Share via

3.1.5.21 BaseRegSetKeySecurity (Opnum 21)

  • Article

The BaseRegSetKeySecurity method is called by the client. In response, the server sets the security descriptor that protects the specified open registry key.

 error_status_t BaseRegSetKeySecurity(
   [in] RPC_HKEY hKey,
   [in] SECURITY_INFORMATION SecurityInformation,
   [in] PRPC_SECURITY_DESCRIPTOR pRpcSecurityDescriptor
 );

hKey: A handle to a key that MUST have been opened previously by using one of the open methods that are specified in section 3.1.5: OpenClassesRoot, OpenCurrentUser, OpenLocalMachine, OpenPerformanceData, OpenUsers, BaseRegCreateKey, BaseRegOpenKey, OpenCurrentConfig, OpenPerformanceText, OpenPerformanceNlsText.

SecurityInformation: The SECURITY_INFORMATION that specifies the content of the pRpcSecurityDescriptor parameter.

pRpcSecurityDescriptor: A pointer to the RPC_SECURITY_DESCRIPTOR to set for the supplied key.

Return Values: The method returns 0 (ERROR_SUCCESS) to indicate success; otherwise, it returns a nonzero error code, as specified in [MS-ERREF] section 2.2. The most common error codes are listed in the following table.

Return value/code

Description

0x00000057

ERROR_INVALID_PARAMETER

A parameter is incorrect.

0x00000013

ERROR_WRITE_PROTECT

A read or write operation was attempted to a volume after it was dismounted. The server can no longer service registry requests because server shutdown has been initiated.

Server Operations

If the registry server can no longer service registry requests because server shutdown has been initiated (SHUTDOWNINPROGRESS is set to TRUE), the server MUST return ERROR_WRITE_PROTECT.

The server MUST first validate that the hKey parameter is currently an open handle which MUST have been opened previously using one of the methods specified in section 3.1.5. If the hKey parameter is not an already opened handle, the server MUST return ERROR_INVALID_PARAMETER.

If the pRpcSecurityDescriptor parameter does not specify a valid security descriptor, the server MUST return ERROR_INVALID_PARAMETER.

In response to this request from the client, for a successful operation, the server MUST set the SECURITY_DESCRIPTOR that is specified in the pRpcSecurityDescriptor parameter on the key that is specified in the hKey parameter of the request.

The server MUST return 0 to indicate success or an appropriate error code (as specified in [MS-ERREF]) to indicate an error.