Client/Server Access Control Functions

The following functions are used by servers to impersonate clients.

Function	History

CreateProcessAsUser	Windows NT 3.51 and later
ImpersonateLoggedOnUser	Windows NT 3.51 and later
LogonUser	Windows NT 3.51 and later
ImpersonateNamedPipeClient	Windows NT 3.1 and later
ImpersonateSelf	Windows NT 3.1 and later
RevertToSelf	Windows NT 3.1 and later

The following functions are used by servers to check and set the security descriptors on private objects.

Function	History

AccessCheck	Windows NT 3.1 and later
AccessCheckAndAuditAlarm	Windows NT 3.1 and later
AccessCheckByType	Windows NT 5.0 and later
AccessCheckByTypeAndAuditAlarm	Windows NT 5.0 and later
AccessCheckByTypeResultList	Windows NT 5.0 and later
AccessCheckByTypeResultListAndAuditAlarm	Windows NT 5.0 and later
AreAllAccessesGranted	Windows NT 3.1 and later
AreAnyAccessesGranted	Windows NT 3.1 and later
ConvertToAutoInheritPrivateObjectSecurity	Windows NT 5.0 and later
CreatePrivateObjectSecurity	Windows NT 3.1 and later
CreatePrivateObjectSecurityEx	Windows NT 5.0 and later
DestroyPrivateObjectSecurity	Windows NT 3.1 and later
GetAccessPermissionsForObject	Windows NT 5.0 and later
GetPrivateObjectSecurity	Windows NT 3.1 and later
MapGenericMask	Windows NT 3.1 and later
PrivilegeCheck	Windows NT 3.1 and later
SetPrivateObjectSecurity	Windows NT 3.1 and later
SetPrivateObjectSecurityEx	Windows NT 5.0 and later
BuildSecurityDescriptor	Windows NT 4.0 and later
LookupSecurityDescriptorParts	Windows NT 4.0 and later

The following functions are used by servers to generate audit messages in the security event log.

Function	History

ObjectDeleteAuditAlarm	Windows NT 3.1 and later
ObjectCloseAuditAlarm	Windows NT 3.1 and later
ObjectOpenAuditAlarm	Windows NT 3.1 and later
ObjectPrivilegeAuditAlarm	Windows NT 3.1 and later
PrivilegedServiceAuditAlarm	Windows NT 3.1 and later