NtAccessCheck(3w)
NAME
NtAccessCheck (NTDLL.@)
SYNOPSIS
NTSTATUS NtAccessCheck ( PSECURITY_DESCRIPTOR SecurityDescriptor, HANDLE ClientToken, ACCESS_MASK DesiredAccess, PGENERIC_MAPPING GenericMapping, PPRIVILEGE_SET PrivilegeSet, PULONG ReturnLength, PULONG GrantedAccess, NTSTATUS* AccessStatus )
DESCRIPTION
Checks that a user represented by a token is allowed to access an
object represented by a security descriptor.
PARAMS
SecurityDescriptor [In] The security descriptor of the object to
check.
ClientToken [In] Token of the user accessing the object.
DesiredAccess [In] The desired access to the object.
GenericMapping [In] Mapping used to transform access rights in the SD
to their specific forms.
PrivilegeSet [In/Out] Privileges used during the access check.
ReturnLength [Out] Number of bytes stored into PrivilegeSet.
GrantedAccess [Out] The actual access rights granted.
AccessStatus [Out] The status of the access check.
RETURNS
NTSTATUS code.
NOTES
DesiredAccess may be MAXIMUM_ALLOWED, in which case the function determines the maximum access rights allowed by the SD and returns them in
GrantedAccess. The SecurityDescriptor must have a valid owner and
groups present, otherwise the function will fail.
IMPLEMENTATION
Defined in "winternl.h".
Implemented in "build/buildd-wine-unstable_1.1.32-1+b1-amd64-KnxYu0/wine-unstable-1.1.32/build32/dlls/ntdll/sec.c".
- Debug channel "ntdll".