AddAuditAccessAce

The AddAuditAccessAce function adds a system-audit ACE to a system ACL. The access of a specified SID is audited.

An ACE is an access-control entry. An ACL is an access-control list. A SID is a security identifier.

BOOL AddAuditAccessAce(
  PACL pAcl,           // pointer to access-control list
  DWORD dwAceRevision, // ACL revision level
  DWORD dwAccessMask,  // access mask
  PSID pSid,           // pointer to security identifier
  BOOL bAuditSuccess,  // flag for auditing successful access
  BOOL bAuditFailure   // flag for auditing unsuccessful access 
                       // attempts
);

Parameters

pAcl: Pointer to an ACL structure. This function adds a system-audit ACE to this ACL. The ACE is in the form of an SYSTEM_AUDIT_ACE structure.
dwAceRevision: Specifies the revision level of the ACL being modified. Currently, this value must be ACL_REVISION.
dwAccessMask: Specifies the mask of access rights to be audited for the specified SID.
pSid: Pointer to the SID structure representing the process whose access is being audited.
bAuditSuccess: Specifies whether successful access attempts are to be audited. Set this flag to TRUE to enable auditing; otherwise, set it to FALSE.
bAuditFailure: Specifies whether unsuccessful access attempts are to be audited. Set this flag to TRUE to enable auditing; otherwise, set it to FALSE.

Return Values

If the function succeeds, the return value is nonzero.

If the function fails, the return value is zero. To get extended error information, call GetLastError.

Remarks

The ACE_HEADER structure placed in the ACE by the AddAuditAccessAce function specifies a type and size, but provides no ACE flags.

QuickInfo

  Windows NT: Requires version 3.1 or later.
  Windows: Unsupported.
  Windows CE: Unsupported.
  Header: Declared in winbase.h.
  Import Library: Use advapi32.lib.

AddAuditAccessAce

Parameters

Return Values

Remarks

QuickInfo

See Also