IWbemUnsecuredApartment::CreateSinkStub method

The CreateSinkStub method is similar to the IUnsecuredApartment::CreateObjectStub and creates an object forwarder sink and performs access checks for receiving asynchronous calls from Windows Management. CreateSinkStub differs from CreateObjectStub because it can specify that callbacks to the sink should be authenticated.

WMI provides the Unsecapp.exe process to function as the separate process. You can host Unsecapp.exe with a call to the IWbemUnsecuredApartment interface or IUnsecuredApartment interface in other versions of Windows. IUnsecuredApartment does not have any methods that perform access checking.

An access check means that Unsecapp.exe only allows the account of the computer that originally obtained the sink to invoke callbacks. When the registry key UnsecAppAccessControlDefault is set to zero then Unsecapp.exe does not perform access control on callbacks unless CreateSinkStub is called by an application with the dwFlag parameter set to WBEM_FLAG_UNSECAPP_CHECK_ACCESS. If the parameter is not present, which is the default, then Unsecapp.exe reads the registry key value to determine whether to authenticate callbacks.


HRESULT CreateSinkStub(
  IWbemObjectSink *pSink,
  DWORD           dwFlags,
  LPCWSTR         wszReserved,
  IWbemObjectSink **ppStub



Pointer to the client's in-process implementation of IWbemObjectSink.


You can set one of the following values from WBEM_UNSECAPP_FLAG_TYPE enumeration. This parameter determines how Unsecapp.exe uses the registry key checks this registry key:



Unsecapp.exe reads the registry key UnsecAppAccessControlDefault to determine if it should authenticate callbacks.


Unsecapp.exe authenticates callbacks regardless of the setting of the registry key UnsecAppAccessControlDefault.


Unsecapp.exe does not authenticate callbacks regardless of the setting of the registry key UnsecAppAccessControlDefault.




Receives a pointer to a substitute object to be used in asynchronous IWbemServices calls. The user receives an IUnknown pointer and must call QueryInterface for IID_WbemObjectSink before using this object in asynchronous IWbemServices calls.

Return Value

This method returns standard COM error codes for QueryInterface. It returns S_OK if the call succeeds. If the call fails because the requested interface was not supported, the method returns E_NOINTERFACE.

COM-specific error codes also may be returned if network problems cause you to lose the remote connection to Windows Management.


This method is provided to improve the security of asynchronous calls from client applications. For more information, see Setting Security on an Asynchronous Call.


Minimum supported client None supported
Minimum supported server Windows Server 2008
Target Platform Windows
Header wbemcli.h (include Wbemidl.h)
Library Wbemuuid.lib
DLL Unsecapp.exe

See Also



Lowering the Security for a Sink in a Separate Process

Performing Access Checks

Setting Security on an Asynchronous Call