ObjectDeleteAuditAlarm  BSCGAW 

[New - Windows NT]

The ObjectDeleteAuditAlarm function generates audit messages when an object is deleted. Windows NT security does not support alarms.

BOOL ObjectDeleteAuditAlarm(

    LPCTSTR SubsystemName,

// pointer to string for subsystem name

    LPVOID HandleId,

// handle to the object

    BOOL GenerateOnClose

// flag for audit generation

   );

 

 

Parameters

SubsystemName

Pointer to a null-terminated string that specifies the name of the subsystem calling the function; for example,  DEBUG  or  WIN32 . This string appears in the audit log for the object.

HandleId

Specifies a unique 32-bit value representing the client s handle to the object. This should be the same value that was passed to the AccessCheckAndAuditAlarm42CFUJ6 or ObjectOpenAuditAlarm3BM2_WX function.

GenerateOnClose

Specifies a flag set by a call to the AccessCheckAndAuditAlarm or ObjectOpenAuditAlarm function when the object handle is created.

 

Return Values

If the function succeeds, the return value is a nonzero value.

If the function fails, the return value is zero. To get extended error information, call GetLastError11C2VS7.

Remarks

The ObjectDeleteAuditAlarm function requires the calling application to have the SE_AUDIT_NAME privilege. The test for this privilege is always performed against the primary token of the calling process, allowing the calling process to impersonate a client.

See Also

AccessCheck, AccessCheckAndAuditAlarm, AreAllAccessesGranted, AreAnyAccessesGranted, MapGenericMask, ObjectCloseAuditAlarm, ObjectOpenAuditAlarm, ObjectPrivilegeAuditAlarm, PrivilegeCheck, PrivilegedServiceAuditAlarm