|
Overview |
|
|
|
Group |
|
|
|
Quick Info
Windows NT
| Yes
| Win95
| No
| Win32s
| No
| Import Library
| advapi32.lib
| Header File
| winbase.h
| Unicode
| No
| Platform Notes
| None
|
|
|
AccessCheck
The
AccessCheck function is used by a server application to check a client's access to an
object against the access control associated with the object.
BOOL AccessCheck(
PSECURITY_DESCRIPTOR pSecurityDescriptor,
| // pointer to security descriptor
|
HANDLE ClientToken,
| // handle to client access token
|
DWORD DesiredAccess,
| // access mask to request
|
PGENERIC_MAPPING GenericMapping,
| // address of generic-mapping structure
|
PPRIVILEGE_SET PrivilegeSet,
| // address of privilege-set structure
|
LPDWORD PrivilegeSetLength,
| // size of privilege-set structure
|
LPDWORD GrantedAccess,
| // address of granted access mask
|
LPBOOL AccessStatus
| // address of flag indicating whether access granted
|
);
|
|
Parameters
pSecurityDescriptor
Pointer to a
SECURITY_DESCRIPTOR structure against which access is checked.
ClientToken
Identifies an access token representing a client attempting to gain access.
This handle must be obtained from a communications session layer
for instance, a named pipe
to prevent possible security policy violations.
DesiredAccess
Specifies the access mask to be requested. This mask must have been mapped by
the
MapGenericMask function to contain no generic access rights.
GenericMapping
Pointer to the
GENERIC_MAPPING structure associated with the object for which access is being checked.
PrivilegeSet
Pointer to a
PRIVILEGE_SET structure that the function fills with any privileges used to perform the
access validation. If no privileges were used, the buffer contains a privilege set
consisting of zero privileges.
PrivilegeSetLength
Specifies the size, in bytes, of the buffer pointed to by the
PrivilegeSet parameter.
GrantedAccess
Pointer to a variable the function fills with an access mask indicating which
access rights were granted. If the function fails, this access mask is not
supplied.
AccessStatus
Pointer to a flag indicating the success or failure of the access check. If
AccessStatus is TRUE, the access token has the requested access to the object. If
AccessStatus is FALSE, the access token does not have the requested access. When this
parameter is FALSE, the application can use the
GetLastError function to get extended error information.
Return Values
If the function succeeds, the return value is nonzero.
If the function fails, the return value is zero. To get extended error
information, call
GetLastError.
Remarks
The
AccessCheck function compares the specified security descriptor with the specified access
token and indicates, in the
AccessStatus parameter, whether access is granted or denied. If access is granted, the
requested access mask becomes the object's granted access mask.
Only the discretionary access-control list is examined during an access check.
See Also
AccessCheckAndAuditAlarm,
AreAllAccessesGranted,
AreAnyAccessesGranted,
GENERIC_MAPPING,
MapGenericMask,
PrivilegeCheck,
PRIVILEGE_SET,
SECURITY_DESCRIPTOR
- Software for developers
-
Delphi Components
.Net Components
Software for Android Developers
- More information resources
-
MegaDetailed.Net
Unix Manual Pages
Delphi Examples
- Databases for Amazon shops developers
-
Amazon Categories Database
Browse Nodes Database
