RE: Using AuthzReportSecurityEvent
From: Chris Stagnaro (anonymous_at_discussions.microsoft.com)
Date: 09/28/04
- Next message: Raghu Malpani: "RE: Using AuthzReportSecurityEvent"
- Previous message: Kristine: "Re: ASN1 bad tag value met on EnvelopedData.Decrypt str"
- In reply to: Raghu Malpani: "RE: Using AuthzReportSecurityEvent"
- Next in thread: Raghu Malpani: "RE: Using AuthzReportSecurityEvent"
- Reply: Raghu Malpani: "RE: Using AuthzReportSecurityEvent"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Mon, 27 Sep 2004 16:56:29 -0700
The code has gotten pretty hacked up. Here is the section
that builds the AUDIT_PARAM strucutre and calls the
AuthzReportSecurityEvent.
vector<_bstr_t> vecMsgs;
/* ... Code that parses an input string and turns
it into the list of strings in vecMsgs
left out here. ... */
// Code that populates the AUDIT_PARAM array from vecMsgs
long index = 0;
AUDIT_PARAM list[20];
TCHAR listparms[10][1024];
for (int i = 0; i < vecMsgs.size(); ++i)
{
list[index].Type = APT_String;
list[index].Length = sizeof(AUDIT_PARAM);
list[index].Flags = 0;
ZeroMemory(listparms[i], 1024 * sizeof(TCHAR));
wsprintf(listparms[i], vecMsgs[i]);
list[index].String = listparms[i];
index++;
}
// Making the API call
bRet = AuthzReportSecurityEvent
(nEventType /*nEventType */,
m_hSecHandle,
(DWORD) nEventID,
pSID,
index,
list);
Result_Error = GetLastError();
Thanks,
Chris
>-----Original Message-----
>Please post your code. Especially, how you are
constructing the AUDIT_PARAM
>struct.
>
>"Chris Stagnaro" wrote:
>
>> I am trying to report Audit Events from our application
into the Security Log
>> on Windows Server 2003 using the
AuthzReportSecurityEvent Security API. On
>> Windows 2000 we were using ReportEvent, which worked
because of a bug in the
>> API, which has subsequently been fixed.
>>
>> Currently I am making a call to
AuthzReportSecurityEvent with no paramaters
>> and it returns a success, however nothing is written to
the security log.
>>
>> I've tried to also provide a list of paramaters to this
call by passing an
>> array of AUDIT_PARAM. However in this case
GetLastError returns 87 (The
>> parameter is incorrect). I have not been able to find
any example code or
>> any documentation that outlines any additional steps
that need to be taken to
>> actually get this method to work. All I have been able
to find is the basic
>> SDK pages that give the syntax for each method call.
>>
>> Does anyone have an idea what else needs to be done to
make this work? It
>> is running as a service and has the necessary audit
privilege set already.
>>
>> Thanks,
>> Chris
>>
>.
>
- Next message: Raghu Malpani: "RE: Using AuthzReportSecurityEvent"
- Previous message: Kristine: "Re: ASN1 bad tag value met on EnvelopedData.Decrypt str"
- In reply to: Raghu Malpani: "RE: Using AuthzReportSecurityEvent"
- Next in thread: Raghu Malpani: "RE: Using AuthzReportSecurityEvent"
- Reply: Raghu Malpani: "RE: Using AuthzReportSecurityEvent"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
