WTSGetListenerSecurityW function (wtsapi32.h)

  • Article

Retrieves the security descriptor of a Remote Desktop Services listener.

Syntax

BOOL WTSGetListenerSecurityW(
  [in]            HANDLE               hServer,
  [in]            PVOID                pReserved,
  [in]            DWORD                Reserved,
  [in]            LPWSTR               pListenerName,
  [in]            SECURITY_INFORMATION SecurityInformation,
  [out, optional] PSECURITY_DESCRIPTOR pSecurityDescriptor,
  [in]            DWORD                nLength,
  [out]           LPDWORD              lpnLengthNeeded
);

Parameters

[in] hServer

A handle to an RD Session Host server. Always set this parameter to WTS_CURRENT_SERVER_HANDLE.

[in] pReserved

This parameter is reserved. Always set this parameter to NULL.

[in] Reserved

This parameter is reserved. Always set this parameter to zero.

[in] pListenerName

A pointer to a null-terminated string that contains the name of the listener.

[in] SecurityInformation

A SECURITY_INFORMATION value that specifies the security information to retrieve. Always enable the DACL_SECURITY_INFORMATION and SACL_SECURITY_INFORMATION flags.

For more information about possible values, see SECURITY_INFORMATION.

[out, optional] pSecurityDescriptor

A pointer to a SECURITY_DESCRIPTOR structure that receives the security information associated with the listener referenced by the pListenerName parameter. The SECURITY_DESCRIPTOR structure is returned in self-relative format. For more information about possible values, see SECURITY_DESCRIPTOR.

The discretionary access control list (DACL) of the security descriptor can contain one or more of the following values.

WTS_SECURITY_ALL_ACCESS

Combines these values:

  • STANDARD_RIGHTS_REQUIRED
  • WTS_SECURITY_CONNECT
  • WTS_SECURITY_DISCONNECT
  • WTS_SECURITY_LOGON
  • WTS_SECURITY_MESSAGE
  • WTS_SECURITY_QUERY_INFORMATION
  • WTS_SECURITY_REMOTE_CONTROL
  • WTS_SECURITY_RESET
  • WTS_SECURITY_SET_INFORMATION
  • WTS_SECURITY_VIRTUAL_CHANNELS

WTS_SECURITY_CONNECT (256 (0x100))

The right to connect.

WTS_SECURITY_CURRENT_GUEST_ACCESS

Combines these values:

  • WTS_SECURITY_LOGOFF
  • WTS_SECURITY_VIRTUAL_CHANNELS

WTS_SECURITY_CURRENT_USER_ACCESS

Combines these values:

  • WTS_SECURITY_DISCONNECT
  • WTS_SECURITY_LOGOFF
  • WTS_SECURITY_RESET
  • WTS_SECURITY_SET_INFORMATION
  • WTS_SECURITY_VIRTUAL_CHANNELS

WTS_SECURITY_DISCONNECT (512 (0x200))

The right to disconnect.

WTS_SECURITY_GUEST_ACCESS

Defined as WTS_SECURITY_LOGON.

WTS_SECURITY_LOGOFF (64 (0x40))

The right to log off.

WTS_SECURITY_LOGON (32 (0x20))

The right to log on.

WTS_SECURITY_MESSAGE (128 (0x80))

The right to send a message to the user.

WTS_SECURITY_QUERY_INFORMATION (1 (0x1))

The right to query for information.

WTS_SECURITY_REMOTE_CONTROL (16 (0x10))

The right to use remote control.

WTS_SECURITY_RESET (4 (0x4))

The right to reset information.

WTS_SECURITY_SET_INFORMATION (2 (0x2))

The right to set information.

WTS_SECURITY_USER_ACCESS

Combines these values:

  • WTS_SECURITY_CONNECT
  • WTS_SECURITY_CURRENT_GUEST_ACCESS
  • WTS_SECURITY_QUERY_INFORMATION

WTS_SECURITY_VIRTUAL_CHANNELS (8 (0x8))

The right to use virtual channels.

[in] nLength

The size, in bytes, of the SECURITY_DESCRIPTOR structure referenced by the pSecurityDescriptor parameter.

[out] lpnLengthNeeded

A pointer to a variable that receives the number of bytes required to store the complete security descriptor. If this number is less than or equal to the value of the nLength parameter, the security descriptor is copied to the SECURITY_DESCRIPTOR structure referenced by the pSecurityDescriptor parameter; otherwise, no action is taken.

Return value

If the function succeeds, the return value is a nonzero value.

If the function fails, the return value is zero. To get extended error information, call the GetLastError function.

Remarks

If the number of bytes needed for the buffer that receives the SECURITY_DESCRIPTOR structure is unknown, you can call this method with nLength set to zero. The method will then return, in the lpnLengthNeeded parameter, the number of bytes required for the buffer. Allocate the buffer based on this number, and then call the method again, setting pSecurityDescriptor to the newly allocated buffer and nLength to the number returned by the first call.

Note

The wtsapi32.h header defines WTSGetListenerSecurity as an alias which automatically selects the ANSI or Unicode version of this function based on the definition of the UNICODE preprocessor constant. Mixing usage of the encoding-neutral alias with code that not encoding-neutral can lead to mismatches that result in compilation or runtime errors. For more information, see Conventions for Function Prototypes.

Requirements

Requirement Value
Minimum supported client Windows 7
Minimum supported server Windows Server 2008 R2
Target Platform Windows
Header wtsapi32.h
Library Wtsapi32.lib
DLL Wtsapi32.dll

See also

SECURITY_DESCRIPTOR

SECURITY_INFORMATION