.HKEY hKey,
                    String lpValueName,
                    int lpReserved,
                    IntByReference lpType,
                    byte[] lpData,
                    IntByReference lpcbData)

• RegQueryValueEx

  int RegQueryValueEx(WinReg.HKEY hKey,
                    String lpValueName,
                    int lpReserved,
                    IntByReference lpType,
                    IntByReference lpData,
                    IntByReference lpcbData)

• RegQueryValueEx

  int RegQueryValueEx(WinReg.HKEY hKey,
                    String lpValueName,
                    int lpReserved,
                    IntByReference lpType,
                    LongByReference lpData,
                    IntByReference lpcbData)

• RegQueryValueEx

  int RegQueryValueEx(WinReg.HKEY hKey,
                    String lpValueName,
                    int lpReserved,
                    IntByReference lpType,
                    Pointer lpData,
                    IntByReference lpcbData)

• RegCloseKey

  int RegCloseKey(WinReg.HKEY hKey)

  The RegCloseKey function releases a handle to the specified registry key.

  Parameters:

  hKey - Handle to the open key to be closed. The handle must have been opened by the RegCreateKeyEx, RegOpenKeyEx, or RegConnectRegistry function.

  Returns:

  If the function succeeds, the return value is ERROR_SUCCESS. If the function fails, the return value is a nonzero error code defined in Winerror.h.

• RegDeleteValue

  int RegDeleteValue(WinReg.HKEY hKey,
                   String lpValueName)

  The RegDeleteValue function removes a named value from the specified registry key. Note that value names are not case sensitive.

  Parameters:

  hKey - Handle to an open key. The key must have been opened with the KEY_SET_VALUE access right.

  lpValueName - Pointer to a null-terminated string that names the value to remove. If this parameter is NULL or an empty string, the value set by the RegSetValue function is removed.

  Returns:

  If the function succeeds, the return value is ERROR_SUCCESS. If the function fails, the return value is a nonzero error code defined in Winerror.h.

• RegSetValueEx

  int RegSetValueEx(WinReg.HKEY hKey,
                  String lpValueName,
                  int Reserved,
                  int dwType,
                  char[] lpData,
                  int cbData)

  The RegSetValueEx function sets the data and type of a specified value under a registry key.

  Parameters:

  hKey - Handle to an open key. The key must have been opened with the KEY_SET_VALUE access right.

  lpValueName - Pointer to a string containing the name of the value to set. If a value with this name is not already present in the key, the function adds it to the key. If lpValueName is NULL or an empty string, "", the function sets the type and data for the key's unnamed or default value.

  Reserved - Reserved; must be zero.

  dwType - Type of data pointed to by the lpData parameter.

  lpData - Pointer to a buffer containing the data to be stored with the specified value name.

  cbData - Size of the information pointed to by the lpData parameter, in bytes. If the data is of type REG_SZ, REG_EXPAND_SZ, or REG_MULTI_SZ, cbData must include the size of the terminating null character or characters.

  Returns:

  If the function succeeds, the return value is ERROR_SUCCESS. If the function fails, the return value is a nonzero error code defined in Winerror.h.

• RegSetValueEx

  int RegSetValueEx(WinReg.HKEY hKey,
                  String lpValueName,
                  int Reserved,
                  int dwType,
                  byte[] lpData,
                  int cbData)

• RegCreateKeyEx

  int RegCreateKeyEx(WinReg.HKEY hKey,
                   String lpSubKey,
                   int Reserved,
                   String lpClass,
                   int dwOptions,
                   int samDesired,
                   WinBase.SECURITY_ATTRIBUTES lpSecurityAttributes,
                   WinReg.HKEYByReference phkResult,
                   IntByReference lpdwDisposition)

  Parameters:

  hKey -

  lpSubKey -

  Reserved -

  lpClass -

  dwOptions -

  samDesired -

  lpSecurityAttributes -

  phkResult -

  lpdwDisposition -

  Returns:

  If the function succeeds, the return value is ERROR_SUCCESS. If the function fails, the return value is a nonzero error code defined in Winerror.h.

• RegDeleteKey

  int RegDeleteKey(WinReg.HKEY hKey,
                 String name)

  Parameters:

  hKey -

  name -

  Returns:

  If the function succeeds, the return value is ERROR_SUCCESS. If the function fails, the return value is a nonzero error code defined in Winerror.h.

• RegEnumKeyEx

  int RegEnumKeyEx(WinReg.HKEY hKey,
                 int dwIndex,
                 char[] lpName,
                 IntByReference lpcName,
                 IntByReference reserved,
                 char[] lpClass,
                 IntByReference lpcClass,
                 WinBase.FILETIME lpftLastWriteTime)

  The RegEnumKeyEx function enumerates subkeys of the specified open registry key. The function retrieves information about one subkey each time it is called.

  Parameters:

  hKey - Handle to an open key. The key must have been opened with the KEY_ENUMERATE_SUB_KEYS access right.

  dwIndex - Index of the subkey to retrieve. This parameter should be zero for the first call to the RegEnumKeyEx function and then incremented for subsequent calls. Because subkeys are not ordered, any new subkey will have an arbitrary index. This means that the function may return subkeys in any order.

  lpName - Pointer to a buffer that receives the name of the subkey, including the terminating null character. The function copies only the name of the subkey, not the full key hierarchy, to the buffer.

  lpcName - Pointer to a variable that specifies the size of the buffer specified by the lpName parameter, in TCHARs. This size should include the terminating null character. When the function returns, the variable pointed to by lpcName contains the number of characters stored in the buffer. The count returned does not include the terminating null character.

  reserved - Reserved; must be NULL.

  lpClass - Pointer to a buffer that receives the null-terminated class string of the enumerated subkey. This parameter can be NULL.

  lpcClass - Pointer to a variable that specifies the size of the buffer specified by the lpClass parameter, in TCHARs. The size should include the terminating null character. When the function returns, lpcClass contains the number of characters stored in the buffer. The count returned does not include the terminating null character. This parameter can be NULL only if lpClass is NULL.

  lpftLastWriteTime - Pointer to a variable that receives the time at which the enumerated subkey was last written.

  Returns:

  If the function succeeds, the return value is ERROR_SUCCESS. If the function fails, the return value is a nonzero error code defined in Winerror.h.

• RegEnumValue

  int RegEnumValue(WinReg.HKEY hKey,
                 int dwIndex,
                 char[] lpValueName,
                 IntByReference lpcchValueName,
                 IntByReference reserved,
                 IntByReference lpType,
                 byte[] lpData,
                 IntByReference lpcbData)

  The RegEnumValue function enumerates the values for the specified open registry key. The function copies one indexed value name and data block for the key each time it is called.

  Parameters:

  hKey - Handle to an open key. The key must have been opened with the KEY_QUERY_VALUE access right.

  dwIndex - Index of the value to be retrieved. This parameter should be zero for the first call to the RegEnumValue function and then be incremented for subsequent calls. Because values are not ordered, any new value will have an arbitrary index. This means that the function may return values in any order.

  lpValueName - Pointer to a buffer that receives the name of the value, including the terminating null character.

  lpcchValueName - Pointer to a variable that specifies the size of the buffer pointed to by the lpValueName parameter, in TCHARs. This size should include the terminating null character. When the function returns, the variable pointed to by lpcValueName contains the number of characters stored in the buffer. The count returned does not include the terminating null character.

  reserved - Reserved; must be NULL.

  lpType - Pointer to a variable that receives a code indicating the type of data stored in the specified value.

  lpData - Pointer to a buffer that receives the data for the value entry. This parameter can be NULL if the data is not required.

  lpcbData - Pointer to a variable that specifies the size of the buffer pointed to by the lpData parameter, in bytes.

  Returns:

  If the function succeeds, the return value is ERROR_SUCCESS. If the function fails, the return value is a nonzero error code defined in Winerror.h.

• RegQueryInfoKey

  int RegQueryInfoKey(WinReg.HKEY hKey,
                    char[] lpClass,
                    IntByReference lpcClass,
                    IntByReference lpReserved,
                    IntByReference lpcSubKeys,
                    IntByReference lpcMaxSubKeyLen,
                    IntByReference lpcMaxClassLen,
                    IntByReference lpcValues,
                    IntByReference lpcMaxValueNameLen,
                    IntByReference lpcMaxValueLen,
                    IntByReference lpcbSecurityDescriptor,
                    WinBase.FILETIME lpftLastWriteTime)

  The RegQueryInfoKey function retrieves information about the specified registry key.

  Parameters:

  hKey - A handle to an open key. The key must have been opened with the KEY_QUERY_VALUE access right.

  lpClass - A pointer to a buffer that receives the null-terminated class string of the key. This parameter can be ignored. This parameter can be NULL.

  lpcClass - A pointer to a variable that specifies the size of the buffer pointed to by the lpClass parameter, in characters.

  lpReserved - Reserved; must be NULL.

  lpcSubKeys - A pointer to a variable that receives the number of subkeys that are contained by the specified key. This parameter can be NULL.

  lpcMaxSubKeyLen - A pointer to a variable that receives the size of the key's subkey with the longest name, in characters, not including the terminating null character. This parameter can be NULL.

  lpcMaxClassLen - A pointer to a variable that receives the size of the longest string that specifies a subkey class, in characters. The count returned does not include the terminating null character. This parameter can be NULL.

  lpcValues - A pointer to a variable that receives the number of values that are associated with the key. This parameter can be NULL.

  lpcMaxValueNameLen - A pointer to a variable that receives the size of the key's longest value name, in characters. The size does not include the terminating null character. This parameter can be NULL.

  lpcMaxValueLen - A pointer to a variable that receives the size of the longest data component among the key's values, in bytes. This parameter can be NULL.

  lpcbSecurityDescriptor - A pointer to a variable that receives the size of the key's security descriptor, in bytes. This parameter can be NULL.

  lpftLastWriteTime - A pointer to a FILETIME structure that receives the last write time. This parameter can be NULL.

  Returns:

  If the function succeeds, the return value is ERROR_SUCCESS. If the function fails, the return value is a nonzero error code defined in Winerror.h.

• RegisterEventSource

  WinNT.HANDLE RegisterEventSource(String lpUNCServerName,
                                 String lpSourceName)

  Retrieves a registered handle to the specified event log.

  Parameters:

  lpUNCServerName - The Universal Naming Convention (UNC) name of the remote server on which this operation is to be performed. If this parameter is NULL, the local computer is used.

  lpSourceName - The name of the event source whose handle is to be retrieved. The source name must be a subkey of a log under the Eventlog registry key. However, the Security log is for system use only.

  Returns:

  If the function succeeds, the return value is a handle to the event log. If the function fails, the return value is NULL. To get extended error information, call GetLastError. The function returns ERROR_ACCESS_DENIED if lpSourceName specifies the Security event log.

• DeregisterEventSource

  boolean DeregisterEventSource(WinNT.HANDLE hEventLog)

  Closes the specified event log.

  Parameters:

  hEventLog - A handle to the event log. The RegisterEventSource function returns this handle.

  Returns:

  If the function succeeds, the return value is nonzero. If the function fails, the return value is zero. To get extended error information, call GetLastError.

• OpenEventLog

  WinNT.HANDLE OpenEventLog(String lpUNCServerName,
                          String lpSourceName)

  Opens a handle to the specified event log.

  Parameters:

  lpUNCServerName - The Universal Naming Convention (UNC) name of the remote server on which the event log is to be opened. If this parameter is NULL, the local computer is used.

  lpSourceName - The name of the log. If you specify a custom log and it cannot be found, the event logging service opens the Application log; however, there will be no associated message or category string file.

  Returns:

  If the function succeeds, the return value is the handle to an event log. If the function fails, the return value is NULL. To get extended error information, call GetLastError.

• CloseEventLog

  boolean CloseEventLog(WinNT.HANDLE hEventLog)

  Closes the specified event log.

  Parameters:

  hEventLog - A handle to the event log to be closed. The OpenEventLog or OpenBackupEventLog function returns this handle.

  Returns:

  If the function succeeds, the return value is nonzero. If the function fails, the return value is zero. To get extended error information, call GetLastError.

• GetNumberOfEventLogRecords

  boolean GetNumberOfEventLogRecords(WinNT.HANDLE hEventLog,
                                   IntByReference NumberOfRecords)

  Retrieves the number of records in the specified event log.

  Parameters:

  hEventLog - A handle to the open event log. The OpenEventLog or OpenBackupEventLog function returns this handle.

  NumberOfRecords - A pointer to a variable that receives the number of records in the specified event log.

  Returns:

  If the function succeeds, the return value is nonzero. If the function fails, the return value is zero. To get extended error information, call GetLastError.

• ReportEvent

  boolean ReportEvent(WinNT.HANDLE hEventLog,
                    int wType,
                    int wCategory,
                    int dwEventID,
                    WinNT.PSID lpUserSid,
                    int wNumStrings,
                    int dwDataSize,
                    String[] lpStrings,
                    Pointer lpRawData)

  Writes an entry at the end of the specified event log.

  Parameters:

  hEventLog - A handle to the event log. The RegisterEventSource function returns this handle. As of Windows XP with SP2, this parameter cannot be a handle to the Security log. To write an event to the Security log, use the AuthzReportSecurityEvent function.

  wType - The type of event to be logged.

  wCategory - The event category. This is source-specific information; the category can have any value.

  dwEventID - The event identifier. The event identifier specifies the entry in the message file associated with the event source.

  lpUserSid - A pointer to the current user's security identifier. This parameter can be NULL if the security identifier is not required.

  wNumStrings - The number of insert strings in the array pointed to by the lpStrings parameter. A value of zero indicates that no strings are present.

  dwDataSize - The number of bytes of event-specific raw (binary) data to write to the log. If this parameter is zero, no event-specific data is present.

  lpStrings - A pointer to a buffer containing an array of null-terminated strings that are merged into the message before Event Viewer displays the string to the user. This parameter must be a valid pointer (or NULL), even if wNumStrings is zero. Each string is limited to 31,839 characters.

  lpRawData - A pointer to the buffer containing the binary data. This parameter must be a valid pointer (or NULL), even if the dwDataSize parameter is zero.

  Returns:

  If the function succeeds, the return value is nonzero, indicating that the entry was written to the log. If the function fails, the return value is zero. To get extended error information, call GetLastError.

• ClearEventLog

  boolean ClearEventLog(WinNT.HANDLE hEventLog,
                      String lpBackupFileName)

  Clears the specified event log, and optionally saves the current copy of the log to a backup file.

  Parameters:

  hEventLog - A handle to the event log to be cleared. The OpenEventLog function returns this handle.

  lpBackupFileName - The absolute or relative path of the backup file. If this file already exists, the function fails. If the lpBackupFileName parameter is NULL, the event log is not backed up.

  Returns:

  If the function succeeds, the return value is nonzero. If the function fails, the return value is zero. To get extended error information, call GetLastError. The ClearEventLog function can fail if the event log is empty or the backup file already exists.

• BackupEventLog

  boolean BackupEventLog(WinNT.HANDLE hEventLog,
                       String lpBackupFileName)

  Saves the specified event log to a backup file. The function does not clear the event log.

  Parameters:

  hEventLog - A handle to the open event log. The OpenEventLog function returns this handle.

  lpBackupFileName - The absolute or relative path of the backup file.

  Returns:

  If the function succeeds, the return value is nonzero. If the function fails, the return value is zero. To get extended error information, call GetLastError.

• OpenBackupEventLog

  WinNT.HANDLE OpenBackupEventLog(String lpUNCServerName,
                                String lpFileName)

  Opens a handle to a backup event log created by the BackupEventLog function.

  Parameters:

  lpUNCServerName - The Universal Naming Convention (UNC) name of the remote server on which this operation is to be performed. If this parameter is NULL, the local computer is used.

  lpFileName - The full path of the backup file.

  Returns:

  If the function succeeds, the return value is a handle to the backup event log. If the function fails, the return value is NULL. To get extended error information, call GetLastError.

• ReadEventLog

  boolean ReadEventLog(WinNT.HANDLE hEventLog,
                     int dwReadFlags,
                     int dwRecordOffset,
                     Pointer lpBuffer,
                     int nNumberOfBytesToRead,
                     IntByReference pnBytesRead,
                     IntByReference pnMinNumberOfBytesNeeded)

  Reads the specified number of entries from the specified event log. The function can be used to read log entries in chronological or reverse chronological order.

  Parameters:

  hEventLog - A handle to the event log to be read. The OpenEventLog function returns this handle.

  dwReadFlags - Use the following flag values to indicate how to read the log file.

  dwRecordOffset - The record number of the log-entry at which the read operation should start. This parameter is ignored unless dwReadFlags includes the EVENTLOG_SEEK_READ flag.

  lpBuffer - An application-allocated buffer that will receive one or more EVENTLOGRECORD structures. This parameter cannot be NULL, even if the nNumberOfBytesToRead parameter is zero. The maximum size of this buffer is 0x7ffff bytes.

  nNumberOfBytesToRead - The size of the lpBuffer buffer, in bytes. This function will read as many log entries as will fit in the buffer; the function will not return partial entries.

  pnBytesRead - A pointer to a variable that receives the number of bytes read by the function.

  pnMinNumberOfBytesNeeded - A pointer to a variable that receives the required size of the lpBuffer buffer. This value is valid only this function returns zero and GetLastError returns ERROR_INSUFFICIENT_BUFFER.

  Returns:

  If the function succeeds, the return value is nonzero. If the function fails, the return value is zero. To get extended error information, call GetLastError.

• GetOldestEventLogRecord

  boolean GetOldestEventLogRecord(WinNT.HANDLE hEventLog,
                                IntByReference OldestRecord)

  The GetOldestEventLogRecord function retrieves the absolute record number of the oldest record in the specified event log.

  Parameters:

  hEventLog - Handle to the open event log. This handle is returned by the OpenEventLog or OpenBackupEventLog function.

  OldestRecord - Pointer to a variable that receives the absolute record number of the oldest record in the specified event log.

  Returns:

  If the function succeeds, the return value is nonzero. If the function fails, the return value is zero. To get extended error information, call GetLastError.

• QueryServiceStatusEx

  boolean QueryServiceStatusEx(Winsvc.SC_HANDLE hService,
                             int InfoLevel,
                             Winsvc.SERVICE_STATUS_PROCESS lpBuffer,
                             int cbBufSize,
                             IntByReference pcbBytesNeeded)

  Retrieves the current status of the specified service based on the specified information level.

  Parameters:

  hService - A handle to the service. This handle is returned by the OpenService(SC_HANDLE, String, int) or CreateService() function, and it must have the SERVICE_QUERY_STATUS access right. For more information, see Service Security and Access Rights.

  InfoLevel - The service attributes to be returned (a value from SC_STATUS_TYPE enumeration). Use SC_STATUS_PROCESS_INFO to retrieve the service status information. The lpBuffer parameter is a pointer to a SERVICE_STATUS_PROCESS structure. Currently, no other information levels are defined.

  lpBuffer - (optional) A pointer to the buffer that receives the status information. The format of this data depends on the value of the InfoLevel parameter. The maximum size of this array is 8K bytes. To determine the required size, specify NULL for this parameter and 0 for the cbBufSize parameter. The function will fail and GetLastError will return ERROR_INSUFFICIENT_BUFFER. The pcbBytesNeeded parameter will receive the required size.

  cbBufSize - The size of the buffer pointed to by the lpBuffer parameter, in bytes.

  pcbBytesNeeded - A pointer to a variable that receives the number of bytes needed to store all status information, if the function fails with ERROR_INSUFFICIENT_BUFFER.

  Returns:

  If the function succeeds, the return value is true. If the function fails, the return value is false. To get extended error information, call GetLastError. This value is a nonzero error code defined in Winerror.h.

• ControlService

  boolean ControlService(Winsvc.SC_HANDLE hService,
                       int dwControl,
                       Winsvc.SERVICE_STATUS lpServiceStatus)

  Sends a control code to a service. To specify additional information when stopping a service, use the ControlServiceEx function.

  Parameters:

  hService - A handle to the service. This handle is returned by the OpenService(SC_HANDLE, String, int) or CreateService() function. The access rights required for this handle depend on the dwControl code requested.

  dwControl - This parameter can be one of the following control codes (found in Winsvc.h): SERVICE_CONTROL_STOP, SERVICE_CONTROL_PAUSE, SERVICE_CONTROL_CONTINUE SERVICE_CONTROL_INTERROGATE, SERVICE_CONTROL_PARAMCHANGE, SERVICE_CONTROL_NETBINDADD, SERVICE_CONTROL_NETBINDREMOVE, SERVICE_CONTROL_NETBINDENABLE, SERVICE_CONTROL_NETBINDDISABLE This value can also be a user-defined control code, as described below: Range 128 to 255 - The service defines the action associated with the control code. The hService handle must have the SERVICE_USER_DEFINED_CONTROL access right.

  lpServiceStatus - A pointer to a SERVICE_STATUS structure that receives the latest service status information. The information returned reflects the most recent status that the service reported to the service control manager. The service control manager fills in the structure only when ControlService returns one of the following error codes: NO_ERROR, ERROR_INVALID_SERVICE_CONTROL, ERROR_SERVICE_CANNOT_ACCEPT_CTRL, or ERROR_SERVICE_NOT_ACTIVE. Otherwise, the structure is not filled in.

  Returns:

  If the function succeeds, the return value is true. If the function fails, the return value is false. To get extended error information, call GetLastError. This value is a nonzero error code defined in Winerror.h.

• StartService

  boolean StartService(Winsvc.SC_HANDLE hService,
                     int dwNumServiceArgs,
                     String[] lpServiceArgVectors)

  Starts a service.

  Parameters:

  hService - A handle to the service. This handle is returned by the OpenService(SC_HANDLE, String, int) or CreateService() function, and it must have the SERVICE_START access right. For more information, see Service Security and Access Rights.

  dwNumServiceArgs - The number of strings in the lpServiceArgVectors array. If lpServiceArgVectors is NULL, this parameter can be zero.

  lpServiceArgVectors - The null-terminated strings to be passed to the ServiceMain function for the service as arguments. If there are no arguments, this parameter can be null. Otherwise, the first argument (lpServiceArgVectors[0]) is the name of the service, followed by any additional arguments (lpServiceArgVectors[1] through lpServiceArgVectors[dwNumServiceArgs-1]). Driver services do not receive these arguments.

  Returns:

  If the function succeeds, the return value is true. If the function fails, the return value is false. To get extended error information, call GetLastError. This value is a nonzero error code defined in Winerror.h.

• CloseServiceHandle

  boolean CloseServiceHandle(Winsvc.SC_HANDLE hSCObject)

  Closes a handle to a service control manager or service object.

  Parameters:

  hSCObject - A handle to the service control manager object or the service object to close. Handles to service control manager objects are returned by the OpenSCManager(String, String, int) function, and handles to service objects are returned by either the OpenService(SC_HANDLE, String, int) or CreateService() function.

  Returns:

  If the function succeeds, the return value is nonzero. If the function fails, the return value is zero. To get extended error information, call GetLastError. This value is a nonzero error code defined in Winerror.h.

• OpenService

  Winsvc.SC_HANDLE OpenService(Winsvc.SC_HANDLE hSCManager,
                             String lpServiceName,
                             int dwDesiredAccess)

  Opens an existing service.

  Parameters:

  hSCManager - A handle to the service control manager database. The OpenSCManager(String, String, int) function returns this handle.

  lpServiceName - The name of the service to be opened. This is the name specified by the lpServiceName parameter of the CreateService function when the service object was created, not the service display name that is shown by user interface applications to identify the service. The maximum string length is 256 characters. The service control manager database preserves the case of the characters, but service name comparisons are always case insensitive. Forward-slash (/) and backslash (\) are invalid service name characters.

  dwDesiredAccess - The access to the service. For a list of access rights, see Service Security and Access Rights. Before granting the requested access, the system checks the access token of the calling process against the discretionary access-control list of the security descriptor associated with the service object.

  Returns:

  If the function succeeds, the return value is a handle to the service. If the function fails, the return value is NULL. To get extended error information, call GetLastError. This value is a nonzero error code defined in Winerror.h.

• OpenSCManager

  Winsvc.SC_HANDLE OpenSCManager(String lpMachineName,
                               String lpDatabaseName,
                               int dwDesiredAccess)

  Establishes a connection to the service control manager on the specified computer and opens the specified service control manager database.

  Parameters:

  lpMachineName - The name of the target computer. If the pointer is NULL or points to an empty string, the function connects to the service control manager on the local computer.

  lpDatabaseName - The name of the service control manager database. This parameter should be set to SERVICES_ACTIVE_DATABASE. If it is NULL, the SERVICES_ACTIVE_DATABASE database is opened by default.

  dwDesiredAccess - The access to the service control manager. For a list of access rights, see Service Security and Access Rights. Before granting the requested access rights, the system checks the access token of the calling process against the discretionary access-control list of the security descriptor associated with the service control manager. The SC_MANAGER_CONNECT access right is implicitly specified by calling this function.

  Returns:

  If the function succeeds, the return value is a handle to the specified service control manager database. If the function fails, the return value is NULL. To get extended error information, call GetLastError. This value is a nonzero error code defined in Winerror.h.

• CreateProcessAsUser

  boolean CreateProcessAsUser(WinNT.HANDLE hToken,
                            String lpApplicationName,
                            String lpCommandLine,
                            WinBase.SECURITY_ATTRIBUTES lpProcessAttributes,
                            WinBase.SECURITY_ATTRIBUTES lpThreadAttributes,
                            boolean bInheritHandles,
                            int dwCreationFlags,
                            String lpEnvironment,
                            String lpCurrentDirectory,
                            WinBase.STARTUPINFO lpStartupInfo,
                            WinBase.PROCESS_INFORMATION lpProcessInformation)

  Creates a new process and its primary thread. The new process runs in the security context of the user represented by the specified token. Typically, the process that calls the CreateProcessAsUser function must have the SE_INCREASE_QUOTA_NAME privilege and may require the SE_ASSIGNPRIMARYTOKEN_NAME privilege if the token is not assignable. If this function fails with ERROR_PRIVILEGE_NOT_HELD (1314), use the CreateProcessWithLogonW function instead. CreateProcessWithLogonW requires no special privileges, but the specified user account must be allowed to log on interactively. Generally, it is best to use CreateProcessWithLogonW to create a process with alternate credentials.

  Parameters:

  hToken - A handle to the primary token that represents a user.

  lpApplicationName - The name of the module to be executed.

  lpCommandLine - The command line to be executed.

  lpProcessAttributes - A pointer to a SECURITY_ATTRIBUTES structure that specifies a security descriptor for the new process object and determines whether child processes can inherit the returned handle to the process.

  lpThreadAttributes - A pointer to a SECURITY_ATTRIBUTES structure that specifies a security descriptor for the new thread object and determines whether child processes can inherit the returned handle to the thread.

  bInheritHandles - If this parameter is TRUE, each inheritable handle in the calling process is inherited by the new process. If the parameter is FALSE, the handles are not inherited. Note that inherited handles have the same value and access rights as the original handles.

  dwCreationFlags - The flags that control the priority class and the creation of the process. For a list of values, see Process Creation Flags.

  lpEnvironment - A pointer to an environment block for the new process. If this parameter is NULL, the new process uses the environment of the calling process. An environment block consists of a null-terminated block of null-terminated strings. Each string is in the following form: name=value\0

  lpCurrentDirectory - The full path to the current directory for the process. The string can also specify a UNC path.

  lpStartupInfo - A pointer to a STARTUPINFO or STARTUPINFOEX structure.

  lpProcessInformation - A pointer to a PROCESS_INFORMATION structure that receives identification information about the new process.

  Returns:

  If the function succeeds, the return value is nonzero. If the function fails, the return value is zero. To get extended error information, call GetLastError.

• AdjustTokenPrivileges

  boolean AdjustTokenPrivileges(WinNT.HANDLE TokenHandle,
                              boolean DisableAllPrivileges,
                              WinNT.TOKEN_PRIVILEGES NewState,
                              int BufferLength,
                              WinNT.TOKEN_PRIVILEGES PreviousState,
                              IntByReference ReturnLength)

  The AdjustTokenPrivileges function enables or disables privileges in the specified access token. Enabling or disabling privileges in an access token requires TOKEN_ADJUST_PRIVILEGES access.

  Parameters:

  TokenHandle - A handle to the access token that contains the privileges to be modified.

  DisableAllPrivileges - Specifies whether the function disables all of the token's privileges.

  NewState - A pointer to a TOKEN_PRIVILEGES structure that specifies an array of privileges and their attributes.

  BufferLength - Specifies the size, in bytes, of the buffer pointed to by the PreviousState parameter. This parameter can be zero if the PreviousState parameter is NULL.

  PreviousState - A pointer to a buffer that the function fills with a TOKEN_PRIVILEGES structure that contains the previous state of any privileges that the function modifies.

  ReturnLength - A pointer to a variable that receives the required size, in bytes, of the buffer pointed to by the PreviousState parameter.

  Returns:

  If the function succeeds, the return value is nonzero. If the function fails, the return value is zero. To get extended error information, call GetLastError.

• LookupPrivilegeName

  boolean LookupPrivilegeName(String lpSystemName,
                            WinNT.LUID lpLuid,
                            char[] lpName,
                            IntByReference cchName)

  The LookupPrivilegeName function retrieves the name that corresponds to the privilege represented on a specific system by a specified locally unique identifier (LUID).

  Parameters:

  lpSystemName - A pointer to a null-terminated string that specifies the name of the system on which the privilege name is retrieved. If a null string is specified, the function attempts to find the privilege name on the local system.

  lpLuid - A pointer to the LUID by which the privilege is known on the target system.

  lpName - A pointer to a buffer that receives a null-terminated string that represents the privilege name. For example, this string could be "SeSecurityPrivilege".

  cchName - A pointer to a variable that specifies the size, in a TCHAR value, of the lpName buffer.

  Returns:

  If the function succeeds, the return value is nonzero. If the function fails, the return value is zero. To get extended error information, call GetLastError.

• LookupPrivilegeValue

  boolean LookupPrivilegeValue(String lpSystemName,
                             String lpName,
                             WinNT.LUID lpLuid)

  The LookupPrivilegeValue function retrieves the locally unique identifier (LUID) used on a specified system to locally represent the specified privilege name.

  Parameters:

  lpSystemName - A pointer to a null-terminated string that specifies the name of the system on which the privilege name is retrieved. If a null string is specified, the function attempts to find the privilege name on the local system.

  lpName - A pointer to a null-terminated string that specifies the name of the privilege, as defined in the Winnt.h header file. For example, this parameter could specify the constant, SE_SECURITY_NAME, or its corresponding string, "SeSecurityPrivilege".

  lpLuid - A pointer to a variable that receives the LUID by which the privilege is known on the system specified by the lpSystemName parameter.

  Returns:

  If the function succeeds, the return value is nonzero. If the function fails, the return value is zero. To get extended error information, call GetLastError.

• GetFileSecurity

  boolean GetFileSecurity(WString lpFileName,
                        int RequestedInformation,
                        Pointer pointer,
                        int nLength,
                        IntByReference lpnLengthNeeded)

  The function obtains specified information about the security of a file or directory. The information obtained is constrained by the caller's access rights and privileges.

  Parameters:

  lpFileName - A pointer to a null-terminated string that specifies the file or directory for which security information is retrieved.

  RequestedInformation - A SECURITY_INFORMATION value that identifies the security information being requested. See WinNT *_SECURITY_INFORMATION

  pointer - A pointer to a buffer that receives a copy of the security descriptor of the object specified by the lpFileName parameter. The calling process must have permission to view the specified aspects of the object's security status. The SECURITY_DESCRIPTOR structure is returned in self-relative format.

  nLength - Specifies the size, in bytes, of the buffer pointed to by the pSecurityDescriptor parameter.

  lpnLengthNeeded - A pointer to the variable that receives the number of bytes necessary to store the complete security descriptor. If the returned number of bytes is less than or equal to nLength, the entire security descriptor is returned in the output buffer; otherwise, none of the descriptor is returned.

  Returns:

  whether the call succeeded