Click here to Skip to main content
13,146,014 members (45,317 online)
Click here to Skip to main content

Stats

32.2K views
1.5K downloads
14 bookmarked
Posted 26 Feb 2010

Query the New Windows Audit Policies Programmatically

, 26 Feb 2010
This sample show how to access the information retrieved by running Auditpol.
// Microsoft Visual C++ generated resource script.
//
#include "resource.h"

#define APSTUDIO_READONLY_SYMBOLS
/////////////////////////////////////////////////////////////////////////////
//
// Generated from the TEXTINCLUDE 2 resource.
//
#ifndef APSTUDIO_INVOKED
#include "targetver.h"
#endif
#include "afxres.h"

/////////////////////////////////////////////////////////////////////////////
#undef APSTUDIO_READONLY_SYMBOLS

/////////////////////////////////////////////////////////////////////////////
// German (Germany) resources

#if !defined(AFX_RESOURCE_DLL) || defined(AFX_TARG_DEU)
#ifdef _WIN32
LANGUAGE LANG_GERMAN, SUBLANG_GERMAN
#pragma code_page(1252)
#endif //_WIN32

#ifdef APSTUDIO_INVOKED
/////////////////////////////////////////////////////////////////////////////
//
// TEXTINCLUDE
//

1 TEXTINCLUDE 
BEGIN
    "resource.h\0"
END

2 TEXTINCLUDE 
BEGIN
    "#ifndef APSTUDIO_INVOKED\r\n"
    "#include ""targetver.h""\r\n"
    "#endif\r\n"
    "#include ""afxres.h""\r\n"
    "\0"
END

3 TEXTINCLUDE 
BEGIN
    "#define _AFX_NO_SPLITTER_RESOURCES\r\n"
    "#define _AFX_NO_OLE_RESOURCES\r\n"
    "#define _AFX_NO_TRACKER_RESOURCES\r\n"
    "#define _AFX_NO_PROPERTY_RESOURCES\r\n"
    "\r\n"
    "#if !defined(AFX_RESOURCE_DLL) || defined(AFX_TARG_ENU)\r\n"
    "LANGUAGE 9, 1\r\n"
    "#pragma code_page(1252)\r\n"
    "#include ""res\\AuditPolicyBrowser.rc2""  // non-Microsoft Visual C++ edited resources\r\n"
    "#include ""afxres.rc""     // Standard components\r\n"
    "#endif\r\n"
    "\0"
END

#endif    // APSTUDIO_INVOKED


/////////////////////////////////////////////////////////////////////////////
//
// Icon
//

// Icon with lowest ID value placed first to ensure application icon
// remains consistent on all systems.
IDR_MAINFRAME           ICON                    "res\\Audit Policy Browser.ico"
#endif    // German (Germany) resources
/////////////////////////////////////////////////////////////////////////////


/////////////////////////////////////////////////////////////////////////////
// English (U.S.) resources

#if !defined(AFX_RESOURCE_DLL) || defined(AFX_TARG_ENU)
#ifdef _WIN32
LANGUAGE LANG_ENGLISH, SUBLANG_ENGLISH_US
#pragma code_page(1252)
#endif //_WIN32

/////////////////////////////////////////////////////////////////////////////
//
// Dialog
//

IDD_ABOUTBOX DIALOGEX 0, 0, 242, 98
STYLE DS_SETFONT | DS_MODALFRAME | DS_FIXEDSYS | WS_POPUP | WS_CAPTION | WS_SYSMENU
CAPTION "About Audit Policy Browser"
FONT 8, "MS Shell Dlg", 0, 0, 0x1
BEGIN
    LTEXT           "Audit Policy Browser, Version 1.0 for codeproject",IDC_STATIC,57,27,169,8,SS_NOPREFIX
    LTEXT           "Copyright (C) 2010",IDC_STATIC,57,55,76,8
    DEFPUSHBUTTON   "OK",IDOK,163,65,50,14,WS_GROUP
    LTEXT           "marc ochsenmeier",IDC_STATIC,57,41,58,8
    CONTROL         "<a>www.winssential.net</a>",IDC_SYSLINK,"SysLink",WS_TABSTOP,57,69,89,13
    ICON            IDR_MAINFRAME,IDC_STATIC,14,23,21,20
END

IDD_AUDITPOLICYBROWSER_DIALOG DIALOGEX 0, 0, 290, 371
STYLE DS_SETFONT | DS_MODALFRAME | DS_FIXEDSYS | WS_MINIMIZEBOX | WS_POPUP | WS_VISIBLE | WS_CAPTION | WS_SYSMENU
EXSTYLE WS_EX_APPWINDOW
CAPTION "Audit Policy Browser - www.winssential.net"
FONT 8, "MS Shell Dlg", 0, 0, 0x1
BEGIN
    DEFPUSHBUTTON   "Close",IDOK,233,350,50,14
    PUSHBUTTON      "Update",IDC_BUTTON_ENUMERATE_CATEGORIES,221,121,50,14
    GROUPBOX        "Subcategories",IDC_STATIC,7,144,276,122
    GROUPBOX        "Categories",IDC_STATIC,7,7,276,135
    LISTBOX         IDC_LIST_CATEGORIES,12,20,260,97,LBS_SORT | LBS_NOINTEGRALHEIGHT | WS_VSCROLL | WS_TABSTOP
    LISTBOX         IDC_LIST2,12,161,260,97,LBS_SORT | LBS_NOINTEGRALHEIGHT | WS_VSCROLL | WS_TABSTOP
    GROUPBOX        "Current Policy Setting",IDC_STATIC,7,273,276,73
    LTEXT           "No audit",IDC_STATIC_POLICY_AUDIT_EVENT_NONE,19,289,28,8
    LTEXT           "Audit successful attempts",IDC_STATICPOLICY_AUDIT_EVENT_SUCCESS,19,307,83,8
    LTEXT           "Audit failed attempts",IDC_STATIC_POLICY_AUDIT_EVENT_FAILURE,19,325,68,8
END


/////////////////////////////////////////////////////////////////////////////
//
// Version
//

VS_VERSION_INFO VERSIONINFO
 FILEVERSION 1,0,0,1
 PRODUCTVERSION 1,0,0,1
 FILEFLAGSMASK 0x3fL
#ifdef _DEBUG
 FILEFLAGS 0x1L
#else
 FILEFLAGS 0x0L
#endif
 FILEOS 0x4L
 FILETYPE 0x1L
 FILESUBTYPE 0x0L
BEGIN
    BLOCK "StringFileInfo"
    BEGIN
        BLOCK "040904e4"
        BEGIN
            VALUE "CompanyName", "www.winssential.net"
            VALUE "FileDescription", "Audit Policy Browser"
            VALUE "FileVersion", "1.0.0.1"
            VALUE "InternalName", "Audit Policy Browser.exe"
            VALUE "LegalCopyright", "Marc Ochsenmeier, www.winssential.net"
            VALUE "OriginalFilename", "Audit Policy Browser.exe"
            VALUE "ProductName", "Audit Policy Browser"
            VALUE "ProductVersion", "1.0.0.1"
        END
    END
    BLOCK "VarFileInfo"
    BEGIN
        VALUE "Translation", 0x409, 1252
    END
END


/////////////////////////////////////////////////////////////////////////////
//
// DESIGNINFO
//

#ifdef APSTUDIO_INVOKED
GUIDELINES DESIGNINFO 
BEGIN
    IDD_ABOUTBOX, DIALOG
    BEGIN
        LEFTMARGIN, 7
        RIGHTMARGIN, 235
        TOPMARGIN, 7
        BOTTOMMARGIN, 91
    END

    IDD_AUDITPOLICYBROWSER_DIALOG, DIALOG
    BEGIN
        LEFTMARGIN, 7
        RIGHTMARGIN, 283
        TOPMARGIN, 7
        BOTTOMMARGIN, 364
    END
END
#endif    // APSTUDIO_INVOKED


/////////////////////////////////////////////////////////////////////////////
//
// String Table
//

STRINGTABLE 
BEGIN
    IDS_ABOUTBOX            "&About Audit Policy Browser..."
END

#endif    // English (U.S.) resources
/////////////////////////////////////////////////////////////////////////////



#ifndef APSTUDIO_INVOKED
/////////////////////////////////////////////////////////////////////////////
//
// Generated from the TEXTINCLUDE 3 resource.
//
#define _AFX_NO_SPLITTER_RESOURCES
#define _AFX_NO_OLE_RESOURCES
#define _AFX_NO_TRACKER_RESOURCES
#define _AFX_NO_PROPERTY_RESOURCES

#if !defined(AFX_RESOURCE_DLL) || defined(AFX_TARG_ENU)
LANGUAGE 9, 1
#pragma code_page(1252)
#include "res\AuditPolicyBrowser.rc2"  // non-Microsoft Visual C++ edited resources
#include "afxres.rc"     // Standard components
#endif

/////////////////////////////////////////////////////////////////////////////
#endif    // not APSTUDIO_INVOKED

By viewing downloads associated with this article you agree to the Terms of Service and the article's licence.

If a file you wish to view isn't highlighted, and is a text file (not binary), please let us know and we'll add colourisation support for it.

License

This article, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

Share

About the Author

marc ochsenmeier
Software Developer (Senior) winitor
Germany Germany
Marc Ochsenmeier is the author of PEStudio (www.winitor.com) and works as developer with the focus on Windows Hardening.

PEStudio is on twitter at: https://twitter.com/ochsenmeier

You may also be interested in...

Permalink | Advertise | Privacy | Terms of Use | Mobile
Web01 | 2.8.170915.1 | Last Updated 26 Feb 2010
Article Copyright 2010 by marc ochsenmeier
Everything else Copyright © CodeProject, 1999-2017
Layout: fixed | fluid