3.2.5.3.4 SASetAccountInformation (Opnum 0)
The SASetAccountInformation method MUST set the credentials under which the task MUST run.
-
HRESULT SASetAccountInformation( [in, string, unique] SASEC_HANDLE Handle, [in, string] const wchar_t* pwszJobName, [in, string] const wchar_t* pwszAccount, [in, string, unique] const wchar_t* pwszPassword, [in] DWORD dwJobFlags );
Handle: Pointer to a Unicode string that MUST specify the server. The client MUST map this string to an RPC binding handle. The server MUST ignore this parameter. For more information, see [C706] sections 4.3.5 and 5.1.5.2.
pwszJobName: Pointer to a string that MUST specify a task name, such as "MyJob.job".
pwszAccount: Pointer to a string that MUST specify the account name. This string MAY be expressed either as a UPN in the form user@domain or as a Security Account Manager (SAM) name in the form domain\account.
pwszPassword: Pointer to a string that MUST specify the password for the account. See section 5.1.
dwJobFlags: The dwJobFlags field MUST contain individual bit flags that MUST have one or more of the following values:
-
0
1
2
3
4
5
6
7
8
91
0
1
2
3
4
5
6
7
8
92
0
1
2
3
4
5
6
7
8
93
0
10
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
R L
0
0
0
0
0
0
0
0
0
0
0
0
0
-
Value
Description
RL
TASK_FLAG_RUN_ONLY_IF_LOGGED_ON
When set, the task MUST run only if the user specified is logged on interactively.
-
Undefined bits MUST be set to 0 when sent and ignored upon receipt.
Return Values: For more information about return codes, see section 2.3.14 or Win32 Error Codes in [MS-ERREF] section 2.1.<52>
Upon receipt of the SASetAccountInformation call, the server MUST:
Return E_ACCESSDENIED if the caller does not have write access to the folder that represents the .JOB task store.
Return E_INVALIDARG if the pwszAccount parameter is NULL.
Note When the server is passing NULL as a value for this parameter, behavior can change based on the RPC Runtime Check. See RPC Runtime Check Notes (section 3.3).
Return the value 0x80070002, the HRESULT form of the Win32 error ERROR_FILE_NOT_FOUND, if the pwszJobName parameter is not a file name that is present in the .JOB task store.
Return E_ACCESSDENIED if the caller does not have write access to the file in the .JOB task store.
Return E_ACCESSDENIED if the caller does not have administrative privileges on the server.
Return the value 0x8007000D, which is the HRESULT form of the Win32 error ERROR_INVALID_DATA, if the .JOB file is not syntactically valid (see .JOB File Format (section 2.4)).<53><54>
If the pwszAccount parameter is not an empty string and pwszPassword is not NULL:
Return E_ACCESSDENIED if the pwszPassword parameter is not valid for pwszAccount.<55>
Update the account name store by adding a mapping from pwszJobName to pwszAccount.
Update the credential store by adding a mapping from pwszAccount to pwszPassword if a mapping for pwszAccount is not already present.
If the pwszAccount parameter is not an empty string and pwszPassword is NULL:
Return SCHED_E_UNSUPPORTED_ACCOUNT_OPTION if the TASK_FLAG_RUN_ONLY_IF_LOGGED_ON bit in dwJobFlags is not set.<56>
Update the account name store by adding a mapping from pwszJobName to pwszAccount.
Finally, if the pwszAccount parameter is the empty string:
Return E_ACCESSDENIED if the caller does not have administrative privileges on the server.<57>
If pwszPassword is not NULL, return E_ACCESSDENIED.<58>
If pwszPassword is NULL, update the account name store by adding a mapping from pwszJobName to "LocalSystem" and return S_OK.
Return SCHED_E_INVALIDVALUE if the MinutesInterval field is set to a value larger than the MinutesDuration field.<59>
Return SCHED_E_UNEXPECTEDNODE if Trigger type is not as specified in 2.4.2.11.1.<60>
Return S_OK on success.
If any errors are raised during the processing, they are returned. For more information about return codes, see section 2.3.14 and Win32 Error Codes in [MS-ERREF] section 2.1.