Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
The SeTokenGetNoChildProcessRestricted routine determines the state of the no child process mitigation. It is not possible to be enforced and audit-only at the same time.
Syntax
void SeTokenGetNoChildProcessRestricted(
[in] PACCESS_TOKEN Token,
[out] PBOOLEAN Enforced,
[out] PBOOLEAN UnlessSecure,
[out] PBOOLEAN AuditOnly
);
Parameters
[in] Token
Specifies a pointer to the access token.
[out] Enforced
A pointer to a boolean that returns whether the mitigation is in enforcement mode.
[out] UnlessSecure
A pointer to a boolean that returns whether secure process creation is enabled even if process creation is restricted.
[out] AuditOnly
A pointer to a boolean that returns whether the mitigation is in audit-only mode.
Return value
None
Requirements
| Requirement | Value |
|---|---|
| Minimum supported client | Windows 10, version 1709. |
| Target Platform | Windows |
| Header | ntifs.h (include Ntifs.h) |
| Library | NtosKrnl.lib |
| DLL | NtosKrnl.exe |