NtOpenObjectAuditAlarm

2OO1, 27 February

NTSYSAPI NTSTATUS NTAPI

NtOpenObjectAuditAlarm(

IN PUNICODE_STRING SubsystemName OPTIONAL, IN PHANDLE ObjectHandle OPTIONAL, IN PUNICODE_STRING ObjectTypeName OPTIONAL, IN PUNICODE_STRING ObjectName OPTIONAL, IN PSECURITY_DESCRIPTOR SecurityDescriptor OPTIONAL, IN HANDLE ClientToken, IN ACCESS_MASK DesiredAccess, IN ACCESS_MASK GrantedAccess, IN PPRIVILEGE_SET Privileges OPTIONAL, IN BOOLEAN ObjectCreation, IN BOOLEAN AccessGranted, OUT PBOOLEAN GenerateOnClose OPTIONAL );

Function NtOpenObjectAuditAlarm does not work on NT40-SP6. For additional information see description of ObjectOpenAuditAlarm function in Microsoft SDK.

SubsystemName

- ???

ObjectHandle

Can be any valid HANDLE to object, or NULL.

ObjectTypeName

- ???

ObjectName

- ???

SecurityDescriptor

Pointer to SECURITY_DESCRIPTOR structure, or NULL.

ClientToken

HANDLE to Token Object previously opened with TOKEN_QUERY access.

DesiredAccess

- ???

GrantedAccess

- ???

Privileges

Optionally pointer to PRIVILEGE_SET structure filled by user with valid privileges.

ObjectCreation

- ???

AccessGranted

= ???

GenerateOnClose

Optionally pointer to BOOLEAN value.

Documented by:

Tomasz Nowak

Requirements:

Library: ntdll.lib

Privilege: SE_AUDIT_PRIVILEGE

Undocumented functions of NTDLL

SubsystemName

ObjectHandle

ObjectTypeName

ObjectName

SecurityDescriptor

ClientToken

DesiredAccess

GrantedAccess

Privileges

ObjectCreation

AccessGranted

GenerateOnClose