// ntifs.h

VOID SeTokenGetNoChildProcessRestricted(
  [in]  PACCESS_TOKEN Token,
  [out] PBOOLEAN      Enforced,
  [out] PBOOLEAN      UnlessSecure,
  [out] PBOOLEAN      AuditOnly
);
View the official Windows Driver Kit DDI reference

NtDoc

No description available.

Edit description on GitHub

Windows Driver Kit DDI reference (nf-ntifs-setokengetnochildprocessrestricted)

SeTokenGetNoChildProcessRestricted function

Description

The SeTokenGetNoChildProcessRestricted routine determines the state of the no child process mitigation. It is not possible to be enforced and audit-only at the same time.

Parameters

`Token` [in]

Specifies a pointer to the access token.

`Enforced` [out]

A pointer to a boolean that returns whether the mitigation is in enforcement mode.

`UnlessSecure` [out]

A pointer to a boolean that returns whether secure process creation is enabled even if process creation is restricted.

`AuditOnly` [out]

A pointer to a boolean that returns whether the mitigation is in audit-only mode.

SeTokenGetNoChildProcessRestricted - NtDoc

NtDoc

Windows Driver Kit DDI reference (nf-ntifs-setokengetnochildprocessrestricted)

SeTokenGetNoChildProcessRestricted function

Description

Parameters

`Token` [in]

`Enforced` [out]

`UnlessSecure` [out]

`AuditOnly` [out]

See also

NtDoc

Windows Driver Kit DDI reference (nf-ntifs-setokengetnochildprocessrestricted)

SeTokenGetNoChildProcessRestricted function

Description

Parameters

Token [in]

Enforced [out]

UnlessSecure [out]

AuditOnly [out]

See also

`Token` [in]

`Enforced` [out]

`UnlessSecure` [out]

`AuditOnly` [out]