public interface Advapi32 extends StdCallLibrary
StdCallLibrary.StdCallCallback
Library.Handler
Modifier and Type | Field and Description |
---|---|
static Advapi32 |
INSTANCE |
FUNCTION_MAPPER, STDCALL_CONVENTION
OPTION_ALLOW_OBJECTS, OPTION_CALLING_CONVENTION, OPTION_FUNCTION_MAPPER, OPTION_INVOCATION_MAPPER, OPTION_OPEN_FLAGS, OPTION_STRUCTURE_ALIGNMENT, OPTION_TYPE_MAPPER
Modifier and Type | Method and Description |
---|---|
boolean |
AdjustTokenPrivileges(WinNT.HANDLE TokenHandle,
boolean DisableAllPrivileges,
WinNT.TOKEN_PRIVILEGES NewState,
int BufferLength,
WinNT.TOKEN_PRIVILEGES PreviousState,
IntByReference ReturnLength)
The AdjustTokenPrivileges function enables or disables privileges in the specified access token.
|
boolean |
BackupEventLog(WinNT.HANDLE hEventLog,
String lpBackupFileName)
Saves the specified event log to a backup file.
|
boolean |
ClearEventLog(WinNT.HANDLE hEventLog,
String lpBackupFileName)
Clears the specified event log, and optionally saves the current copy of the log to a backup file.
|
boolean |
CloseEventLog(WinNT.HANDLE hEventLog)
Closes the specified event log.
|
boolean |
CloseServiceHandle(Winsvc.SC_HANDLE hSCObject)
Closes a handle to a service control manager or service object.
|
boolean |
ControlService(Winsvc.SC_HANDLE hService,
int dwControl,
Winsvc.SERVICE_STATUS lpServiceStatus)
Sends a control code to a service.
|
boolean |
ConvertSidToStringSid(WinNT.PSID Sid,
PointerByReference StringSid)
Convert a security identifier (SID) to a string format suitable for display,
storage, or transmission.
|
boolean |
ConvertStringSidToSid(String StringSid,
WinNT.PSIDByReference Sid)
Convert a string-format security identifier (SID) into a valid, functional SID.
|
boolean |
CreateProcessAsUser(WinNT.HANDLE hToken,
String lpApplicationName,
String lpCommandLine,
WinBase.SECURITY_ATTRIBUTES lpProcessAttributes,
WinBase.SECURITY_ATTRIBUTES lpThreadAttributes,
boolean bInheritHandles,
int dwCreationFlags,
String lpEnvironment,
String lpCurrentDirectory,
WinBase.STARTUPINFO lpStartupInfo,
WinBase.PROCESS_INFORMATION lpProcessInformation)
Creates a new process and its primary thread.
|
boolean |
CreateWellKnownSid(int wellKnownSidType,
WinNT.PSID domainSid,
WinNT.PSID pSid,
IntByReference cbSid)
The CreateWellKnownSid function creates a SID for predefined aliases.
|
boolean |
DeregisterEventSource(WinNT.HANDLE hEventLog)
Closes the specified event log.
|
boolean |
DuplicateToken(WinNT.HANDLE ExistingTokenHandle,
int ImpersonationLevel,
WinNT.HANDLEByReference DuplicateTokenHandle)
The DuplicateToken function creates a new access token that duplicates
one already in existence.
|
boolean |
DuplicateTokenEx(WinNT.HANDLE hExistingToken,
int dwDesiredAccess,
WinBase.SECURITY_ATTRIBUTES lpTokenAttributes,
int ImpersonationLevel,
int TokenType,
WinNT.HANDLEByReference phNewToken)
The DuplicateTokenEx function creates a new access token that duplicates an existing token.
|
boolean |
GetFileSecurity(WString lpFileName,
int RequestedInformation,
Pointer pointer,
int nLength,
IntByReference lpnLengthNeeded)
The function obtains specified information about the security of a file or directory.
|
int |
GetLengthSid(WinNT.PSID pSid)
Returns the length, in bytes, of a valid security identifier (SID).
|
boolean |
GetNumberOfEventLogRecords(WinNT.HANDLE hEventLog,
IntByReference NumberOfRecords)
Retrieves the number of records in the specified event log.
|
boolean |
GetOldestEventLogRecord(WinNT.HANDLE hEventLog,
IntByReference OldestRecord)
The GetOldestEventLogRecord function retrieves the absolute record number of the oldest
record in the specified event log.
|
boolean |
GetTokenInformation(WinNT.HANDLE tokenHandle,
int tokenInformationClass,
Structure tokenInformation,
int tokenInformationLength,
IntByReference returnLength)
Retrieves a specified type of information about an access token.
|
boolean |
GetUserNameW(char[] buffer,
IntByReference len)
Retrieves the name of the user associated with the current thread.
|
boolean |
ImpersonateLoggedOnUser(WinNT.HANDLE hToken)
The ImpersonateLoggedOnUser function lets the calling thread impersonate the
security context of a logged-on user.
|
boolean |
ImpersonateSelf(int ImpersonationLevel)
The ImpersonateSelf function obtains an access token that impersonates the security
context of the calling process.
|
boolean |
IsValidSid(WinNT.PSID pSid)
The IsValidSid function validates a security identifier (SID) by verifying that
the revision number is within a known range, and that the number of subauthorities
is less than the maximum.
|
boolean |
IsWellKnownSid(WinNT.PSID pSid,
int wellKnownSidType)
Compares a SID to a well known SID and returns TRUE if they match.
|
boolean |
LogonUser(String lpszUsername,
String lpszDomain,
String lpszPassword,
int logonType,
int logonProvider,
WinNT.HANDLEByReference phToken)
The LogonUser function attempts to log a user on to the local computer.
|
boolean |
LookupAccountName(String lpSystemName,
String lpAccountName,
WinNT.PSID Sid,
IntByReference cbSid,
char[] ReferencedDomainName,
IntByReference cchReferencedDomainName,
PointerByReference peUse)
Accepts the name of a system and anaccount as input and retrieves a security
identifier (SID) for the account and the name of the domain on which the
account was found.
|
boolean |
LookupAccountSid(String lpSystemName,
WinNT.PSID Sid,
char[] lpName,
IntByReference cchName,
char[] ReferencedDomainName,
IntByReference cchReferencedDomainName,
PointerByReference peUse)
Retrieves the name of the account for this SID and the name of the first domain
on which this SID is found.
|
boolean |
LookupPrivilegeName(String lpSystemName,
WinNT.LUID lpLuid,
char[] lpName,
IntByReference cchName)
The LookupPrivilegeName function retrieves the name that corresponds to the privilege represented
on a specific system by a specified locally unique identifier (LUID).
|
boolean |
LookupPrivilegeValue(String lpSystemName,
String lpName,
WinNT.LUID lpLuid)
The LookupPrivilegeValue function retrieves the locally unique identifier (LUID) used
on a specified system to locally
represent the specified privilege name.
|
WinNT.HANDLE |
OpenBackupEventLog(String lpUNCServerName,
String lpFileName)
Opens a handle to a backup event log created by the BackupEventLog function.
|
WinNT.HANDLE |
OpenEventLog(String lpUNCServerName,
String lpSourceName)
Opens a handle to the specified event log.
|
boolean |
OpenProcessToken(WinNT.HANDLE ProcessHandle,
int DesiredAccess,
WinNT.HANDLEByReference TokenHandle)
The OpenProcessToken function opens the access token associated with a process.
|
Winsvc.SC_HANDLE |
OpenSCManager(String lpMachineName,
String lpDatabaseName,
int dwDesiredAccess)
Establishes a connection to the service control manager on the specified
computer and opens the specified service control manager database.
|
Winsvc.SC_HANDLE |
OpenService(Winsvc.SC_HANDLE hSCManager,
String lpServiceName,
int dwDesiredAccess)
Opens an existing service.
|
boolean |
OpenThreadToken(WinNT.HANDLE ThreadHandle,
int DesiredAccess,
boolean OpenAsSelf,
WinNT.HANDLEByReference TokenHandle)
The OpenThreadToken function opens the access token associated with a thread.
|
boolean |
QueryServiceStatusEx(Winsvc.SC_HANDLE hService,
int InfoLevel,
Winsvc.SERVICE_STATUS_PROCESS lpBuffer,
int cbBufSize,
IntByReference pcbBytesNeeded)
Retrieves the current status of the specified service based on the specified information level.
|
boolean |
ReadEventLog(WinNT.HANDLE hEventLog,
int dwReadFlags,
int dwRecordOffset,
Pointer lpBuffer,
int nNumberOfBytesToRead,
IntByReference pnBytesRead,
IntByReference pnMinNumberOfBytesNeeded)
Reads the specified number of entries from the specified event log.
|
int |
RegCloseKey(WinReg.HKEY hKey)
The RegCloseKey function releases a handle to the specified registry key.
|
int |
RegCreateKeyEx(WinReg.HKEY hKey,
String lpSubKey,
int Reserved,
String lpClass,
int dwOptions,
int samDesired,
WinBase.SECURITY_ATTRIBUTES lpSecurityAttributes,
WinReg.HKEYByReference phkResult,
IntByReference lpdwDisposition) |
int |
RegDeleteKey(WinReg.HKEY hKey,
String name) |
int |
RegDeleteValue(WinReg.HKEY hKey,
String lpValueName)
The RegDeleteValue function removes a named value from the specified registry
key.
|
int |
RegEnumKeyEx(WinReg.HKEY hKey,
int dwIndex,
char[] lpName,
IntByReference lpcName,
IntByReference reserved,
char[] lpClass,
IntByReference lpcClass,
WinBase.FILETIME lpftLastWriteTime)
The RegEnumKeyEx function enumerates subkeys of the specified open registry key.
|
int |
RegEnumValue(WinReg.HKEY hKey,
int dwIndex,
char[] lpValueName,
IntByReference lpcchValueName,
IntByReference reserved,
IntByReference lpType,
byte[] lpData,
IntByReference lpcbData)
The RegEnumValue function enumerates the values for the specified open registry
key.
|
WinNT.HANDLE |
RegisterEventSource(String lpUNCServerName,
String lpSourceName)
Retrieves a registered handle to the specified event log.
|
int |
RegOpenKeyEx(WinReg.HKEY hKey,
String lpSubKey,
int ulOptions,
int samDesired,
WinReg.HKEYByReference phkResult)
The RegOpenKeyEx function opens the specified registry key.
|
int |
RegQueryInfoKey(WinReg.HKEY hKey,
char[] lpClass,
IntByReference lpcClass,
IntByReference lpReserved,
IntByReference lpcSubKeys,
IntByReference lpcMaxSubKeyLen,
IntByReference lpcMaxClassLen,
IntByReference lpcValues,
IntByReference lpcMaxValueNameLen,
IntByReference lpcMaxValueLen,
IntByReference lpcbSecurityDescriptor,
WinBase.FILETIME lpftLastWriteTime)
The RegQueryInfoKey function retrieves information about the specified
registry key.
|
int |
RegQueryValueEx(WinReg.HKEY hKey,
String lpValueName,
int lpReserved,
IntByReference lpType,
byte[] lpData,
IntByReference lpcbData) |
int |
RegQueryValueEx(WinReg.HKEY hKey,
String lpValueName,
int lpReserved,
IntByReference lpType,
char[] lpData,
IntByReference lpcbData)
The RegQueryValueEx function retrieves the type and data for a specified value name
associated with an open registry key.
|
int |
RegQueryValueEx(WinReg.HKEY hKey,
String lpValueName,
int lpReserved,
IntByReference lpType,
IntByReference lpData,
IntByReference lpcbData) |
int |
RegQueryValueEx(WinReg.HKEY hKey,
String lpValueName,
int lpReserved,
IntByReference lpType,
LongByReference lpData,
IntByReference lpcbData) |
int |
RegQueryValueEx(WinReg.HKEY hKey,
String lpValueName,
int lpReserved,
IntByReference lpType,
Pointer lpData,
IntByReference lpcbData) |
int |
RegSetValueEx(WinReg.HKEY hKey,
String lpValueName,
int Reserved,
int dwType,
byte[] lpData,
int cbData) |
int |
RegSetValueEx(WinReg.HKEY hKey,
String lpValueName,
int Reserved,
int dwType,
char[] lpData,
int cbData)
The RegSetValueEx function sets the data and type of a specified value under a
registry key.
|
boolean |
ReportEvent(WinNT.HANDLE hEventLog,
int wType,
int wCategory,
int dwEventID,
WinNT.PSID lpUserSid,
int wNumStrings,
int dwDataSize,
String[] lpStrings,
Pointer lpRawData)
Writes an entry at the end of the specified event log.
|
boolean |
RevertToSelf()
The RevertToSelf function terminates the impersonation of a client application.
|
boolean |
StartService(Winsvc.SC_HANDLE hService,
int dwNumServiceArgs,
String[] lpServiceArgVectors)
Starts a service.
|
static final Advapi32 INSTANCE
boolean GetUserNameW(char[] buffer, IntByReference len)
buffer
- Buffer to receive the user's logon name.len
- On input, the size of the buffer, on output the number of
characters copied into the buffer, including the terminating
null character.boolean LookupAccountName(String lpSystemName, String lpAccountName, WinNT.PSID Sid, IntByReference cbSid, char[] ReferencedDomainName, IntByReference cchReferencedDomainName, PointerByReference peUse)
lpSystemName
- Specifies the name of the system.lpAccountName
- Specifies the account name.Sid
- Receives the SID structure that corresponds to the account
name pointed to by the lpAccountName parameter.cbSid
- On input, this value specifies the size, in bytes, of the Sid
buffer. If the function fails because the buffer is too small
or if cbSid is zero, this variable receives the required
buffer size.ReferencedDomainName
- Receives the name of the domain where the account name is found.cchReferencedDomainName
- On input, this value specifies the size, in TCHARs, of the
ReferencedDomainName buffer. If the function fails because the
buffer is too small, this variable receives the required
buffer size, including the terminating null character.peUse
- SID_NAME_USE enumerated type that indicates the type of the
account when the function returns.boolean LookupAccountSid(String lpSystemName, WinNT.PSID Sid, char[] lpName, IntByReference cchName, char[] ReferencedDomainName, IntByReference cchReferencedDomainName, PointerByReference peUse)
lpSystemName
- Specifies the target computer.Sid
- The SID to look up.lpName
- Buffer that receives a null-terminated string that contains the
account name that corresponds to the lpSid parameter.cchName
- On input, specifies the size, in TCHARs, of the lpName buffer. If the function fails
because the buffer is too small or if cchName is zero, cchName receives the required
buffer size, including the terminating null character.ReferencedDomainName
- Pointer to a buffer that receives a null-terminated string that contains the name of
the domain where the account name was found.cchReferencedDomainName
- On input, specifies the size, in TCHARs, of the lpReferencedDomainName buffer. If the
function fails because the buffer is too small or if cchReferencedDomainName is zero,
cchReferencedDomainName receives the required buffer size, including the terminating
null character.peUse
- Pointer to a variable that receives a SID_NAME_USE value that indicates the type of
the account.boolean ConvertSidToStringSid(WinNT.PSID Sid, PointerByReference StringSid)
Sid
- The SID structure to be converted.StringSid
- Pointer to a variable that receives a pointer to a
null-terminated SID string. To free the returned buffer, call
the LocalFree function.boolean ConvertStringSidToSid(String StringSid, WinNT.PSIDByReference Sid)
StringSid
- The string-format SID to convert.Sid
- Receives a pointer to the converted SID.int GetLengthSid(WinNT.PSID pSid)
pSid
- A pointer to the SID structure whose length is returned.boolean IsValidSid(WinNT.PSID pSid)
pSid
- Pointer to the SID structure to validate. This parameter cannot be NULL.boolean IsWellKnownSid(WinNT.PSID pSid, int wellKnownSidType)
pSid
- SID to test.wellKnownSidType
- Member of the WELL_KNOWN_SID_TYPE enumeration to compare with the SID at pSid.boolean CreateWellKnownSid(int wellKnownSidType, WinNT.PSID domainSid, WinNT.PSID pSid, IntByReference cbSid)
wellKnownSidType
- Member of the WELL_KNOWN_SID_TYPE enumeration that specifies what the SID will identify.domainSid
- Pointer to a SID that identifies the domain control to use when creating the SID.
Pass NULL to use the local computer.pSid
- Pointer to memory where CreateWellKnownSid will store the new SID.cbSid
- Pointer to a DWORD that contains the number of bytes available at pSid.
The CreateWellKnownSid function stores the number of bytes actually used
at this location.boolean LogonUser(String lpszUsername, String lpszDomain, String lpszPassword, int logonType, int logonProvider, WinNT.HANDLEByReference phToken)
lpszUsername
- A pointer to a null-terminated string that specifies the name of the user. This is the name of
the user account to log on to. If you use the user principal name (UPN) format,
user@DNS_domain_name, the lpszDomain parameter must be NULL.lpszDomain
- A pointer to a null-terminated string that specifies the name of the domain or server whose
account database contains the lpszUsername account. If this parameter is NULL, the user name
must be specified in UPN format. If this parameter is ".", the function validates the account
using only the local account database.lpszPassword
- A pointer to a null-terminated string that specifies the plaintext password for the user
account specified by lpszUsername.logonType
- The type of logon operation to perform.logonProvider
- Specifies the logon provider.phToken
- A pointer to a handle variable that receives a handle to a token that represents the specified user.boolean OpenThreadToken(WinNT.HANDLE ThreadHandle, int DesiredAccess, boolean OpenAsSelf, WinNT.HANDLEByReference TokenHandle)
ThreadHandle
- Handle to the thread whose access token is opened.DesiredAccess
- Specifies an access mask that specifies the requested types of access to the access token.
These requested access types are reconciled against the token's discretionary access
control list (DACL) to determine which accesses are granted or denied.OpenAsSelf
- Indicates whether the access check is to be made against the security context of the
thread calling the OpenThreadToken function or against the security context of the
process for the calling thread.TokenHandle
- Pointer to a variable that receives the handle to the newly opened access token.boolean OpenProcessToken(WinNT.HANDLE ProcessHandle, int DesiredAccess, WinNT.HANDLEByReference TokenHandle)
ProcessHandle
- Handle to the process whose access token is opened. The process must have the
PROCESS_QUERY_INFORMATION access permission.DesiredAccess
- Specifies an access mask that specifies the requested types of access to the access
token. These requested access types are compared with the discretionary access
control list (DACL) of the token to determine which accesses are granted or denied.TokenHandle
- Pointer to a handle that identifies the newly opened access token when the function returns.boolean DuplicateToken(WinNT.HANDLE ExistingTokenHandle, int ImpersonationLevel, WinNT.HANDLEByReference DuplicateTokenHandle)
ExistingTokenHandle
- Handle to an access token opened with TOKEN_DUPLICATE access.ImpersonationLevel
- Specifies a SECURITY_IMPERSONATION_LEVEL enumerated type that supplies
the impersonation level of the new token.DuplicateTokenHandle
- Pointer to a variable that receives a handle to the duplicate token.
This handle has TOKEN_IMPERSONATE and TOKEN_QUERY access to the new token.boolean DuplicateTokenEx(WinNT.HANDLE hExistingToken, int dwDesiredAccess, WinBase.SECURITY_ATTRIBUTES lpTokenAttributes, int ImpersonationLevel, int TokenType, WinNT.HANDLEByReference phNewToken)
hExistingToken
- A handle to an access token opened with TOKEN_DUPLICATE access.dwDesiredAccess
- Specifies the requested access rights for the new token.lpTokenAttributes
- A pointer to a SECURITY_ATTRIBUTES structure that specifies a security
descriptor for the new token and determines whether child processes can inherit the token.ImpersonationLevel
- Specifies a value from the SECURITY_IMPERSONATION_LEVEL enumeration
that indicates the impersonation level of the new token.TokenType
- Specifies one of the following values from the TOKEN_TYPE enumeration.phNewToken
- A pointer to a HANDLE variable that receives the new token.boolean GetTokenInformation(WinNT.HANDLE tokenHandle, int tokenInformationClass, Structure tokenInformation, int tokenInformationLength, IntByReference returnLength)
tokenHandle
- Handle to an access token from which information is retrieved. If TokenInformationClass
specifies TokenSource, the handle must have TOKEN_QUERY_SOURCE access. For all other
TokenInformationClass values, the handle must have TOKEN_QUERY access.tokenInformationClass
- Specifies a value from the TOKEN_INFORMATION_CLASS enumerated type to identify the type of
information the function retrieves.tokenInformation
- Pointer to a buffer the function fills with the requested information. The structure put
into this buffer depends upon the type of information specified by the TokenInformationClass
parameter.tokenInformationLength
- Specifies the size, in bytes, of the buffer pointed to by the TokenInformation parameter.
If TokenInformation is NULL, this parameter must be zero.returnLength
- Pointer to a variable that receives the number of bytes needed for the buffer pointed to by
the TokenInformation parameter. If this value is larger than the value specified in the
TokenInformationLength parameter, the function fails and stores no data in the buffer.boolean ImpersonateLoggedOnUser(WinNT.HANDLE hToken)
hToken
- Handle to a primary or impersonation access token that represents a logged-on
user. This can be a token handle returned by a call to LogonUser,
CreateRestrictedToken, DuplicateToken, DuplicateTokenEx, OpenProcessToken,
or OpenThreadToken functions. If hToken is a primary token, it must have
TOKEN_QUERY and TOKEN_DUPLICATE access. If hToken is an impersonation token,
it must have TOKEN_QUERY and TOKEN_IMPERSONATE access.boolean ImpersonateSelf(int ImpersonationLevel)
ImpersonationLevel
- Specifies a SECURITY_IMPERSONATION_LEVEL enumerated type
that supplies the impersonation level of the new token.boolean RevertToSelf()
int RegOpenKeyEx(WinReg.HKEY hKey, String lpSubKey, int ulOptions, int samDesired, WinReg.HKEYByReference phkResult)
hKey
- Handle to an open key.lpSubKey
- Pointer to a null-terminated string containing the name of the subkey to open.ulOptions
- Reserved; must be zero.samDesired
- Access mask that specifies the desired access rights to the key. The function
fails if the security descriptor of the key does not permit the requested access
for the calling process.phkResult
- Pointer to a variable that receives a handle to the opened key. If the key is
not one of the predefined registry keys, call the RegCloseKey function after
you have finished using the handle.int RegQueryValueEx(WinReg.HKEY hKey, String lpValueName, int lpReserved, IntByReference lpType, char[] lpData, IntByReference lpcbData)
hKey
- Handle to an open key. The key must have been opened with the
KEY_QUERY_VALUE access right.lpValueName
- Pointer to a null-terminated string containing the name of the value to query.
If lpValueName is NULL or an empty string, "", the function retrieves the type
and data for the key's unnamed or default value, if any.lpReserved
- Reserved; must be NULL.lpType
- Pointer to a variable that receives a code indicating the type of data stored
in the specified value.lpData
- Pointer to a buffer that receives the value's data. This parameter can be NULL
if the data is not required. If the data is a string, the function checks for
a terminating null character. If one is not found, the string is stored with a
null terminator if the buffer is large enough to accommodate the extra
character. Otherwise, the string is stored as is.lpcbData
- Pointer to a variable that specifies the size of the buffer pointed to by the
lpData parameter, in bytes. When the function returns, this variable contains
the size of the data copied to lpData. The lpcbData parameter can be NULL only
if lpData is NULL. If the data has the REG_SZ, REG_MULTI_SZ or REG_EXPAND_SZ
type, this size includes any terminating null character or characters.
If the buffer specified by lpData parameter is not large enough to hold the
data, the function returns ERROR_MORE_DATA and stores the required buffer size
in the variable pointed to by lpcbData. In this case, the contents of the lpData
buffer are undefined. If lpData is NULL, and lpcbData is non-NULL, the function
returns ERROR_SUCCESS and stores the size of the data, in bytes, in the variable
pointed to by lpcbData. This enables an application to determine the best way
to allocate a buffer for the value's data.int RegQueryValueEx(WinReg.HKEY hKey, String lpValueName, int lpReserved, IntByReference lpType, byte[] lpData, IntByReference lpcbData)
int RegQueryValueEx(WinReg.HKEY hKey, String lpValueName, int lpReserved, IntByReference lpType, IntByReference lpData, IntByReference lpcbData)
int RegQueryValueEx(WinReg.HKEY hKey, String lpValueName, int lpReserved, IntByReference lpType, LongByReference lpData, IntByReference lpcbData)
int RegQueryValueEx(WinReg.HKEY hKey, String lpValueName, int lpReserved, IntByReference lpType, Pointer lpData, IntByReference lpcbData)
int RegCloseKey(WinReg.HKEY hKey)
hKey
- Handle to the open key to be closed. The handle must have been opened by the
RegCreateKeyEx, RegOpenKeyEx, or RegConnectRegistry function.int RegDeleteValue(WinReg.HKEY hKey, String lpValueName)
hKey
- Handle to an open key. The key must have been opened with the KEY_SET_VALUE
access right.lpValueName
- Pointer to a null-terminated string that names the value to remove. If this
parameter is NULL or an empty string, the value set by the RegSetValue function
is removed.int RegSetValueEx(WinReg.HKEY hKey, String lpValueName, int Reserved, int dwType, char[] lpData, int cbData)
hKey
- Handle to an open key. The key must have been opened with the KEY_SET_VALUE
access right.lpValueName
- Pointer to a string containing the name of the value to set. If a value with
this name is not already present in the key, the function adds it to the key.
If lpValueName is NULL or an empty string, "", the function sets the type and
data for the key's unnamed or default value.Reserved
- Reserved; must be zero.dwType
- Type of data pointed to by the lpData parameter.lpData
- Pointer to a buffer containing the data to be stored with the specified value name.cbData
- Size of the information pointed to by the lpData parameter, in bytes. If the data
is of type REG_SZ, REG_EXPAND_SZ, or REG_MULTI_SZ, cbData must include the size of
the terminating null character or characters.int RegSetValueEx(WinReg.HKEY hKey, String lpValueName, int Reserved, int dwType, byte[] lpData, int cbData)
int RegCreateKeyEx(WinReg.HKEY hKey, String lpSubKey, int Reserved, String lpClass, int dwOptions, int samDesired, WinBase.SECURITY_ATTRIBUTES lpSecurityAttributes, WinReg.HKEYByReference phkResult, IntByReference lpdwDisposition)
hKey
- lpSubKey
- Reserved
- lpClass
- dwOptions
- samDesired
- lpSecurityAttributes
- phkResult
- lpdwDisposition
- int RegDeleteKey(WinReg.HKEY hKey, String name)
hKey
- name
- int RegEnumKeyEx(WinReg.HKEY hKey, int dwIndex, char[] lpName, IntByReference lpcName, IntByReference reserved, char[] lpClass, IntByReference lpcClass, WinBase.FILETIME lpftLastWriteTime)
hKey
- Handle to an open key. The key must have been opened with the
KEY_ENUMERATE_SUB_KEYS access right.dwIndex
- Index of the subkey to retrieve. This parameter should be zero for the first
call to the RegEnumKeyEx function and then incremented for subsequent calls.
Because subkeys are not ordered, any new subkey will have an arbitrary index.
This means that the function may return subkeys in any order.lpName
- Pointer to a buffer that receives the name of the subkey, including the
terminating null character. The function copies only the name of the subkey,
not the full key hierarchy, to the buffer.lpcName
- Pointer to a variable that specifies the size of the buffer specified by the
lpName parameter, in TCHARs. This size should include the terminating null
character. When the function returns, the variable pointed to by lpcName
contains the number of characters stored in the buffer. The count returned
does not include the terminating null character.reserved
- Reserved; must be NULL.lpClass
- Pointer to a buffer that receives the null-terminated class string of the
enumerated subkey. This parameter can be NULL.lpcClass
- Pointer to a variable that specifies the size of the buffer specified by the
lpClass parameter, in TCHARs. The size should include the terminating null
character. When the function returns, lpcClass contains the number of
characters stored in the buffer. The count returned does not include the
terminating null character. This parameter can be NULL only if lpClass is NULL.lpftLastWriteTime
- Pointer to a variable that receives the time at which the enumerated subkey
was last written.int RegEnumValue(WinReg.HKEY hKey, int dwIndex, char[] lpValueName, IntByReference lpcchValueName, IntByReference reserved, IntByReference lpType, byte[] lpData, IntByReference lpcbData)
hKey
- Handle to an open key. The key must have been opened with the KEY_QUERY_VALUE
access right.dwIndex
- Index of the value to be retrieved. This parameter should be zero for the first
call to the RegEnumValue function and then be incremented for subsequent calls.
Because values are not ordered, any new value will have an arbitrary index.
This means that the function may return values in any order.lpValueName
- Pointer to a buffer that receives the name of the value, including the
terminating null character.lpcchValueName
- Pointer to a variable that specifies the size of the buffer pointed to by the
lpValueName parameter, in TCHARs. This size should include the terminating null
character. When the function returns, the variable pointed to by lpcValueName
contains the number of characters stored in the buffer. The count returned
does not include the terminating null character.reserved
- Reserved; must be NULL.lpType
- Pointer to a variable that receives a code indicating the type of data stored
in the specified value.lpData
- Pointer to a buffer that receives the data for the value entry. This parameter
can be NULL if the data is not required.lpcbData
- Pointer to a variable that specifies the size of the buffer pointed to by the
lpData parameter, in bytes.int RegQueryInfoKey(WinReg.HKEY hKey, char[] lpClass, IntByReference lpcClass, IntByReference lpReserved, IntByReference lpcSubKeys, IntByReference lpcMaxSubKeyLen, IntByReference lpcMaxClassLen, IntByReference lpcValues, IntByReference lpcMaxValueNameLen, IntByReference lpcMaxValueLen, IntByReference lpcbSecurityDescriptor, WinBase.FILETIME lpftLastWriteTime)
hKey
- A handle to an open key. The key must have been opened with the
KEY_QUERY_VALUE access right.lpClass
- A pointer to a buffer that receives the null-terminated class
string of the key. This parameter can be ignored. This parameter can be NULL.lpcClass
- A pointer to a variable that specifies the size of the buffer pointed to by
the lpClass parameter, in characters.lpReserved
- Reserved; must be NULL.lpcSubKeys
- A pointer to a variable that receives the number of subkeys that are contained by the specified key.
This parameter can be NULL.lpcMaxSubKeyLen
- A pointer to a variable that receives the size of the key's subkey with the
longest name, in characters, not including the terminating null character.
This parameter can be NULL.lpcMaxClassLen
- A pointer to a variable that receives the size of the longest string that
specifies a subkey class, in characters. The count returned does not include
the terminating null character. This parameter can be NULL.lpcValues
- A pointer to a variable that receives the number of values that are associated
with the key. This parameter can be NULL.lpcMaxValueNameLen
- A pointer to a variable that receives the size of the key's longest value name,
in characters. The size does not include the terminating null character. This
parameter can be NULL.lpcMaxValueLen
- A pointer to a variable that receives the size of the longest data component
among the key's values, in bytes. This parameter can be NULL.lpcbSecurityDescriptor
- A pointer to a variable that receives the size of the key's security descriptor,
in bytes. This parameter can be NULL.lpftLastWriteTime
- A pointer to a FILETIME structure that receives the last write time.
This parameter can be NULL.WinNT.HANDLE RegisterEventSource(String lpUNCServerName, String lpSourceName)
lpUNCServerName
- The Universal Naming Convention (UNC) name of the remote server on which
this operation is to be performed. If this parameter is NULL, the local
computer is used.lpSourceName
- The name of the event source whose handle is to be retrieved.
The source name must be a subkey of a log under the Eventlog registry
key. However, the Security log is for system use only.boolean DeregisterEventSource(WinNT.HANDLE hEventLog)
hEventLog
- A handle to the event log. The RegisterEventSource function returns this handle.WinNT.HANDLE OpenEventLog(String lpUNCServerName, String lpSourceName)
lpUNCServerName
- The Universal Naming Convention (UNC) name of the remote server on which the event log is to be
opened. If this parameter is NULL, the local computer is used.lpSourceName
- The name of the log. If you specify a custom log and it cannot be found, the event logging
service opens the Application log; however, there will be no associated message or category
string file.boolean CloseEventLog(WinNT.HANDLE hEventLog)
hEventLog
- A handle to the event log to be closed. The OpenEventLog or OpenBackupEventLog function returns this handle.boolean GetNumberOfEventLogRecords(WinNT.HANDLE hEventLog, IntByReference NumberOfRecords)
hEventLog
- A handle to the open event log. The OpenEventLog or OpenBackupEventLog function returns this handle.NumberOfRecords
- A pointer to a variable that receives the number of records in the specified event log.boolean ReportEvent(WinNT.HANDLE hEventLog, int wType, int wCategory, int dwEventID, WinNT.PSID lpUserSid, int wNumStrings, int dwDataSize, String[] lpStrings, Pointer lpRawData)
hEventLog
- A handle to the event log. The RegisterEventSource function returns this handle.
As of Windows XP with SP2, this parameter cannot be a handle to the Security log.
To write an event to the Security log, use the AuthzReportSecurityEvent function.wType
- The type of event to be logged.wCategory
- The event category. This is source-specific information; the category can have any value.dwEventID
- The event identifier. The event identifier specifies the entry in the message file
associated with the event source.lpUserSid
- A pointer to the current user's security identifier. This parameter can be NULL if the security identifier is not required.wNumStrings
- The number of insert strings in the array pointed to by the lpStrings parameter. A value of zero indicates that no strings are present.dwDataSize
- The number of bytes of event-specific raw (binary) data to write to the log. If this parameter is zero, no event-specific data is present.lpStrings
- A pointer to a buffer containing an array of null-terminated strings that are merged into
the message before Event Viewer displays the string to the user. This parameter must
be a valid pointer (or NULL), even if wNumStrings is zero. Each string is limited to
31,839 characters.lpRawData
- A pointer to the buffer containing the binary data. This parameter must be a valid
pointer (or NULL), even if the dwDataSize parameter is zero.boolean ClearEventLog(WinNT.HANDLE hEventLog, String lpBackupFileName)
hEventLog
- A handle to the event log to be cleared. The OpenEventLog function returns this handle.lpBackupFileName
- The absolute or relative path of the backup file. If this file already exists, the function fails.
If the lpBackupFileName parameter is NULL, the event log is not backed up.boolean BackupEventLog(WinNT.HANDLE hEventLog, String lpBackupFileName)
hEventLog
- A handle to the open event log. The OpenEventLog function returns this handle.lpBackupFileName
- The absolute or relative path of the backup file.WinNT.HANDLE OpenBackupEventLog(String lpUNCServerName, String lpFileName)
lpUNCServerName
- The Universal Naming Convention (UNC) name of the remote server on which this operation
is to be performed. If this parameter is NULL, the local computer is used.lpFileName
- The full path of the backup file.boolean ReadEventLog(WinNT.HANDLE hEventLog, int dwReadFlags, int dwRecordOffset, Pointer lpBuffer, int nNumberOfBytesToRead, IntByReference pnBytesRead, IntByReference pnMinNumberOfBytesNeeded)
hEventLog
- A handle to the event log to be read. The OpenEventLog function returns this handle.dwReadFlags
- Use the following flag values to indicate how to read the log file.dwRecordOffset
- The record number of the log-entry at which the read operation should start.
This parameter is ignored unless dwReadFlags includes the EVENTLOG_SEEK_READ flag.lpBuffer
- An application-allocated buffer that will receive one or more EVENTLOGRECORD structures.
This parameter cannot be NULL, even if the nNumberOfBytesToRead parameter is zero.
The maximum size of this buffer is 0x7ffff bytes.nNumberOfBytesToRead
- The size of the lpBuffer buffer, in bytes. This function will read as many log entries
as will fit in the buffer; the function will not return partial entries.pnBytesRead
- A pointer to a variable that receives the number of bytes read by the function.pnMinNumberOfBytesNeeded
- A pointer to a variable that receives the required size of the lpBuffer buffer.
This value is valid only this function returns zero and GetLastError
returns ERROR_INSUFFICIENT_BUFFER.boolean GetOldestEventLogRecord(WinNT.HANDLE hEventLog, IntByReference OldestRecord)
hEventLog
- Handle to the open event log. This handle is returned by the OpenEventLog or OpenBackupEventLog function.OldestRecord
- Pointer to a variable that receives the absolute record number of the oldest record in the specified event log.boolean QueryServiceStatusEx(Winsvc.SC_HANDLE hService, int InfoLevel, Winsvc.SERVICE_STATUS_PROCESS lpBuffer, int cbBufSize, IntByReference pcbBytesNeeded)
hService
- A handle to the service. This handle is returned by the
OpenService(SC_HANDLE, String, int) or CreateService() function, and
it must have the SERVICE_QUERY_STATUS access right. For more information, see
Service Security and Access Rights.InfoLevel
- The service attributes to be returned (a value from SC_STATUS_TYPE enumeration).
Use SC_STATUS_PROCESS_INFO to retrieve the service status information. The lpBuffer
parameter is a pointer to a SERVICE_STATUS_PROCESS structure.
Currently, no other information levels are defined.lpBuffer
- (optional)
A pointer to the buffer that receives the status information. The format of this data
depends on the value of the InfoLevel parameter.
The maximum size of this array is 8K bytes. To determine the required size, specify NULL
for this parameter and 0 for the cbBufSize parameter. The function will fail and GetLastError
will return ERROR_INSUFFICIENT_BUFFER. The pcbBytesNeeded parameter will receive the required size.cbBufSize
- The size of the buffer pointed to by the lpBuffer parameter, in bytes.pcbBytesNeeded
- A pointer to a variable that receives the number of bytes needed to store all status
information, if the function fails with ERROR_INSUFFICIENT_BUFFER.boolean ControlService(Winsvc.SC_HANDLE hService, int dwControl, Winsvc.SERVICE_STATUS lpServiceStatus)
hService
- A handle to the service. This handle is returned by the
OpenService(SC_HANDLE, String, int) or CreateService()
function. The access rights required for this handle depend on the
dwControl code requested.dwControl
- This parameter can be one of the following control codes (found in Winsvc.h):
SERVICE_CONTROL_STOP, SERVICE_CONTROL_PAUSE, SERVICE_CONTROL_CONTINUE
SERVICE_CONTROL_INTERROGATE, SERVICE_CONTROL_PARAMCHANGE,
SERVICE_CONTROL_NETBINDADD, SERVICE_CONTROL_NETBINDREMOVE,
SERVICE_CONTROL_NETBINDENABLE, SERVICE_CONTROL_NETBINDDISABLE
This value can also be a user-defined control code, as described below:
Range 128 to 255 - The service defines the action associated with the
control code. The hService handle must have the SERVICE_USER_DEFINED_CONTROL
access right.lpServiceStatus
- A pointer to a SERVICE_STATUS structure that receives the latest
service status information. The information returned reflects the most
recent status that the service reported to the service control manager.
The service control manager fills in the structure only when ControlService
returns one of the following error codes: NO_ERROR, ERROR_INVALID_SERVICE_CONTROL,
ERROR_SERVICE_CANNOT_ACCEPT_CTRL, or ERROR_SERVICE_NOT_ACTIVE. Otherwise,
the structure is not filled in.boolean StartService(Winsvc.SC_HANDLE hService, int dwNumServiceArgs, String[] lpServiceArgVectors)
hService
- A handle to the service. This handle is returned by the
OpenService(SC_HANDLE, String, int) or CreateService()
function, and it must have the SERVICE_START access right. For more
information, see
Service Security and Access Rights.dwNumServiceArgs
- The number of strings in the lpServiceArgVectors array. If lpServiceArgVectors
is NULL, this parameter can be zero.lpServiceArgVectors
- The null-terminated strings to be passed to the ServiceMain function for the
service as arguments. If there are no arguments, this parameter can be null.
Otherwise, the first argument (lpServiceArgVectors[0]) is the name of the
service, followed by any additional arguments (lpServiceArgVectors[1] through
lpServiceArgVectors[dwNumServiceArgs-1]).
Driver services do not receive these arguments.boolean CloseServiceHandle(Winsvc.SC_HANDLE hSCObject)
hSCObject
- A handle to the service control manager object or the service object to
close. Handles to service control manager objects are returned by the
OpenSCManager(String, String, int) function, and handles to service
objects are returned by either the OpenService(SC_HANDLE, String, int)
or CreateService() function.Winsvc.SC_HANDLE OpenService(Winsvc.SC_HANDLE hSCManager, String lpServiceName, int dwDesiredAccess)
hSCManager
- A handle to the service control manager database. The
OpenSCManager(String, String, int) function returns this handle.lpServiceName
- The name of the service to be opened. This is the name specified by the
lpServiceName parameter of the CreateService function when the service
object was created, not the service display name that is shown by user
interface applications to identify the service.
The maximum string length is 256 characters. The service control manager
database preserves the case of the characters, but service name comparisons
are always case insensitive. Forward-slash (/) and backslash (\) are
invalid service name characters.dwDesiredAccess
- The access to the service. For a list of access rights, see
Service Security and Access Rights.
Before granting the requested access, the system checks the access token
of the calling process against the discretionary access-control list of the security descriptor associated with the service object.Winsvc.SC_HANDLE OpenSCManager(String lpMachineName, String lpDatabaseName, int dwDesiredAccess)
lpMachineName
- The name of the target computer. If the pointer is NULL or points to
an empty string, the function connects to the service control manager
on the local computer.lpDatabaseName
- The name of the service control manager database. This parameter should
be set to SERVICES_ACTIVE_DATABASE. If it is NULL, the SERVICES_ACTIVE_DATABASE
database is opened by default.dwDesiredAccess
- The access to the service control manager. For a list of access rights, see
Service Security and Access Rights.
Before granting the requested access rights, the system checks the access
token of the calling process against the discretionary access-control list
of the security descriptor associated with the service control manager.
The SC_MANAGER_CONNECT access right is implicitly specified by calling this
function.boolean CreateProcessAsUser(WinNT.HANDLE hToken, String lpApplicationName, String lpCommandLine, WinBase.SECURITY_ATTRIBUTES lpProcessAttributes, WinBase.SECURITY_ATTRIBUTES lpThreadAttributes, boolean bInheritHandles, int dwCreationFlags, String lpEnvironment, String lpCurrentDirectory, WinBase.STARTUPINFO lpStartupInfo, WinBase.PROCESS_INFORMATION lpProcessInformation)
hToken
- A handle to the primary token that represents a user.lpApplicationName
- The name of the module to be executed.lpCommandLine
- The command line to be executed.lpProcessAttributes
- A pointer to a SECURITY_ATTRIBUTES structure that
specifies a security descriptor for the new process object and determines whether
child processes can inherit the returned handle to the process.lpThreadAttributes
- A pointer to a SECURITY_ATTRIBUTES structure that specifies
a security descriptor for the new thread object and determines whether child processes
can inherit the returned handle to the thread.bInheritHandles
- If this parameter is TRUE, each inheritable handle in the
calling process is inherited by the new process. If the parameter is FALSE, the
handles are not inherited. Note that inherited handles have the same value and access
rights as the original handles.dwCreationFlags
- The flags that control the priority class and the creation of the process.
For a list of values, see Process Creation Flags.lpEnvironment
- A pointer to an environment block for the new process. If this
parameter is NULL, the new process uses the environment of the calling process.
An environment block consists of a null-terminated block of null-terminated strings.
Each string is in the following form: name=value\0lpCurrentDirectory
- The full path to the current directory for the process. The
string can also specify a UNC path.lpStartupInfo
- A pointer to a STARTUPINFO or STARTUPINFOEX structure.lpProcessInformation
- A pointer to a PROCESS_INFORMATION structure that receives
identification information about the new process.boolean AdjustTokenPrivileges(WinNT.HANDLE TokenHandle, boolean DisableAllPrivileges, WinNT.TOKEN_PRIVILEGES NewState, int BufferLength, WinNT.TOKEN_PRIVILEGES PreviousState, IntByReference ReturnLength)
TokenHandle
- A handle to the access token that contains the privileges to be modified.DisableAllPrivileges
- Specifies whether the function disables all of the token's privileges.NewState
- A pointer to a TOKEN_PRIVILEGES structure that specifies an array of privileges and their attributes.BufferLength
- Specifies the size, in bytes, of the buffer pointed to by the PreviousState
parameter. This parameter can be zero if the PreviousState parameter is NULL.PreviousState
- A pointer to a buffer that the function fills with a TOKEN_PRIVILEGES structure that contains
the previous state of any privileges that the function modifies.ReturnLength
- A pointer to a variable that receives the required size, in bytes, of the buffer
pointed to by the PreviousState parameter.boolean LookupPrivilegeName(String lpSystemName, WinNT.LUID lpLuid, char[] lpName, IntByReference cchName)
lpSystemName
- A pointer to a null-terminated string that specifies the name of the system on
which the privilege name is retrieved. If a null string is specified, the function attempts to
find the privilege name on the local system.lpLuid
- A pointer to the LUID by which the privilege is known on the target system.lpName
- A pointer to a buffer that receives a null-terminated string that represents the privilege name.
For example, this string could be "SeSecurityPrivilege".cchName
- A pointer to a variable that specifies the size, in a TCHAR value, of the lpName buffer.boolean LookupPrivilegeValue(String lpSystemName, String lpName, WinNT.LUID lpLuid)
lpSystemName
- A pointer to a null-terminated string that specifies the name of the
system on which the privilege name is retrieved. If a null string is specified, the
function attempts to find the privilege name on the local system.lpName
- A pointer to a null-terminated string that specifies the name of the privilege,
as defined in the Winnt.h header file. For example, this parameter could specify the constant,
SE_SECURITY_NAME, or its corresponding string, "SeSecurityPrivilege".lpLuid
- A pointer to a variable that receives the LUID by which the privilege
is known on the system specified by the lpSystemName parameter.boolean GetFileSecurity(WString lpFileName, int RequestedInformation, Pointer pointer, int nLength, IntByReference lpnLengthNeeded)
lpFileName
- A pointer to a null-terminated string that specifies the file or directory for which security information is retrieved.RequestedInformation
- A SECURITY_INFORMATION value that identifies the security information being requested. See WinNT *_SECURITY_INFORMATIONpointer
- A pointer to a buffer that receives a copy of the security descriptor of the object specified by the lpFileName parameter.
The calling process must have permission to view the specified aspects of the object's security status.
The SECURITY_DESCRIPTOR structure is returned in self-relative format.nLength
- Specifies the size, in bytes, of the buffer pointed to by the pSecurityDescriptor parameter.lpnLengthNeeded
- A pointer to the variable that receives the number of bytes necessary to store the complete security descriptor.
If the returned number of bytes is less than or equal to nLength, the entire security descriptor is returned in the output buffer;
otherwise, none of the descriptor is returned.