AuditQueryGlobalSaclA function (ntsecapi.h)
The AuditQueryGlobalSacl function retrieves a global system access control list (SACL) that delegates access to the audit messages. Updating the global SACL requires the SeSecurityPrivilege which protects the global SACL from being updated by any user without administrator privileges.
Syntax
BOOLEAN AuditQueryGlobalSaclA(
[in] PCSTR ObjectTypeName,
[out] PACL *Acl
);
Parameters
[in] ObjectTypeName
A pointer to a null-terminated string specifying the type of object being accessed. This parameter must be either "File" or "Key", depending on whether the object is a file or registry. This string appears in any audit message that the function generates.
[out] Acl
A pointer to an ACL structure that contains the SACL information. This should be freed later by calling the LocalFree function.
Return value
If the function succeeds, it returns TRUE.
If the function fails, it returns FALSE. To get extended error information, call GetLastError. GetLastError may return one of the following error codes defined in WinError.h.
| Return code/value | Description |
|---|---|
|
The caller does not have the privilege or access rights necessary to call this function. |
|
One or more parameters are invalid. |
Remarks
To successfully call this function, the caller must have SeSecurityPrivilege.
Note
The ntsecapi.h header defines AuditQueryGlobalSacl as an alias that automatically selects the ANSI or Unicode version of this function based on the definition of the UNICODE preprocessor constant. Mixing usage of the encoding-neutral alias with code that is not encoding-neutral can lead to mismatches that result in compilation or runtime errors. For more information, see Conventions for Function Prototypes.
Requirements
| Requirement | Value |
|---|---|
| Minimum supported client | Windows 7 [desktop apps only] |
| Minimum supported server | Windows Server 2008 R2 [desktop apps only] |
| Target Platform | Windows |
| Header | ntsecapi.h |
| Library | Advapi32.lib |
| DLL | Advapi32.dll |