public interface Advapi32 extends StdCallLibrary
StdCallLibrary.StdCallCallback
Library.Handler
Modifier and Type | Field and Description |
---|---|
static Advapi32 |
INSTANCE |
static int |
MAX_KEY_LENGTH |
static int |
MAX_VALUE_NAME |
static int |
RRF_RT_ANY |
static int |
RRF_RT_DWORD |
static int |
RRF_RT_QWORD |
static int |
RRF_RT_REG_BINARY |
static int |
RRF_RT_REG_DWORD |
static int |
RRF_RT_REG_EXPAND_SZ |
static int |
RRF_RT_REG_MULTI_SZ |
static int |
RRF_RT_REG_NONE |
static int |
RRF_RT_REG_QWORD |
static int |
RRF_RT_REG_SZ |
FUNCTION_MAPPER, STDCALL_CONVENTION
OPTION_ALLOW_OBJECTS, OPTION_CALLING_CONVENTION, OPTION_CLASSLOADER, OPTION_FUNCTION_MAPPER, OPTION_INVOCATION_MAPPER, OPTION_OPEN_FLAGS, OPTION_STRING_ENCODING, OPTION_STRUCTURE_ALIGNMENT, OPTION_TYPE_MAPPER
Modifier and Type | Method and Description |
---|---|
boolean |
AccessCheck(Pointer pSecurityDescriptor,
WinNT.HANDLE ClientToken,
WinDef.DWORD DesiredAccess,
WinNT.GENERIC_MAPPING GenericMapping,
WinNT.PRIVILEGE_SET PrivilegeSet,
WinDef.DWORDByReference PrivilegeSetLength,
WinDef.DWORDByReference GrantedAccess,
WinDef.BOOLByReference AccessStatus)
Check if the if the security descriptor grants access to the given client token.
|
boolean |
AdjustTokenPrivileges(WinNT.HANDLE TokenHandle,
boolean DisableAllPrivileges,
WinNT.TOKEN_PRIVILEGES NewState,
int BufferLength,
WinNT.TOKEN_PRIVILEGES PreviousState,
IntByReference ReturnLength)
The AdjustTokenPrivileges function enables or disables privileges in the
specified access token.
|
boolean |
BackupEventLog(WinNT.HANDLE hEventLog,
String lpBackupFileName)
Saves the specified event log to a backup file.
|
boolean |
ClearEventLog(WinNT.HANDLE hEventLog,
String lpBackupFileName)
Clears the specified event log, and optionally saves the current copy of
the log to a backup file.
|
void |
CloseEncryptedFileRaw(Pointer pvContext)
Closes an encrypted file after a backup or restore operation, and frees
associated system resources.
|
boolean |
CloseEventLog(WinNT.HANDLE hEventLog)
Closes the specified event log.
|
boolean |
CloseServiceHandle(Winsvc.SC_HANDLE hSCObject)
Closes a handle to a service control manager or service object.
|
boolean |
ControlService(Winsvc.SC_HANDLE hService,
int dwControl,
Winsvc.SERVICE_STATUS lpServiceStatus)
Sends a control code to a service.
|
boolean |
ConvertSidToStringSid(WinNT.PSID Sid,
PointerByReference StringSid)
Convert a security identifier (SID) to a string format suitable for
display, storage, or transmission.
|
boolean |
ConvertStringSidToSid(String StringSid,
WinNT.PSIDByReference Sid)
Convert a string-format security identifier (SID) into a valid,
functional SID.
|
boolean |
CreateProcessAsUser(WinNT.HANDLE hToken,
String lpApplicationName,
String lpCommandLine,
WinBase.SECURITY_ATTRIBUTES lpProcessAttributes,
WinBase.SECURITY_ATTRIBUTES lpThreadAttributes,
boolean bInheritHandles,
int dwCreationFlags,
String lpEnvironment,
String lpCurrentDirectory,
WinBase.STARTUPINFO lpStartupInfo,
WinBase.PROCESS_INFORMATION lpProcessInformation)
Creates a new process and its primary thread.
|
boolean |
CreateWellKnownSid(int wellKnownSidType,
WinNT.PSID domainSid,
WinNT.PSID pSid,
IntByReference cbSid)
The CreateWellKnownSid function creates a SID for predefined aliases.
|
boolean |
DecryptFile(WString lpFileName,
WinDef.DWORD dwReserved)
Decrypts an encrypted file or directory.
|
boolean |
DeregisterEventSource(WinNT.HANDLE hEventLog)
Closes the specified event log.
|
boolean |
DuplicateToken(WinNT.HANDLE ExistingTokenHandle,
int ImpersonationLevel,
WinNT.HANDLEByReference DuplicateTokenHandle)
The DuplicateToken function creates a new access token that duplicates
one already in existence.
|
boolean |
DuplicateTokenEx(WinNT.HANDLE hExistingToken,
int dwDesiredAccess,
WinBase.SECURITY_ATTRIBUTES lpTokenAttributes,
int ImpersonationLevel,
int TokenType,
WinNT.HANDLEByReference phNewToken)
The DuplicateTokenEx function creates a new access token that duplicates
an existing token.
|
boolean |
EncryptFile(WString lpFileName)
Encrypts a file or directory.
|
boolean |
EncryptionDisable(WString DirPath,
boolean Disable)
Disables or enables encryption of the specified directory and the files in
it.
|
boolean |
FileEncryptionStatus(WString lpFileName,
WinDef.DWORDByReference lpStatus)
Retrieves the encryption status of the specified file.
|
boolean |
GetFileSecurity(WString lpFileName,
int RequestedInformation,
Pointer pointer,
int nLength,
IntByReference lpnLengthNeeded)
The function obtains specified information about the security of a file
or directory.
|
int |
GetLengthSid(WinNT.PSID pSid)
Returns the length, in bytes, of a valid security identifier (SID).
|
int |
GetNamedSecurityInfo(String pObjectName,
int ObjectType,
int SecurityInfo,
PointerByReference ppsidOwner,
PointerByReference ppsidGroup,
PointerByReference ppDacl,
PointerByReference ppSacl,
PointerByReference ppSecurityDescriptor)
The GetNamedSecurityInfo function retrieves a copy of the security
descriptor for an object specified by name
|
boolean |
GetNumberOfEventLogRecords(WinNT.HANDLE hEventLog,
IntByReference NumberOfRecords)
Retrieves the number of records in the specified event log.
|
boolean |
GetOldestEventLogRecord(WinNT.HANDLE hEventLog,
IntByReference OldestRecord)
The GetOldestEventLogRecord function retrieves the absolute record number
of the oldest record in the specified event log.
|
int |
GetSecurityDescriptorLength(Pointer ppSecurityDescriptor)
The GetSecurityDescriptorLength function returns the length, in bytes, of a structurally
valid security descriptor.
|
boolean |
GetTokenInformation(WinNT.HANDLE tokenHandle,
int tokenInformationClass,
Structure tokenInformation,
int tokenInformationLength,
IntByReference returnLength)
Retrieves a specified type of information about an access token.
|
boolean |
GetUserNameW(char[] buffer,
IntByReference len)
Retrieves the name of the user associated with the current thread.
|
boolean |
ImpersonateLoggedOnUser(WinNT.HANDLE hToken)
The ImpersonateLoggedOnUser function lets the calling thread impersonate
the security context of a logged-on user.
|
boolean |
ImpersonateSelf(int ImpersonationLevel)
The ImpersonateSelf function obtains an access token that impersonates
the security context of the calling process.
|
boolean |
IsValidAcl(Pointer pAcl)
The IsValidAcl function validates an access control list (ACL).
|
boolean |
IsValidSecurityDescriptor(Pointer ppSecurityDescriptor)
The IsValidSecurityDescriptor function determines whether the components of a security descriptor are valid.
|
boolean |
IsValidSid(WinNT.PSID pSid)
The IsValidSid function validates a security identifier (SID) by
verifying that the revision number is within a known range, and that the
number of subauthorities is less than the maximum.
|
boolean |
IsWellKnownSid(WinNT.PSID pSid,
int wellKnownSidType)
Compares a SID to a well known SID and returns TRUE if they match.
|
boolean |
LogonUser(String lpszUsername,
String lpszDomain,
String lpszPassword,
int logonType,
int logonProvider,
WinNT.HANDLEByReference phToken)
The LogonUser function attempts to log a user on to the local computer.
|
boolean |
LookupAccountName(String lpSystemName,
String lpAccountName,
WinNT.PSID Sid,
IntByReference cbSid,
char[] ReferencedDomainName,
IntByReference cchReferencedDomainName,
PointerByReference peUse)
Accepts the name of a system and anaccount as input and retrieves a
security identifier (SID) for the account and the name of the domain on
which the account was found.
|
boolean |
LookupAccountSid(String lpSystemName,
WinNT.PSID Sid,
char[] lpName,
IntByReference cchName,
char[] ReferencedDomainName,
IntByReference cchReferencedDomainName,
PointerByReference peUse)
Retrieves the name of the account for this SID and the name of the first
domain on which this SID is found.
|
boolean |
LookupPrivilegeName(String lpSystemName,
WinNT.LUID lpLuid,
char[] lpName,
IntByReference cchName)
The LookupPrivilegeName function retrieves the name that corresponds to
the privilege represented on a specific system by a specified locally
unique identifier (LUID).
|
boolean |
LookupPrivilegeValue(String lpSystemName,
String lpName,
WinNT.LUID lpLuid)
The LookupPrivilegeValue function retrieves the locally unique identifier
(LUID) used on a specified system to locally represent the specified
privilege name.
|
void |
MapGenericMask(WinDef.DWORDByReference AccessMask,
WinNT.GENERIC_MAPPING GenericMapping)
Applies the given mapping of generic access rights to the given access mask.
|
WinNT.HANDLE |
OpenBackupEventLog(String lpUNCServerName,
String lpFileName)
Opens a handle to a backup event log created by the BackupEventLog
function.
|
int |
OpenEncryptedFileRaw(WString lpFileName,
WinDef.ULONG ulFlags,
PointerByReference pvContext)
Opens an encrypted file in order to backup (export) or restore (import) the
file.
|
WinNT.HANDLE |
OpenEventLog(String lpUNCServerName,
String lpSourceName)
Opens a handle to the specified event log.
|
boolean |
OpenProcessToken(WinNT.HANDLE ProcessHandle,
int DesiredAccess,
WinNT.HANDLEByReference TokenHandle)
The OpenProcessToken function opens the access token associated with a
process.
|
Winsvc.SC_HANDLE |
OpenSCManager(String lpMachineName,
String lpDatabaseName,
int dwDesiredAccess)
Establishes a connection to the service control manager on the specified
computer and opens the specified service control manager database.
|
Winsvc.SC_HANDLE |
OpenService(Winsvc.SC_HANDLE hSCManager,
String lpServiceName,
int dwDesiredAccess)
Opens an existing service.
|
boolean |
OpenThreadToken(WinNT.HANDLE ThreadHandle,
int DesiredAccess,
boolean OpenAsSelf,
WinNT.HANDLEByReference TokenHandle)
The OpenThreadToken function opens the access token associated with a
thread.
|
boolean |
QueryServiceStatusEx(Winsvc.SC_HANDLE hService,
int InfoLevel,
Winsvc.SERVICE_STATUS_PROCESS lpBuffer,
int cbBufSize,
IntByReference pcbBytesNeeded)
Retrieves the current status of the specified service based on the
specified information level.
|
int |
ReadEncryptedFileRaw(WinBase.FE_EXPORT_FUNC pfExportCallback,
Pointer pvCallbackContext,
Pointer pvContext)
Backs up (export) encrypted files.
|
boolean |
ReadEventLog(WinNT.HANDLE hEventLog,
int dwReadFlags,
int dwRecordOffset,
Pointer lpBuffer,
int nNumberOfBytesToRead,
IntByReference pnBytesRead,
IntByReference pnMinNumberOfBytesNeeded)
Reads the specified number of entries from the specified event log.
|
int |
RegCloseKey(WinReg.HKEY hKey)
The RegCloseKey function releases a handle to the specified registry key.
|
int |
RegCreateKeyEx(WinReg.HKEY hKey,
String lpSubKey,
int Reserved,
String lpClass,
int dwOptions,
int samDesired,
WinBase.SECURITY_ATTRIBUTES lpSecurityAttributes,
WinReg.HKEYByReference phkResult,
IntByReference lpdwDisposition) |
int |
RegDeleteKey(WinReg.HKEY hKey,
String name) |
int |
RegDeleteValue(WinReg.HKEY hKey,
String lpValueName)
The RegDeleteValue function removes a named value from the specified
registry key.
|
int |
RegEnumKeyEx(WinReg.HKEY hKey,
int dwIndex,
char[] lpName,
IntByReference lpcName,
IntByReference reserved,
char[] lpClass,
IntByReference lpcClass,
WinBase.FILETIME lpftLastWriteTime)
The RegEnumKeyEx function enumerates subkeys of the specified open
registry key.
|
int |
RegEnumValue(WinReg.HKEY hKey,
int dwIndex,
char[] lpValueName,
IntByReference lpcchValueName,
IntByReference reserved,
IntByReference lpType,
byte[] lpData,
IntByReference lpcbData)
The RegEnumValue function enumerates the values for the specified open
registry key.
|
int |
RegGetValue(WinReg.HKEY hkey,
String lpSubKey,
String lpValue,
int dwFlags,
IntByReference pdwType,
byte[] pvData,
IntByReference pcbData)
Retrieves the type and data for the specified registry value.
|
WinNT.HANDLE |
RegisterEventSource(String lpUNCServerName,
String lpSourceName)
Retrieves a registered handle to the specified event log.
|
int |
RegOpenKeyEx(WinReg.HKEY hKey,
String lpSubKey,
int ulOptions,
int samDesired,
WinReg.HKEYByReference phkResult)
The RegOpenKeyEx function opens the specified registry key.
|
int |
RegQueryInfoKey(WinReg.HKEY hKey,
char[] lpClass,
IntByReference lpcClass,
IntByReference lpReserved,
IntByReference lpcSubKeys,
IntByReference lpcMaxSubKeyLen,
IntByReference lpcMaxClassLen,
IntByReference lpcValues,
IntByReference lpcMaxValueNameLen,
IntByReference lpcMaxValueLen,
IntByReference lpcbSecurityDescriptor,
WinBase.FILETIME lpftLastWriteTime)
The RegQueryInfoKey function retrieves information about the specified
registry key.
|
int |
RegQueryValueEx(WinReg.HKEY hKey,
String lpValueName,
int lpReserved,
IntByReference lpType,
byte[] lpData,
IntByReference lpcbData) |
int |
RegQueryValueEx(WinReg.HKEY hKey,
String lpValueName,
int lpReserved,
IntByReference lpType,
char[] lpData,
IntByReference lpcbData)
The RegQueryValueEx function retrieves the type and data for a specified
value name associated with an open registry key.
|
int |
RegQueryValueEx(WinReg.HKEY hKey,
String lpValueName,
int lpReserved,
IntByReference lpType,
IntByReference lpData,
IntByReference lpcbData) |
int |
RegQueryValueEx(WinReg.HKEY hKey,
String lpValueName,
int lpReserved,
IntByReference lpType,
LongByReference lpData,
IntByReference lpcbData) |
int |
RegQueryValueEx(WinReg.HKEY hKey,
String lpValueName,
int lpReserved,
IntByReference lpType,
Pointer lpData,
IntByReference lpcbData) |
int |
RegSetValueEx(WinReg.HKEY hKey,
String lpValueName,
int Reserved,
int dwType,
byte[] lpData,
int cbData) |
int |
RegSetValueEx(WinReg.HKEY hKey,
String lpValueName,
int Reserved,
int dwType,
char[] lpData,
int cbData)
The RegSetValueEx function sets the data and type of a specified value
under a registry key.
|
boolean |
ReportEvent(WinNT.HANDLE hEventLog,
int wType,
int wCategory,
int dwEventID,
WinNT.PSID lpUserSid,
int wNumStrings,
int dwDataSize,
String[] lpStrings,
Pointer lpRawData)
Writes an entry at the end of the specified event log.
|
boolean |
RevertToSelf()
The RevertToSelf function terminates the impersonation of a client
application.
|
int |
SetNamedSecurityInfo(String pObjectName,
int ObjectType,
int SecurityInfo,
Pointer ppsidOwner,
Pointer ppsidGroup,
Pointer ppDacl,
Pointer ppSacl)
The SetNamedSecurityInfo function sets specified security information in
the security descriptor of a specified object.
|
boolean |
SetThreadToken(WinNT.HANDLEByReference ThreadHandle,
WinNT.HANDLE TokenHandle)
The SetThreadToken function assigns an impersonation token to a thread.
|
boolean |
StartService(Winsvc.SC_HANDLE hService,
int dwNumServiceArgs,
String[] lpServiceArgVectors)
Starts a service.
|
int |
WriteEncryptedFileRaw(WinBase.FE_IMPORT_FUNC pfImportCallback,
Pointer pvCallbackContext,
Pointer pvContext)
Restores (import) encrypted files.
|
static final Advapi32 INSTANCE
static final int MAX_KEY_LENGTH
static final int MAX_VALUE_NAME
static final int RRF_RT_ANY
static final int RRF_RT_DWORD
static final int RRF_RT_QWORD
static final int RRF_RT_REG_BINARY
static final int RRF_RT_REG_DWORD
static final int RRF_RT_REG_EXPAND_SZ
static final int RRF_RT_REG_MULTI_SZ
static final int RRF_RT_REG_NONE
static final int RRF_RT_REG_QWORD
static final int RRF_RT_REG_SZ
boolean GetUserNameW(char[] buffer, IntByReference len)
buffer
- Buffer to receive the user's logon name.len
- On input, the size of the buffer, on output the number of
characters copied into the buffer, including the terminating
null character.boolean LookupAccountName(String lpSystemName, String lpAccountName, WinNT.PSID Sid, IntByReference cbSid, char[] ReferencedDomainName, IntByReference cchReferencedDomainName, PointerByReference peUse)
lpSystemName
- Specifies the name of the system.lpAccountName
- Specifies the account name.Sid
- Receives the SID structure that corresponds to the account
name pointed to by the lpAccountName parameter.cbSid
- On input, this value specifies the size, in bytes, of the Sid
buffer. If the function fails because the buffer is too small
or if cbSid is zero, this variable receives the required
buffer size.ReferencedDomainName
- Receives the name of the domain where the account name is
found.cchReferencedDomainName
- On input, this value specifies the size, in TCHARs, of the
ReferencedDomainName buffer. If the function fails because the
buffer is too small, this variable receives the required
buffer size, including the terminating null character.peUse
- SID_NAME_USE enumerated type that indicates the type of the
account when the function returns.boolean LookupAccountSid(String lpSystemName, WinNT.PSID Sid, char[] lpName, IntByReference cchName, char[] ReferencedDomainName, IntByReference cchReferencedDomainName, PointerByReference peUse)
lpSystemName
- Specifies the target computer.Sid
- The SID to look up.lpName
- Buffer that receives a null-terminated string that contains
the account name that corresponds to the lpSid parameter.cchName
- On input, specifies the size, in TCHARs, of the lpName buffer.
If the function fails because the buffer is too small or if
cchName is zero, cchName receives the required buffer size,
including the terminating null character.ReferencedDomainName
- Pointer to a buffer that receives a null-terminated string
that contains the name of the domain where the account name
was found.cchReferencedDomainName
- On input, specifies the size, in TCHARs, of the
lpReferencedDomainName buffer. If the function fails because
the buffer is too small or if cchReferencedDomainName is zero,
cchReferencedDomainName receives the required buffer size,
including the terminating null character.peUse
- Pointer to a variable that receives a SID_NAME_USE value that
indicates the type of the account.boolean ConvertSidToStringSid(WinNT.PSID Sid, PointerByReference StringSid)
Sid
- The SID structure to be converted.StringSid
- Pointer to a variable that receives a pointer to a
null-terminated SID string. To free the returned buffer, call
the LocalFree function.boolean ConvertStringSidToSid(String StringSid, WinNT.PSIDByReference Sid)
StringSid
- The string-format SID to convert.Sid
- Receives a pointer to the converted SID.int GetLengthSid(WinNT.PSID pSid)
pSid
- A pointer to the SID structure whose length is returned.boolean IsValidSid(WinNT.PSID pSid)
pSid
- Pointer to the SID structure to validate. This parameter
cannot be NULL.boolean IsWellKnownSid(WinNT.PSID pSid, int wellKnownSidType)
pSid
- SID to test.wellKnownSidType
- Member of the WELL_KNOWN_SID_TYPE enumeration to compare with
the SID at pSid.boolean CreateWellKnownSid(int wellKnownSidType, WinNT.PSID domainSid, WinNT.PSID pSid, IntByReference cbSid)
wellKnownSidType
- Member of the WELL_KNOWN_SID_TYPE enumeration that specifies
what the SID will identify.domainSid
- Pointer to a SID that identifies the domain control to use
when creating the SID. Pass NULL to use the local computer.pSid
- Pointer to memory where CreateWellKnownSid will store the new
SID.cbSid
- Pointer to a DWORD that contains the number of bytes available
at pSid. The CreateWellKnownSid function stores the number of
bytes actually used at this location.boolean LogonUser(String lpszUsername, String lpszDomain, String lpszPassword, int logonType, int logonProvider, WinNT.HANDLEByReference phToken)
lpszUsername
- A pointer to a null-terminated string that specifies the name
of the user. This is the name of the user account to log on
to. If you use the user principal name (UPN) format,
user@DNS_domain_name, the lpszDomain parameter must be NULL.lpszDomain
- A pointer to a null-terminated string that specifies the name
of the domain or server whose account database contains the
lpszUsername account. If this parameter is NULL, the user name
must be specified in UPN format. If this parameter is ".", the
function validates the account using only the local account
database.lpszPassword
- A pointer to a null-terminated string that specifies the
plaintext password for the user account specified by
lpszUsername.logonType
- The type of logon operation to perform.logonProvider
- Specifies the logon provider.phToken
- A pointer to a handle variable that receives a handle to a
token that represents the specified user.boolean OpenThreadToken(WinNT.HANDLE ThreadHandle, int DesiredAccess, boolean OpenAsSelf, WinNT.HANDLEByReference TokenHandle)
ThreadHandle
- Handle to the thread whose access token is opened.DesiredAccess
- Specifies an access mask that specifies the requested types of
access to the access token. These requested access types are
reconciled against the token's discretionary access control
list (DACL) to determine which accesses are granted or denied.OpenAsSelf
- Indicates whether the access check is to be made against the
security context of the thread calling the OpenThreadToken
function or against the security context of the process for
the calling thread.TokenHandle
- Pointer to a variable that receives the handle to the newly
opened access token.boolean SetThreadToken(WinNT.HANDLEByReference ThreadHandle, WinNT.HANDLE TokenHandle)
ThreadHandle
- [in, optional]
A pointer to a handle to the thread to which the function
assigns the impersonation token. If ThreadHandle is NULL, the
function assigns the impersonation token to the calling thread.TokenHandle
- [in, optional]
A handle to the impersonation token to assign to the thread.
This handle must have been opened with TOKEN_IMPERSONATE access
rights. For more information, see Access Rights for Access-Token
Objects. If Token is NULL, the function causes the
thread to stop using an impersonation token.boolean OpenProcessToken(WinNT.HANDLE ProcessHandle, int DesiredAccess, WinNT.HANDLEByReference TokenHandle)
ProcessHandle
- Handle to the process whose access token is opened. The
process must have the PROCESS_QUERY_INFORMATION access
permission.DesiredAccess
- Specifies an access mask that specifies the requested types of
access to the access token. These requested access types are
compared with the discretionary access control list (DACL) of
the token to determine which accesses are granted or denied.TokenHandle
- Pointer to a handle that identifies the newly opened access
token when the function returns.boolean DuplicateToken(WinNT.HANDLE ExistingTokenHandle, int ImpersonationLevel, WinNT.HANDLEByReference DuplicateTokenHandle)
ExistingTokenHandle
- Handle to an access token opened with TOKEN_DUPLICATE access.ImpersonationLevel
- Specifies a SECURITY_IMPERSONATION_LEVEL enumerated type that
supplies the impersonation level of the new token.DuplicateTokenHandle
- Pointer to a variable that receives a handle to the duplicate
token. This handle has TOKEN_IMPERSONATE and TOKEN_QUERY
access to the new token.boolean DuplicateTokenEx(WinNT.HANDLE hExistingToken, int dwDesiredAccess, WinBase.SECURITY_ATTRIBUTES lpTokenAttributes, int ImpersonationLevel, int TokenType, WinNT.HANDLEByReference phNewToken)
hExistingToken
- A handle to an access token opened with TOKEN_DUPLICATE
access.dwDesiredAccess
- Specifies the requested access rights for the new token.lpTokenAttributes
- A pointer to a SECURITY_ATTRIBUTES structure that specifies a
security descriptor for the new token and determines whether
child processes can inherit the token.ImpersonationLevel
- Specifies a value from the SECURITY_IMPERSONATION_LEVEL
enumeration that indicates the impersonation level of the new
token.TokenType
- Specifies one of the following values from the TOKEN_TYPE
enumeration.phNewToken
- A pointer to a HANDLE variable that receives the new token.boolean GetTokenInformation(WinNT.HANDLE tokenHandle, int tokenInformationClass, Structure tokenInformation, int tokenInformationLength, IntByReference returnLength)
tokenHandle
- Handle to an access token from which information is retrieved.
If TokenInformationClass specifies TokenSource, the handle
must have TOKEN_QUERY_SOURCE access. For all other
TokenInformationClass values, the handle must have TOKEN_QUERY
access.tokenInformationClass
- Specifies a value from the TOKEN_INFORMATION_CLASS enumerated
type to identify the type of information the function
retrieves.tokenInformation
- Pointer to a buffer the function fills with the requested
information. The structure put into this buffer depends upon
the type of information specified by the TokenInformationClass
parameter.tokenInformationLength
- Specifies the size, in bytes, of the buffer pointed to by the
TokenInformation parameter. If TokenInformation is NULL, this
parameter must be zero.returnLength
- Pointer to a variable that receives the number of bytes needed
for the buffer pointed to by the TokenInformation parameter.
If this value is larger than the value specified in the
TokenInformationLength parameter, the function fails and
stores no data in the buffer.boolean ImpersonateLoggedOnUser(WinNT.HANDLE hToken)
hToken
- Handle to a primary or impersonation access token that
represents a logged-on user. This can be a token handle
returned by a call to LogonUser, CreateRestrictedToken,
DuplicateToken, DuplicateTokenEx, OpenProcessToken, or
OpenThreadToken functions. If hToken is a primary token, it
must have TOKEN_QUERY and TOKEN_DUPLICATE access. If hToken is
an impersonation token, it must have TOKEN_QUERY and
TOKEN_IMPERSONATE access.boolean ImpersonateSelf(int ImpersonationLevel)
ImpersonationLevel
- Specifies a SECURITY_IMPERSONATION_LEVEL enumerated type that
supplies the impersonation level of the new token.boolean RevertToSelf()
int RegOpenKeyEx(WinReg.HKEY hKey, String lpSubKey, int ulOptions, int samDesired, WinReg.HKEYByReference phkResult)
hKey
- Handle to an open key.lpSubKey
- Pointer to a null-terminated string containing the name of the
subkey to open.ulOptions
- Reserved; must be zero.samDesired
- Access mask that specifies the desired access rights to the
key. The function fails if the security descriptor of the key
does not permit the requested access for the calling process.phkResult
- Pointer to a variable that receives a handle to the opened
key. If the key is not one of the predefined registry keys,
call the RegCloseKey function after you have finished using
the handle.int RegQueryValueEx(WinReg.HKEY hKey, String lpValueName, int lpReserved, IntByReference lpType, char[] lpData, IntByReference lpcbData)
hKey
- Handle to an open key. The key must have been opened with the
KEY_QUERY_VALUE access right.lpValueName
- Pointer to a null-terminated string containing the name of the
value to query. If lpValueName is NULL or an empty string, "",
the function retrieves the type and data for the key's unnamed
or default value, if any.lpReserved
- Reserved; must be NULL.lpType
- Pointer to a variable that receives a code indicating the type
of data stored in the specified value.lpData
- Pointer to a buffer that receives the value's data. This
parameter can be NULL if the data is not required. If the data
is a string, the function checks for a terminating null
character. If one is not found, the string is stored with a
null terminator if the buffer is large enough to accommodate
the extra character. Otherwise, the string is stored as is.lpcbData
- Pointer to a variable that specifies the size of the buffer
pointed to by the lpData parameter, in bytes. When the
function returns, this variable contains the size of the data
copied to lpData. The lpcbData parameter can be NULL only if
lpData is NULL. If the data has the REG_SZ, REG_MULTI_SZ or
REG_EXPAND_SZ type, this size includes any terminating null
character or characters. If the buffer specified by lpData
parameter is not large enough to hold the data, the function
returns ERROR_MORE_DATA and stores the required buffer size in
the variable pointed to by lpcbData. In this case, the
contents of the lpData buffer are undefined. If lpData is
NULL, and lpcbData is non-NULL, the function returns
ERROR_SUCCESS and stores the size of the data, in bytes, in
the variable pointed to by lpcbData. This enables an
application to determine the best way to allocate a buffer for
the value's data.int RegQueryValueEx(WinReg.HKEY hKey, String lpValueName, int lpReserved, IntByReference lpType, byte[] lpData, IntByReference lpcbData)
int RegQueryValueEx(WinReg.HKEY hKey, String lpValueName, int lpReserved, IntByReference lpType, IntByReference lpData, IntByReference lpcbData)
int RegQueryValueEx(WinReg.HKEY hKey, String lpValueName, int lpReserved, IntByReference lpType, LongByReference lpData, IntByReference lpcbData)
int RegQueryValueEx(WinReg.HKEY hKey, String lpValueName, int lpReserved, IntByReference lpType, Pointer lpData, IntByReference lpcbData)
int RegCloseKey(WinReg.HKEY hKey)
hKey
- Handle to the open key to be closed. The handle must have been
opened by the RegCreateKeyEx, RegOpenKeyEx, or
RegConnectRegistry function.int RegDeleteValue(WinReg.HKEY hKey, String lpValueName)
hKey
- Handle to an open key. The key must have been opened with the
KEY_SET_VALUE access right.lpValueName
- Pointer to a null-terminated string that names the value to
remove. If this parameter is NULL or an empty string, the
value set by the RegSetValue function is removed.int RegSetValueEx(WinReg.HKEY hKey, String lpValueName, int Reserved, int dwType, char[] lpData, int cbData)
hKey
- Handle to an open key. The key must have been opened with the
KEY_SET_VALUE access right.lpValueName
- Pointer to a string containing the name of the value to set.
If a value with this name is not already present in the key,
the function adds it to the key. If lpValueName is NULL or an
empty string, "", the function sets the type and data for the
key's unnamed or default value.Reserved
- Reserved; must be zero.dwType
- Type of data pointed to by the lpData parameter.lpData
- Pointer to a buffer containing the data to be stored with the
specified value name.cbData
- Size of the information pointed to by the lpData parameter, in
bytes. If the data is of type REG_SZ, REG_EXPAND_SZ, or
REG_MULTI_SZ, cbData must include the size of the terminating
null character or characters.int RegSetValueEx(WinReg.HKEY hKey, String lpValueName, int Reserved, int dwType, byte[] lpData, int cbData)
int RegCreateKeyEx(WinReg.HKEY hKey, String lpSubKey, int Reserved, String lpClass, int dwOptions, int samDesired, WinBase.SECURITY_ATTRIBUTES lpSecurityAttributes, WinReg.HKEYByReference phkResult, IntByReference lpdwDisposition)
hKey
- registry keylpSubKey
- subkey nameReserved
- unusedlpClass
- classdwOptions
- optionssamDesired
- ?lpSecurityAttributes
- security attributesphkResult
- resulting keylpdwDisposition
- ?int RegDeleteKey(WinReg.HKEY hKey, String name)
hKey
- registry keyname
- key nameint RegEnumKeyEx(WinReg.HKEY hKey, int dwIndex, char[] lpName, IntByReference lpcName, IntByReference reserved, char[] lpClass, IntByReference lpcClass, WinBase.FILETIME lpftLastWriteTime)
hKey
- Handle to an open key. The key must have been opened with the
KEY_ENUMERATE_SUB_KEYS access right.dwIndex
- Index of the subkey to retrieve. This parameter should be zero
for the first call to the RegEnumKeyEx function and then
incremented for subsequent calls. Because subkeys are not
ordered, any new subkey will have an arbitrary index. This
means that the function may return subkeys in any order.lpName
- Pointer to a buffer that receives the name of the subkey,
including the terminating null character. The function copies
only the name of the subkey, not the full key hierarchy, to
the buffer.lpcName
- Pointer to a variable that specifies the size of the buffer
specified by the lpName parameter, in TCHARs. This size should
include the terminating null character. When the function
returns, the variable pointed to by lpcName contains the
number of characters stored in the buffer. The count returned
does not include the terminating null character.reserved
- Reserved; must be NULL.lpClass
- Pointer to a buffer that receives the null-terminated class
string of the enumerated subkey. This parameter can be NULL.lpcClass
- Pointer to a variable that specifies the size of the buffer
specified by the lpClass parameter, in TCHARs. The size should
include the terminating null character. When the function
returns, lpcClass contains the number of characters stored in
the buffer. The count returned does not include the
terminating null character. This parameter can be NULL only if
lpClass is NULL.lpftLastWriteTime
- Pointer to a variable that receives the time at which the
enumerated subkey was last written.int RegEnumValue(WinReg.HKEY hKey, int dwIndex, char[] lpValueName, IntByReference lpcchValueName, IntByReference reserved, IntByReference lpType, byte[] lpData, IntByReference lpcbData)
hKey
- Handle to an open key. The key must have been opened with the
KEY_QUERY_VALUE access right.dwIndex
- Index of the value to be retrieved. This parameter should be
zero for the first call to the RegEnumValue function and then
be incremented for subsequent calls. Because values are not
ordered, any new value will have an arbitrary index. This
means that the function may return values in any order.lpValueName
- Pointer to a buffer that receives the name of the value,
including the terminating null character.lpcchValueName
- Pointer to a variable that specifies the size of the buffer
pointed to by the lpValueName parameter, in TCHARs. This size
should include the terminating null character. When the
function returns, the variable pointed to by lpcValueName
contains the number of characters stored in the buffer. The
count returned does not include the terminating null
character.reserved
- Reserved; must be NULL.lpType
- Pointer to a variable that receives a code indicating the type
of data stored in the specified value.lpData
- Pointer to a buffer that receives the data for the value
entry. This parameter can be NULL if the data is not required.lpcbData
- Pointer to a variable that specifies the size of the buffer
pointed to by the lpData parameter, in bytes.int RegQueryInfoKey(WinReg.HKEY hKey, char[] lpClass, IntByReference lpcClass, IntByReference lpReserved, IntByReference lpcSubKeys, IntByReference lpcMaxSubKeyLen, IntByReference lpcMaxClassLen, IntByReference lpcValues, IntByReference lpcMaxValueNameLen, IntByReference lpcMaxValueLen, IntByReference lpcbSecurityDescriptor, WinBase.FILETIME lpftLastWriteTime)
hKey
- A handle to an open key. The key must have been opened with
the KEY_QUERY_VALUE access right.lpClass
- A pointer to a buffer that receives the null-terminated class
string of the key. This parameter can be ignored. This
parameter can be NULL.lpcClass
- A pointer to a variable that specifies the size of the buffer
pointed to by the lpClass parameter, in characters.lpReserved
- Reserved; must be NULL.lpcSubKeys
- A pointer to a variable that receives the number of subkeys
that are contained by the specified key. This parameter can be
NULL.lpcMaxSubKeyLen
- A pointer to a variable that receives the size of the key's
subkey with the longest name, in characters, not including the
terminating null character. This parameter can be NULL.lpcMaxClassLen
- A pointer to a variable that receives the size of the longest
string that specifies a subkey class, in characters. The count
returned does not include the terminating null character. This
parameter can be NULL.lpcValues
- A pointer to a variable that receives the number of values
that are associated with the key. This parameter can be NULL.lpcMaxValueNameLen
- A pointer to a variable that receives the size of the key's
longest value name, in characters. The size does not include
the terminating null character. This parameter can be NULL.lpcMaxValueLen
- A pointer to a variable that receives the size of the longest
data component among the key's values, in bytes. This
parameter can be NULL.lpcbSecurityDescriptor
- A pointer to a variable that receives the size of the key's
security descriptor, in bytes. This parameter can be NULL.lpftLastWriteTime
- A pointer to a FILETIME structure that receives the last write
time. This parameter can be NULL.int RegGetValue(WinReg.HKEY hkey, String lpSubKey, String lpValue, int dwFlags, IntByReference pdwType, byte[] pvData, IntByReference pcbData)
hkey
- [in] A handle to an open registry key. The key must have been
opened with the KEY_QUERY_VALUE access right. For more
information, see Registry Key Security and Access Rights.
This handle is returned by the RegCreateKeyEx,
RegCreateKeyTransacted, RegOpenKeyEx, or RegOpenKeyTransacted
function. It can also be one of the following predefined keys:
HKEY_CLASSES_ROOT HKEY_CURRENT_CONFIG HKEY_CURRENT_USER
HKEY_LOCAL_MACHINE HKEY_PERFORMANCE_DATA
HKEY_PERFORMANCE_NLSTEXT HKEY_PERFORMANCE_TEXT HKEY_USERSlpSubKey
- [in, optional] The name of the registry key. This key must be
a subkey of the key specified by the hkey parameter.
Key names are not case sensitive.lpValue
- [in, optional]
The name of the registry value.
If this parameter is NULL or an empty string, "", the function
retrieves the type and data for the key's unnamed or default
value, if any.
For more information, see Registry Element Size Limits.
Keys do not automatically have an unnamed or default value.
Unnamed values can be of any type.dwFlags
- [in, optional]
The flags that restrict the data type of value to be queried.
If the data type of the value does not meet this criteria, the
function fails. This parameter can be one or more of the
following values.
RRF_RT_ANY 0x0000ffff No type restriction. RRF_RT_DWORD
0x00000018 Restrict type to 32-bit
RRF_RT_REG_BINARY|RRF_RT_REG_DWORD. RRF_RT_QWORD 0x00000048
Restrict type to 64-bit RRF_RT_REG_BINARY | RRF_RT_REG_DWORD.
RRF_RT_REG_BINARY 0x00000008 Restrict type to REG_BINARY.
RRF_RT_REG_DWORD 0x00000010 Restrict type to REG_DWORD.
RRF_RT_REG_EXPAND_SZ 0x00000004 Restrict type to
REG_EXPAND_SZ. RRF_RT_REG_MULTI_SZ 0x00000020 Restrict type to
REG_MULTI_SZ. RRF_RT_REG_NONE 0x00000001 Restrict type to
REG_NONE. RRF_RT_REG_QWORD 0x00000040 Restrict type to
REG_QWORD. RRF_RT_REG_SZ 0x00000002 Restrict type to REG_SZ.
This parameter can also include one or more of the following
values. RRF_NOEXPAND 0x10000000
Do not automatically expand environment strings if the value
is of type REG_EXPAND_SZ.
RRF_ZEROONFAILURE 0x20000000
If pvData is not NULL, set the contents of the buffer to
zeroes on failure.pdwType
- [out, optional]
A pointer to a variable that receives a code indicating the
type of data stored in the specified value. For a list of the
possible type codes, see Registry Value Types. This parameter
can be NULL if the type is not required.pvData
- [out, optional]
A pointer to a buffer that receives the value's data. This
parameter can be NULL if the data is not required.
If the data is a string, the function checks for a terminating
null character. If one is not found, the string is stored with
a null terminator if the buffer is large enough to accommodate
the extra character. Otherwise, the function fails and returns
ERROR_MORE_DATA.pcbData
- [in, out, optional]
A pointer to a variable that specifies the size of the buffer
pointed to by the pvData parameter, in bytes. When the
function returns, this variable contains the size of the data
copied to pvData.
The pcbData parameter can be NULL only if pvData is NULL.
If the data has the REG_SZ, REG_MULTI_SZ or REG_EXPAND_SZ
type, this size includes any terminating null character or
characters. For more information, see Remarks.
If the buffer specified by pvData parameter is not large
enough to hold the data, the function returns ERROR_MORE_DATA
and stores the required buffer size in the variable pointed to
by pcbData. In this case, the contents of the pvData buffer
are undefined.
If pvData is NULL, and pcbData is non-NULL, the function
returns ERROR_SUCCESS and stores the size of the data, in
bytes, in the variable pointed to by pcbData. This enables an
application to determine the best way to allocate a buffer for
the value's data.
If hKey specifies HKEY_PERFORMANCE_DATA and the pvData buffer
is not large enough to contain all of the returned data, the
function returns ERROR_MORE_DATA and the value returned
through the pcbData parameter is undefined. This is because
the size of the performance data can change from one call to
the next. In this case, you must increase the buffer size and
call RegGetValue again passing the updated buffer size in the
pcbData parameter. Repeat this until the function succeeds.
You need to maintain a separate variable to keep track of the
buffer size, because the value returned by pcbData is
unpredictable.
Return value If the function succeeds, the return value is
ERROR_SUCCESS. If the function fails, the return value is a
system error code. If the pvData buffer is too small to
receive the value, the function returns ERROR_MORE_DATA.WinNT.HANDLE RegisterEventSource(String lpUNCServerName, String lpSourceName)
lpUNCServerName
- The Universal Naming Convention (UNC) name of the remote
server on which this operation is to be performed. If this
parameter is NULL, the local computer is used.lpSourceName
- The name of the event source whose handle is to be retrieved.
The source name must be a subkey of a log under the Eventlog
registry key. However, the Security log is for system use
only.boolean DeregisterEventSource(WinNT.HANDLE hEventLog)
hEventLog
- A handle to the event log. The RegisterEventSource function
returns this handle.WinNT.HANDLE OpenEventLog(String lpUNCServerName, String lpSourceName)
lpUNCServerName
- The Universal Naming Convention (UNC) name of the remote
server on which the event log is to be opened. If this
parameter is NULL, the local computer is used.lpSourceName
- The name of the log. If you specify a custom log and it cannot
be found, the event logging service opens the Application log;
however, there will be no associated message or category
string file.boolean CloseEventLog(WinNT.HANDLE hEventLog)
hEventLog
- A handle to the event log to be closed. The OpenEventLog or
OpenBackupEventLog function returns this handle.boolean GetNumberOfEventLogRecords(WinNT.HANDLE hEventLog, IntByReference NumberOfRecords)
hEventLog
- A handle to the open event log. The OpenEventLog or
OpenBackupEventLog function returns this handle.NumberOfRecords
- A pointer to a variable that receives the number of records in
the specified event log.boolean ReportEvent(WinNT.HANDLE hEventLog, int wType, int wCategory, int dwEventID, WinNT.PSID lpUserSid, int wNumStrings, int dwDataSize, String[] lpStrings, Pointer lpRawData)
hEventLog
- A handle to the event log. The RegisterEventSource function
returns this handle. As of Windows XP with SP2, this parameter
cannot be a handle to the Security log. To write an event to
the Security log, use the AuthzReportSecurityEvent function.wType
- The type of event to be logged.wCategory
- The event category. This is source-specific information; the
category can have any value.dwEventID
- The event identifier. The event identifier specifies the entry
in the message file associated with the event source.lpUserSid
- A pointer to the current user's security identifier. This
parameter can be NULL if the security identifier is not
required.wNumStrings
- The number of insert strings in the array pointed to by the
lpStrings parameter. A value of zero indicates that no strings
are present.dwDataSize
- The number of bytes of event-specific raw (binary) data to
write to the log. If this parameter is zero, no event-specific
data is present.lpStrings
- A pointer to a buffer containing an array of null-terminated
strings that are merged into the message before Event Viewer
displays the string to the user. This parameter must be a
valid pointer (or NULL), even if wNumStrings is zero. Each
string is limited to 31,839 characters.lpRawData
- A pointer to the buffer containing the binary data. This
parameter must be a valid pointer (or NULL), even if the
dwDataSize parameter is zero.boolean ClearEventLog(WinNT.HANDLE hEventLog, String lpBackupFileName)
hEventLog
- A handle to the event log to be cleared. The OpenEventLog
function returns this handle.lpBackupFileName
- The absolute or relative path of the backup file. If this file
already exists, the function fails. If the lpBackupFileName
parameter is NULL, the event log is not backed up.boolean BackupEventLog(WinNT.HANDLE hEventLog, String lpBackupFileName)
hEventLog
- A handle to the open event log. The OpenEventLog function
returns this handle.lpBackupFileName
- The absolute or relative path of the backup file.WinNT.HANDLE OpenBackupEventLog(String lpUNCServerName, String lpFileName)
lpUNCServerName
- The Universal Naming Convention (UNC) name of the remote
server on which this operation is to be performed. If this
parameter is NULL, the local computer is used.lpFileName
- The full path of the backup file.boolean ReadEventLog(WinNT.HANDLE hEventLog, int dwReadFlags, int dwRecordOffset, Pointer lpBuffer, int nNumberOfBytesToRead, IntByReference pnBytesRead, IntByReference pnMinNumberOfBytesNeeded)
hEventLog
- A handle to the event log to be read. The OpenEventLog
function returns this handle.dwReadFlags
- Use the following flag values to indicate how to read the log
file.dwRecordOffset
- The record number of the log-entry at which the read operation
should start. This parameter is ignored unless dwReadFlags
includes the EVENTLOG_SEEK_READ flag.lpBuffer
- An application-allocated buffer that will receive one or more
EVENTLOGRECORD structures. This parameter cannot be NULL, even
if the nNumberOfBytesToRead parameter is zero. The maximum
size of this buffer is 0x7ffff bytes.nNumberOfBytesToRead
- The size of the lpBuffer buffer, in bytes. This function will
read as many log entries as will fit in the buffer; the
function will not return partial entries.pnBytesRead
- A pointer to a variable that receives the number of bytes read
by the function.pnMinNumberOfBytesNeeded
- A pointer to a variable that receives the required size of the
lpBuffer buffer. This value is valid only this function
returns zero and GetLastError returns
ERROR_INSUFFICIENT_BUFFER.boolean GetOldestEventLogRecord(WinNT.HANDLE hEventLog, IntByReference OldestRecord)
hEventLog
- Handle to the open event log. This handle is returned by the
OpenEventLog or OpenBackupEventLog function.OldestRecord
- Pointer to a variable that receives the absolute record number
of the oldest record in the specified event log.boolean QueryServiceStatusEx(Winsvc.SC_HANDLE hService, int InfoLevel, Winsvc.SERVICE_STATUS_PROCESS lpBuffer, int cbBufSize, IntByReference pcbBytesNeeded)
hService
- A handle to the service. This handle is returned by the
OpenService(SC_HANDLE, String, int) or CreateService()
function, and it must have the SERVICE_QUERY_STATUS access
right. For more information, see Service Security and Access Rights.InfoLevel
- The service attributes to be returned (a value from
SC_STATUS_TYPE enumeration). Use SC_STATUS_PROCESS_INFO to
retrieve the service status information. The lpBuffer
parameter is a pointer to a SERVICE_STATUS_PROCESS structure.
Currently, no other information levels are defined.lpBuffer
- (optional) A pointer to the buffer that receives the status
information. The format of this data depends on the value of
the InfoLevel parameter. The maximum size of this array is 8K
bytes. To determine the required size, specify NULL for this
parameter and 0 for the cbBufSize parameter. The function will
fail and GetLastError will return ERROR_INSUFFICIENT_BUFFER.
The pcbBytesNeeded parameter will receive the required size.cbBufSize
- The size of the buffer pointed to by the lpBuffer parameter,
in bytes.pcbBytesNeeded
- A pointer to a variable that receives the number of bytes
needed to store all status information, if the function fails
with ERROR_INSUFFICIENT_BUFFER.boolean ControlService(Winsvc.SC_HANDLE hService, int dwControl, Winsvc.SERVICE_STATUS lpServiceStatus)
hService
- A handle to the service. This handle is returned by the
OpenService(SC_HANDLE, String, int) or CreateService()
function. The access rights required for this handle depend on
the dwControl code requested.dwControl
- This parameter can be one of the following control codes
(found in Winsvc.h): SERVICE_CONTROL_STOP,
SERVICE_CONTROL_PAUSE, SERVICE_CONTROL_CONTINUE
SERVICE_CONTROL_INTERROGATE, SERVICE_CONTROL_PARAMCHANGE,
SERVICE_CONTROL_NETBINDADD, SERVICE_CONTROL_NETBINDREMOVE,
SERVICE_CONTROL_NETBINDENABLE, SERVICE_CONTROL_NETBINDDISABLE
This value can also be a user-defined control code, as
described below: Range 128 to 255 - The service defines the
action associated with the control code. The hService handle
must have the SERVICE_USER_DEFINED_CONTROL access right.lpServiceStatus
- A pointer to a SERVICE_STATUS structure that receives the
latest service status information. The information returned
reflects the most recent status that the service reported to
the service control manager. The service control manager fills
in the structure only when ControlService returns one of the
following error codes: NO_ERROR,
ERROR_INVALID_SERVICE_CONTROL,
ERROR_SERVICE_CANNOT_ACCEPT_CTRL, or ERROR_SERVICE_NOT_ACTIVE.
Otherwise, the structure is not filled in.boolean StartService(Winsvc.SC_HANDLE hService, int dwNumServiceArgs, String[] lpServiceArgVectors)
hService
- A handle to the service. This handle is returned by the
OpenService(SC_HANDLE, String, int) or CreateService()
function, and it must have the SERVICE_START access right. For
more information, see
Service Security and Access Rights.dwNumServiceArgs
- The number of strings in the lpServiceArgVectors array. If
lpServiceArgVectors is NULL, this parameter can be zero.lpServiceArgVectors
- The null-terminated strings to be passed to the ServiceMain
function for the service as arguments. If there are no
arguments, this parameter can be null. Otherwise, the first
argument (lpServiceArgVectors[0]) is the name of the service,
followed by any additional arguments (lpServiceArgVectors[1]
through lpServiceArgVectors[dwNumServiceArgs-1]). Driver
services do not receive these arguments.boolean CloseServiceHandle(Winsvc.SC_HANDLE hSCObject)
hSCObject
- A handle to the service control manager object or the service
object to close. Handles to service control manager objects
are returned by the OpenSCManager(String, String, int)
function, and handles to service objects are returned by
either the OpenService(SC_HANDLE, String, int) or
CreateService() function.Winsvc.SC_HANDLE OpenService(Winsvc.SC_HANDLE hSCManager, String lpServiceName, int dwDesiredAccess)
hSCManager
- A handle to the service control manager database. The
OpenSCManager(String, String, int) function returns this
handle.lpServiceName
- The name of the service to be opened. This is the name
specified by the lpServiceName parameter of the CreateService
function when the service object was created, not the service
display name that is shown by user interface applications to
identify the service. The maximum string length is 256
characters. The service control manager database preserves the
case of the characters, but service name comparisons are
always case insensitive. Forward-slash (/) and backslash (\)
are invalid service name characters.dwDesiredAccess
- The access to the service. For a list of access rights, see
Service Security and Access Rights. Before granting the
requested access, the system checks the access token of the
calling process against the discretionary access-control list
of the security descriptor associated with the service object.Winsvc.SC_HANDLE OpenSCManager(String lpMachineName, String lpDatabaseName, int dwDesiredAccess)
lpMachineName
- The name of the target computer. If the pointer is NULL or
points to an empty string, the function connects to the
service control manager on the local computer.lpDatabaseName
- The name of the service control manager database. This
parameter should be set to SERVICES_ACTIVE_DATABASE. If it is
NULL, the SERVICES_ACTIVE_DATABASE database is opened by
default.dwDesiredAccess
- The access to the service control manager. For a list of
access rights, see
Service Security and Access Rights. Before granting the
requested access rights, the system checks the access token of
the calling process against the discretionary access-control
list of the security descriptor associated with the service
control manager. The SC_MANAGER_CONNECT access right is
implicitly specified by calling this function.boolean CreateProcessAsUser(WinNT.HANDLE hToken, String lpApplicationName, String lpCommandLine, WinBase.SECURITY_ATTRIBUTES lpProcessAttributes, WinBase.SECURITY_ATTRIBUTES lpThreadAttributes, boolean bInheritHandles, int dwCreationFlags, String lpEnvironment, String lpCurrentDirectory, WinBase.STARTUPINFO lpStartupInfo, WinBase.PROCESS_INFORMATION lpProcessInformation)
hToken
- A handle to the primary token that represents a user.lpApplicationName
- The name of the module to be executed.lpCommandLine
- The command line to be executed.lpProcessAttributes
- A pointer to a SECURITY_ATTRIBUTES structure that specifies a
security descriptor for the new process object and determines
whether child processes can inherit the returned handle to the
process.lpThreadAttributes
- A pointer to a SECURITY_ATTRIBUTES structure that specifies a
security descriptor for the new thread object and determines
whether child processes can inherit the returned handle to the
thread.bInheritHandles
- If this parameter is TRUE, each inheritable handle in the
calling process is inherited by the new process. If the
parameter is FALSE, the handles are not inherited. Note that
inherited handles have the same value and access rights as the
original handles.dwCreationFlags
- The flags that control the priority class and the creation of
the process. For a list of values, see Process Creation Flags.lpEnvironment
- A pointer to an environment block for the new process. If this
parameter is NULL, the new process uses the environment of the
calling process.
An environment block consists of a null-terminated block of
null-terminated strings. Each string is in the following form:
name=value\0lpCurrentDirectory
- The full path to the current directory for the process. The
string can also specify a UNC path.lpStartupInfo
- A pointer to a STARTUPINFO or STARTUPINFOEX structure.lpProcessInformation
- A pointer to a PROCESS_INFORMATION structure that receives
identification information about the new process.boolean AdjustTokenPrivileges(WinNT.HANDLE TokenHandle, boolean DisableAllPrivileges, WinNT.TOKEN_PRIVILEGES NewState, int BufferLength, WinNT.TOKEN_PRIVILEGES PreviousState, IntByReference ReturnLength)
TokenHandle
- A handle to the access token that contains the privileges to
be modified.DisableAllPrivileges
- Specifies whether the function disables all of the token's
privileges.NewState
- A pointer to a TOKEN_PRIVILEGES structure that specifies an
array of privileges and their attributes.BufferLength
- Specifies the size, in bytes, of the buffer pointed to by the
PreviousState parameter. This parameter can be zero if the
PreviousState parameter is NULL.PreviousState
- A pointer to a buffer that the function fills with a
TOKEN_PRIVILEGES structure that contains the previous state of
any privileges that the function modifies.ReturnLength
- A pointer to a variable that receives the required size, in
bytes, of the buffer pointed to by the PreviousState
parameter.boolean LookupPrivilegeName(String lpSystemName, WinNT.LUID lpLuid, char[] lpName, IntByReference cchName)
lpSystemName
- A pointer to a null-terminated string that specifies the name
of the system on which the privilege name is retrieved. If a
null string is specified, the function attempts to find the
privilege name on the local system.lpLuid
- A pointer to the LUID by which the privilege is known on the
target system.lpName
- A pointer to a buffer that receives a null-terminated string
that represents the privilege name. For example, this string
could be "SeSecurityPrivilege".cchName
- A pointer to a variable that specifies the size, in a TCHAR
value, of the lpName buffer.boolean LookupPrivilegeValue(String lpSystemName, String lpName, WinNT.LUID lpLuid)
lpSystemName
- A pointer to a null-terminated string that specifies the name
of the system on which the privilege name is retrieved. If a
null string is specified, the function attempts to find the
privilege name on the local system.lpName
- A pointer to a null-terminated string that specifies the name
of the privilege, as defined in the Winnt.h header file. For
example, this parameter could specify the constant,
SE_SECURITY_NAME, or its corresponding string,
"SeSecurityPrivilege".lpLuid
- A pointer to a variable that receives the LUID by which the
privilege is known on the system specified by the lpSystemName
parameter.boolean GetFileSecurity(WString lpFileName, int RequestedInformation, Pointer pointer, int nLength, IntByReference lpnLengthNeeded)
lpFileName
- A pointer to a null-terminated string that specifies the file
or directory for which security information is retrieved.RequestedInformation
- A SECURITY_INFORMATION value that identifies the security
information being requested. See WinNT *_SECURITY_INFORMATIONpointer
- A pointer to a buffer that receives a copy of the security
descriptor of the object specified by the lpFileName
parameter. The calling process must have permission to view
the specified aspects of the object's security status. The
SECURITY_DESCRIPTOR structure is returned in self-relative
format.nLength
- Specifies the size, in bytes, of the buffer pointed to by the
pSecurityDescriptor parameter.lpnLengthNeeded
- A pointer to the variable that receives the number of bytes
necessary to store the complete security descriptor. If the
returned number of bytes is less than or equal to nLength, the
entire security descriptor is returned in the output buffer;
otherwise, none of the descriptor is returned.int GetNamedSecurityInfo(String pObjectName, int ObjectType, int SecurityInfo, PointerByReference ppsidOwner, PointerByReference ppsidGroup, PointerByReference ppDacl, PointerByReference ppSacl, PointerByReference ppSecurityDescriptor)
pObjectName
- A pointer to a that specifies the name of the object from
which to retrieve security information.
For descriptions of the string formats for the different
object types, see SE_OBJECT_TYPE.ObjectType
- Specifies a value from the SE_OBJECT_TYPE enumeration that
indicates the type of object named by the pObjectName parameter.SecurityInfo
- A set of bit flags that indicate the type of security
information to retrieve. See WinNT *_SECURITY_INFORMATIONppsidOwner
- [out, optional]
A pointer to a variable that receives a pointer to the owner SID
in the security descriptor returned in ppSecurityDescriptor
or NULL if the security descriptor has no owner SID.
The returned pointer is valid only if you set the
OWNER_SECURITY_INFORMATION flag. Also, this parameter can be
NULL if you do not need the owner SID.ppsidGroup
- [out, optional]
A pointer to a variable that receives a pointer to the primary
group SID in the returned security descriptor or NULL if the
security descriptor has no group SID. The returned pointer is
valid only if you set the GROUP_SECURITY_INFORMATION flag.
Also, this parameter can be NULL if you do not need the group SID.ppDacl
- [out, optional]
A pointer to a variable that receives a pointer to the DACL in
the returned security descriptor or NULL if the security
descriptor has no DACL. The returned pointer is valid only if
you set the DACL_SECURITY_INFORMATION flag. Also, this parameter
can be NULL if you do not need the DACL.ppSacl
- [out, optional]
A pointer to a variable that receives a pointer to the SACL in
the returned security descriptor or NULL if the security
descriptor has no SACL. The returned pointer is valid only if
you set the SACL_SECURITY_INFORMATION flag. Also, this parameter
can be NULL if you do not need the SACL.ppSecurityDescriptor
- A pointer to a variable that receives a pointer to the security
descriptor of the object. When you have finished using the
pointer, free the returned buffer by calling the LocalFree
function.
This parameter is required if any one of the ppsidOwner,
ppsidGroup, ppDacl, or ppSacl parameters is not NULL.int SetNamedSecurityInfo(String pObjectName, int ObjectType, int SecurityInfo, Pointer ppsidOwner, Pointer ppsidGroup, Pointer ppDacl, Pointer ppSacl)
pObjectName
- [in]
A pointer to a string that specifies the name of the object for
which to set security information. This can be
the name of a local or remote file or directory on an NTFS file
system, network share, registry key, semaphore, event, mutex,
file mapping, or waitable timer. *
For descriptions of the string formats for the different
object types, see SE_OBJECT_TYPE.ObjectType
- [in]
A value of the SE_OBJECT_TYPE enumeration that indicates the type
of object named by the pObjectName parameter.SecurityInfo
- [in]
A set of bit flags that indicate the type of security
information to set. See WinNT *_SECURITY_INFORMATIONppsidOwner
- [in, optional]
A pointer to a SID structure that identifies the owner of the object.
If the caller does not have the SeRestorePrivilege constant
(see Privilege Constants), this SID must be contained in the
caller's token, and must have the SE_GROUP_OWNER permission enabled.
The SecurityInfo parameter must include the OWNER_SECURITY_INFORMATION
flag. To set the owner, the caller must have WRITE_OWNER access to
the object or have the SE_TAKE_OWNERSHIP_NAME privilege enabled.
If you are not setting the owner SID, this parameter can be NULL.ppsidGroup
- [in, optional]
A pointer to a SID that identifies the primary group of the object.
The SecurityInfo parameter must include the GROUP_SECURITY_INFORMATION
flag. If you are not setting the primary group SID, this parameter
can be NULL.ppDacl
- [in, optional]
A pointer to the new DACL for the object. The SecurityInfo parameter
must include the DACL_SECURITY_INFORMATION flag. The caller must have
WRITE_DAC access to the object or be the owner of the object. If you
are not setting the DACL, this parameter can be NULL.ppSacl
- [in, optional]
A pointer to the new SACL for the object. The SecurityInfo parameter
must include any of the following flags: SACL_SECURITY_INFORMATION,
LABEL_SECURITY_INFORMATION, ATTRIBUTE_SECURITY_INFORMATION,
SCOPE_SECURITY_INFORMATION, or BACKUP_SECURITY_INFORMATION.
If setting SACL_SECURITY_INFORMATION or SCOPE_SECURITY_INFORMATION,
the caller must have the SE_SECURITY_NAME privilege enabled. If
you are not setting the SACL, this parameter can be NULL.int GetSecurityDescriptorLength(Pointer ppSecurityDescriptor)
ppSecurityDescriptor
- A pointer to the SECURITY_DESCRIPTOR structure whose length the function returns.
The pointer is assumed to be valid.boolean IsValidSecurityDescriptor(Pointer ppSecurityDescriptor)
ppSecurityDescriptor
- [in]
A pointer to a SECURITY_DESCRIPTOR structure that the function validates.boolean IsValidAcl(Pointer pAcl)
pAcl
- [in]
A pointer to an ACL structure validated by this function. This value must not be NULL.void MapGenericMask(WinDef.DWORDByReference AccessMask, WinNT.GENERIC_MAPPING GenericMapping)
AccessMask
- [in, out] A pointer to an access mask.GenericMapping
- [in] A pointer to a GENERIC_MAPPING structure specifying a mapping of generic access types to specific and standard access types.boolean AccessCheck(Pointer pSecurityDescriptor, WinNT.HANDLE ClientToken, WinDef.DWORD DesiredAccess, WinNT.GENERIC_MAPPING GenericMapping, WinNT.PRIVILEGE_SET PrivilegeSet, WinDef.DWORDByReference PrivilegeSetLength, WinDef.DWORDByReference GrantedAccess, WinDef.BOOLByReference AccessStatus)
pSecurityDescriptor
- [in] A pointer to a SECURITY_DESCRIPTOR structure against which access is checked.ClientToken
- [in] A handle to an impersonation token that represents the client that is attempting to gain access. The handle must have TOKEN_QUERY access to the token; otherwise, the function fails with ERROR_ACCESS_DENIED.DesiredAccess
- [in] Access mask that specifies the access rights to check. This mask must have been mapped by the MapGenericMask function to contain no generic access rights.GenericMapping
- [in] A pointer to the GENERIC_MAPPING structure associated with the object for which access is being checked.PrivilegeSet
- [out, optional] A pointer to a PRIVILEGE_SET structure that receives the privileges used to perform the access validation. If no privileges were used, the function sets the PrivilegeCount member to zero.PrivilegeSetLength
- [in, out] Specifies the size, in bytes, of the buffer pointed to by the PrivilegeSet parameter.GrantedAccess
- [out] A pointer to an access mask that receives the granted access rights. If AccessStatus is set to FALSE, the function sets the access mask to zero. If the function fails, it does not set the access mask.AccessStatus
- [out] A pointer to a variable that receives the results of the access check. If the security descriptor allows the requested access rights to the client identified by the access token, AccessStatus is set to TRUE. Otherwise, AccessStatus is set to FALSE, and you can call GetLastError to get extended error information.boolean EncryptFile(WString lpFileName)
lpFileName
- The name of the file or directory to be encrypted.boolean DecryptFile(WString lpFileName, WinDef.DWORD dwReserved)
lpFileName
- The name of the file or directory to be decrypted.dwReserved
- Reserved; must be zero.boolean FileEncryptionStatus(WString lpFileName, WinDef.DWORDByReference lpStatus)
lpFileName
- The name of the file.lpStatus
- A pointer to a variable that receives the encryption status of the
file.boolean EncryptionDisable(WString DirPath, boolean Disable)
DirPath
- The name of the directory for which to enable or disable
encryption.Disable
- Indicates whether to disable encryption (TRUE) or enable it
(FALSE).int OpenEncryptedFileRaw(WString lpFileName, WinDef.ULONG ulFlags, PointerByReference pvContext)
lpFileName
- The name of the file to be opened. The string must consist of
characters from the Windows character set.ulFlags
- The operation to be performed.pvContext
- The address of a context block that must be presented in subsequent
calls to ReadEncryptedFileRaw, WriteEncryptedFileRaw, or
CloseEncryptedFileRaw. Do not modify it.int ReadEncryptedFileRaw(WinBase.FE_EXPORT_FUNC pfExportCallback, Pointer pvCallbackContext, Pointer pvContext)
pfExportCallback
- A pointer to the export callback function. The system calls the
callback function multiple times, each time passing a block of the
file's data to the callback function until the entire file has been
read. For more information, see ExportCallback.pvCallbackContext
- A pointer to an application-defined and allocated context block.
The system passes this pointer to the callback function as a
parameter so that the callback function can have access to
application-specific data. This can be a structure and can contain
any data the application needs, such as the handle to the file that
will contain the backup copy of the encrypted file.pvContext
- A pointer to a system-defined context block. The context block is
returned by the OpenEncryptedFileRaw function. Do not modify it.int WriteEncryptedFileRaw(WinBase.FE_IMPORT_FUNC pfImportCallback, Pointer pvCallbackContext, Pointer pvContext)
pfImportCallback
- A pointer to the import callback function. The system calls the
callback function multiple times, each time passing a buffer that
will be filled by the callback function with a portion of backed-up
file's data. When the callback function signals that the entire
file has been processed, it tells the system that the restore
operation is finished. For more information, see ImportCallback.pvCallbackContext
- A pointer to an application-defined and allocated context block.
The system passes this pointer to the callback function as a
parameter so that the callback function can have access to
application-specific data. This can be a structure and can contain
any data the application needs, such as the handle to the file that
will contain the backup copy of the encrypted file.pvContext
- A pointer to a system-defined context block. The context block is
returned by the OpenEncryptedFileRaw function. Do not modify it.void CloseEncryptedFileRaw(Pointer pvContext)
pvContext
- A pointer to a system-defined context block. The
OpenEncryptedFileRaw function returns the context block.