AuditSetPerUserPolicy function (ntsecapi.h)

The AuditSetPerUserPolicy function sets per-user audit policy in one or more audit subcategories for the specified principal.

Syntax

BOOLEAN AuditSetPerUserPolicy(
  [in] const PSID                 pSid,
  [in] PCAUDIT_POLICY_INFORMATION pAuditPolicy,
  [in] ULONG                      dwPolicyCount
);

Parameters

[in] pSid

A pointer to the SID structure associated with the principal for which to set audit policy. Per-user policy for group SIDs is not currently supported.

[in] pAuditPolicy

A pointer to an array of AUDIT_POLICY_INFORMATION structures. Each structure specifies per-user audit policy for one audit subcategory.

The AuditCategoryGuid member of these structures is ignored.

[in] dwPolicyCount

The number of elements in the pAuditPolicy array.

Return value

If the function succeeds, it returns TRUE.

If the function fails, it returns FALSE. To get extended error information, call GetLastError. GetLastError may return one of the following error codes defined in WinError.h.

Return code/value Description
ERROR_ACCESS_DENIED
5
The caller does not have the privilege or access rights necessary to call this function.
ERROR_INVALID_PARAMETER
87
One or more parameters are invalid.
ERROR_NO_SUCH_USER
1317
The SID structure specified by the pSID parameter is not associated with an existing user.

Remarks

To successfully call this function, the caller must have SeSecurityPrivilege or have AUDIT_SET_USER_POLICY access on the Audit security object.

Requirements

Requirement Value
Minimum supported client Windows Vista [desktop apps only]
Minimum supported server Windows Server 2008 [desktop apps only]
Target Platform Windows
Header ntsecapi.h
Library Advapi32.lib
DLL Advapi32.dll

See also

AuditQueryPerUserPolicy

AuditQuerySystemPolicy

AuditSetSystemPolicy