Platform SDK: Access Control

Client/Server Access Control Functions

The following functions are used by servers to impersonate clients.

Function History
CreateProcessAsUser Windows NT 3.51 and later
CreateProcessWithLogonW Windows 2000
ImpersonateLoggedOnUser Windows NT 3.51 and later
ImpersonateNamedPipeClient Windows NT 3.1 and later
ImpersonateSelf Windows NT 3.1 and later
LogonUser Windows NT 3.51 and later
RevertToSelf Windows NT 3.1 and later

The following functions are used by servers to check and set the security descriptors on private objects.

Function History
AccessCheck Windows NT 3.1 and later
AccessCheckAndAuditAlarm Windows NT 3.1 and later
AccessCheckByType Windows 2000
AccessCheckByTypeAndAuditAlarm Windows 2000
AccessCheckByTypeResultList Windows 2000
AccessCheckByTypeResultListAndAuditAlarm Windows 2000
AccessCheckByTypeResultListAndAuditAlarmByHandle Windows 2000
AreAllAccessesGranted Windows NT 3.1 and later
AreAnyAccessesGranted Windows NT 3.1 and later
BuildSecurityDescriptor Windows NT 4.0 and later
ConvertToAutoInheritPrivateObjectSecurity Windows 2000
CreatePrivateObjectSecurity Windows NT 3.1 and later
CreatePrivateObjectSecurityEx Windows 2000
DestroyPrivateObjectSecurity Windows NT 3.1 and later
GetPrivateObjectSecurity Windows NT 3.1 and later
LookupSecurityDescriptorParts Windows NT 4.0 and later
MapGenericMask Windows NT 3.1 and later
PrivilegeCheck Windows NT 3.1 and later
SetPrivateObjectSecurity Windows NT 3.1 and later
SetPrivateObjectSecurityEx Windows 2000

The following functions are used by servers to generate audit messages in the security event log.

Function History
ObjectCloseAuditAlarm Windows NT 3.1 and later
ObjectDeleteAuditAlarm Windows NT 3.1 and later
ObjectOpenAuditAlarm Windows NT 3.1 and later
ObjectPrivilegeAuditAlarm Windows NT 3.1 and later
PrivilegedServiceAuditAlarm Windows NT 3.1 and later