Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
The AuditAccountLogon function produces an audit record that represents the mapping of a foreign principal name onto a Windows account.
Syntax
LSA_AUDIT_ACCOUNT_LOGON LsaAuditAccountLogon;
NTSTATUS LsaAuditAccountLogon(
[in] ULONG AuditId,
[in] BOOLEAN Success,
[in] PUNICODE_STRING Source,
[in] PUNICODE_STRING ClientName,
[in] PUNICODE_STRING MappedName,
[in] NTSTATUS Status
)
{...}
Parameters
[in] AuditId
Security package–defined message identifier. This value is included in the audit record.
[in] Success
Specifies whether the audit record is generated on success or failure of the logon.
[in] Source
Pointer to a UNICODE_STRING specifying the source of the logon attempt.
[in] ClientName
Pointer to a UNICODE_STRING specifying the client name.
[in] MappedName
Pointer to a UNICODE_STRING containing the Windows account name to which the client name was mapped, if any.
[in] Status
An NTSTATUS value specifying any error that occurred.
Return value
This function returns STATUS_SUCCESS.
Remarks
A pointer to the AuditAccountLogon function is available in the LSA_SECPKG_FUNCTION_TABLE structure received by the SpInitialize function.
Requirements
| Requirement | Value |
|---|---|
| Minimum supported client | Windows XP [desktop apps only] |
| Minimum supported server | Windows Server 2003 [desktop apps only] |
| Target Platform | Windows |
| Header | ntsecpkg.h |