Platform SDK: Transaction Server |
[This product will work only on Windows NT 4.0 versions and earlier. For Windows 2000 and later, see COM+ (Component Services).]
Retrieves the security ID of the current object's immediate (out-of-process) creator.
Provided By
HRESULT ISecurityProperty::GetDirectCreatorSID ( PSID* ppSid );
Parameters
ppSid
[out] A reference to the security ID of the process that directly created the current object.
Return Values
S_OK
The security ID of the process that directly created the current object is returned in the parameter ppSid.
E_INVALIDARG
The argument passed in the ppSid parameter is a NULL pointer.
E_FAIL
An unexpected error occurred.
Remarks
You use the GetDirectCreatorSID method to determine the security ID of the process that created the current object. The following scenarios illustrate the functionality of the GetDirectCreatorSID method.
A base process running on server A, as user A, creates object X on server B, running as user B. Then object X creates object Y, running on server C. If object Y calls GetDirectCreatorSID, the the security ID of user B is returned.
Security can only be enforced across process boundaries. This means that if an object creates another object within the same process, when the second object calls GetDirectCreatorSID, it will get the the security ID of the most immediate creator outside its own process boundary, not the security ID of the object that actually created it.
A base client running on server A, as user A, creates object X on server B, running as user B. Then object X creates object Y, running in the same process as object X, also on server B. When object Y calls GetDirectCreatorSID, the the security ID of user A is returned, not the the security ID of user B.
You must call ReleaseSID on a security ID when you finish using it.
See Also
Programmatic Security, Advanced Security Methods, IObjectContext Interface