The information in this article applies to:
SUMMARYThe description for RegSaveKey() states the following:
This means that the application must explicitly open a security token and enable the SeBackupPrivilege. By granting a particular user the right to back up files, you give that user the right only to gain access to the security token (that is, the token is not automatically created for the user but the right to create such a token is given). You must add additional code to open the token and enable the privilege.
MORE INFORMATIONThe following code demonstrates how to enable SeBackupPrivilege: static HANDLE hToken;
static TOKEN_PRIVILEGES tp;
static LUID luid;
// Enable backup privilege.
OpenProcessToken( GetCurrentProcess(),
TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY, &hToken ) ;
LookupPrivilegeValue( NULL, "SeBackupPrivilege", &luid );
tp.PrivilegeCount = 1;
tp.Privileges[0].Luid = luid;
tp.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED;
AdjustTokenPrivileges( hToken, FALSE, &tp,
sizeof(TOKEN_PRIVILEGES), NULL, NULL );
// Insert your code here to save the registry keys/subkeys.
// Disable backup privilege.
AdjustTokenPrivileges( hToken, TRUE, &tp, sizeof(TOKEN_PRIVILEGES),
NULL, NULL );
Note that you cannot create a process token; you must open the existing process token and adjust its privileges. Keywords : kbAPI kbKernBase kbRegistry kbGrpKernBase Version : winnt:3.51,4.0 Platform : winnt Issue type : kbinfo |
Last Reviewed: October 20, 1999 |
