IsValidSecurityDescriptor function

The IsValidSecurityDescriptor function determines whether the components of a security descriptor are valid.

Syntax

BOOL IsValidSecurityDescriptor(
  PSECURITY_DESCRIPTOR pSecurityDescriptor
);

Parameters

pSecurityDescriptor

A pointer to a SECURITY_DESCRIPTOR structure that the function validates.

Return value

If the components of the security descriptor are valid, the return value is nonzero.

If any of the components of the security descriptor are not valid, the return value is zero. There is no extended error information for this function; do not call GetLastError.

Remarks

The IsValidSecurityDescriptor function checks the validity of the components that are present in the security descriptor. It does not verify whether certain components are present nor does it verify the contents of the individual ACE or ACL.

Requirements

   
Minimum supported client Windows XP [desktop apps | UWP apps]
Minimum supported server Windows Server 2003 [desktop apps | UWP apps]
Target Platform Windows
Header securitybaseapi.h (include Windows.h)
Library Advapi32.lib
DLL Advapi32.dll

See also

GetSecurityDescriptorControl

GetSecurityDescriptorDacl

GetSecurityDescriptorGroup

GetSecurityDescriptorLength

GetSecurityDescriptorOwner

GetSecurityDescriptorSacl

InitializeSecurityDescriptor

IsValidAcl

IsValidSid

Low-level Access Control

Low-level Access Control Functions

SECURITY_DESCRIPTOR

SetSecurityDescriptorDacl

SetSecurityDescriptorGroup

SetSecurityDescriptorOwner

SetSecurityDescriptorSacl