Share via

3.2.5.4.6 SchRpcGetSecurity (Opnum 5)

  • Article

The SchRpcGetSecurity method MUST get the security descriptor associated with a task or folder.

 HRESULT SchRpcGetSecurity(
   [in, string] const wchar_t* path,

   [in] DWORD securityInformation,
   [out, string] wchar_t** sddl
 );

path: MUST be the full path associated with a task or folder in the format specified in section 2.3.11).

securityInformation: MUST contain security information in the format of a SECURITY_INFORMATION structure. The SECURITY_INFORMATION structure is defined in [MS-DTYP] section 2.4.7.

sddl: MUST point to a buffer that will receive security information in string format. The string format is specified in [MS-DTYP] section 2.5.1.

Return Values: For more information on return codes, see section 2.3.14, or Win32 Error Codes in [MS-ERREF] section 2.1.

Upon receipt of the SchRpcGetSecurity call that requires the server to return the security descriptor of the requested object, the server MUST:

  • Return E_INVALIDARG if the sddl parameter is NULL.

    Note When passing NULL as a value for parameters, behavior can change based on the RPC Runtime Check. See RPC Runtime Check Notes (section 3.3).

  • Return 0x8007007B, the HRESULT form of the Win32 error ERROR_INVALID_NAME if the specified path is not in the format specified in section 2.3.11.

  • Return the value 0x80070003, the HRESULT form of the Win32 error ERROR_PATH_NOT_FOUND if the specified path does not exist on the server in the XML task store.

  • Return the HRESULT form of the Win32 error ERROR_FILE_NOT_FOUND if the task does not exist on the server in the XML task store.

  • Return E_ACCESSDENIED if the caller does not have permission to read the task or the security descriptor.

  • Retrieve the security information specified in the securityInformation parameter from the path in the task store. For more information on the SECURITY_INFORMATION structure, see [MS-DTYP] section 2.4.7.

  • Encode security information in sddl and return the string in the sddl parameter to the caller.

  • Return S_OK.

If any errors are raised during the processing, they are returned. For more information about return codes, see section 2.3.14 and Win32 Error Codes in [MS-ERREF] section 2.1.