ObjectOpenAuditAlarmA
関数オブジェクトを開く際に監査アラームを生成する(ANSI版)。
シグネチャ
// ADVAPI32.dll (ANSI / -A)
#include <windows.h>
BOOL ObjectOpenAuditAlarmA(
LPCSTR SubsystemName,
void* HandleId,
LPSTR ObjectTypeName,
LPSTR ObjectName, // optional
PSECURITY_DESCRIPTOR pSecurityDescriptor,
HANDLE ClientToken,
DWORD DesiredAccess,
DWORD GrantedAccess,
PRIVILEGE_SET* Privileges, // optional
BOOL ObjectCreation,
BOOL AccessGranted,
BOOL* GenerateOnClose
);パラメーター
| 名前 | 型 | 方向 |
|---|---|---|
| SubsystemName | LPCSTR | in |
| HandleId | void* | in |
| ObjectTypeName | LPSTR | in |
| ObjectName | LPSTR | inoptional |
| pSecurityDescriptor | PSECURITY_DESCRIPTOR | in |
| ClientToken | HANDLE | in |
| DesiredAccess | DWORD | in |
| GrantedAccess | DWORD | in |
| Privileges | PRIVILEGE_SET* | inoptional |
| ObjectCreation | BOOL | in |
| AccessGranted | BOOL | in |
| GenerateOnClose | BOOL* | out |
戻り値の型: BOOL
各言語での呼び出し定義
// ADVAPI32.dll (ANSI / -A)
#include <windows.h>
BOOL ObjectOpenAuditAlarmA(
LPCSTR SubsystemName,
void* HandleId,
LPSTR ObjectTypeName,
LPSTR ObjectName, // optional
PSECURITY_DESCRIPTOR pSecurityDescriptor,
HANDLE ClientToken,
DWORD DesiredAccess,
DWORD GrantedAccess,
PRIVILEGE_SET* Privileges, // optional
BOOL ObjectCreation,
BOOL AccessGranted,
BOOL* GenerateOnClose
);[return: MarshalAs(UnmanagedType.Bool)]
[DllImport("ADVAPI32.dll", CharSet = CharSet.Ansi, SetLastError = true, ExactSpelling = true)]
static extern bool ObjectOpenAuditAlarmA(
[MarshalAs(UnmanagedType.LPStr)] string SubsystemName, // LPCSTR
IntPtr HandleId, // void*
[MarshalAs(UnmanagedType.LPStr)] string ObjectTypeName, // LPSTR
[MarshalAs(UnmanagedType.LPStr)] string ObjectName, // LPSTR optional
IntPtr pSecurityDescriptor, // PSECURITY_DESCRIPTOR
IntPtr ClientToken, // HANDLE
uint DesiredAccess, // DWORD
uint GrantedAccess, // DWORD
IntPtr Privileges, // PRIVILEGE_SET* optional
bool ObjectCreation, // BOOL
bool AccessGranted, // BOOL
out int GenerateOnClose // BOOL* out
);<DllImport("ADVAPI32.dll", CharSet:=CharSet.Ansi, SetLastError:=True, ExactSpelling:=True)>
Public Shared Function ObjectOpenAuditAlarmA(
<MarshalAs(UnmanagedType.LPStr)> SubsystemName As String, ' LPCSTR
HandleId As IntPtr, ' void*
<MarshalAs(UnmanagedType.LPStr)> ObjectTypeName As String, ' LPSTR
<MarshalAs(UnmanagedType.LPStr)> ObjectName As String, ' LPSTR optional
pSecurityDescriptor As IntPtr, ' PSECURITY_DESCRIPTOR
ClientToken As IntPtr, ' HANDLE
DesiredAccess As UInteger, ' DWORD
GrantedAccess As UInteger, ' DWORD
Privileges As IntPtr, ' PRIVILEGE_SET* optional
ObjectCreation As Boolean, ' BOOL
AccessGranted As Boolean, ' BOOL
<Out> ByRef GenerateOnClose As Integer ' BOOL* out
) As Boolean
End Function' SubsystemName : LPCSTR
' HandleId : void*
' ObjectTypeName : LPSTR
' ObjectName : LPSTR optional
' pSecurityDescriptor : PSECURITY_DESCRIPTOR
' ClientToken : HANDLE
' DesiredAccess : DWORD
' GrantedAccess : DWORD
' Privileges : PRIVILEGE_SET* optional
' ObjectCreation : BOOL
' AccessGranted : BOOL
' GenerateOnClose : BOOL* out
Declare PtrSafe Function ObjectOpenAuditAlarmA Lib "advapi32" ( _
ByVal SubsystemName As String, _
ByVal HandleId As LongPtr, _
ByVal ObjectTypeName As String, _
ByVal ObjectName As String, _
ByVal pSecurityDescriptor As LongPtr, _
ByVal ClientToken As LongPtr, _
ByVal DesiredAccess As Long, _
ByVal GrantedAccess As Long, _
ByVal Privileges As LongPtr, _
ByVal ObjectCreation As Long, _
ByVal AccessGranted As Long, _
ByRef GenerateOnClose As Long) As Long
' VBA7前提(PtrSafe)。32bit Office では LongPtr→Long。Integer=16bit / Long=32bit / LongLong=64bit。import ctypes
from ctypes import wintypes
ObjectOpenAuditAlarmA = ctypes.windll.advapi32.ObjectOpenAuditAlarmA
ObjectOpenAuditAlarmA.restype = wintypes.BOOL
ObjectOpenAuditAlarmA.argtypes = [
wintypes.LPCSTR, # SubsystemName : LPCSTR
ctypes.POINTER(None), # HandleId : void*
wintypes.LPCSTR, # ObjectTypeName : LPSTR
wintypes.LPCSTR, # ObjectName : LPSTR optional
wintypes.HANDLE, # pSecurityDescriptor : PSECURITY_DESCRIPTOR
wintypes.HANDLE, # ClientToken : HANDLE
wintypes.DWORD, # DesiredAccess : DWORD
wintypes.DWORD, # GrantedAccess : DWORD
ctypes.c_void_p, # Privileges : PRIVILEGE_SET* optional
wintypes.BOOL, # ObjectCreation : BOOL
wintypes.BOOL, # AccessGranted : BOOL
ctypes.c_void_p, # GenerateOnClose : BOOL* out
]
# GetLastError: use ctypes.GetLastError() (or ctypes.WinDLL(use_last_error=True))require 'fiddle'
require 'fiddle/import'
lib = Fiddle.dlopen('ADVAPI32.dll')
ObjectOpenAuditAlarmA = Fiddle::Function.new(
lib['ObjectOpenAuditAlarmA'],
[
Fiddle::TYPE_VOIDP, # SubsystemName : LPCSTR
Fiddle::TYPE_VOIDP, # HandleId : void*
Fiddle::TYPE_VOIDP, # ObjectTypeName : LPSTR
Fiddle::TYPE_VOIDP, # ObjectName : LPSTR optional
Fiddle::TYPE_VOIDP, # pSecurityDescriptor : PSECURITY_DESCRIPTOR
Fiddle::TYPE_VOIDP, # ClientToken : HANDLE
-Fiddle::TYPE_INT, # DesiredAccess : DWORD
-Fiddle::TYPE_INT, # GrantedAccess : DWORD
Fiddle::TYPE_VOIDP, # Privileges : PRIVILEGE_SET* optional
Fiddle::TYPE_INT, # ObjectCreation : BOOL
Fiddle::TYPE_INT, # AccessGranted : BOOL
Fiddle::TYPE_VOIDP, # GenerateOnClose : BOOL* out
],
Fiddle::TYPE_INT)#[link(name = "advapi32")]
extern "system" {
fn ObjectOpenAuditAlarmA(
SubsystemName: *const u8, // LPCSTR
HandleId: *mut (), // void*
ObjectTypeName: *mut u8, // LPSTR
ObjectName: *mut u8, // LPSTR optional
pSecurityDescriptor: *mut core::ffi::c_void, // PSECURITY_DESCRIPTOR
ClientToken: *mut core::ffi::c_void, // HANDLE
DesiredAccess: u32, // DWORD
GrantedAccess: u32, // DWORD
Privileges: *mut PRIVILEGE_SET, // PRIVILEGE_SET* optional
ObjectCreation: i32, // BOOL
AccessGranted: i32, // BOOL
GenerateOnClose: *mut i32 // BOOL* out
) -> i32;
}
// crates: windows-sys provides ready-made bindings for this API.$sig = @"
[return: MarshalAs(UnmanagedType.Bool)]
[DllImport("ADVAPI32.dll", CharSet = CharSet.Ansi, SetLastError = true)]
public static extern bool ObjectOpenAuditAlarmA([MarshalAs(UnmanagedType.LPStr)] string SubsystemName, IntPtr HandleId, [MarshalAs(UnmanagedType.LPStr)] string ObjectTypeName, [MarshalAs(UnmanagedType.LPStr)] string ObjectName, IntPtr pSecurityDescriptor, IntPtr ClientToken, uint DesiredAccess, uint GrantedAccess, IntPtr Privileges, bool ObjectCreation, bool AccessGranted, out int GenerateOnClose);
"@
$api = Add-Type -MemberDefinition $sig -Name 'ADVAPI32_ObjectOpenAuditAlarmA' -Namespace Win32 -PassThru
# $api::ObjectOpenAuditAlarmA(SubsystemName, HandleId, ObjectTypeName, ObjectName, pSecurityDescriptor, ClientToken, DesiredAccess, GrantedAccess, Privileges, ObjectCreation, AccessGranted, GenerateOnClose)#uselib "ADVAPI32.dll"
#func global ObjectOpenAuditAlarmA "ObjectOpenAuditAlarmA" sptr, sptr, sptr, sptr, sptr, sptr, sptr, sptr, sptr, sptr, sptr, sptr
; ObjectOpenAuditAlarmA SubsystemName, HandleId, ObjectTypeName, ObjectName, pSecurityDescriptor, ClientToken, DesiredAccess, GrantedAccess, varptr(Privileges), ObjectCreation, AccessGranted, GenerateOnClose ; 戻り値は stat
; SubsystemName : LPCSTR -> "sptr"
; HandleId : void* -> "sptr"
; ObjectTypeName : LPSTR -> "sptr"
; ObjectName : LPSTR optional -> "sptr"
; pSecurityDescriptor : PSECURITY_DESCRIPTOR -> "sptr"
; ClientToken : HANDLE -> "sptr"
; DesiredAccess : DWORD -> "sptr"
; GrantedAccess : DWORD -> "sptr"
; Privileges : PRIVILEGE_SET* optional -> "sptr"
; ObjectCreation : BOOL -> "sptr"
; AccessGranted : BOOL -> "sptr"
; GenerateOnClose : BOOL* out -> "sptr"
; ※HSP3.7は #func のため戻り値はシステム変数 stat に格納されます。出力引数:
#uselib "ADVAPI32.dll" #cfunc global ObjectOpenAuditAlarmA "ObjectOpenAuditAlarmA" str, sptr, str, str, sptr, sptr, int, int, var, int, int, int ; res = ObjectOpenAuditAlarmA(SubsystemName, HandleId, ObjectTypeName, ObjectName, pSecurityDescriptor, ClientToken, DesiredAccess, GrantedAccess, Privileges, ObjectCreation, AccessGranted, GenerateOnClose) ; SubsystemName : LPCSTR -> "str" ; HandleId : void* -> "sptr" ; ObjectTypeName : LPSTR -> "str" ; ObjectName : LPSTR optional -> "str" ; pSecurityDescriptor : PSECURITY_DESCRIPTOR -> "sptr" ; ClientToken : HANDLE -> "sptr" ; DesiredAccess : DWORD -> "int" ; GrantedAccess : DWORD -> "int" ; Privileges : PRIVILEGE_SET* optional -> "var" ; ObjectCreation : BOOL -> "int" ; AccessGranted : BOOL -> "int" ; GenerateOnClose : BOOL* out -> "int" ; ※出力/バッファ引数は var 方式(変数を直接渡す)。varptr 方式にも切替可。#uselib "ADVAPI32.dll" #cfunc global ObjectOpenAuditAlarmA "ObjectOpenAuditAlarmA" str, sptr, str, str, sptr, sptr, int, int, sptr, int, int, int ; res = ObjectOpenAuditAlarmA(SubsystemName, HandleId, ObjectTypeName, ObjectName, pSecurityDescriptor, ClientToken, DesiredAccess, GrantedAccess, varptr(Privileges), ObjectCreation, AccessGranted, GenerateOnClose) ; SubsystemName : LPCSTR -> "str" ; HandleId : void* -> "sptr" ; ObjectTypeName : LPSTR -> "str" ; ObjectName : LPSTR optional -> "str" ; pSecurityDescriptor : PSECURITY_DESCRIPTOR -> "sptr" ; ClientToken : HANDLE -> "sptr" ; DesiredAccess : DWORD -> "int" ; GrantedAccess : DWORD -> "int" ; Privileges : PRIVILEGE_SET* optional -> "sptr" ; ObjectCreation : BOOL -> "int" ; AccessGranted : BOOL -> "int" ; GenerateOnClose : BOOL* out -> "int" ; ※出力/バッファ引数はポインタ方式(token=sptr / 呼び出しは varptr(変数))。
出力引数:
; BOOL ObjectOpenAuditAlarmA(LPCSTR SubsystemName, void* HandleId, LPSTR ObjectTypeName, LPSTR ObjectName, PSECURITY_DESCRIPTOR pSecurityDescriptor, HANDLE ClientToken, DWORD DesiredAccess, DWORD GrantedAccess, PRIVILEGE_SET* Privileges, BOOL ObjectCreation, BOOL AccessGranted, BOOL* GenerateOnClose) #uselib "ADVAPI32.dll" #cfunc global ObjectOpenAuditAlarmA "ObjectOpenAuditAlarmA" str, intptr, str, str, intptr, intptr, int, int, var, int, int, int ; res = ObjectOpenAuditAlarmA(SubsystemName, HandleId, ObjectTypeName, ObjectName, pSecurityDescriptor, ClientToken, DesiredAccess, GrantedAccess, Privileges, ObjectCreation, AccessGranted, GenerateOnClose) ; SubsystemName : LPCSTR -> "str" ; HandleId : void* -> "intptr" ; ObjectTypeName : LPSTR -> "str" ; ObjectName : LPSTR optional -> "str" ; pSecurityDescriptor : PSECURITY_DESCRIPTOR -> "intptr" ; ClientToken : HANDLE -> "intptr" ; DesiredAccess : DWORD -> "int" ; GrantedAccess : DWORD -> "int" ; Privileges : PRIVILEGE_SET* optional -> "var" ; ObjectCreation : BOOL -> "int" ; AccessGranted : BOOL -> "int" ; GenerateOnClose : BOOL* out -> "int" ; ※出力/バッファ引数は var 方式(変数を直接渡す)。varptr 方式にも切替可。; BOOL ObjectOpenAuditAlarmA(LPCSTR SubsystemName, void* HandleId, LPSTR ObjectTypeName, LPSTR ObjectName, PSECURITY_DESCRIPTOR pSecurityDescriptor, HANDLE ClientToken, DWORD DesiredAccess, DWORD GrantedAccess, PRIVILEGE_SET* Privileges, BOOL ObjectCreation, BOOL AccessGranted, BOOL* GenerateOnClose) #uselib "ADVAPI32.dll" #cfunc global ObjectOpenAuditAlarmA "ObjectOpenAuditAlarmA" str, intptr, str, str, intptr, intptr, int, int, intptr, int, int, int ; res = ObjectOpenAuditAlarmA(SubsystemName, HandleId, ObjectTypeName, ObjectName, pSecurityDescriptor, ClientToken, DesiredAccess, GrantedAccess, varptr(Privileges), ObjectCreation, AccessGranted, GenerateOnClose) ; SubsystemName : LPCSTR -> "str" ; HandleId : void* -> "intptr" ; ObjectTypeName : LPSTR -> "str" ; ObjectName : LPSTR optional -> "str" ; pSecurityDescriptor : PSECURITY_DESCRIPTOR -> "intptr" ; ClientToken : HANDLE -> "intptr" ; DesiredAccess : DWORD -> "int" ; GrantedAccess : DWORD -> "int" ; Privileges : PRIVILEGE_SET* optional -> "intptr" ; ObjectCreation : BOOL -> "int" ; AccessGranted : BOOL -> "int" ; GenerateOnClose : BOOL* out -> "int" ; ※出力/バッファ引数はポインタ方式(token=intptr / 呼び出しは varptr(変数))。
import (
"golang.org/x/sys/windows"
"unsafe"
)
var (
advapi32 = windows.NewLazySystemDLL("ADVAPI32.dll")
procObjectOpenAuditAlarmA = advapi32.NewProc("ObjectOpenAuditAlarmA")
)
// SubsystemName (LPCSTR), HandleId (void*), ObjectTypeName (LPSTR), ObjectName (LPSTR optional), pSecurityDescriptor (PSECURITY_DESCRIPTOR), ClientToken (HANDLE), DesiredAccess (DWORD), GrantedAccess (DWORD), Privileges (PRIVILEGE_SET* optional), ObjectCreation (BOOL), AccessGranted (BOOL), GenerateOnClose (BOOL* out)
r1, _, err := procObjectOpenAuditAlarmA.Call(
uintptr(unsafe.Pointer(windows.BytePtrFromString(SubsystemName))),
uintptr(HandleId),
uintptr(unsafe.Pointer(windows.BytePtrFromString(ObjectTypeName))),
uintptr(unsafe.Pointer(windows.BytePtrFromString(ObjectName))),
uintptr(pSecurityDescriptor),
uintptr(ClientToken),
uintptr(DesiredAccess),
uintptr(GrantedAccess),
uintptr(Privileges),
uintptr(ObjectCreation),
uintptr(AccessGranted),
uintptr(GenerateOnClose),
)
_ = err // syscall.Errno (valid when the call sets last-error)
_ = r1 // BOOLfunction ObjectOpenAuditAlarmA(
SubsystemName: PAnsiChar; // LPCSTR
HandleId: Pointer; // void*
ObjectTypeName: PAnsiChar; // LPSTR
ObjectName: PAnsiChar; // LPSTR optional
pSecurityDescriptor: THandle; // PSECURITY_DESCRIPTOR
ClientToken: THandle; // HANDLE
DesiredAccess: DWORD; // DWORD
GrantedAccess: DWORD; // DWORD
Privileges: Pointer; // PRIVILEGE_SET* optional
ObjectCreation: BOOL; // BOOL
AccessGranted: BOOL; // BOOL
GenerateOnClose: Pointer // BOOL* out
): BOOL; stdcall;
external 'ADVAPI32.dll' name 'ObjectOpenAuditAlarmA';result := DllCall("ADVAPI32\ObjectOpenAuditAlarmA"
, "AStr", SubsystemName ; LPCSTR
, "Ptr", HandleId ; void*
, "AStr", ObjectTypeName ; LPSTR
, "AStr", ObjectName ; LPSTR optional
, "Ptr", pSecurityDescriptor ; PSECURITY_DESCRIPTOR
, "Ptr", ClientToken ; HANDLE
, "UInt", DesiredAccess ; DWORD
, "UInt", GrantedAccess ; DWORD
, "Ptr", Privileges ; PRIVILEGE_SET* optional
, "Int", ObjectCreation ; BOOL
, "Int", AccessGranted ; BOOL
, "Ptr", GenerateOnClose ; BOOL* out
, "Int") ; return: BOOL●ObjectOpenAuditAlarmA(SubsystemName, HandleId, ObjectTypeName, ObjectName, pSecurityDescriptor, ClientToken, DesiredAccess, GrantedAccess, Privileges, ObjectCreation, AccessGranted, GenerateOnClose) = DLL("ADVAPI32.dll", "bool ObjectOpenAuditAlarmA(char*, void*, char*, char*, void*, void*, dword, dword, void*, bool, bool, void*)")
# 呼び出し: ObjectOpenAuditAlarmA(SubsystemName, HandleId, ObjectTypeName, ObjectName, pSecurityDescriptor, ClientToken, DesiredAccess, GrantedAccess, Privileges, ObjectCreation, AccessGranted, GenerateOnClose)
# SubsystemName : LPCSTR -> "char*"
# HandleId : void* -> "void*"
# ObjectTypeName : LPSTR -> "char*"
# ObjectName : LPSTR optional -> "char*"
# pSecurityDescriptor : PSECURITY_DESCRIPTOR -> "void*"
# ClientToken : HANDLE -> "void*"
# DesiredAccess : DWORD -> "dword"
# GrantedAccess : DWORD -> "dword"
# Privileges : PRIVILEGE_SET* optional -> "void*"
# ObjectCreation : BOOL -> "bool"
# AccessGranted : BOOL -> "bool"
# GenerateOnClose : BOOL* out -> "void*"
# なでしこ1は32bit・ANSI(Shift_JIS)。文字列=char*(ANSI)、ポインタ/ハンドル=void*(4byte)。