ホーム › Security.Authorization › AuthzReportSecurityEventFromParams
AuthzReportSecurityEventFromParams
関数パラメーター指定でセキュリティ監査イベントを報告する。
シグネチャ
// AUTHZ.dll
#include <windows.h>
BOOL AuthzReportSecurityEventFromParams(
DWORD dwFlags,
AUTHZ_SECURITY_EVENT_PROVIDER_HANDLE hEventProvider,
DWORD dwAuditId,
PSID pUserSid, // optional
AUDIT_PARAMS* pParams
);パラメーター
| 名前 | 型 | 方向 |
|---|---|---|
| dwFlags | DWORD | in |
| hEventProvider | AUTHZ_SECURITY_EVENT_PROVIDER_HANDLE | inout |
| dwAuditId | DWORD | in |
| pUserSid | PSID | inoptional |
| pParams | AUDIT_PARAMS* | in |
戻り値の型: BOOL
各言語での呼び出し定義
// AUTHZ.dll
#include <windows.h>
BOOL AuthzReportSecurityEventFromParams(
DWORD dwFlags,
AUTHZ_SECURITY_EVENT_PROVIDER_HANDLE hEventProvider,
DWORD dwAuditId,
PSID pUserSid, // optional
AUDIT_PARAMS* pParams
);[return: MarshalAs(UnmanagedType.Bool)]
[DllImport("AUTHZ.dll", SetLastError = true, ExactSpelling = true)]
static extern bool AuthzReportSecurityEventFromParams(
uint dwFlags, // DWORD
IntPtr hEventProvider, // AUTHZ_SECURITY_EVENT_PROVIDER_HANDLE in/out
uint dwAuditId, // DWORD
IntPtr pUserSid, // PSID optional
IntPtr pParams // AUDIT_PARAMS*
);<DllImport("AUTHZ.dll", SetLastError:=True, ExactSpelling:=True)>
Public Shared Function AuthzReportSecurityEventFromParams(
dwFlags As UInteger, ' DWORD
hEventProvider As IntPtr, ' AUTHZ_SECURITY_EVENT_PROVIDER_HANDLE in/out
dwAuditId As UInteger, ' DWORD
pUserSid As IntPtr, ' PSID optional
pParams As IntPtr ' AUDIT_PARAMS*
) As Boolean
End Function' dwFlags : DWORD
' hEventProvider : AUTHZ_SECURITY_EVENT_PROVIDER_HANDLE in/out
' dwAuditId : DWORD
' pUserSid : PSID optional
' pParams : AUDIT_PARAMS*
Declare PtrSafe Function AuthzReportSecurityEventFromParams Lib "authz" ( _
ByVal dwFlags As Long, _
ByVal hEventProvider As LongPtr, _
ByVal dwAuditId As Long, _
ByVal pUserSid As LongPtr, _
ByVal pParams As LongPtr) As Long
' VBA7前提(PtrSafe)。32bit Office では LongPtr→Long。Integer=16bit / Long=32bit / LongLong=64bit。import ctypes
from ctypes import wintypes
AuthzReportSecurityEventFromParams = ctypes.windll.authz.AuthzReportSecurityEventFromParams
AuthzReportSecurityEventFromParams.restype = wintypes.BOOL
AuthzReportSecurityEventFromParams.argtypes = [
wintypes.DWORD, # dwFlags : DWORD
wintypes.HANDLE, # hEventProvider : AUTHZ_SECURITY_EVENT_PROVIDER_HANDLE in/out
wintypes.DWORD, # dwAuditId : DWORD
wintypes.HANDLE, # pUserSid : PSID optional
ctypes.c_void_p, # pParams : AUDIT_PARAMS*
]
# GetLastError: use ctypes.GetLastError() (or ctypes.WinDLL(use_last_error=True))require 'fiddle'
require 'fiddle/import'
lib = Fiddle.dlopen('AUTHZ.dll')
AuthzReportSecurityEventFromParams = Fiddle::Function.new(
lib['AuthzReportSecurityEventFromParams'],
[
-Fiddle::TYPE_INT, # dwFlags : DWORD
Fiddle::TYPE_VOIDP, # hEventProvider : AUTHZ_SECURITY_EVENT_PROVIDER_HANDLE in/out
-Fiddle::TYPE_INT, # dwAuditId : DWORD
Fiddle::TYPE_VOIDP, # pUserSid : PSID optional
Fiddle::TYPE_VOIDP, # pParams : AUDIT_PARAMS*
],
Fiddle::TYPE_INT)#[link(name = "authz")]
extern "system" {
fn AuthzReportSecurityEventFromParams(
dwFlags: u32, // DWORD
hEventProvider: *mut core::ffi::c_void, // AUTHZ_SECURITY_EVENT_PROVIDER_HANDLE in/out
dwAuditId: u32, // DWORD
pUserSid: *mut core::ffi::c_void, // PSID optional
pParams: *mut AUDIT_PARAMS // AUDIT_PARAMS*
) -> i32;
}
// crates: windows-sys provides ready-made bindings for this API.$sig = @"
[return: MarshalAs(UnmanagedType.Bool)]
[DllImport("AUTHZ.dll", SetLastError = true)]
public static extern bool AuthzReportSecurityEventFromParams(uint dwFlags, IntPtr hEventProvider, uint dwAuditId, IntPtr pUserSid, IntPtr pParams);
"@
$api = Add-Type -MemberDefinition $sig -Name 'AUTHZ_AuthzReportSecurityEventFromParams' -Namespace Win32 -PassThru
# $api::AuthzReportSecurityEventFromParams(dwFlags, hEventProvider, dwAuditId, pUserSid, pParams)#uselib "AUTHZ.dll"
#func global AuthzReportSecurityEventFromParams "AuthzReportSecurityEventFromParams" sptr, sptr, sptr, sptr, sptr
; AuthzReportSecurityEventFromParams dwFlags, hEventProvider, dwAuditId, pUserSid, varptr(pParams) ; 戻り値は stat
; dwFlags : DWORD -> "sptr"
; hEventProvider : AUTHZ_SECURITY_EVENT_PROVIDER_HANDLE in/out -> "sptr"
; dwAuditId : DWORD -> "sptr"
; pUserSid : PSID optional -> "sptr"
; pParams : AUDIT_PARAMS* -> "sptr"
; ※HSP3.7は #func のため戻り値はシステム変数 stat に格納されます。出力引数:
#uselib "AUTHZ.dll" #cfunc global AuthzReportSecurityEventFromParams "AuthzReportSecurityEventFromParams" int, sptr, int, sptr, var ; res = AuthzReportSecurityEventFromParams(dwFlags, hEventProvider, dwAuditId, pUserSid, pParams) ; dwFlags : DWORD -> "int" ; hEventProvider : AUTHZ_SECURITY_EVENT_PROVIDER_HANDLE in/out -> "sptr" ; dwAuditId : DWORD -> "int" ; pUserSid : PSID optional -> "sptr" ; pParams : AUDIT_PARAMS* -> "var" ; ※出力/バッファ引数は var 方式(変数を直接渡す)。varptr 方式にも切替可。#uselib "AUTHZ.dll" #cfunc global AuthzReportSecurityEventFromParams "AuthzReportSecurityEventFromParams" int, sptr, int, sptr, sptr ; res = AuthzReportSecurityEventFromParams(dwFlags, hEventProvider, dwAuditId, pUserSid, varptr(pParams)) ; dwFlags : DWORD -> "int" ; hEventProvider : AUTHZ_SECURITY_EVENT_PROVIDER_HANDLE in/out -> "sptr" ; dwAuditId : DWORD -> "int" ; pUserSid : PSID optional -> "sptr" ; pParams : AUDIT_PARAMS* -> "sptr" ; ※出力/バッファ引数はポインタ方式(token=sptr / 呼び出しは varptr(変数))。
出力引数:
; BOOL AuthzReportSecurityEventFromParams(DWORD dwFlags, AUTHZ_SECURITY_EVENT_PROVIDER_HANDLE hEventProvider, DWORD dwAuditId, PSID pUserSid, AUDIT_PARAMS* pParams) #uselib "AUTHZ.dll" #cfunc global AuthzReportSecurityEventFromParams "AuthzReportSecurityEventFromParams" int, intptr, int, intptr, var ; res = AuthzReportSecurityEventFromParams(dwFlags, hEventProvider, dwAuditId, pUserSid, pParams) ; dwFlags : DWORD -> "int" ; hEventProvider : AUTHZ_SECURITY_EVENT_PROVIDER_HANDLE in/out -> "intptr" ; dwAuditId : DWORD -> "int" ; pUserSid : PSID optional -> "intptr" ; pParams : AUDIT_PARAMS* -> "var" ; ※出力/バッファ引数は var 方式(変数を直接渡す)。varptr 方式にも切替可。; BOOL AuthzReportSecurityEventFromParams(DWORD dwFlags, AUTHZ_SECURITY_EVENT_PROVIDER_HANDLE hEventProvider, DWORD dwAuditId, PSID pUserSid, AUDIT_PARAMS* pParams) #uselib "AUTHZ.dll" #cfunc global AuthzReportSecurityEventFromParams "AuthzReportSecurityEventFromParams" int, intptr, int, intptr, intptr ; res = AuthzReportSecurityEventFromParams(dwFlags, hEventProvider, dwAuditId, pUserSid, varptr(pParams)) ; dwFlags : DWORD -> "int" ; hEventProvider : AUTHZ_SECURITY_EVENT_PROVIDER_HANDLE in/out -> "intptr" ; dwAuditId : DWORD -> "int" ; pUserSid : PSID optional -> "intptr" ; pParams : AUDIT_PARAMS* -> "intptr" ; ※出力/バッファ引数はポインタ方式(token=intptr / 呼び出しは varptr(変数))。
import (
"golang.org/x/sys/windows"
"unsafe"
)
var (
authz = windows.NewLazySystemDLL("AUTHZ.dll")
procAuthzReportSecurityEventFromParams = authz.NewProc("AuthzReportSecurityEventFromParams")
)
// dwFlags (DWORD), hEventProvider (AUTHZ_SECURITY_EVENT_PROVIDER_HANDLE in/out), dwAuditId (DWORD), pUserSid (PSID optional), pParams (AUDIT_PARAMS*)
r1, _, err := procAuthzReportSecurityEventFromParams.Call(
uintptr(dwFlags),
uintptr(hEventProvider),
uintptr(dwAuditId),
uintptr(pUserSid),
uintptr(pParams),
)
_ = err // syscall.Errno (valid when the call sets last-error)
_ = r1 // BOOLfunction AuthzReportSecurityEventFromParams(
dwFlags: DWORD; // DWORD
hEventProvider: THandle; // AUTHZ_SECURITY_EVENT_PROVIDER_HANDLE in/out
dwAuditId: DWORD; // DWORD
pUserSid: THandle; // PSID optional
pParams: Pointer // AUDIT_PARAMS*
): BOOL; stdcall;
external 'AUTHZ.dll' name 'AuthzReportSecurityEventFromParams';result := DllCall("AUTHZ\AuthzReportSecurityEventFromParams"
, "UInt", dwFlags ; DWORD
, "Ptr", hEventProvider ; AUTHZ_SECURITY_EVENT_PROVIDER_HANDLE in/out
, "UInt", dwAuditId ; DWORD
, "Ptr", pUserSid ; PSID optional
, "Ptr", pParams ; AUDIT_PARAMS*
, "Int") ; return: BOOL●AuthzReportSecurityEventFromParams(dwFlags, hEventProvider, dwAuditId, pUserSid, pParams) = DLL("AUTHZ.dll", "bool AuthzReportSecurityEventFromParams(dword, void*, dword, void*, void*)")
# 呼び出し: AuthzReportSecurityEventFromParams(dwFlags, hEventProvider, dwAuditId, pUserSid, pParams)
# dwFlags : DWORD -> "dword"
# hEventProvider : AUTHZ_SECURITY_EVENT_PROVIDER_HANDLE in/out -> "void*"
# dwAuditId : DWORD -> "dword"
# pUserSid : PSID optional -> "void*"
# pParams : AUDIT_PARAMS* -> "void*"
# なでしこ1は32bit・ANSI(Shift_JIS)。文字列=char*(ANSI)、ポインタ/ハンドル=void*(4byte)。