Undocumented functions of NTDLL

2OO1, 27 February


NtOpenObjectAuditAlarm
NtOpenObjectAuditAlarm

NTSYSAPI 
NTSTATUS
NTAPI

NtOpenObjectAuditAlarm(
IN PUNICODE_STRING SubsystemName OPTIONAL, IN PHANDLE ObjectHandle OPTIONAL, IN PUNICODE_STRING ObjectTypeName OPTIONAL, IN PUNICODE_STRING ObjectName OPTIONAL, IN PSECURITY_DESCRIPTOR SecurityDescriptor OPTIONAL, IN HANDLE ClientToken, IN ACCESS_MASK DesiredAccess, IN ACCESS_MASK GrantedAccess, IN PPRIVILEGE_SET Privileges OPTIONAL, IN BOOLEAN ObjectCreation, IN BOOLEAN AccessGranted, OUT PBOOLEAN GenerateOnClose OPTIONAL );



Function NtOpenObjectAuditAlarm does not work on NT40-SP6. For additional information see description of ObjectOpenAuditAlarm function in Microsoft SDK.



Requirements:
Library: ntdll.lib
Privilege: SE_AUDIT_PRIVILEGE


See also:
NtAccessCheckAndAuditAlarm
NtCloseObjectAuditAlarm
NtDeleteObjectAuditAlarm
PRIVILEGE_SET
SECURITY_DESCRIPTOR