SeTokenGetNoChildProcessRestricted function (ntifs.h)
The SeTokenGetNoChildProcessRestricted routine determines the state of the no child process mitigation. It is not possible to be enforced and audit-only at the same time.
Syntax
void SeTokenGetNoChildProcessRestricted(
[in] PACCESS_TOKEN Token,
[out] PBOOLEAN Enforced,
[out] PBOOLEAN UnlessSecure,
[out] PBOOLEAN AuditOnly
);
Parameters
[in] Token
Specifies a pointer to the access token.
[out] Enforced
A pointer to a boolean that returns whether the mitigation is in enforcement mode.
[out] UnlessSecure
A pointer to a boolean that returns whether secure process creation is enabled even if process creation is restricted.
[out] AuditOnly
A pointer to a boolean that returns whether the mitigation is in audit-only mode.
Return value
None
Requirements
| Requirement | Value |
|---|---|
| Minimum supported client | Windows 10, version 1709. |
| Target Platform | Windows |
| Header | ntifs.h (include Ntifs.h) |
| Library | NtosKrnl.lib |
| DLL | NtosKrnl.exe |
See also
Feedback
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.
Submit and view feedback for