NtObjectManager.dll-Help.xml
<?xml version="1.0" encoding="utf-8"?>
<helpItems schema="maml" xmlns="http://msh"> <!-- Cmdlet: Get-AccessibleDevice --> <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"> <command:details> <command:name>Get-AccessibleDevice</command:name> <command:verb>Get</command:verb> <command:noun>AccessibleDevice</command:noun> <maml:description> <maml:para>Get a list of devices that can be opened by a specified token.</maml:para> </maml:description> </command:details> <maml:description> <maml:para>This cmdlet checks a device and optionally tries to determine if one or more specified tokens can open it. If no tokens are specified the current process token is used.</maml:para> </maml:description> <command:syntax> <!-- Parameter set: __AllParameterSets --> <command:syntaxItem> <maml:name>Get-AccessibleDevice</maml:name> <!-- Parameter: Path --> <command:parameter required="true" globbing="false" pipelineInput="true (ByValue)" position="0"> <maml:name>Path</maml:name> <maml:description> <maml:para>Specify a list of native paths to check. Can refer to object directories to search for device objects or explicit paths.</maml:para> </maml:description> <command:parameterValue required="true">string[]</command:parameterValue> <dev:type> <maml:name>System.String[]</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: AccessRights --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>AccessRights</maml:name> <maml:description> <maml:para>Access rights to check for in an object's access.</maml:para> <maml:para>Possible values: None, ReadData, WriteData, AppendData, ReadEa, WriteEa, Execute, DeleteChild, ReadAttributes, WriteAttributes, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">FileAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.FileAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadData</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteData</command:parameterValue> <command:parameterValue required="false" variableLength="false">AppendData</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadEa</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteEa</command:parameterValue> <command:parameterValue required="false" variableLength="false">Execute</command:parameterValue> <command:parameterValue required="false" variableLength="false">DeleteChild</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadAttributes</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteAttributes</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: AllowEmptyAccess --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>AllowEmptyAccess</maml:name> <maml:description> <maml:para>If set an access entry will be generated even if granted access is 0.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: AllowPartialAccess --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>AllowPartialAccess</maml:name> <maml:description> <maml:para>If AccessRights specified require that only part of the access rights are required to match an access check.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: CheckEaBuffer --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CheckEaBuffer</maml:name> <maml:description> <maml:para>Check whether the device can be accessed with an EA buffer.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: CheckMode --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CheckMode</maml:name> <maml:description> <maml:para>Check mode for device and/or namespace.</maml:para> <maml:para>Possible values: DeviceOnly, NamespaceOnly, DeviceAndNamespace</maml:para> </maml:description> <command:parameterValue required="true">DeviceCheckMode</command:parameterValue> <dev:type> <maml:name>NtObjectManager.DeviceCheckMode</maml:name> <maml:uri /> <maml:description> <maml:para>Mode for checking device object.</maml:para> </maml:description> </dev:type> <dev:defaultValue>DeviceOnly</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">DeviceOnly</command:parameterValue> <command:parameterValue required="false" variableLength="false">NamespaceOnly</command:parameterValue> <command:parameterValue required="false" variableLength="false">DeviceAndNamespace</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: EaBuffer --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>EaBuffer</maml:name> <maml:description> <maml:para>If CheckEaBuffer enabled specify an explicit buffer instead of a default.</maml:para> </maml:description> <command:parameterValue required="true">EaBuffer</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.EaBuffer</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: MaxDepth --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>MaxDepth</maml:name> <maml:description> <maml:para>When recursing specify maximum depth.</maml:para> </maml:description> <command:parameterValue required="true">int</command:parameterValue> <dev:type> <maml:name>System.Int32</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: NamespacePath --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>NamespacePath</maml:name> <maml:description> <maml:para>If check mode allows namespace paths specify a list of namespace paths to check for access to the device namespace instead of a default.</maml:para> </maml:description> <command:parameterValue required="true">string[]</command:parameterValue> <dev:type> <maml:name>System.String[]</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: OpenOptions --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>OpenOptions</maml:name> <maml:description> <maml:para>Specify open options for access.</maml:para> <maml:para>Possible values: None, DirectoryFile, WriteThrough, SequentialOnly, NoIntermediateBuffering, SynchronousIoAlert, SynchronousIoNonAlert, NonDirectoryFile, CreateTreeConnection, CompleteIfOplocked, NoEaKnowledge, OpenRemoteInstance, RandomAccess, DeleteOnClose, OpenByFileId, OpenForBackupIntent, NoCompression, OpenRequiringOplock, DisallowExclusive, SessionAware, ReserveOpfilter, OpenReparsePoint, OpenNoRecall, OpenForFreeSpaceQuery</maml:para> </maml:description> <command:parameterValue required="true">FileOpenOptions</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.FileOpenOptions</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">DirectoryFile</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteThrough</command:parameterValue> <command:parameterValue required="false" variableLength="false">SequentialOnly</command:parameterValue> <command:parameterValue required="false" variableLength="false">NoIntermediateBuffering</command:parameterValue> <command:parameterValue required="false" variableLength="false">SynchronousIoAlert</command:parameterValue> <command:parameterValue required="false" variableLength="false">SynchronousIoNonAlert</command:parameterValue> <command:parameterValue required="false" variableLength="false">NonDirectoryFile</command:parameterValue> <command:parameterValue required="false" variableLength="false">CreateTreeConnection</command:parameterValue> <command:parameterValue required="false" variableLength="false">CompleteIfOplocked</command:parameterValue> <command:parameterValue required="false" variableLength="false">NoEaKnowledge</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenRemoteInstance</command:parameterValue> <command:parameterValue required="false" variableLength="false">RandomAccess</command:parameterValue> <command:parameterValue required="false" variableLength="false">DeleteOnClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenByFileId</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenForBackupIntent</command:parameterValue> <command:parameterValue required="false" variableLength="false">NoCompression</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenRequiringOplock</command:parameterValue> <command:parameterValue required="false" variableLength="false">DisallowExclusive</command:parameterValue> <command:parameterValue required="false" variableLength="false">SessionAware</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReserveOpfilter</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenReparsePoint</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenNoRecall</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenForFreeSpaceQuery</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: ProcessCommandLines --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ProcessCommandLines</maml:name> <maml:description> <maml:para>Specify a list of command lines to filter on find for the process tokens.</maml:para> </maml:description> <command:parameterValue required="true">string[]</command:parameterValue> <dev:type> <maml:name>System.String[]</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Processes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Processes</maml:name> <maml:description> <maml:para>Specify a list of process objects to get tokens from.</maml:para> </maml:description> <command:parameterValue required="true">NtProcess[]</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtProcess[]</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: ProcessIds --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ProcessIds</maml:name> <maml:description> <maml:para>Specify a list of process IDs to open for their tokens.</maml:para> </maml:description> <command:parameterValue required="true">int[]</command:parameterValue> <dev:type> <maml:name>System.Int32[]</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: ProcessNames --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ProcessNames</maml:name> <maml:description> <maml:para>Specify a list of process names to open for their tokens.</maml:para> </maml:description> <command:parameterValue required="true">string[]</command:parameterValue> <dev:type> <maml:name>System.String[]</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Recurse --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Recurse</maml:name> <maml:description> <maml:para>Specify whether to recursively check the directories for devices.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: Tokens --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Tokens</maml:name> <maml:description> <maml:para>Specify a list token objects.</maml:para> </maml:description> <command:parameterValue required="true">NtToken[]</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtToken[]</maml:name> <maml:uri /> </dev:type> </command:parameter> </command:syntaxItem> </command:syntax> <command:parameters> <!-- Parameter: Path --> <command:parameter required="true" globbing="false" pipelineInput="true (ByValue)" position="0"> <maml:name>Path</maml:name> <maml:description> <maml:para>Specify a list of native paths to check. Can refer to object directories to search for device objects or explicit paths.</maml:para> </maml:description> <command:parameterValue required="true">string[]</command:parameterValue> <dev:type> <maml:name>System.String[]</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Recurse --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Recurse</maml:name> <maml:description> <maml:para>Specify whether to recursively check the directories for devices.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: MaxDepth --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>MaxDepth</maml:name> <maml:description> <maml:para>When recursing specify maximum depth.</maml:para> </maml:description> <command:parameterValue required="true">int</command:parameterValue> <dev:type> <maml:name>System.Int32</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: CheckMode --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CheckMode</maml:name> <maml:description> <maml:para>Check mode for device and/or namespace.</maml:para> <maml:para>Possible values: DeviceOnly, NamespaceOnly, DeviceAndNamespace</maml:para> </maml:description> <command:parameterValue required="true">DeviceCheckMode</command:parameterValue> <dev:type> <maml:name>NtObjectManager.DeviceCheckMode</maml:name> <maml:uri /> <maml:description> <maml:para>Mode for checking device object.</maml:para> </maml:description> </dev:type> <dev:defaultValue>DeviceOnly</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">DeviceOnly</command:parameterValue> <command:parameterValue required="false" variableLength="false">NamespaceOnly</command:parameterValue> <command:parameterValue required="false" variableLength="false">DeviceAndNamespace</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: NamespacePath --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>NamespacePath</maml:name> <maml:description> <maml:para>If check mode allows namespace paths specify a list of namespace paths to check for access to the device namespace instead of a default.</maml:para> </maml:description> <command:parameterValue required="true">string[]</command:parameterValue> <dev:type> <maml:name>System.String[]</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: CheckEaBuffer --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CheckEaBuffer</maml:name> <maml:description> <maml:para>Check whether the device can be accessed with an EA buffer.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: EaBuffer --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>EaBuffer</maml:name> <maml:description> <maml:para>If CheckEaBuffer enabled specify an explicit buffer instead of a default.</maml:para> </maml:description> <command:parameterValue required="true">EaBuffer</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.EaBuffer</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: OpenOptions --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>OpenOptions</maml:name> <maml:description> <maml:para>Specify open options for access.</maml:para> <maml:para>Possible values: None, DirectoryFile, WriteThrough, SequentialOnly, NoIntermediateBuffering, SynchronousIoAlert, SynchronousIoNonAlert, NonDirectoryFile, CreateTreeConnection, CompleteIfOplocked, NoEaKnowledge, OpenRemoteInstance, RandomAccess, DeleteOnClose, OpenByFileId, OpenForBackupIntent, NoCompression, OpenRequiringOplock, DisallowExclusive, SessionAware, ReserveOpfilter, OpenReparsePoint, OpenNoRecall, OpenForFreeSpaceQuery</maml:para> </maml:description> <command:parameterValue required="true">FileOpenOptions</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.FileOpenOptions</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">DirectoryFile</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteThrough</command:parameterValue> <command:parameterValue required="false" variableLength="false">SequentialOnly</command:parameterValue> <command:parameterValue required="false" variableLength="false">NoIntermediateBuffering</command:parameterValue> <command:parameterValue required="false" variableLength="false">SynchronousIoAlert</command:parameterValue> <command:parameterValue required="false" variableLength="false">SynchronousIoNonAlert</command:parameterValue> <command:parameterValue required="false" variableLength="false">NonDirectoryFile</command:parameterValue> <command:parameterValue required="false" variableLength="false">CreateTreeConnection</command:parameterValue> <command:parameterValue required="false" variableLength="false">CompleteIfOplocked</command:parameterValue> <command:parameterValue required="false" variableLength="false">NoEaKnowledge</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenRemoteInstance</command:parameterValue> <command:parameterValue required="false" variableLength="false">RandomAccess</command:parameterValue> <command:parameterValue required="false" variableLength="false">DeleteOnClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenByFileId</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenForBackupIntent</command:parameterValue> <command:parameterValue required="false" variableLength="false">NoCompression</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenRequiringOplock</command:parameterValue> <command:parameterValue required="false" variableLength="false">DisallowExclusive</command:parameterValue> <command:parameterValue required="false" variableLength="false">SessionAware</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReserveOpfilter</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenReparsePoint</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenNoRecall</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenForFreeSpaceQuery</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: AccessRights --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>AccessRights</maml:name> <maml:description> <maml:para>Access rights to check for in an object's access.</maml:para> <maml:para>Possible values: None, ReadData, WriteData, AppendData, ReadEa, WriteEa, Execute, DeleteChild, ReadAttributes, WriteAttributes, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">FileAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.FileAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadData</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteData</command:parameterValue> <command:parameterValue required="false" variableLength="false">AppendData</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadEa</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteEa</command:parameterValue> <command:parameterValue required="false" variableLength="false">Execute</command:parameterValue> <command:parameterValue required="false" variableLength="false">DeleteChild</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadAttributes</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteAttributes</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: AllowPartialAccess --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>AllowPartialAccess</maml:name> <maml:description> <maml:para>If AccessRights specified require that only part of the access rights are required to match an access check.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: AllowEmptyAccess --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>AllowEmptyAccess</maml:name> <maml:description> <maml:para>If set an access entry will be generated even if granted access is 0.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ProcessIds --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ProcessIds</maml:name> <maml:description> <maml:para>Specify a list of process IDs to open for their tokens.</maml:para> </maml:description> <command:parameterValue required="true">int[]</command:parameterValue> <dev:type> <maml:name>System.Int32[]</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: ProcessNames --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ProcessNames</maml:name> <maml:description> <maml:para>Specify a list of process names to open for their tokens.</maml:para> </maml:description> <command:parameterValue required="true">string[]</command:parameterValue> <dev:type> <maml:name>System.String[]</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: ProcessCommandLines --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ProcessCommandLines</maml:name> <maml:description> <maml:para>Specify a list of command lines to filter on find for the process tokens.</maml:para> </maml:description> <command:parameterValue required="true">string[]</command:parameterValue> <dev:type> <maml:name>System.String[]</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Tokens --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Tokens</maml:name> <maml:description> <maml:para>Specify a list token objects.</maml:para> </maml:description> <command:parameterValue required="true">NtToken[]</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtToken[]</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Processes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Processes</maml:name> <maml:description> <maml:para>Specify a list of process objects to get tokens from.</maml:para> </maml:description> <command:parameterValue required="true">NtProcess[]</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtProcess[]</maml:name> <maml:uri /> </dev:type> </command:parameter> </command:parameters> <command:inputTypes> <command:inputType> <dev:type> <maml:name>System.String[]</maml:name> <maml:uri /> </dev:type> <maml:description> <maml:para>Specify a list of native paths to check. Can refer to object directories to search for device objects or explicit paths.</maml:para> </maml:description> </command:inputType> </command:inputTypes> <command:returnValues> <!-- OutputType: AccessCheckResult --> <command:returnValue> <dev:type> <maml:name>NtObjectManager.AccessCheckResult</maml:name> <maml:uri /> </dev:type> <maml:description> <maml:para>General Access check result.</maml:para> </maml:description> </command:returnValue> </command:returnValues> <command:examples> <command:example> <maml:title>---------- EXAMPLE 1 ----------</maml:title> <dev:code>Get-AccessibleDevice \Device</dev:code> <dev:remarks> <maml:para>Check accessible devices under \Device for the current process token.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 2 ----------</maml:title> <dev:code>Get-AccessibleDevice \Device -AccessRights GenericWrite</dev:code> <dev:remarks> <maml:para>Check write accessible devices under \Device for the current process token.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 3 ----------</maml:title> <dev:code>Get-AccessibleDevice \Device -ProcessIds 1234,5678</dev:code> <dev:remarks> <maml:para>Check accessible devices under \Device for the process tokens of PIDs 1234 and 5678</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 4 ----------</maml:title> <dev:code>Get-AccessibleDevice \Device -CheckMode DeviceAndNamespace</dev:code> <dev:remarks> <maml:para>Check accessible devices under \Device for the current process token including ones under a namespace.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 5 ----------</maml:title> <dev:code>Get-AccessibleDevice \ -Recurse</dev:code> <dev:remarks> <maml:para>Check recursively for accessible devices under \ for the current process token.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 6 ----------</maml:title> <dev:code>Get-AccessibleDevice \ -Recurse -MaxDepth 5</dev:code> <dev:remarks> <maml:para>Check recursively for accessible objects under \BaseNamedObjects for the current process token to a maximum depth of 5.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 7 ----------</maml:title> <dev:code>Get-AccessibleDevice \Device\Afd,\Device\Blah</dev:code> <dev:remarks> <maml:para>Check two devices for the current process token.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 8 ----------</maml:title> <dev:code>Get-AccessibleDevice \ -Recurse -AccessRights GenericWrite</dev:code> <dev:remarks> <maml:para>Check recursively for accessible devices under with write access.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 9 ----------</maml:title> <dev:code>Get-AccessibleDevice \ -Recurse -AccessRights GenericWrite -AllowPartialAccess</dev:code> <dev:remarks> <maml:para>Check recursively for accessible devices with partial write access.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 10 ----------</maml:title> <dev:code>$token = Get-NtToken -Primary -Duplicate -IntegrityLevel Low Get-AccessibleDevice \Device -Recurse -Tokens $token -AccessRights GenericWrite</dev:code> <dev:remarks> <maml:para>Get all devices which can be written to in \Device by a low integrity copy of current token.</maml:para> </dev:remarks> </command:example> </command:examples> </command:command> <!-- Cmdlet: Get-AccessibleFile --> <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"> <command:details> <command:name>Get-AccessibleFile</command:name> <command:verb>Get</command:verb> <command:noun>AccessibleFile</command:noun> <maml:description> <maml:para>Get a list of files that can be opened by a specified token.</maml:para> </maml:description> </command:details> <maml:description> <maml:para>This cmdlet checks a file or directory and tries to determine if one or more specified tokens can open them. If no tokens are specified the current process token is used.</maml:para> </maml:description> <command:syntax> <!-- Parameter set: path --> <command:syntaxItem> <maml:name>Get-AccessibleFile</maml:name> <!-- Parameter: Path --> <command:parameter required="false" globbing="false" pipelineInput="true (ByValue)" position="0"> <maml:name>Path</maml:name> <maml:description> <maml:para>Specify a list of native paths to check.</maml:para> </maml:description> <command:parameterValue required="true">string[]</command:parameterValue> <dev:type> <maml:name>System.String[]</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: AccessRights --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>AccessRights</maml:name> <maml:description> <maml:para>Access rights to check for in an object's access.</maml:para> <maml:para>Possible values: None, ReadData, WriteData, AppendData, ReadEa, WriteEa, Execute, DeleteChild, ReadAttributes, WriteAttributes, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">FileAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.FileAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadData</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteData</command:parameterValue> <command:parameterValue required="false" variableLength="false">AppendData</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadEa</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteEa</command:parameterValue> <command:parameterValue required="false" variableLength="false">Execute</command:parameterValue> <command:parameterValue required="false" variableLength="false">DeleteChild</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadAttributes</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteAttributes</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: AllowEmptyAccess --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>AllowEmptyAccess</maml:name> <maml:description> <maml:para>If set an access entry will be generated even if granted access is 0.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: AllowPartialAccess --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>AllowPartialAccess</maml:name> <maml:description> <maml:para>If AccessRights specified require that only part of the access rights are required to match an access check.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: CheckMode --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CheckMode</maml:name> <maml:description> <maml:para>Limit access check to specific types of files.</maml:para> <maml:para>Possible values: All, FilesOnly, DirectoriesOnly</maml:para> </maml:description> <command:parameterValue required="true">FileCheckMode</command:parameterValue> <dev:type> <maml:name>NtObjectManager.FileCheckMode</maml:name> <maml:uri /> <maml:description> <maml:para>Limit access check to specific types of files.</maml:para> </maml:description> </dev:type> <dev:defaultValue>All</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">All</command:parameterValue> <command:parameterValue required="false" variableLength="false">FilesOnly</command:parameterValue> <command:parameterValue required="false" variableLength="false">DirectoriesOnly</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: DirectoryAccessRights --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>DirectoryAccessRights</maml:name> <maml:description> <maml:para>Specify a set of directory access rights which a directory must at least be accessible for to count as an access.</maml:para> <maml:para>Possible values: None, ListDirectory, AddFile, AddSubDirectory, ReadEa, WriteEa, Traverse, DeleteChild, ReadAttributes, WriteAttributes, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">FileDirectoryAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.FileDirectoryAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ListDirectory</command:parameterValue> <command:parameterValue required="false" variableLength="false">AddFile</command:parameterValue> <command:parameterValue required="false" variableLength="false">AddSubDirectory</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadEa</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteEa</command:parameterValue> <command:parameterValue required="false" variableLength="false">Traverse</command:parameterValue> <command:parameterValue required="false" variableLength="false">DeleteChild</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadAttributes</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteAttributes</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: FormatWin32Path --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>FormatWin32Path</maml:name> <maml:description> <maml:para>When generating the results format path in Win32 format.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: MaxDepth --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>MaxDepth</maml:name> <maml:description> <maml:para>When recursing specify maximum depth.</maml:para> </maml:description> <command:parameterValue required="true">int</command:parameterValue> <dev:type> <maml:name>System.Int32</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: ProcessCommandLines --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ProcessCommandLines</maml:name> <maml:description> <maml:para>Specify a list of command lines to filter on find for the process tokens.</maml:para> </maml:description> <command:parameterValue required="true">string[]</command:parameterValue> <dev:type> <maml:name>System.String[]</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Processes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Processes</maml:name> <maml:description> <maml:para>Specify a list of process objects to get tokens from.</maml:para> </maml:description> <command:parameterValue required="true">NtProcess[]</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtProcess[]</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: ProcessIds --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ProcessIds</maml:name> <maml:description> <maml:para>Specify a list of process IDs to open for their tokens.</maml:para> </maml:description> <command:parameterValue required="true">int[]</command:parameterValue> <dev:type> <maml:name>System.Int32[]</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: ProcessNames --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ProcessNames</maml:name> <maml:description> <maml:para>Specify a list of process names to open for their tokens.</maml:para> </maml:description> <command:parameterValue required="true">string[]</command:parameterValue> <dev:type> <maml:name>System.String[]</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Recurse --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Recurse</maml:name> <maml:description> <maml:para>Specify whether to recursively check the path for access.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: Tokens --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Tokens</maml:name> <maml:description> <maml:para>Specify a list token objects.</maml:para> </maml:description> <command:parameterValue required="true">NtToken[]</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtToken[]</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Win32Path --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Win32Path</maml:name> <maml:description> <maml:para>Specify a list of paths in a Win32 format.</maml:para> </maml:description> <command:parameterValue required="true">string[]</command:parameterValue> <dev:type> <maml:name>System.String[]</maml:name> <maml:uri /> </dev:type> </command:parameter> </command:syntaxItem> </command:syntax> <command:parameters> <!-- Parameter: DirectoryAccessRights --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>DirectoryAccessRights</maml:name> <maml:description> <maml:para>Specify a set of directory access rights which a directory must at least be accessible for to count as an access.</maml:para> <maml:para>Possible values: None, ListDirectory, AddFile, AddSubDirectory, ReadEa, WriteEa, Traverse, DeleteChild, ReadAttributes, WriteAttributes, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">FileDirectoryAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.FileDirectoryAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ListDirectory</command:parameterValue> <command:parameterValue required="false" variableLength="false">AddFile</command:parameterValue> <command:parameterValue required="false" variableLength="false">AddSubDirectory</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadEa</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteEa</command:parameterValue> <command:parameterValue required="false" variableLength="false">Traverse</command:parameterValue> <command:parameterValue required="false" variableLength="false">DeleteChild</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadAttributes</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteAttributes</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: CheckMode --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CheckMode</maml:name> <maml:description> <maml:para>Limit access check to specific types of files.</maml:para> <maml:para>Possible values: All, FilesOnly, DirectoriesOnly</maml:para> </maml:description> <command:parameterValue required="true">FileCheckMode</command:parameterValue> <dev:type> <maml:name>NtObjectManager.FileCheckMode</maml:name> <maml:uri /> <maml:description> <maml:para>Limit access check to specific types of files.</maml:para> </maml:description> </dev:type> <dev:defaultValue>All</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">All</command:parameterValue> <command:parameterValue required="false" variableLength="false">FilesOnly</command:parameterValue> <command:parameterValue required="false" variableLength="false">DirectoriesOnly</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Path --> <command:parameter required="false" globbing="false" pipelineInput="true (ByValue)" position="0"> <maml:name>Path</maml:name> <maml:description> <maml:para>Specify a list of native paths to check.</maml:para> </maml:description> <command:parameterValue required="true">string[]</command:parameterValue> <dev:type> <maml:name>System.String[]</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Win32Path --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Win32Path</maml:name> <maml:description> <maml:para>Specify a list of paths in a Win32 format.</maml:para> </maml:description> <command:parameterValue required="true">string[]</command:parameterValue> <dev:type> <maml:name>System.String[]</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: FormatWin32Path --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>FormatWin32Path</maml:name> <maml:description> <maml:para>When generating the results format path in Win32 format.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: Recurse --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Recurse</maml:name> <maml:description> <maml:para>Specify whether to recursively check the path for access.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: MaxDepth --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>MaxDepth</maml:name> <maml:description> <maml:para>When recursing specify maximum depth.</maml:para> </maml:description> <command:parameterValue required="true">int</command:parameterValue> <dev:type> <maml:name>System.Int32</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: AccessRights --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>AccessRights</maml:name> <maml:description> <maml:para>Access rights to check for in an object's access.</maml:para> <maml:para>Possible values: None, ReadData, WriteData, AppendData, ReadEa, WriteEa, Execute, DeleteChild, ReadAttributes, WriteAttributes, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">FileAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.FileAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadData</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteData</command:parameterValue> <command:parameterValue required="false" variableLength="false">AppendData</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadEa</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteEa</command:parameterValue> <command:parameterValue required="false" variableLength="false">Execute</command:parameterValue> <command:parameterValue required="false" variableLength="false">DeleteChild</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadAttributes</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteAttributes</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: AllowPartialAccess --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>AllowPartialAccess</maml:name> <maml:description> <maml:para>If AccessRights specified require that only part of the access rights are required to match an access check.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: AllowEmptyAccess --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>AllowEmptyAccess</maml:name> <maml:description> <maml:para>If set an access entry will be generated even if granted access is 0.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ProcessIds --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ProcessIds</maml:name> <maml:description> <maml:para>Specify a list of process IDs to open for their tokens.</maml:para> </maml:description> <command:parameterValue required="true">int[]</command:parameterValue> <dev:type> <maml:name>System.Int32[]</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: ProcessNames --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ProcessNames</maml:name> <maml:description> <maml:para>Specify a list of process names to open for their tokens.</maml:para> </maml:description> <command:parameterValue required="true">string[]</command:parameterValue> <dev:type> <maml:name>System.String[]</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: ProcessCommandLines --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ProcessCommandLines</maml:name> <maml:description> <maml:para>Specify a list of command lines to filter on find for the process tokens.</maml:para> </maml:description> <command:parameterValue required="true">string[]</command:parameterValue> <dev:type> <maml:name>System.String[]</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Tokens --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Tokens</maml:name> <maml:description> <maml:para>Specify a list token objects.</maml:para> </maml:description> <command:parameterValue required="true">NtToken[]</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtToken[]</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Processes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Processes</maml:name> <maml:description> <maml:para>Specify a list of process objects to get tokens from.</maml:para> </maml:description> <command:parameterValue required="true">NtProcess[]</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtProcess[]</maml:name> <maml:uri /> </dev:type> </command:parameter> </command:parameters> <command:inputTypes> <command:inputType> <dev:type> <maml:name>System.String[]</maml:name> <maml:uri /> </dev:type> <maml:description> <maml:para>Specify a list of native paths to check.</maml:para> </maml:description> </command:inputType> </command:inputTypes> <command:returnValues> <!-- OutputType: AccessCheckResult --> <command:returnValue> <dev:type> <maml:name>NtObjectManager.AccessCheckResult</maml:name> <maml:uri /> </dev:type> <maml:description> <maml:para>General Access check result.</maml:para> </maml:description> </command:returnValue> </command:returnValues> <command:examples> <command:example> <maml:title>---------- EXAMPLE 1 ----------</maml:title> <dev:code>Get-AccessibleFile \??\C:\Windows</dev:code> <dev:remarks> <maml:para>Check accessible file c:\Windows for the current process token.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 2 ----------</maml:title> <dev:code>Get-AccessibleFile \??\C:\Windows -ProcessIds 1234,5678</dev:code> <dev:remarks> <maml:para>Check accessible file c:\Windows for the process tokens of PIDs 1234 and 5678</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 3 ----------</maml:title> <dev:code>Get-AccessibleFile \??\C:\Windows -Recurse</dev:code> <dev:remarks> <maml:para>Check recursively for check accessible files under c:\Windows for the current process token.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 4 ----------</maml:title> <dev:code>Get-AccessibleFile -Win32Path C:\Windows -Recurse</dev:code> <dev:remarks> <maml:para>Check recursively for check accessible files under c:\Windows for the current process token using a Win32 path.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 5 ----------</maml:title> <dev:code>Get-AccessibleFile -Win32Path C:\Windows -Recurse -MaxDepth 2</dev:code> <dev:remarks> <maml:para>Check recursively for check accessible files under c:\Windows for the current process token using a Win32 path with a max depth of 2.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 6 ----------</maml:title> <dev:code>$token = Get-NtToken -Primary -Duplicate -IntegrityLevel Low Get-AccessibleFile \??\C:\Windows -Recurse -Tokens $token -AccessRights GenericWrite</dev:code> <dev:remarks> <maml:para>Get all files with can be written to \??\C:\Windows by a low integrity copy of current token.</maml:para> </dev:remarks> </command:example> </command:examples> </command:command> <!-- Cmdlet: Get-AccessibleHandle --> <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"> <command:details> <command:name>Get-AccessibleHandle</command:name> <command:verb>Get</command:verb> <command:noun>AccessibleHandle</command:noun> <maml:description> <maml:para>Get a list of accessible handles from a specified token.</maml:para> </maml:description> </command:details> <maml:description> <maml:para>This cmdlet enumerates all handles accessible from a specific token and checks and determines what the maximum access rights are for that handle.</maml:para> </maml:description> <command:syntax> <!-- Parameter set: __AllParameterSets --> <command:syntaxItem> <maml:name>Get-AccessibleHandle</maml:name> <!-- Parameter: ProcessCommandLines --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ProcessCommandLines</maml:name> <maml:description> <maml:para>Specify a list of command lines to filter on find for the process tokens.</maml:para> </maml:description> <command:parameterValue required="true">string[]</command:parameterValue> <dev:type> <maml:name>System.String[]</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Processes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Processes</maml:name> <maml:description> <maml:para>Specify a list of process objects to get tokens from.</maml:para> </maml:description> <command:parameterValue required="true">NtProcess[]</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtProcess[]</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: ProcessIds --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ProcessIds</maml:name> <maml:description> <maml:para>Specify a list of process IDs to open for their tokens.</maml:para> </maml:description> <command:parameterValue required="true">int[]</command:parameterValue> <dev:type> <maml:name>System.Int32[]</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: ProcessNames --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ProcessNames</maml:name> <maml:description> <maml:para>Specify a list of process names to open for their tokens.</maml:para> </maml:description> <command:parameterValue required="true">string[]</command:parameterValue> <dev:type> <maml:name>System.String[]</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: QueryAllDevicePaths --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>QueryAllDevicePaths</maml:name> <maml:description> <maml:para>Specify to query all file device paths. Doing this might cause the cmdlet to hang.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: Tokens --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Tokens</maml:name> <maml:description> <maml:para>Specify a list token objects.</maml:para> </maml:description> <command:parameterValue required="true">NtToken[]</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtToken[]</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: TypeFilter --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>TypeFilter</maml:name> <maml:description> <maml:para>Specify list of NT object types to filter on.</maml:para> </maml:description> <command:parameterValue required="true">string[]</command:parameterValue> <dev:type> <maml:name>System.String[]</maml:name> <maml:uri /> </dev:type> </command:parameter> </command:syntaxItem> </command:syntax> <command:parameters> <!-- Parameter: TypeFilter --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>TypeFilter</maml:name> <maml:description> <maml:para>Specify list of NT object types to filter on.</maml:para> </maml:description> <command:parameterValue required="true">string[]</command:parameterValue> <dev:type> <maml:name>System.String[]</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: QueryAllDevicePaths --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>QueryAllDevicePaths</maml:name> <maml:description> <maml:para>Specify to query all file device paths. Doing this might cause the cmdlet to hang.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ProcessIds --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ProcessIds</maml:name> <maml:description> <maml:para>Specify a list of process IDs to open for their tokens.</maml:para> </maml:description> <command:parameterValue required="true">int[]</command:parameterValue> <dev:type> <maml:name>System.Int32[]</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: ProcessNames --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ProcessNames</maml:name> <maml:description> <maml:para>Specify a list of process names to open for their tokens.</maml:para> </maml:description> <command:parameterValue required="true">string[]</command:parameterValue> <dev:type> <maml:name>System.String[]</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: ProcessCommandLines --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ProcessCommandLines</maml:name> <maml:description> <maml:para>Specify a list of command lines to filter on find for the process tokens.</maml:para> </maml:description> <command:parameterValue required="true">string[]</command:parameterValue> <dev:type> <maml:name>System.String[]</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Tokens --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Tokens</maml:name> <maml:description> <maml:para>Specify a list token objects.</maml:para> </maml:description> <command:parameterValue required="true">NtToken[]</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtToken[]</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Processes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Processes</maml:name> <maml:description> <maml:para>Specify a list of process objects to get tokens from.</maml:para> </maml:description> <command:parameterValue required="true">NtProcess[]</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtProcess[]</maml:name> <maml:uri /> </dev:type> </command:parameter> </command:parameters> <command:inputTypes /> <command:returnValues> <!-- OutputType: HandleAccessCheckResult --> <command:returnValue> <dev:type> <maml:name>NtObjectManager.HandleAccessCheckResult</maml:name> <maml:uri /> </dev:type> <maml:description> <maml:para>Access check result for a handle.</maml:para> </maml:description> </command:returnValue> </command:returnValues> <command:examples> <command:example> <maml:title>---------- EXAMPLE 1 ----------</maml:title> <dev:code>Get-AccessibleHandle</dev:code> <dev:remarks> <maml:para>Check all accessible handles for the current process token.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 2 ----------</maml:title> <dev:code>Get-AccessibleHandle -TypeFilter Key</dev:code> <dev:remarks> <maml:para>Check all accessible key handles for the current process token.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 3 ----------</maml:title> <dev:code>Get-AccessibleHandle -ProcessIds 1234,5678</dev:code> <dev:remarks> <maml:para>>Check all accessible handles for the process tokens of PIDs 1234 and 5678</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 4 ----------</maml:title> <dev:code>Get-AccessibleHandle | Where-Object DifferentAccess</dev:code> <dev:remarks> <maml:para>Check all accessible handles for the current process token where the access differs from what the access would be if you reopened the resource</maml:para> </dev:remarks> </command:example> </command:examples> </command:command> <!-- Cmdlet: Get-AccessibleKey --> <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"> <command:details> <command:name>Get-AccessibleKey</command:name> <command:verb>Get</command:verb> <command:noun>AccessibleKey</command:noun> <maml:description> <maml:para>Get a list of Registry Keys that can be opened by a specified token.</maml:para> </maml:description> </command:details> <maml:description> <maml:para>This cmdlet checks a registry key and tries to determine if one or more specified tokens can open them. If no tokens are specified the current process token is used.</maml:para> </maml:description> <command:syntax> <!-- Parameter set: path --> <command:syntaxItem> <maml:name>Get-AccessibleKey</maml:name> <!-- Parameter: Path --> <command:parameter required="false" globbing="false" pipelineInput="true (ByValue)" position="0"> <maml:name>Path</maml:name> <maml:description> <maml:para>Specify a list of native paths to check.</maml:para> </maml:description> <command:parameterValue required="true">string[]</command:parameterValue> <dev:type> <maml:name>System.String[]</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: AccessRights --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>AccessRights</maml:name> <maml:description> <maml:para>Access rights to check for in an object's access.</maml:para> <maml:para>Possible values: QueryValue, SetValue, CreateSubKey, EnumerateSubKeys, Notify, CreateLink, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">KeyAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.KeyAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>0</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">QueryValue</command:parameterValue> <command:parameterValue required="false" variableLength="false">SetValue</command:parameterValue> <command:parameterValue required="false" variableLength="false">CreateSubKey</command:parameterValue> <command:parameterValue required="false" variableLength="false">EnumerateSubKeys</command:parameterValue> <command:parameterValue required="false" variableLength="false">Notify</command:parameterValue> <command:parameterValue required="false" variableLength="false">CreateLink</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: AllowEmptyAccess --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>AllowEmptyAccess</maml:name> <maml:description> <maml:para>If set an access entry will be generated even if granted access is 0.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: AllowPartialAccess --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>AllowPartialAccess</maml:name> <maml:description> <maml:para>If AccessRights specified require that only part of the access rights are required to match an access check.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: FormatWin32Path --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>FormatWin32Path</maml:name> <maml:description> <maml:para>When generating the results format path in Win32 format.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: MaxDepth --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>MaxDepth</maml:name> <maml:description> <maml:para>When recursing specify maximum depth.</maml:para> </maml:description> <command:parameterValue required="true">int</command:parameterValue> <dev:type> <maml:name>System.Int32</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: ProcessCommandLines --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ProcessCommandLines</maml:name> <maml:description> <maml:para>Specify a list of command lines to filter on find for the process tokens.</maml:para> </maml:description> <command:parameterValue required="true">string[]</command:parameterValue> <dev:type> <maml:name>System.String[]</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Processes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Processes</maml:name> <maml:description> <maml:para>Specify a list of process objects to get tokens from.</maml:para> </maml:description> <command:parameterValue required="true">NtProcess[]</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtProcess[]</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: ProcessIds --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ProcessIds</maml:name> <maml:description> <maml:para>Specify a list of process IDs to open for their tokens.</maml:para> </maml:description> <command:parameterValue required="true">int[]</command:parameterValue> <dev:type> <maml:name>System.Int32[]</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: ProcessNames --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ProcessNames</maml:name> <maml:description> <maml:para>Specify a list of process names to open for their tokens.</maml:para> </maml:description> <command:parameterValue required="true">string[]</command:parameterValue> <dev:type> <maml:name>System.String[]</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Recurse --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Recurse</maml:name> <maml:description> <maml:para>Specify whether to recursively check the path for access.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: Tokens --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Tokens</maml:name> <maml:description> <maml:para>Specify a list token objects.</maml:para> </maml:description> <command:parameterValue required="true">NtToken[]</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtToken[]</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Win32Path --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Win32Path</maml:name> <maml:description> <maml:para>Specify a list of paths in a Win32 format.</maml:para> </maml:description> <command:parameterValue required="true">string[]</command:parameterValue> <dev:type> <maml:name>System.String[]</maml:name> <maml:uri /> </dev:type> </command:parameter> </command:syntaxItem> </command:syntax> <command:parameters> <!-- Parameter: Path --> <command:parameter required="false" globbing="false" pipelineInput="true (ByValue)" position="0"> <maml:name>Path</maml:name> <maml:description> <maml:para>Specify a list of native paths to check.</maml:para> </maml:description> <command:parameterValue required="true">string[]</command:parameterValue> <dev:type> <maml:name>System.String[]</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Win32Path --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Win32Path</maml:name> <maml:description> <maml:para>Specify a list of paths in a Win32 format.</maml:para> </maml:description> <command:parameterValue required="true">string[]</command:parameterValue> <dev:type> <maml:name>System.String[]</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: FormatWin32Path --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>FormatWin32Path</maml:name> <maml:description> <maml:para>When generating the results format path in Win32 format.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: Recurse --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Recurse</maml:name> <maml:description> <maml:para>Specify whether to recursively check the path for access.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: MaxDepth --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>MaxDepth</maml:name> <maml:description> <maml:para>When recursing specify maximum depth.</maml:para> </maml:description> <command:parameterValue required="true">int</command:parameterValue> <dev:type> <maml:name>System.Int32</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: AccessRights --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>AccessRights</maml:name> <maml:description> <maml:para>Access rights to check for in an object's access.</maml:para> <maml:para>Possible values: QueryValue, SetValue, CreateSubKey, EnumerateSubKeys, Notify, CreateLink, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">KeyAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.KeyAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>0</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">QueryValue</command:parameterValue> <command:parameterValue required="false" variableLength="false">SetValue</command:parameterValue> <command:parameterValue required="false" variableLength="false">CreateSubKey</command:parameterValue> <command:parameterValue required="false" variableLength="false">EnumerateSubKeys</command:parameterValue> <command:parameterValue required="false" variableLength="false">Notify</command:parameterValue> <command:parameterValue required="false" variableLength="false">CreateLink</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: AllowPartialAccess --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>AllowPartialAccess</maml:name> <maml:description> <maml:para>If AccessRights specified require that only part of the access rights are required to match an access check.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: AllowEmptyAccess --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>AllowEmptyAccess</maml:name> <maml:description> <maml:para>If set an access entry will be generated even if granted access is 0.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ProcessIds --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ProcessIds</maml:name> <maml:description> <maml:para>Specify a list of process IDs to open for their tokens.</maml:para> </maml:description> <command:parameterValue required="true">int[]</command:parameterValue> <dev:type> <maml:name>System.Int32[]</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: ProcessNames --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ProcessNames</maml:name> <maml:description> <maml:para>Specify a list of process names to open for their tokens.</maml:para> </maml:description> <command:parameterValue required="true">string[]</command:parameterValue> <dev:type> <maml:name>System.String[]</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: ProcessCommandLines --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ProcessCommandLines</maml:name> <maml:description> <maml:para>Specify a list of command lines to filter on find for the process tokens.</maml:para> </maml:description> <command:parameterValue required="true">string[]</command:parameterValue> <dev:type> <maml:name>System.String[]</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Tokens --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Tokens</maml:name> <maml:description> <maml:para>Specify a list token objects.</maml:para> </maml:description> <command:parameterValue required="true">NtToken[]</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtToken[]</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Processes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Processes</maml:name> <maml:description> <maml:para>Specify a list of process objects to get tokens from.</maml:para> </maml:description> <command:parameterValue required="true">NtProcess[]</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtProcess[]</maml:name> <maml:uri /> </dev:type> </command:parameter> </command:parameters> <command:inputTypes> <command:inputType> <dev:type> <maml:name>System.String[]</maml:name> <maml:uri /> </dev:type> <maml:description> <maml:para>Specify a list of native paths to check.</maml:para> </maml:description> </command:inputType> </command:inputTypes> <command:returnValues> <!-- OutputType: AccessCheckResult --> <command:returnValue> <dev:type> <maml:name>NtObjectManager.AccessCheckResult</maml:name> <maml:uri /> </dev:type> <maml:description> <maml:para>General Access check result.</maml:para> </maml:description> </command:returnValue> </command:returnValues> <command:examples> <command:example> <maml:title>---------- EXAMPLE 1 ----------</maml:title> <dev:code>Get-AccessibleKey \Registry\Machine\Software</dev:code> <dev:remarks> <maml:para>Check accessible keys \Registry\Machine\Software for the current process token.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 2 ----------</maml:title> <dev:code>Get-AccessibleKey \Registry\Machine\Software -ProcessIds 1234,5678</dev:code> <dev:remarks> <maml:para>Check accessible keys \Registry\Machine\Software for the process tokens of PIDs 1234 and 5678</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 3 ----------</maml:title> <dev:code>Get-AccessibleKey \Registry\Machine\Software -Recurse</dev:code> <dev:remarks> <maml:para>Check recursively for accessible keys \Registry\Machine\Software for the current process token.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 4 ----------</maml:title> <dev:code>Get-AccessibleKey \Registry\Machine\Software -Recurse -MaxDepth 5</dev:code> <dev:remarks> <maml:para>Check recursively for accessible keys \Registry\Machine\Software for the current process token to a maximum depth of 5.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 5 ----------</maml:title> <dev:code>Get-AccessibleKey -Win32Path HKLM\Software -Recurse</dev:code> <dev:remarks> <maml:para>Check recursively for accessible keys NT path HKEY_LOCAL_MACHINE for the current process token using a Win32 path.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 6 ----------</maml:title> <dev:code>$token = Get-NtToken -Primary -Duplicate -IntegrityLevel Low Get-AccessibleKey -Win32Path HKCU -Recurse -Tokens $token -AccessRights GenericWrite</dev:code> <dev:remarks> <maml:para>Get all keys with can be written to in HKEY_CURRENT_USER by a low integrity copy of current token.</maml:para> </dev:remarks> </command:example> </command:examples> </command:command> <!-- Cmdlet: Get-AccessibleNamedPipe --> <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"> <command:details> <command:name>Get-AccessibleNamedPipe</command:name> <command:verb>Get</command:verb> <command:noun>AccessibleNamedPipe</command:noun> <maml:description> <maml:para>Get a list of named pipes that can be opened by a specified token.</maml:para> </maml:description> </command:details> <maml:description> <maml:para>This cmdlet checks for named pipes and tries to determine if one or more specified tokens can open them. If no tokens are specified the current process token is used.</maml:para> </maml:description> <command:syntax> <!-- Parameter set: __AllParameterSets --> <command:syntaxItem> <maml:name>Get-AccessibleNamedPipe</maml:name> <!-- Parameter: AccessRights --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>AccessRights</maml:name> <maml:description> <maml:para>Access rights to check for in an object's access.</maml:para> <maml:para>Possible values: None, ReadData, WriteData, AppendData, ReadEa, WriteEa, Execute, DeleteChild, ReadAttributes, WriteAttributes, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">FileAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.FileAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadData</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteData</command:parameterValue> <command:parameterValue required="false" variableLength="false">AppendData</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadEa</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteEa</command:parameterValue> <command:parameterValue required="false" variableLength="false">Execute</command:parameterValue> <command:parameterValue required="false" variableLength="false">DeleteChild</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadAttributes</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteAttributes</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: AllowEmptyAccess --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>AllowEmptyAccess</maml:name> <maml:description> <maml:para>If set an access entry will be generated even if granted access is 0.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: AllowPartialAccess --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>AllowPartialAccess</maml:name> <maml:description> <maml:para>If AccessRights specified require that only part of the access rights are required to match an access check.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: FormatWin32Path --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>FormatWin32Path</maml:name> <maml:description> <maml:para>When generating the results format path in Win32 format.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: OpenServer --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>OpenServer</maml:name> <maml:description> <maml:para>Try and open the server end rather than the client end of the pipe.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ProcessCommandLines --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ProcessCommandLines</maml:name> <maml:description> <maml:para>Specify a list of command lines to filter on find for the process tokens.</maml:para> </maml:description> <command:parameterValue required="true">string[]</command:parameterValue> <dev:type> <maml:name>System.String[]</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Processes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Processes</maml:name> <maml:description> <maml:para>Specify a list of process objects to get tokens from.</maml:para> </maml:description> <command:parameterValue required="true">NtProcess[]</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtProcess[]</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: ProcessIds --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ProcessIds</maml:name> <maml:description> <maml:para>Specify a list of process IDs to open for their tokens.</maml:para> </maml:description> <command:parameterValue required="true">int[]</command:parameterValue> <dev:type> <maml:name>System.Int32[]</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: ProcessNames --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ProcessNames</maml:name> <maml:description> <maml:para>Specify a list of process names to open for their tokens.</maml:para> </maml:description> <command:parameterValue required="true">string[]</command:parameterValue> <dev:type> <maml:name>System.String[]</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Tokens --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Tokens</maml:name> <maml:description> <maml:para>Specify a list token objects.</maml:para> </maml:description> <command:parameterValue required="true">NtToken[]</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtToken[]</maml:name> <maml:uri /> </dev:type> </command:parameter> </command:syntaxItem> </command:syntax> <command:parameters> <!-- Parameter: FormatWin32Path --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>FormatWin32Path</maml:name> <maml:description> <maml:para>When generating the results format path in Win32 format.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: OpenServer --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>OpenServer</maml:name> <maml:description> <maml:para>Try and open the server end rather than the client end of the pipe.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: AccessRights --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>AccessRights</maml:name> <maml:description> <maml:para>Access rights to check for in an object's access.</maml:para> <maml:para>Possible values: None, ReadData, WriteData, AppendData, ReadEa, WriteEa, Execute, DeleteChild, ReadAttributes, WriteAttributes, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">FileAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.FileAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadData</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteData</command:parameterValue> <command:parameterValue required="false" variableLength="false">AppendData</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadEa</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteEa</command:parameterValue> <command:parameterValue required="false" variableLength="false">Execute</command:parameterValue> <command:parameterValue required="false" variableLength="false">DeleteChild</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadAttributes</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteAttributes</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: AllowPartialAccess --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>AllowPartialAccess</maml:name> <maml:description> <maml:para>If AccessRights specified require that only part of the access rights are required to match an access check.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: AllowEmptyAccess --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>AllowEmptyAccess</maml:name> <maml:description> <maml:para>If set an access entry will be generated even if granted access is 0.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ProcessIds --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ProcessIds</maml:name> <maml:description> <maml:para>Specify a list of process IDs to open for their tokens.</maml:para> </maml:description> <command:parameterValue required="true">int[]</command:parameterValue> <dev:type> <maml:name>System.Int32[]</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: ProcessNames --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ProcessNames</maml:name> <maml:description> <maml:para>Specify a list of process names to open for their tokens.</maml:para> </maml:description> <command:parameterValue required="true">string[]</command:parameterValue> <dev:type> <maml:name>System.String[]</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: ProcessCommandLines --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ProcessCommandLines</maml:name> <maml:description> <maml:para>Specify a list of command lines to filter on find for the process tokens.</maml:para> </maml:description> <command:parameterValue required="true">string[]</command:parameterValue> <dev:type> <maml:name>System.String[]</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Tokens --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Tokens</maml:name> <maml:description> <maml:para>Specify a list token objects.</maml:para> </maml:description> <command:parameterValue required="true">NtToken[]</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtToken[]</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Processes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Processes</maml:name> <maml:description> <maml:para>Specify a list of process objects to get tokens from.</maml:para> </maml:description> <command:parameterValue required="true">NtProcess[]</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtProcess[]</maml:name> <maml:uri /> </dev:type> </command:parameter> </command:parameters> <command:inputTypes /> <command:returnValues> <!-- OutputType: AccessCheckResult --> <command:returnValue> <dev:type> <maml:name>NtObjectManager.AccessCheckResult</maml:name> <maml:uri /> </dev:type> <maml:description> <maml:para>General Access check result.</maml:para> </maml:description> </command:returnValue> </command:returnValues> <command:examples> <command:example> <maml:title>---------- EXAMPLE 1 ----------</maml:title> <dev:code>Get-AccessibleNamedPipe</dev:code> <dev:remarks> <maml:para>Check accessible named pipes for the current process token.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 2 ----------</maml:title> <dev:code>Get-AccessibleNamedPipe -OpenServer</dev:code> <dev:remarks> <maml:para>Check accessible named pipes server end points which can be opened for the current process token.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 3 ----------</maml:title> <dev:code>Get-AccessibleNamedPipe -ProcessIds 1234,5678</dev:code> <dev:remarks> <maml:para>Check accessible named pipes for the process tokens of PIDs 1234 and 5678</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 4 ----------</maml:title> <dev:code>$token = Get-NtToken -Primary -Duplicate -IntegrityLevel Low Get-AccessibleNamedPipes -Tokens $token -AccessRights GenericWrite</dev:code> <dev:remarks> <maml:para>Get all named pipes with can be written to by a low integrity copy of current token.</maml:para> </dev:remarks> </command:example> </command:examples> </command:command> <!-- Cmdlet: Get-AccessibleObject --> <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"> <command:details> <command:name>Get-AccessibleObject</command:name> <command:verb>Get</command:verb> <command:noun>AccessibleObject</command:noun> <maml:description> <maml:para>Get a list of NT objects that can be opened by a specified token.</maml:para> </maml:description> </command:details> <maml:description> <maml:para>This cmdlet checks a NT object key and optionally tries to determine if one or more specified tokens can open them. If no tokens are specified the current process token is used.</maml:para> </maml:description> <command:syntax> <!-- Parameter set: handles --> <command:syntaxItem> <maml:name>Get-AccessibleObject</maml:name> <!-- Parameter: FromHandles --> <command:parameter required="true" globbing="false" pipelineInput="false" position="named"> <maml:name>FromHandles</maml:name> <maml:description> <maml:para>Specify to find objects based on handles rather than enumerating named paths.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: AccessRights --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>AccessRights</maml:name> <maml:description> <maml:para>Access rights to check for in an object's access.</maml:para> <maml:para>Possible values: None, Access0, Access1, Access2, Access3, Access4, Access5, Access6, Access7, Access8, Access9, Access10, Access11, Access12, Access13, Access14, Access15, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, AccessSystemSecurity, MaximumAllowed, GenericAll, GenericExecute, GenericWrite, GenericRead</maml:para> </maml:description> <command:parameterValue required="true">GenericAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.GenericAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">Access0</command:parameterValue> <command:parameterValue required="false" variableLength="false">Access1</command:parameterValue> <command:parameterValue required="false" variableLength="false">Access2</command:parameterValue> <command:parameterValue required="false" variableLength="false">Access3</command:parameterValue> <command:parameterValue required="false" variableLength="false">Access4</command:parameterValue> <command:parameterValue required="false" variableLength="false">Access5</command:parameterValue> <command:parameterValue required="false" variableLength="false">Access6</command:parameterValue> <command:parameterValue required="false" variableLength="false">Access7</command:parameterValue> <command:parameterValue required="false" variableLength="false">Access8</command:parameterValue> <command:parameterValue required="false" variableLength="false">Access9</command:parameterValue> <command:parameterValue required="false" variableLength="false">Access10</command:parameterValue> <command:parameterValue required="false" variableLength="false">Access11</command:parameterValue> <command:parameterValue required="false" variableLength="false">Access12</command:parameterValue> <command:parameterValue required="false" variableLength="false">Access13</command:parameterValue> <command:parameterValue required="false" variableLength="false">Access14</command:parameterValue> <command:parameterValue required="false" variableLength="false">Access15</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: AllowEmptyAccess --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>AllowEmptyAccess</maml:name> <maml:description> <maml:para>If set an access entry will be generated even if granted access is 0.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: AllowPartialAccess --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>AllowPartialAccess</maml:name> <maml:description> <maml:para>If AccessRights specified require that only part of the access rights are required to match an access check.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: CheckUnnamed --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CheckUnnamed</maml:name> <maml:description> <maml:para>Specify when enumerating handles to also check unnamed objects.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: FormatWin32Path --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>FormatWin32Path</maml:name> <maml:description> <maml:para>When generating the results format path in Win32 format.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ProcessCommandLines --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ProcessCommandLines</maml:name> <maml:description> <maml:para>Specify a list of command lines to filter on find for the process tokens.</maml:para> </maml:description> <command:parameterValue required="true">string[]</command:parameterValue> <dev:type> <maml:name>System.String[]</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Processes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Processes</maml:name> <maml:description> <maml:para>Specify a list of process objects to get tokens from.</maml:para> </maml:description> <command:parameterValue required="true">NtProcess[]</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtProcess[]</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: ProcessIds --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ProcessIds</maml:name> <maml:description> <maml:para>Specify a list of process IDs to open for their tokens.</maml:para> </maml:description> <command:parameterValue required="true">int[]</command:parameterValue> <dev:type> <maml:name>System.Int32[]</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: ProcessNames --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ProcessNames</maml:name> <maml:description> <maml:para>Specify a list of process names to open for their tokens.</maml:para> </maml:description> <command:parameterValue required="true">string[]</command:parameterValue> <dev:type> <maml:name>System.String[]</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Tokens --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Tokens</maml:name> <maml:description> <maml:para>Specify a list token objects.</maml:para> </maml:description> <command:parameterValue required="true">NtToken[]</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtToken[]</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: TypeFilter --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>TypeFilter</maml:name> <maml:description> <maml:para>Specify list of NT object types to filter on.</maml:para> </maml:description> <command:parameterValue required="true">string[]</command:parameterValue> <dev:type> <maml:name>System.String[]</maml:name> <maml:uri /> </dev:type> </command:parameter> </command:syntaxItem> <!-- Parameter set: path --> <command:syntaxItem> <maml:name>Get-AccessibleObject</maml:name> <!-- Parameter: Path --> <command:parameter required="false" globbing="false" pipelineInput="true (ByValue)" position="0"> <maml:name>Path</maml:name> <maml:description> <maml:para>Specify a list of native paths to check.</maml:para> </maml:description> <command:parameterValue required="true">string[]</command:parameterValue> <dev:type> <maml:name>System.String[]</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: AccessRights --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>AccessRights</maml:name> <maml:description> <maml:para>Access rights to check for in an object's access.</maml:para> <maml:para>Possible values: None, Access0, Access1, Access2, Access3, Access4, Access5, Access6, Access7, Access8, Access9, Access10, Access11, Access12, Access13, Access14, Access15, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, AccessSystemSecurity, MaximumAllowed, GenericAll, GenericExecute, GenericWrite, GenericRead</maml:para> </maml:description> <command:parameterValue required="true">GenericAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.GenericAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">Access0</command:parameterValue> <command:parameterValue required="false" variableLength="false">Access1</command:parameterValue> <command:parameterValue required="false" variableLength="false">Access2</command:parameterValue> <command:parameterValue required="false" variableLength="false">Access3</command:parameterValue> <command:parameterValue required="false" variableLength="false">Access4</command:parameterValue> <command:parameterValue required="false" variableLength="false">Access5</command:parameterValue> <command:parameterValue required="false" variableLength="false">Access6</command:parameterValue> <command:parameterValue required="false" variableLength="false">Access7</command:parameterValue> <command:parameterValue required="false" variableLength="false">Access8</command:parameterValue> <command:parameterValue required="false" variableLength="false">Access9</command:parameterValue> <command:parameterValue required="false" variableLength="false">Access10</command:parameterValue> <command:parameterValue required="false" variableLength="false">Access11</command:parameterValue> <command:parameterValue required="false" variableLength="false">Access12</command:parameterValue> <command:parameterValue required="false" variableLength="false">Access13</command:parameterValue> <command:parameterValue required="false" variableLength="false">Access14</command:parameterValue> <command:parameterValue required="false" variableLength="false">Access15</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: AllowEmptyAccess --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>AllowEmptyAccess</maml:name> <maml:description> <maml:para>If set an access entry will be generated even if granted access is 0.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: AllowPartialAccess --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>AllowPartialAccess</maml:name> <maml:description> <maml:para>If AccessRights specified require that only part of the access rights are required to match an access check.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: FormatWin32Path --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>FormatWin32Path</maml:name> <maml:description> <maml:para>When generating the results format path in Win32 format.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: MaxDepth --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>MaxDepth</maml:name> <maml:description> <maml:para>When recursing specify maximum depth.</maml:para> </maml:description> <command:parameterValue required="true">int</command:parameterValue> <dev:type> <maml:name>System.Int32</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: ProcessCommandLines --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ProcessCommandLines</maml:name> <maml:description> <maml:para>Specify a list of command lines to filter on find for the process tokens.</maml:para> </maml:description> <command:parameterValue required="true">string[]</command:parameterValue> <dev:type> <maml:name>System.String[]</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Processes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Processes</maml:name> <maml:description> <maml:para>Specify a list of process objects to get tokens from.</maml:para> </maml:description> <command:parameterValue required="true">NtProcess[]</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtProcess[]</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: ProcessIds --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ProcessIds</maml:name> <maml:description> <maml:para>Specify a list of process IDs to open for their tokens.</maml:para> </maml:description> <command:parameterValue required="true">int[]</command:parameterValue> <dev:type> <maml:name>System.Int32[]</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: ProcessNames --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ProcessNames</maml:name> <maml:description> <maml:para>Specify a list of process names to open for their tokens.</maml:para> </maml:description> <command:parameterValue required="true">string[]</command:parameterValue> <dev:type> <maml:name>System.String[]</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Recurse --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Recurse</maml:name> <maml:description> <maml:para>Specify whether to recursively check the path for access.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: Tokens --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Tokens</maml:name> <maml:description> <maml:para>Specify a list token objects.</maml:para> </maml:description> <command:parameterValue required="true">NtToken[]</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtToken[]</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: TypeFilter --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>TypeFilter</maml:name> <maml:description> <maml:para>Specify list of NT object types to filter on.</maml:para> </maml:description> <command:parameterValue required="true">string[]</command:parameterValue> <dev:type> <maml:name>System.String[]</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Win32Path --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Win32Path</maml:name> <maml:description> <maml:para>Specify a list of paths in a Win32 format.</maml:para> </maml:description> <command:parameterValue required="true">string[]</command:parameterValue> <dev:type> <maml:name>System.String[]</maml:name> <maml:uri /> </dev:type> </command:parameter> </command:syntaxItem> </command:syntax> <command:parameters> <!-- Parameter: TypeFilter --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>TypeFilter</maml:name> <maml:description> <maml:para>Specify list of NT object types to filter on.</maml:para> </maml:description> <command:parameterValue required="true">string[]</command:parameterValue> <dev:type> <maml:name>System.String[]</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: FromHandles --> <command:parameter required="true" globbing="false" pipelineInput="false" position="named"> <maml:name>FromHandles</maml:name> <maml:description> <maml:para>Specify to find objects based on handles rather than enumerating named paths.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: CheckUnnamed --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CheckUnnamed</maml:name> <maml:description> <maml:para>Specify when enumerating handles to also check unnamed objects.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: Path --> <command:parameter required="false" globbing="false" pipelineInput="true (ByValue)" position="0"> <maml:name>Path</maml:name> <maml:description> <maml:para>Specify a list of native paths to check.</maml:para> </maml:description> <command:parameterValue required="true">string[]</command:parameterValue> <dev:type> <maml:name>System.String[]</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Win32Path --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Win32Path</maml:name> <maml:description> <maml:para>Specify a list of paths in a Win32 format.</maml:para> </maml:description> <command:parameterValue required="true">string[]</command:parameterValue> <dev:type> <maml:name>System.String[]</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: FormatWin32Path --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>FormatWin32Path</maml:name> <maml:description> <maml:para>When generating the results format path in Win32 format.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: Recurse --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Recurse</maml:name> <maml:description> <maml:para>Specify whether to recursively check the path for access.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: MaxDepth --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>MaxDepth</maml:name> <maml:description> <maml:para>When recursing specify maximum depth.</maml:para> </maml:description> <command:parameterValue required="true">int</command:parameterValue> <dev:type> <maml:name>System.Int32</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: AccessRights --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>AccessRights</maml:name> <maml:description> <maml:para>Access rights to check for in an object's access.</maml:para> <maml:para>Possible values: None, Access0, Access1, Access2, Access3, Access4, Access5, Access6, Access7, Access8, Access9, Access10, Access11, Access12, Access13, Access14, Access15, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, AccessSystemSecurity, MaximumAllowed, GenericAll, GenericExecute, GenericWrite, GenericRead</maml:para> </maml:description> <command:parameterValue required="true">GenericAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.GenericAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">Access0</command:parameterValue> <command:parameterValue required="false" variableLength="false">Access1</command:parameterValue> <command:parameterValue required="false" variableLength="false">Access2</command:parameterValue> <command:parameterValue required="false" variableLength="false">Access3</command:parameterValue> <command:parameterValue required="false" variableLength="false">Access4</command:parameterValue> <command:parameterValue required="false" variableLength="false">Access5</command:parameterValue> <command:parameterValue required="false" variableLength="false">Access6</command:parameterValue> <command:parameterValue required="false" variableLength="false">Access7</command:parameterValue> <command:parameterValue required="false" variableLength="false">Access8</command:parameterValue> <command:parameterValue required="false" variableLength="false">Access9</command:parameterValue> <command:parameterValue required="false" variableLength="false">Access10</command:parameterValue> <command:parameterValue required="false" variableLength="false">Access11</command:parameterValue> <command:parameterValue required="false" variableLength="false">Access12</command:parameterValue> <command:parameterValue required="false" variableLength="false">Access13</command:parameterValue> <command:parameterValue required="false" variableLength="false">Access14</command:parameterValue> <command:parameterValue required="false" variableLength="false">Access15</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: AllowPartialAccess --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>AllowPartialAccess</maml:name> <maml:description> <maml:para>If AccessRights specified require that only part of the access rights are required to match an access check.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: AllowEmptyAccess --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>AllowEmptyAccess</maml:name> <maml:description> <maml:para>If set an access entry will be generated even if granted access is 0.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ProcessIds --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ProcessIds</maml:name> <maml:description> <maml:para>Specify a list of process IDs to open for their tokens.</maml:para> </maml:description> <command:parameterValue required="true">int[]</command:parameterValue> <dev:type> <maml:name>System.Int32[]</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: ProcessNames --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ProcessNames</maml:name> <maml:description> <maml:para>Specify a list of process names to open for their tokens.</maml:para> </maml:description> <command:parameterValue required="true">string[]</command:parameterValue> <dev:type> <maml:name>System.String[]</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: ProcessCommandLines --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ProcessCommandLines</maml:name> <maml:description> <maml:para>Specify a list of command lines to filter on find for the process tokens.</maml:para> </maml:description> <command:parameterValue required="true">string[]</command:parameterValue> <dev:type> <maml:name>System.String[]</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Tokens --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Tokens</maml:name> <maml:description> <maml:para>Specify a list token objects.</maml:para> </maml:description> <command:parameterValue required="true">NtToken[]</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtToken[]</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Processes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Processes</maml:name> <maml:description> <maml:para>Specify a list of process objects to get tokens from.</maml:para> </maml:description> <command:parameterValue required="true">NtProcess[]</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtProcess[]</maml:name> <maml:uri /> </dev:type> </command:parameter> </command:parameters> <command:inputTypes> <command:inputType> <dev:type> <maml:name>System.String[]</maml:name> <maml:uri /> </dev:type> <maml:description> <maml:para>Specify a list of native paths to check.</maml:para> </maml:description> </command:inputType> </command:inputTypes> <command:returnValues> <!-- OutputType: AccessCheckResult --> <command:returnValue> <dev:type> <maml:name>NtObjectManager.AccessCheckResult</maml:name> <maml:uri /> </dev:type> <maml:description> <maml:para>General Access check result.</maml:para> </maml:description> </command:returnValue> </command:returnValues> <command:examples> <command:example> <maml:title>---------- EXAMPLE 1 ----------</maml:title> <dev:code>Get-AccessibleObject \BaseNamedObjects</dev:code> <dev:remarks> <maml:para>Check accessible objects under \ for the current process token.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 2 ----------</maml:title> <dev:code>Get-AccessibleObject \BaseNamedObjects -ProcessIds 1234,5678</dev:code> <dev:remarks> <maml:para>Check accessible objects under \BaseNamedObjects for the process tokens of PIDs 1234 and 5678</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 3 ----------</maml:title> <dev:code>Get-AccessibleObject \BaseNamedObjects -Recurse</dev:code> <dev:remarks> <maml:para>Check recursively for accessible objects under \BaseNamedObjects for the current process token.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 4 ----------</maml:title> <dev:code>Get-AccessibleObject \BaseNamedObjects -Recurse -MaxDepth 5</dev:code> <dev:remarks> <maml:para>Check recursively for accessible objects under \BaseNamedObjects for the current process token to a maximum depth of 5.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 5 ----------</maml:title> <dev:code>Get-AccessibleObject -Win32Path \ -Recurse</dev:code> <dev:remarks> <maml:para>Check recursively for accessible objects under the user's based named objects for the current process token.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 6 ----------</maml:title> <dev:code>Get-AccessibleObject \ -Recurse -AccessRights GenericWrite</dev:code> <dev:remarks> <maml:para>Check recursively for accessible objects under with write access.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 7 ----------</maml:title> <dev:code>Get-AccessibleObject \ -Recurse -AccessRights GenericWrite -AllowPartialAccess</dev:code> <dev:remarks> <maml:para>Check recursively for accessible objects under with partial write access.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 8 ----------</maml:title> <dev:code>$token = Get-NtToken -Primary -Duplicate -IntegrityLevel Low Get-AccessibleObject \BaseNamedObjects -Recurse -Tokens $token -AccessRights GenericWrite</dev:code> <dev:remarks> <maml:para>Get all object which can be written to in \BaseNamedObjects by a low integrity copy of current token.</maml:para> </dev:remarks> </command:example> </command:examples> </command:command> <!-- Cmdlet: Get-AccessibleProcess --> <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"> <command:details> <command:name>Get-AccessibleProcess</command:name> <command:verb>Get</command:verb> <command:noun>AccessibleProcess</command:noun> <maml:description> <maml:para>Get a list of processes and/or threads that can be opened by a specified token.</maml:para> </maml:description> </command:details> <maml:description> <maml:para>This cmdlet checks all processes and threads and tries to determine if one or more specified tokens can open them to them. If no tokens are specified then the current process token is used.</maml:para> </maml:description> <command:syntax> <!-- Parameter set: __AllParameterSets --> <command:syntaxItem> <maml:name>Get-AccessibleProcess</maml:name> <!-- Parameter: AccessRights --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>AccessRights</maml:name> <maml:description> <maml:para>Access rights to check for in an object's access.</maml:para> <maml:para>Possible values: None, Terminate, CreateThread, SetSessionId, VmOperation, VmRead, VmWrite, DupHandle, CreateProcess, SetQuota, SetInformation, QueryInformation, SuspendResume, QueryLimitedInformation, SetLimitedInformation, AllAccess, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">ProcessAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.ProcessAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">Terminate</command:parameterValue> <command:parameterValue required="false" variableLength="false">CreateThread</command:parameterValue> <command:parameterValue required="false" variableLength="false">SetSessionId</command:parameterValue> <command:parameterValue required="false" variableLength="false">VmOperation</command:parameterValue> <command:parameterValue required="false" variableLength="false">VmRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">VmWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">DupHandle</command:parameterValue> <command:parameterValue required="false" variableLength="false">CreateProcess</command:parameterValue> <command:parameterValue required="false" variableLength="false">SetQuota</command:parameterValue> <command:parameterValue required="false" variableLength="false">SetInformation</command:parameterValue> <command:parameterValue required="false" variableLength="false">QueryInformation</command:parameterValue> <command:parameterValue required="false" variableLength="false">SuspendResume</command:parameterValue> <command:parameterValue required="false" variableLength="false">QueryLimitedInformation</command:parameterValue> <command:parameterValue required="false" variableLength="false">SetLimitedInformation</command:parameterValue> <command:parameterValue required="false" variableLength="false">AllAccess</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: AllowEmptyAccess --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>AllowEmptyAccess</maml:name> <maml:description> <maml:para>If set an access entry will be generated even if granted access is 0.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: AllowPartialAccess --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>AllowPartialAccess</maml:name> <maml:description> <maml:para>If AccessRights specified require that only part of the access rights are required to match an access check.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: CheckMode --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CheckMode</maml:name> <maml:description> <maml:para>Specify what objects to check for.</maml:para> <maml:para>Possible values: ProcessOnly, ThreadOnly, ProcessAndThread</maml:para> </maml:description> <command:parameterValue required="true">ProcessCheckMode</command:parameterValue> <dev:type> <maml:name>NtObjectManager.ProcessCheckMode</maml:name> <maml:uri /> <maml:description> <maml:para>Specify what objects to query for.</maml:para> </maml:description> </dev:type> <dev:defaultValue>ProcessOnly</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">ProcessOnly</command:parameterValue> <command:parameterValue required="false" variableLength="false">ThreadOnly</command:parameterValue> <command:parameterValue required="false" variableLength="false">ProcessAndThread</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: ProcessCommandLines --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ProcessCommandLines</maml:name> <maml:description> <maml:para>Specify a list of command lines to filter on find for the process tokens.</maml:para> </maml:description> <command:parameterValue required="true">string[]</command:parameterValue> <dev:type> <maml:name>System.String[]</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Processes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Processes</maml:name> <maml:description> <maml:para>Specify a list of process objects to get tokens from.</maml:para> </maml:description> <command:parameterValue required="true">NtProcess[]</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtProcess[]</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: ProcessIds --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ProcessIds</maml:name> <maml:description> <maml:para>Specify a list of process IDs to open for their tokens.</maml:para> </maml:description> <command:parameterValue required="true">int[]</command:parameterValue> <dev:type> <maml:name>System.Int32[]</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: ProcessNames --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ProcessNames</maml:name> <maml:description> <maml:para>Specify a list of process names to open for their tokens.</maml:para> </maml:description> <command:parameterValue required="true">string[]</command:parameterValue> <dev:type> <maml:name>System.String[]</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: ShowDeadProcesses --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ShowDeadProcesses</maml:name> <maml:description> <maml:para>Specify that dead processes should be shown.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ThreadAccessRights --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ThreadAccessRights</maml:name> <maml:description> <maml:para>Specify specific access rights for threads.</maml:para> <maml:para>Possible values: Terminate, SuspendResume, Alert, GetContext, SetContext, SetInformation, QueryInformation, SetThreadToken, Impersonate, DirectImpersonation, SetLimitedInformation, QueryLimitedInformation, Resume, AllAccess, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">ThreadAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.ThreadAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>0</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">Terminate</command:parameterValue> <command:parameterValue required="false" variableLength="false">SuspendResume</command:parameterValue> <command:parameterValue required="false" variableLength="false">Alert</command:parameterValue> <command:parameterValue required="false" variableLength="false">GetContext</command:parameterValue> <command:parameterValue required="false" variableLength="false">SetContext</command:parameterValue> <command:parameterValue required="false" variableLength="false">SetInformation</command:parameterValue> <command:parameterValue required="false" variableLength="false">QueryInformation</command:parameterValue> <command:parameterValue required="false" variableLength="false">SetThreadToken</command:parameterValue> <command:parameterValue required="false" variableLength="false">Impersonate</command:parameterValue> <command:parameterValue required="false" variableLength="false">DirectImpersonation</command:parameterValue> <command:parameterValue required="false" variableLength="false">SetLimitedInformation</command:parameterValue> <command:parameterValue required="false" variableLength="false">QueryLimitedInformation</command:parameterValue> <command:parameterValue required="false" variableLength="false">Resume</command:parameterValue> <command:parameterValue required="false" variableLength="false">AllAccess</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Tokens --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Tokens</maml:name> <maml:description> <maml:para>Specify a list token objects.</maml:para> </maml:description> <command:parameterValue required="true">NtToken[]</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtToken[]</maml:name> <maml:uri /> </dev:type> </command:parameter> </command:syntaxItem> </command:syntax> <command:parameters> <!-- Parameter: CheckMode --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CheckMode</maml:name> <maml:description> <maml:para>Specify what objects to check for.</maml:para> <maml:para>Possible values: ProcessOnly, ThreadOnly, ProcessAndThread</maml:para> </maml:description> <command:parameterValue required="true">ProcessCheckMode</command:parameterValue> <dev:type> <maml:name>NtObjectManager.ProcessCheckMode</maml:name> <maml:uri /> <maml:description> <maml:para>Specify what objects to query for.</maml:para> </maml:description> </dev:type> <dev:defaultValue>ProcessOnly</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">ProcessOnly</command:parameterValue> <command:parameterValue required="false" variableLength="false">ThreadOnly</command:parameterValue> <command:parameterValue required="false" variableLength="false">ProcessAndThread</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: ThreadAccessRights --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ThreadAccessRights</maml:name> <maml:description> <maml:para>Specify specific access rights for threads.</maml:para> <maml:para>Possible values: Terminate, SuspendResume, Alert, GetContext, SetContext, SetInformation, QueryInformation, SetThreadToken, Impersonate, DirectImpersonation, SetLimitedInformation, QueryLimitedInformation, Resume, AllAccess, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">ThreadAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.ThreadAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>0</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">Terminate</command:parameterValue> <command:parameterValue required="false" variableLength="false">SuspendResume</command:parameterValue> <command:parameterValue required="false" variableLength="false">Alert</command:parameterValue> <command:parameterValue required="false" variableLength="false">GetContext</command:parameterValue> <command:parameterValue required="false" variableLength="false">SetContext</command:parameterValue> <command:parameterValue required="false" variableLength="false">SetInformation</command:parameterValue> <command:parameterValue required="false" variableLength="false">QueryInformation</command:parameterValue> <command:parameterValue required="false" variableLength="false">SetThreadToken</command:parameterValue> <command:parameterValue required="false" variableLength="false">Impersonate</command:parameterValue> <command:parameterValue required="false" variableLength="false">DirectImpersonation</command:parameterValue> <command:parameterValue required="false" variableLength="false">SetLimitedInformation</command:parameterValue> <command:parameterValue required="false" variableLength="false">QueryLimitedInformation</command:parameterValue> <command:parameterValue required="false" variableLength="false">Resume</command:parameterValue> <command:parameterValue required="false" variableLength="false">AllAccess</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: ShowDeadProcesses --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ShowDeadProcesses</maml:name> <maml:description> <maml:para>Specify that dead processes should be shown.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: AccessRights --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>AccessRights</maml:name> <maml:description> <maml:para>Access rights to check for in an object's access.</maml:para> <maml:para>Possible values: None, Terminate, CreateThread, SetSessionId, VmOperation, VmRead, VmWrite, DupHandle, CreateProcess, SetQuota, SetInformation, QueryInformation, SuspendResume, QueryLimitedInformation, SetLimitedInformation, AllAccess, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">ProcessAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.ProcessAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">Terminate</command:parameterValue> <command:parameterValue required="false" variableLength="false">CreateThread</command:parameterValue> <command:parameterValue required="false" variableLength="false">SetSessionId</command:parameterValue> <command:parameterValue required="false" variableLength="false">VmOperation</command:parameterValue> <command:parameterValue required="false" variableLength="false">VmRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">VmWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">DupHandle</command:parameterValue> <command:parameterValue required="false" variableLength="false">CreateProcess</command:parameterValue> <command:parameterValue required="false" variableLength="false">SetQuota</command:parameterValue> <command:parameterValue required="false" variableLength="false">SetInformation</command:parameterValue> <command:parameterValue required="false" variableLength="false">QueryInformation</command:parameterValue> <command:parameterValue required="false" variableLength="false">SuspendResume</command:parameterValue> <command:parameterValue required="false" variableLength="false">QueryLimitedInformation</command:parameterValue> <command:parameterValue required="false" variableLength="false">SetLimitedInformation</command:parameterValue> <command:parameterValue required="false" variableLength="false">AllAccess</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: AllowPartialAccess --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>AllowPartialAccess</maml:name> <maml:description> <maml:para>If AccessRights specified require that only part of the access rights are required to match an access check.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: AllowEmptyAccess --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>AllowEmptyAccess</maml:name> <maml:description> <maml:para>If set an access entry will be generated even if granted access is 0.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ProcessIds --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ProcessIds</maml:name> <maml:description> <maml:para>Specify a list of process IDs to open for their tokens.</maml:para> </maml:description> <command:parameterValue required="true">int[]</command:parameterValue> <dev:type> <maml:name>System.Int32[]</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: ProcessNames --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ProcessNames</maml:name> <maml:description> <maml:para>Specify a list of process names to open for their tokens.</maml:para> </maml:description> <command:parameterValue required="true">string[]</command:parameterValue> <dev:type> <maml:name>System.String[]</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: ProcessCommandLines --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ProcessCommandLines</maml:name> <maml:description> <maml:para>Specify a list of command lines to filter on find for the process tokens.</maml:para> </maml:description> <command:parameterValue required="true">string[]</command:parameterValue> <dev:type> <maml:name>System.String[]</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Tokens --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Tokens</maml:name> <maml:description> <maml:para>Specify a list token objects.</maml:para> </maml:description> <command:parameterValue required="true">NtToken[]</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtToken[]</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Processes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Processes</maml:name> <maml:description> <maml:para>Specify a list of process objects to get tokens from.</maml:para> </maml:description> <command:parameterValue required="true">NtProcess[]</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtProcess[]</maml:name> <maml:uri /> </dev:type> </command:parameter> </command:parameters> <command:inputTypes /> <command:returnValues> <!-- OutputType: ProcessAccessCheckResult --> <command:returnValue> <dev:type> <maml:name>NtObjectManager.ProcessAccessCheckResult</maml:name> <maml:uri /> </dev:type> <maml:description> <maml:para>Access check result for a process.</maml:para> </maml:description> </command:returnValue> </command:returnValues> <command:examples> <command:example> <maml:title>---------- EXAMPLE 1 ----------</maml:title> <dev:code>Get-AccessibleProcess</dev:code> <dev:remarks> <maml:para>Check all accessible processes for the current process token.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 2 ----------</maml:title> <dev:code>Get-AccessibleProcess -ProcessIds 1234,5678</dev:code> <dev:remarks> <maml:para>>Check all accessible processes for the process tokens of PIDs 1234 and 5678</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 3 ----------</maml:title> <dev:code>$token = Get-NtToken -Primary -Duplicate -IntegrityLevel Low Get-AccessibleProcess -Tokens $token -AccessRights GenericWrite</dev:code> <dev:remarks> <maml:para>Get all processes with can be written by a low integrity copy of current token.</maml:para> </dev:remarks> </command:example> </command:examples> </command:command> <!-- Cmdlet: Get-AccessibleScheduledTask --> <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"> <command:details> <command:name>Get-AccessibleScheduledTask</command:name> <command:verb>Get</command:verb> <command:noun>AccessibleScheduledTask</command:noun> <maml:description> <maml:para>Get a list of scheduled tasks openable by a specified token.</maml:para> </maml:description> </command:details> <maml:description> <maml:para>This cmdlet checks all scheduled tasks and tries to determine if one or more specified tokens can open them. If no tokens are specified then the current process token is used.</maml:para> </maml:description> <command:syntax> <!-- Parameter set: __AllParameterSets --> <command:syntaxItem> <maml:name>Get-AccessibleScheduledTask</maml:name> <!-- Parameter: AccessRights --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>AccessRights</maml:name> <maml:description> <maml:para>Access rights to check for in an object's access.</maml:para> <maml:para>Possible values: None, ReadData, WriteData, AppendData, ReadEa, WriteEa, Execute, DeleteChild, ReadAttributes, WriteAttributes, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">FileAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.FileAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadData</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteData</command:parameterValue> <command:parameterValue required="false" variableLength="false">AppendData</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadEa</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteEa</command:parameterValue> <command:parameterValue required="false" variableLength="false">Execute</command:parameterValue> <command:parameterValue required="false" variableLength="false">DeleteChild</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadAttributes</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteAttributes</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: AllowEmptyAccess --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>AllowEmptyAccess</maml:name> <maml:description> <maml:para>If set an access entry will be generated even if granted access is 0.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: AllowPartialAccess --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>AllowPartialAccess</maml:name> <maml:description> <maml:para>If AccessRights specified require that only part of the access rights are required to match an access check.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: CheckMode --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CheckMode</maml:name> <maml:description> <maml:para>Limit access check to specific types of files.</maml:para> <maml:para>Possible values: TasksOnly, FoldersOnly, All</maml:para> </maml:description> <command:parameterValue required="true">TaskCheckMode</command:parameterValue> <dev:type> <maml:name>NtObjectManager.TaskCheckMode</maml:name> <maml:uri /> <maml:description> <maml:para>Limit access check to specific types of task information.</maml:para> </maml:description> </dev:type> <dev:defaultValue>TasksOnly</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">TasksOnly</command:parameterValue> <command:parameterValue required="false" variableLength="false">FoldersOnly</command:parameterValue> <command:parameterValue required="false" variableLength="false">All</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: DirectoryAccessRights --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>DirectoryAccessRights</maml:name> <maml:description> <maml:para>Specify a set of directory access rights which a folder must at least be accessible for to count as an access.</maml:para> <maml:para>Possible values: None, ListDirectory, AddFile, AddSubDirectory, ReadEa, WriteEa, Traverse, DeleteChild, ReadAttributes, WriteAttributes, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">FileDirectoryAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.FileDirectoryAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ListDirectory</command:parameterValue> <command:parameterValue required="false" variableLength="false">AddFile</command:parameterValue> <command:parameterValue required="false" variableLength="false">AddSubDirectory</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadEa</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteEa</command:parameterValue> <command:parameterValue required="false" variableLength="false">Traverse</command:parameterValue> <command:parameterValue required="false" variableLength="false">DeleteChild</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadAttributes</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteAttributes</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Executable --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Executable</maml:name> <maml:description> <maml:para>Shortcut to specify that we're querying for executable tasks.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ProcessCommandLines --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ProcessCommandLines</maml:name> <maml:description> <maml:para>Specify a list of command lines to filter on find for the process tokens.</maml:para> </maml:description> <command:parameterValue required="true">string[]</command:parameterValue> <dev:type> <maml:name>System.String[]</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Processes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Processes</maml:name> <maml:description> <maml:para>Specify a list of process objects to get tokens from.</maml:para> </maml:description> <command:parameterValue required="true">NtProcess[]</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtProcess[]</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: ProcessIds --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ProcessIds</maml:name> <maml:description> <maml:para>Specify a list of process IDs to open for their tokens.</maml:para> </maml:description> <command:parameterValue required="true">int[]</command:parameterValue> <dev:type> <maml:name>System.Int32[]</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: ProcessNames --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ProcessNames</maml:name> <maml:description> <maml:para>Specify a list of process names to open for their tokens.</maml:para> </maml:description> <command:parameterValue required="true">string[]</command:parameterValue> <dev:type> <maml:name>System.String[]</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Tokens --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Tokens</maml:name> <maml:description> <maml:para>Specify a list token objects.</maml:para> </maml:description> <command:parameterValue required="true">NtToken[]</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtToken[]</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Writable --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Writable</maml:name> <maml:description> <maml:para>Shortcut to specify that we're querying for writable tasks or directories.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> </command:syntaxItem> </command:syntax> <command:parameters> <!-- Parameter: CheckMode --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CheckMode</maml:name> <maml:description> <maml:para>Limit access check to specific types of files.</maml:para> <maml:para>Possible values: TasksOnly, FoldersOnly, All</maml:para> </maml:description> <command:parameterValue required="true">TaskCheckMode</command:parameterValue> <dev:type> <maml:name>NtObjectManager.TaskCheckMode</maml:name> <maml:uri /> <maml:description> <maml:para>Limit access check to specific types of task information.</maml:para> </maml:description> </dev:type> <dev:defaultValue>TasksOnly</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">TasksOnly</command:parameterValue> <command:parameterValue required="false" variableLength="false">FoldersOnly</command:parameterValue> <command:parameterValue required="false" variableLength="false">All</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: DirectoryAccessRights --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>DirectoryAccessRights</maml:name> <maml:description> <maml:para>Specify a set of directory access rights which a folder must at least be accessible for to count as an access.</maml:para> <maml:para>Possible values: None, ListDirectory, AddFile, AddSubDirectory, ReadEa, WriteEa, Traverse, DeleteChild, ReadAttributes, WriteAttributes, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">FileDirectoryAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.FileDirectoryAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ListDirectory</command:parameterValue> <command:parameterValue required="false" variableLength="false">AddFile</command:parameterValue> <command:parameterValue required="false" variableLength="false">AddSubDirectory</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadEa</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteEa</command:parameterValue> <command:parameterValue required="false" variableLength="false">Traverse</command:parameterValue> <command:parameterValue required="false" variableLength="false">DeleteChild</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadAttributes</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteAttributes</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Executable --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Executable</maml:name> <maml:description> <maml:para>Shortcut to specify that we're querying for executable tasks.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: Writable --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Writable</maml:name> <maml:description> <maml:para>Shortcut to specify that we're querying for writable tasks or directories.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: AccessRights --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>AccessRights</maml:name> <maml:description> <maml:para>Access rights to check for in an object's access.</maml:para> <maml:para>Possible values: None, ReadData, WriteData, AppendData, ReadEa, WriteEa, Execute, DeleteChild, ReadAttributes, WriteAttributes, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">FileAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.FileAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadData</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteData</command:parameterValue> <command:parameterValue required="false" variableLength="false">AppendData</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadEa</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteEa</command:parameterValue> <command:parameterValue required="false" variableLength="false">Execute</command:parameterValue> <command:parameterValue required="false" variableLength="false">DeleteChild</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadAttributes</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteAttributes</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: AllowPartialAccess --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>AllowPartialAccess</maml:name> <maml:description> <maml:para>If AccessRights specified require that only part of the access rights are required to match an access check.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: AllowEmptyAccess --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>AllowEmptyAccess</maml:name> <maml:description> <maml:para>If set an access entry will be generated even if granted access is 0.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ProcessIds --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ProcessIds</maml:name> <maml:description> <maml:para>Specify a list of process IDs to open for their tokens.</maml:para> </maml:description> <command:parameterValue required="true">int[]</command:parameterValue> <dev:type> <maml:name>System.Int32[]</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: ProcessNames --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ProcessNames</maml:name> <maml:description> <maml:para>Specify a list of process names to open for their tokens.</maml:para> </maml:description> <command:parameterValue required="true">string[]</command:parameterValue> <dev:type> <maml:name>System.String[]</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: ProcessCommandLines --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ProcessCommandLines</maml:name> <maml:description> <maml:para>Specify a list of command lines to filter on find for the process tokens.</maml:para> </maml:description> <command:parameterValue required="true">string[]</command:parameterValue> <dev:type> <maml:name>System.String[]</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Tokens --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Tokens</maml:name> <maml:description> <maml:para>Specify a list token objects.</maml:para> </maml:description> <command:parameterValue required="true">NtToken[]</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtToken[]</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Processes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Processes</maml:name> <maml:description> <maml:para>Specify a list of process objects to get tokens from.</maml:para> </maml:description> <command:parameterValue required="true">NtProcess[]</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtProcess[]</maml:name> <maml:uri /> </dev:type> </command:parameter> </command:parameters> <command:inputTypes /> <command:returnValues> <!-- OutputType: ScheduledTaskAccessCheckResult --> <command:returnValue> <dev:type> <maml:name>NtObjectManager.ScheduledTaskAccessCheckResult</maml:name> <maml:uri /> </dev:type> <maml:description> <maml:para>Access check result for a scheduled task.</maml:para> </maml:description> </command:returnValue> </command:returnValues> <command:examples> <command:example> <maml:title>---------- EXAMPLE 1 ----------</maml:title> <dev:code>Get-AccessibleScheduledTask</dev:code> <dev:remarks> <maml:para>Check all accessible scheduled tasks for the current process token.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 2 ----------</maml:title> <dev:code>Get-AccessibleScheduledTask -Executable</dev:code> <dev:remarks> <maml:para>Check all executable scheduled tasks for the current process token.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 3 ----------</maml:title> <dev:code>Get-AccessibleScheduledTask -ProcessIds 1234,5678</dev:code> <dev:remarks> <maml:para>>Check all accessible scheduled tasks for the process tokens of PIDs 1234 and 5678</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 4 ----------</maml:title> <dev:code>$token = Get-NtToken -Primary -Duplicate -IntegrityLevel Low Get-AccessibleScheduledTask -Tokens $token -AccessRights GenericWrite</dev:code> <dev:remarks> <maml:para>Get all scheduled tasks which can be written by a low integrity copy of current token.</maml:para> </dev:remarks> </command:example> </command:examples> </command:command> <!-- Cmdlet: Get-AccessibleService --> <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"> <command:details> <command:name>Get-AccessibleService</command:name> <command:verb>Get</command:verb> <command:noun>AccessibleService</command:noun> <maml:description> <maml:para>Get a list of services openable by a specified token.</maml:para> </maml:description> </command:details> <maml:description> <maml:para>This cmdlet checks all services and tries to determine if one or more specified tokens can open them. If no tokens are specified then the current process token is used.</maml:para> </maml:description> <command:syntax> <!-- Parameter set: FromName --> <command:syntaxItem> <maml:name>Get-AccessibleService</maml:name> <!-- Parameter: Name --> <command:parameter required="false" globbing="false" pipelineInput="false" position="0"> <maml:name>Name</maml:name> <maml:description> <maml:para>Specify names of services to check.</maml:para> </maml:description> <command:parameterValue required="true">string[]</command:parameterValue> <dev:type> <maml:name>System.String[]</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: AccessRights --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>AccessRights</maml:name> <maml:description> <maml:para>Access rights to check for in an object's access.</maml:para> <maml:para>Possible values: ChangeConfig, EnumerateDependents, Interrogate, PauseContinue, QueryConfig, QueryStatus, Start, Stop, UserDefinedControl, SetStatus, All, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">ServiceAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.Win32.ServiceAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>0</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">ChangeConfig</command:parameterValue> <command:parameterValue required="false" variableLength="false">EnumerateDependents</command:parameterValue> <command:parameterValue required="false" variableLength="false">Interrogate</command:parameterValue> <command:parameterValue required="false" variableLength="false">PauseContinue</command:parameterValue> <command:parameterValue required="false" variableLength="false">QueryConfig</command:parameterValue> <command:parameterValue required="false" variableLength="false">QueryStatus</command:parameterValue> <command:parameterValue required="false" variableLength="false">Start</command:parameterValue> <command:parameterValue required="false" variableLength="false">Stop</command:parameterValue> <command:parameterValue required="false" variableLength="false">UserDefinedControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">SetStatus</command:parameterValue> <command:parameterValue required="false" variableLength="false">All</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: AllowEmptyAccess --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>AllowEmptyAccess</maml:name> <maml:description> <maml:para>If set an access entry will be generated even if granted access is 0.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: AllowPartialAccess --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>AllowPartialAccess</maml:name> <maml:description> <maml:para>If AccessRights specified require that only part of the access rights are required to match an access check.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ProcessCommandLines --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ProcessCommandLines</maml:name> <maml:description> <maml:para>Specify a list of command lines to filter on find for the process tokens.</maml:para> </maml:description> <command:parameterValue required="true">string[]</command:parameterValue> <dev:type> <maml:name>System.String[]</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Processes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Processes</maml:name> <maml:description> <maml:para>Specify a list of process objects to get tokens from.</maml:para> </maml:description> <command:parameterValue required="true">NtProcess[]</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtProcess[]</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: ProcessIds --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ProcessIds</maml:name> <maml:description> <maml:para>Specify a list of process IDs to open for their tokens.</maml:para> </maml:description> <command:parameterValue required="true">int[]</command:parameterValue> <dev:type> <maml:name>System.Int32[]</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: ProcessNames --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ProcessNames</maml:name> <maml:description> <maml:para>Specify a list of process names to open for their tokens.</maml:para> </maml:description> <command:parameterValue required="true">string[]</command:parameterValue> <dev:type> <maml:name>System.String[]</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Tokens --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Tokens</maml:name> <maml:description> <maml:para>Specify a list token objects.</maml:para> </maml:description> <command:parameterValue required="true">NtToken[]</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtToken[]</maml:name> <maml:uri /> </dev:type> </command:parameter> </command:syntaxItem> <!-- Parameter set: CheckScm --> <command:syntaxItem> <maml:name>Get-AccessibleService</maml:name> <!-- Parameter: AccessRights --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>AccessRights</maml:name> <maml:description> <maml:para>Access rights to check for in an object's access.</maml:para> <maml:para>Possible values: ChangeConfig, EnumerateDependents, Interrogate, PauseContinue, QueryConfig, QueryStatus, Start, Stop, UserDefinedControl, SetStatus, All, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">ServiceAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.Win32.ServiceAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>0</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">ChangeConfig</command:parameterValue> <command:parameterValue required="false" variableLength="false">EnumerateDependents</command:parameterValue> <command:parameterValue required="false" variableLength="false">Interrogate</command:parameterValue> <command:parameterValue required="false" variableLength="false">PauseContinue</command:parameterValue> <command:parameterValue required="false" variableLength="false">QueryConfig</command:parameterValue> <command:parameterValue required="false" variableLength="false">QueryStatus</command:parameterValue> <command:parameterValue required="false" variableLength="false">Start</command:parameterValue> <command:parameterValue required="false" variableLength="false">Stop</command:parameterValue> <command:parameterValue required="false" variableLength="false">UserDefinedControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">SetStatus</command:parameterValue> <command:parameterValue required="false" variableLength="false">All</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: AllowEmptyAccess --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>AllowEmptyAccess</maml:name> <maml:description> <maml:para>If set an access entry will be generated even if granted access is 0.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: AllowPartialAccess --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>AllowPartialAccess</maml:name> <maml:description> <maml:para>If AccessRights specified require that only part of the access rights are required to match an access check.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: CheckScmAccess --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CheckScmAccess</maml:name> <maml:description> <maml:para>Check access to the SCM.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ProcessCommandLines --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ProcessCommandLines</maml:name> <maml:description> <maml:para>Specify a list of command lines to filter on find for the process tokens.</maml:para> </maml:description> <command:parameterValue required="true">string[]</command:parameterValue> <dev:type> <maml:name>System.String[]</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Processes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Processes</maml:name> <maml:description> <maml:para>Specify a list of process objects to get tokens from.</maml:para> </maml:description> <command:parameterValue required="true">NtProcess[]</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtProcess[]</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: ProcessIds --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ProcessIds</maml:name> <maml:description> <maml:para>Specify a list of process IDs to open for their tokens.</maml:para> </maml:description> <command:parameterValue required="true">int[]</command:parameterValue> <dev:type> <maml:name>System.Int32[]</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: ProcessNames --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ProcessNames</maml:name> <maml:description> <maml:para>Specify a list of process names to open for their tokens.</maml:para> </maml:description> <command:parameterValue required="true">string[]</command:parameterValue> <dev:type> <maml:name>System.String[]</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Tokens --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Tokens</maml:name> <maml:description> <maml:para>Specify a list token objects.</maml:para> </maml:description> <command:parameterValue required="true">NtToken[]</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtToken[]</maml:name> <maml:uri /> </dev:type> </command:parameter> </command:syntaxItem> <!-- Parameter set: All --> <command:syntaxItem> <maml:name>Get-AccessibleService</maml:name> <!-- Parameter: AccessRights --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>AccessRights</maml:name> <maml:description> <maml:para>Access rights to check for in an object's access.</maml:para> <maml:para>Possible values: ChangeConfig, EnumerateDependents, Interrogate, PauseContinue, QueryConfig, QueryStatus, Start, Stop, UserDefinedControl, SetStatus, All, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">ServiceAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.Win32.ServiceAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>0</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">ChangeConfig</command:parameterValue> <command:parameterValue required="false" variableLength="false">EnumerateDependents</command:parameterValue> <command:parameterValue required="false" variableLength="false">Interrogate</command:parameterValue> <command:parameterValue required="false" variableLength="false">PauseContinue</command:parameterValue> <command:parameterValue required="false" variableLength="false">QueryConfig</command:parameterValue> <command:parameterValue required="false" variableLength="false">QueryStatus</command:parameterValue> <command:parameterValue required="false" variableLength="false">Start</command:parameterValue> <command:parameterValue required="false" variableLength="false">Stop</command:parameterValue> <command:parameterValue required="false" variableLength="false">UserDefinedControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">SetStatus</command:parameterValue> <command:parameterValue required="false" variableLength="false">All</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: AllowEmptyAccess --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>AllowEmptyAccess</maml:name> <maml:description> <maml:para>If set an access entry will be generated even if granted access is 0.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: AllowPartialAccess --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>AllowPartialAccess</maml:name> <maml:description> <maml:para>If AccessRights specified require that only part of the access rights are required to match an access check.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: CheckMode --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CheckMode</maml:name> <maml:description> <maml:para>Check mode for accessible services.</maml:para> <maml:para>Possible values: ServiceOnly, DriverOnly, ServiceAndDriver</maml:para> </maml:description> <command:parameterValue required="true">ServiceCheckMode</command:parameterValue> <dev:type> <maml:name>NtObjectManager.ServiceCheckMode</maml:name> <maml:uri /> <maml:description> <maml:para>Check mode for accessible services.</maml:para> </maml:description> </dev:type> <dev:defaultValue>ServiceOnly</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">ServiceOnly</command:parameterValue> <command:parameterValue required="false" variableLength="false">DriverOnly</command:parameterValue> <command:parameterValue required="false" variableLength="false">ServiceAndDriver</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: ProcessCommandLines --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ProcessCommandLines</maml:name> <maml:description> <maml:para>Specify a list of command lines to filter on find for the process tokens.</maml:para> </maml:description> <command:parameterValue required="true">string[]</command:parameterValue> <dev:type> <maml:name>System.String[]</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Processes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Processes</maml:name> <maml:description> <maml:para>Specify a list of process objects to get tokens from.</maml:para> </maml:description> <command:parameterValue required="true">NtProcess[]</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtProcess[]</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: ProcessIds --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ProcessIds</maml:name> <maml:description> <maml:para>Specify a list of process IDs to open for their tokens.</maml:para> </maml:description> <command:parameterValue required="true">int[]</command:parameterValue> <dev:type> <maml:name>System.Int32[]</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: ProcessNames --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ProcessNames</maml:name> <maml:description> <maml:para>Specify a list of process names to open for their tokens.</maml:para> </maml:description> <command:parameterValue required="true">string[]</command:parameterValue> <dev:type> <maml:name>System.String[]</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Tokens --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Tokens</maml:name> <maml:description> <maml:para>Specify a list token objects.</maml:para> </maml:description> <command:parameterValue required="true">NtToken[]</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtToken[]</maml:name> <maml:uri /> </dev:type> </command:parameter> </command:syntaxItem> </command:syntax> <command:parameters> <!-- Parameter: Name --> <command:parameter required="false" globbing="false" pipelineInput="false" position="0"> <maml:name>Name</maml:name> <maml:description> <maml:para>Specify names of services to check.</maml:para> </maml:description> <command:parameterValue required="true">string[]</command:parameterValue> <dev:type> <maml:name>System.String[]</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: CheckScmAccess --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CheckScmAccess</maml:name> <maml:description> <maml:para>Check access to the SCM.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: CheckMode --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CheckMode</maml:name> <maml:description> <maml:para>Check mode for accessible services.</maml:para> <maml:para>Possible values: ServiceOnly, DriverOnly, ServiceAndDriver</maml:para> </maml:description> <command:parameterValue required="true">ServiceCheckMode</command:parameterValue> <dev:type> <maml:name>NtObjectManager.ServiceCheckMode</maml:name> <maml:uri /> <maml:description> <maml:para>Check mode for accessible services.</maml:para> </maml:description> </dev:type> <dev:defaultValue>ServiceOnly</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">ServiceOnly</command:parameterValue> <command:parameterValue required="false" variableLength="false">DriverOnly</command:parameterValue> <command:parameterValue required="false" variableLength="false">ServiceAndDriver</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: AccessRights --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>AccessRights</maml:name> <maml:description> <maml:para>Access rights to check for in an object's access.</maml:para> <maml:para>Possible values: ChangeConfig, EnumerateDependents, Interrogate, PauseContinue, QueryConfig, QueryStatus, Start, Stop, UserDefinedControl, SetStatus, All, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">ServiceAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.Win32.ServiceAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>0</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">ChangeConfig</command:parameterValue> <command:parameterValue required="false" variableLength="false">EnumerateDependents</command:parameterValue> <command:parameterValue required="false" variableLength="false">Interrogate</command:parameterValue> <command:parameterValue required="false" variableLength="false">PauseContinue</command:parameterValue> <command:parameterValue required="false" variableLength="false">QueryConfig</command:parameterValue> <command:parameterValue required="false" variableLength="false">QueryStatus</command:parameterValue> <command:parameterValue required="false" variableLength="false">Start</command:parameterValue> <command:parameterValue required="false" variableLength="false">Stop</command:parameterValue> <command:parameterValue required="false" variableLength="false">UserDefinedControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">SetStatus</command:parameterValue> <command:parameterValue required="false" variableLength="false">All</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: AllowPartialAccess --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>AllowPartialAccess</maml:name> <maml:description> <maml:para>If AccessRights specified require that only part of the access rights are required to match an access check.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: AllowEmptyAccess --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>AllowEmptyAccess</maml:name> <maml:description> <maml:para>If set an access entry will be generated even if granted access is 0.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ProcessIds --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ProcessIds</maml:name> <maml:description> <maml:para>Specify a list of process IDs to open for their tokens.</maml:para> </maml:description> <command:parameterValue required="true">int[]</command:parameterValue> <dev:type> <maml:name>System.Int32[]</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: ProcessNames --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ProcessNames</maml:name> <maml:description> <maml:para>Specify a list of process names to open for their tokens.</maml:para> </maml:description> <command:parameterValue required="true">string[]</command:parameterValue> <dev:type> <maml:name>System.String[]</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: ProcessCommandLines --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ProcessCommandLines</maml:name> <maml:description> <maml:para>Specify a list of command lines to filter on find for the process tokens.</maml:para> </maml:description> <command:parameterValue required="true">string[]</command:parameterValue> <dev:type> <maml:name>System.String[]</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Tokens --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Tokens</maml:name> <maml:description> <maml:para>Specify a list token objects.</maml:para> </maml:description> <command:parameterValue required="true">NtToken[]</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtToken[]</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Processes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Processes</maml:name> <maml:description> <maml:para>Specify a list of process objects to get tokens from.</maml:para> </maml:description> <command:parameterValue required="true">NtProcess[]</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtProcess[]</maml:name> <maml:uri /> </dev:type> </command:parameter> </command:parameters> <command:inputTypes /> <command:returnValues> <!-- OutputType: AccessCheckResult --> <command:returnValue> <dev:type> <maml:name>NtObjectManager.AccessCheckResult</maml:name> <maml:uri /> </dev:type> <maml:description> <maml:para>General Access check result.</maml:para> </maml:description> </command:returnValue> </command:returnValues> <command:examples> <command:example> <maml:title>---------- EXAMPLE 1 ----------</maml:title> <dev:code>Get-AccessibleService</dev:code> <dev:remarks> <maml:para>Check all accessible services for the current process token.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 2 ----------</maml:title> <dev:code>Get-AccessibleService -CheckScmAccess</dev:code> <dev:remarks> <maml:para>Check access to the SCM for the current process token.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 3 ----------</maml:title> <dev:code>Get-AccessibleService -ProcessIds 1234,5678</dev:code> <dev:remarks> <maml:para>>Check all accessible services for the process tokens of PIDs 1234 and 5678</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 4 ----------</maml:title> <dev:code>$token = Get-NtToken -Primary -Duplicate -IntegrityLevel Low Get-AccessibleService -Tokens $token -AccessRights GenericWrite</dev:code> <dev:remarks> <maml:para>Get all services which can be written by a low integrity copy of current token.</maml:para> </dev:remarks> </command:example> </command:examples> </command:command> <!-- Cmdlet: Add-DosDevice --> <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"> <command:details> <command:name>Add-DosDevice</command:name> <command:verb>Add</command:verb> <command:noun>DosDevice</command:noun> <maml:description> <maml:para>Create a DOS device symlink.</maml:para> </maml:description> </command:details> <maml:description> <maml:para>This cmdlet creates or redefines a DOS device symlink. This symlink will be permanent, until it's deleted rather than requiring a handle to be maintained.</maml:para> </maml:description> <command:syntax> <!-- Parameter set: __AllParameterSets --> <command:syntaxItem> <maml:name>Add-DosDevice</maml:name> <!-- Parameter: DeviceName --> <command:parameter required="true" globbing="false" pipelineInput="false" position="0"> <maml:name>DeviceName</maml:name> <maml:description> <maml:para>The device name to create. If this string starts with a \ then the symlink will be created relative to the root of the object manager.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: TargetPath --> <command:parameter required="true" globbing="false" pipelineInput="false" position="1"> <maml:name>TargetPath</maml:name> <maml:description> <maml:para>Specify the target path. This should be a DOS path, unless RawTargetPath is set then it can be arbitrary object manager path.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: NoBroadcastSystem --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>NoBroadcastSystem</maml:name> <maml:description> <maml:para>Don't broadcast the change to the desktop using WM_SETTINGCHANGE.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: RawTargetPath --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>RawTargetPath</maml:name> <maml:description> <maml:para>Specify the TargetPath as a raw object manager path.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> </command:syntaxItem> </command:syntax> <command:parameters> <!-- Parameter: DeviceName --> <command:parameter required="true" globbing="false" pipelineInput="false" position="0"> <maml:name>DeviceName</maml:name> <maml:description> <maml:para>The device name to create. If this string starts with a \ then the symlink will be created relative to the root of the object manager.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: TargetPath --> <command:parameter required="true" globbing="false" pipelineInput="false" position="1"> <maml:name>TargetPath</maml:name> <maml:description> <maml:para>Specify the target path. This should be a DOS path, unless RawTargetPath is set then it can be arbitrary object manager path.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: NoBroadcastSystem --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>NoBroadcastSystem</maml:name> <maml:description> <maml:para>Don't broadcast the change to the desktop using WM_SETTINGCHANGE.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: RawTargetPath --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>RawTargetPath</maml:name> <maml:description> <maml:para>Specify the TargetPath as a raw object manager path.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> </command:parameters> <command:inputTypes /> <command:returnValues /> <command:examples> <command:example> <maml:title>---------- EXAMPLE 1 ----------</maml:title> <dev:code>Add-DosDevice Z: C:\Windows</dev:code> <dev:remarks> <maml:para>Define a Z: drive which points to C:\Windows.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 2 ----------</maml:title> <dev:code>Add-DosDevice Z: \Device\HarddiskVolume1\windows -RawTargetPath</dev:code> <dev:remarks> <maml:para>Define a Z: drive which points to Windows using a raw target path.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 3 ----------</maml:title> <dev:code>Add-DosDevice "\RPC Control\ABC" c:\Windows</dev:code> <dev:remarks> <maml:para>Define the symlink '\RPC Control\ABC' drive which points to c:\Windows.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 4 ----------</maml:title> <dev:code>Add-DosDevice Z: C:\Windows -NoBroadcastSystem</dev:code> <dev:remarks> <maml:para>Define a Z: drive which points to C:\Windows but don't broadcast the changes to applications on the desktop.</maml:para> </dev:remarks> </command:example> </command:examples> </command:command> <!-- Cmdlet: Remove-DosDevice --> <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"> <command:details> <command:name>Remove-DosDevice</command:name> <command:verb>Remove</command:verb> <command:noun>DosDevice</command:noun> <maml:description> <maml:para>Remove a DOS device symlink.</maml:para> </maml:description> </command:details> <maml:description> <maml:para>This cmdlet removes a DOS device symlink.</maml:para> </maml:description> <command:syntax> <!-- Parameter set: __AllParameterSets --> <command:syntaxItem> <maml:name>Remove-DosDevice</maml:name> <!-- Parameter: DeviceName --> <command:parameter required="true" globbing="false" pipelineInput="false" position="0"> <maml:name>DeviceName</maml:name> <maml:description> <maml:para>The device name to create. If this string starts with a \ then the symlink will be created relative to the root of the object manager.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: ExactMatchTargetPath --> <command:parameter required="false" globbing="false" pipelineInput="false" position="1"> <maml:name>ExactMatchTargetPath</maml:name> <maml:description> <maml:para>Specify an exact target path to remove. If the symlink doesn't match this target then it will not be removed.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: NoBroadcastSystem --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>NoBroadcastSystem</maml:name> <maml:description> <maml:para>Don't broadcast the change to the desktop using WM_SETTINGCHANGE.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: RawTargetPath --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>RawTargetPath</maml:name> <maml:description> <maml:para>Specify the TargetPath as a raw object manager path.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> </command:syntaxItem> </command:syntax> <command:parameters> <!-- Parameter: DeviceName --> <command:parameter required="true" globbing="false" pipelineInput="false" position="0"> <maml:name>DeviceName</maml:name> <maml:description> <maml:para>The device name to create. If this string starts with a \ then the symlink will be created relative to the root of the object manager.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: ExactMatchTargetPath --> <command:parameter required="false" globbing="false" pipelineInput="false" position="1"> <maml:name>ExactMatchTargetPath</maml:name> <maml:description> <maml:para>Specify an exact target path to remove. If the symlink doesn't match this target then it will not be removed.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: NoBroadcastSystem --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>NoBroadcastSystem</maml:name> <maml:description> <maml:para>Don't broadcast the change to the desktop using WM_SETTINGCHANGE.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: RawTargetPath --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>RawTargetPath</maml:name> <maml:description> <maml:para>Specify the TargetPath as a raw object manager path.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> </command:parameters> <command:inputTypes /> <command:returnValues /> <command:examples> <command:example> <maml:title>---------- EXAMPLE 1 ----------</maml:title> <dev:code>Remove-DosDevice Z:</dev:code> <dev:remarks> <maml:para>Remove the Z: drive.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 2 ----------</maml:title> <dev:code>Remove-DosDevice Z: \Device\HarddiskVolume1\windows -RawTargetPath</dev:code> <dev:remarks> <maml:para>Remove the Z: drive, which must point to \Device\HarddiskVolume1\Windows.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 3 ----------</maml:title> <dev:code>Remove-DosDevice Z: c:\windows</dev:code> <dev:remarks> <maml:para>Remove the Z: drive, which must point to c:\Windows.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 4 ----------</maml:title> <dev:code>Remove-DosDevice "\RPC Control\ABC"</dev:code> <dev:remarks> <maml:para>Remove '\RPC Control\ABC' symlink.</maml:para> </dev:remarks> </command:example> </command:examples> </command:command> <!-- Cmdlet: Test-NetworkAccess --> <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"> <command:details> <command:name>Test-NetworkAccess</command:name> <command:verb>Test</command:verb> <command:noun>NetworkAccess</command:noun> <maml:description> <maml:para>Test whether network access is allowed based on a specific token.</maml:para> </maml:description> </command:details> <maml:description> <maml:para>This cmdlet tests network access for a particular token. This can either be network client access or network server access.</maml:para> </maml:description> <command:syntax> <!-- Parameter set: ForListen --> <command:syntaxItem> <maml:name>Test-NetworkAccess</maml:name> <!-- Parameter: Port --> <command:parameter required="true" globbing="false" pipelineInput="false" position="0"> <maml:name>Port</maml:name> <maml:description> <maml:para>Specify to the host for connecting or listening.</maml:para> </maml:description> <command:parameterValue required="true">int</command:parameterValue> <dev:type> <maml:name>System.Int32</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>0</dev:defaultValue> </command:parameter> <!-- Parameter: Listen --> <command:parameter required="true" globbing="false" pipelineInput="false" position="named"> <maml:name>Listen</maml:name> <maml:description> <maml:para>Specify to test listening on a port.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: HostName --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>HostName</maml:name> <maml:description> <maml:para>Specify to the host for connecting or listening.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: IPv6 --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>IPv6</maml:name> <maml:description> <maml:para>Specify to use IPv6 instead of IPv4.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: Process --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Process</maml:name> <maml:description> <maml:para>Specify a process to get the token from.</maml:para> </maml:description> <command:parameterValue required="true">NtProcess</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtProcess</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: ProcessId --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ProcessId</maml:name> <maml:description> <maml:para>Specify a process ID to get the token from.</maml:para> </maml:description> <command:parameterValue required="true">int</command:parameterValue> <dev:type> <maml:name>System.Int32</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>0</dev:defaultValue> </command:parameter> <!-- Parameter: Token --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Token</maml:name> <maml:description> <maml:para>Specify the token to use for the test.</maml:para> </maml:description> <command:parameterValue required="true">NtToken</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtToken</maml:name> <maml:uri /> </dev:type> </command:parameter> </command:syntaxItem> <!-- Parameter set: ForConnect --> <command:syntaxItem> <maml:name>Test-NetworkAccess</maml:name> <!-- Parameter: HostName --> <command:parameter required="true" globbing="false" pipelineInput="false" position="0"> <maml:name>HostName</maml:name> <maml:description> <maml:para>Specify to the host for connecting or listening.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Port --> <command:parameter required="true" globbing="false" pipelineInput="false" position="1"> <maml:name>Port</maml:name> <maml:description> <maml:para>Specify to the host for connecting or listening.</maml:para> </maml:description> <command:parameterValue required="true">int</command:parameterValue> <dev:type> <maml:name>System.Int32</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>0</dev:defaultValue> </command:parameter> <!-- Parameter: IPv6 --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>IPv6</maml:name> <maml:description> <maml:para>Specify to use IPv6 instead of IPv4.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: Process --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Process</maml:name> <maml:description> <maml:para>Specify a process to get the token from.</maml:para> </maml:description> <command:parameterValue required="true">NtProcess</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtProcess</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: ProcessId --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ProcessId</maml:name> <maml:description> <maml:para>Specify a process ID to get the token from.</maml:para> </maml:description> <command:parameterValue required="true">int</command:parameterValue> <dev:type> <maml:name>System.Int32</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>0</dev:defaultValue> </command:parameter> <!-- Parameter: Token --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Token</maml:name> <maml:description> <maml:para>Specify the token to use for the test.</maml:para> </maml:description> <command:parameterValue required="true">NtToken</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtToken</maml:name> <maml:uri /> </dev:type> </command:parameter> </command:syntaxItem> </command:syntax> <command:parameters> <!-- Parameter: Listen --> <command:parameter required="true" globbing="false" pipelineInput="false" position="named"> <maml:name>Listen</maml:name> <maml:description> <maml:para>Specify to test listening on a port.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: HostName --> <command:parameter required="true" globbing="false" pipelineInput="false" position="0"> <maml:name>HostName</maml:name> <maml:description> <maml:para>Specify to the host for connecting or listening.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Port --> <command:parameter required="true" globbing="false" pipelineInput="false" position="1"> <maml:name>Port</maml:name> <maml:description> <maml:para>Specify to the host for connecting or listening.</maml:para> </maml:description> <command:parameterValue required="true">int</command:parameterValue> <dev:type> <maml:name>System.Int32</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>0</dev:defaultValue> </command:parameter> <!-- Parameter: Process --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Process</maml:name> <maml:description> <maml:para>Specify a process to get the token from.</maml:para> </maml:description> <command:parameterValue required="true">NtProcess</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtProcess</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: ProcessId --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ProcessId</maml:name> <maml:description> <maml:para>Specify a process ID to get the token from.</maml:para> </maml:description> <command:parameterValue required="true">int</command:parameterValue> <dev:type> <maml:name>System.Int32</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>0</dev:defaultValue> </command:parameter> <!-- Parameter: Token --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Token</maml:name> <maml:description> <maml:para>Specify the token to use for the test.</maml:para> </maml:description> <command:parameterValue required="true">NtToken</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtToken</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: IPv6 --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>IPv6</maml:name> <maml:description> <maml:para>Specify to use IPv6 instead of IPv4.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> </command:parameters> <command:inputTypes /> <command:returnValues /> <command:examples> <command:example> <maml:title>---------- EXAMPLE 1 ----------</maml:title> <dev:code>Test-NetworkAccess -HostName www.google.com -Port 80</dev:code> <dev:remarks> <maml:para>Test network access for the current user to www.google.com:80.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 2 ----------</maml:title> <dev:code>Test-NetworkAccess -Listen 1234</dev:code> <dev:remarks> <maml:para>Test network access for the current user by listening on port 1234.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 3 ----------</maml:title> <dev:code>Test-NetworkAccess -HostName www.google.com -Port 80 -ProcessId 1234</dev:code> <dev:remarks> <maml:para>Test network access for the process 1234 to www.google.com:80.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 4 ----------</maml:title> <dev:code>Test-NetworkAccess -HostName www.google.com -Port 80 -Token $token</dev:code> <dev:remarks> <maml:para>Test network access for a specified token to www.google.com:80.</maml:para> </dev:remarks> </command:example> </command:examples> </command:command> <!-- Cmdlet: Get-NtAccessMask --> <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"> <command:details> <command:name>Get-NtAccessMask</command:name> <command:verb>Get</command:verb> <command:noun>NtAccessMask</command:noun> <maml:description> <maml:para>Convert a specific object access to an AccessMask or GenericAccess.</maml:para> </maml:description> </command:details> <maml:description> <maml:para>This cmdlet allows you to convert a specific object access to an AccessMask or GenericAccess for use in general functions.</maml:para> </maml:description> <command:syntax> <!-- Parameter set: FromMask --> <command:syntaxItem> <maml:name>Get-NtAccessMask</maml:name> <!-- Parameter: AccessMask --> <command:parameter required="true" globbing="false" pipelineInput="false" position="0"> <maml:name>AccessMask</maml:name> <maml:description> <maml:para>Specify a raw access mask.</maml:para> </maml:description> <command:parameterValue required="true">AccessMask</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.AccessMask</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>00000000</dev:defaultValue> </command:parameter> <!-- Parameter: MapGenericRights --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>MapGenericRights</maml:name> <maml:description> <maml:para>Specify that any generic rights should be mapped to type specific rights.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ToGenericAccess --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ToGenericAccess</maml:name> <maml:description> <maml:para>Return access as GenericAccess.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ToMandatoryLabelPolicy --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ToMandatoryLabelPolicy</maml:name> <maml:description> <maml:para>Return access as ManadatoryLabelPolicy.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ToSpecificAccess --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ToSpecificAccess</maml:name> <maml:description> <maml:para>Return access as specific access type based on the type enumeration.</maml:para> <maml:para>Possible values: None, ALPCPort, DebugObject, Desktop, Directory, Event, File, Device, IoCompletion, Job, Key, Mutant, Partition, Process, RegistryTransaction, Section, Semaphore, Session, SymbolicLink, Thread, Token, TmTx, WindowStation, TmRm, TmEn, TmTm, Transaction, ResourceManager, Enlistment, TransactionManager</maml:para> </maml:description> <command:parameterValue required="true">SpecificAccessType</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SpecificAccessType</maml:name> <maml:uri /> <maml:description> <maml:para>Enumeration for specific access type mapping.</maml:para> </maml:description> </dev:type> <dev:defaultValue>None</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ALPCPort</command:parameterValue> <command:parameterValue required="false" variableLength="false">DebugObject</command:parameterValue> <command:parameterValue required="false" variableLength="false">Desktop</command:parameterValue> <command:parameterValue required="false" variableLength="false">Directory</command:parameterValue> <command:parameterValue required="false" variableLength="false">Event</command:parameterValue> <command:parameterValue required="false" variableLength="false">File</command:parameterValue> <command:parameterValue required="false" variableLength="false">Device</command:parameterValue> <command:parameterValue required="false" variableLength="false">IoCompletion</command:parameterValue> <command:parameterValue required="false" variableLength="false">Job</command:parameterValue> <command:parameterValue required="false" variableLength="false">Key</command:parameterValue> <command:parameterValue required="false" variableLength="false">Mutant</command:parameterValue> <command:parameterValue required="false" variableLength="false">Partition</command:parameterValue> <command:parameterValue required="false" variableLength="false">Process</command:parameterValue> <command:parameterValue required="false" variableLength="false">RegistryTransaction</command:parameterValue> <command:parameterValue required="false" variableLength="false">Section</command:parameterValue> <command:parameterValue required="false" variableLength="false">Semaphore</command:parameterValue> <command:parameterValue required="false" variableLength="false">Session</command:parameterValue> <command:parameterValue required="false" variableLength="false">SymbolicLink</command:parameterValue> <command:parameterValue required="false" variableLength="false">Thread</command:parameterValue> <command:parameterValue required="false" variableLength="false">Token</command:parameterValue> <command:parameterValue required="false" variableLength="false">TmTx</command:parameterValue> <command:parameterValue required="false" variableLength="false">WindowStation</command:parameterValue> <command:parameterValue required="false" variableLength="false">TmRm</command:parameterValue> <command:parameterValue required="false" variableLength="false">TmEn</command:parameterValue> <command:parameterValue required="false" variableLength="false">TmTm</command:parameterValue> <command:parameterValue required="false" variableLength="false">Transaction</command:parameterValue> <command:parameterValue required="false" variableLength="false">ResourceManager</command:parameterValue> <command:parameterValue required="false" variableLength="false">Enlistment</command:parameterValue> <command:parameterValue required="false" variableLength="false">TransactionManager</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: ToTypeAccess --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ToTypeAccess</maml:name> <maml:description> <maml:para>Return access as specific access type based on the NtType object.</maml:para> </maml:description> <command:parameterValue required="true">NtType</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtType</maml:name> <maml:uri /> </dev:type> </command:parameter> </command:syntaxItem> <!-- Parameter set: FromFile --> <command:syntaxItem> <maml:name>Get-NtAccessMask</maml:name> <!-- Parameter: FileAccess --> <command:parameter required="true" globbing="false" pipelineInput="false" position="named"> <maml:name>FileAccess</maml:name> <maml:description> <maml:para>Specify File access rights.</maml:para> <maml:para>Possible values: None, ReadData, WriteData, AppendData, ReadEa, WriteEa, Execute, DeleteChild, ReadAttributes, WriteAttributes, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">FileAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.FileAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadData</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteData</command:parameterValue> <command:parameterValue required="false" variableLength="false">AppendData</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadEa</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteEa</command:parameterValue> <command:parameterValue required="false" variableLength="false">Execute</command:parameterValue> <command:parameterValue required="false" variableLength="false">DeleteChild</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadAttributes</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteAttributes</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: MapGenericRights --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>MapGenericRights</maml:name> <maml:description> <maml:para>Specify that any generic rights should be mapped to type specific rights.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ToGenericAccess --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ToGenericAccess</maml:name> <maml:description> <maml:para>Return access as GenericAccess.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ToMandatoryLabelPolicy --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ToMandatoryLabelPolicy</maml:name> <maml:description> <maml:para>Return access as ManadatoryLabelPolicy.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ToSpecificAccess --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ToSpecificAccess</maml:name> <maml:description> <maml:para>Return access as specific access type based on the type enumeration.</maml:para> <maml:para>Possible values: None, ALPCPort, DebugObject, Desktop, Directory, Event, File, Device, IoCompletion, Job, Key, Mutant, Partition, Process, RegistryTransaction, Section, Semaphore, Session, SymbolicLink, Thread, Token, TmTx, WindowStation, TmRm, TmEn, TmTm, Transaction, ResourceManager, Enlistment, TransactionManager</maml:para> </maml:description> <command:parameterValue required="true">SpecificAccessType</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SpecificAccessType</maml:name> <maml:uri /> <maml:description> <maml:para>Enumeration for specific access type mapping.</maml:para> </maml:description> </dev:type> <dev:defaultValue>None</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ALPCPort</command:parameterValue> <command:parameterValue required="false" variableLength="false">DebugObject</command:parameterValue> <command:parameterValue required="false" variableLength="false">Desktop</command:parameterValue> <command:parameterValue required="false" variableLength="false">Directory</command:parameterValue> <command:parameterValue required="false" variableLength="false">Event</command:parameterValue> <command:parameterValue required="false" variableLength="false">File</command:parameterValue> <command:parameterValue required="false" variableLength="false">Device</command:parameterValue> <command:parameterValue required="false" variableLength="false">IoCompletion</command:parameterValue> <command:parameterValue required="false" variableLength="false">Job</command:parameterValue> <command:parameterValue required="false" variableLength="false">Key</command:parameterValue> <command:parameterValue required="false" variableLength="false">Mutant</command:parameterValue> <command:parameterValue required="false" variableLength="false">Partition</command:parameterValue> <command:parameterValue required="false" variableLength="false">Process</command:parameterValue> <command:parameterValue required="false" variableLength="false">RegistryTransaction</command:parameterValue> <command:parameterValue required="false" variableLength="false">Section</command:parameterValue> <command:parameterValue required="false" variableLength="false">Semaphore</command:parameterValue> <command:parameterValue required="false" variableLength="false">Session</command:parameterValue> <command:parameterValue required="false" variableLength="false">SymbolicLink</command:parameterValue> <command:parameterValue required="false" variableLength="false">Thread</command:parameterValue> <command:parameterValue required="false" variableLength="false">Token</command:parameterValue> <command:parameterValue required="false" variableLength="false">TmTx</command:parameterValue> <command:parameterValue required="false" variableLength="false">WindowStation</command:parameterValue> <command:parameterValue required="false" variableLength="false">TmRm</command:parameterValue> <command:parameterValue required="false" variableLength="false">TmEn</command:parameterValue> <command:parameterValue required="false" variableLength="false">TmTm</command:parameterValue> <command:parameterValue required="false" variableLength="false">Transaction</command:parameterValue> <command:parameterValue required="false" variableLength="false">ResourceManager</command:parameterValue> <command:parameterValue required="false" variableLength="false">Enlistment</command:parameterValue> <command:parameterValue required="false" variableLength="false">TransactionManager</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: ToTypeAccess --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ToTypeAccess</maml:name> <maml:description> <maml:para>Return access as specific access type based on the NtType object.</maml:para> </maml:description> <command:parameterValue required="true">NtType</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtType</maml:name> <maml:uri /> </dev:type> </command:parameter> </command:syntaxItem> <!-- Parameter set: FromFileDir --> <command:syntaxItem> <maml:name>Get-NtAccessMask</maml:name> <!-- Parameter: FileDirectoryAccess --> <command:parameter required="true" globbing="false" pipelineInput="false" position="named"> <maml:name>FileDirectoryAccess</maml:name> <maml:description> <maml:para>Specify File Directory access rights.</maml:para> <maml:para>Possible values: None, ListDirectory, AddFile, AddSubDirectory, ReadEa, WriteEa, Traverse, DeleteChild, ReadAttributes, WriteAttributes, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">FileDirectoryAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.FileDirectoryAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ListDirectory</command:parameterValue> <command:parameterValue required="false" variableLength="false">AddFile</command:parameterValue> <command:parameterValue required="false" variableLength="false">AddSubDirectory</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadEa</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteEa</command:parameterValue> <command:parameterValue required="false" variableLength="false">Traverse</command:parameterValue> <command:parameterValue required="false" variableLength="false">DeleteChild</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadAttributes</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteAttributes</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: MapGenericRights --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>MapGenericRights</maml:name> <maml:description> <maml:para>Specify that any generic rights should be mapped to type specific rights.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ToGenericAccess --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ToGenericAccess</maml:name> <maml:description> <maml:para>Return access as GenericAccess.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ToMandatoryLabelPolicy --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ToMandatoryLabelPolicy</maml:name> <maml:description> <maml:para>Return access as ManadatoryLabelPolicy.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ToSpecificAccess --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ToSpecificAccess</maml:name> <maml:description> <maml:para>Return access as specific access type based on the type enumeration.</maml:para> <maml:para>Possible values: None, ALPCPort, DebugObject, Desktop, Directory, Event, File, Device, IoCompletion, Job, Key, Mutant, Partition, Process, RegistryTransaction, Section, Semaphore, Session, SymbolicLink, Thread, Token, TmTx, WindowStation, TmRm, TmEn, TmTm, Transaction, ResourceManager, Enlistment, TransactionManager</maml:para> </maml:description> <command:parameterValue required="true">SpecificAccessType</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SpecificAccessType</maml:name> <maml:uri /> <maml:description> <maml:para>Enumeration for specific access type mapping.</maml:para> </maml:description> </dev:type> <dev:defaultValue>None</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ALPCPort</command:parameterValue> <command:parameterValue required="false" variableLength="false">DebugObject</command:parameterValue> <command:parameterValue required="false" variableLength="false">Desktop</command:parameterValue> <command:parameterValue required="false" variableLength="false">Directory</command:parameterValue> <command:parameterValue required="false" variableLength="false">Event</command:parameterValue> <command:parameterValue required="false" variableLength="false">File</command:parameterValue> <command:parameterValue required="false" variableLength="false">Device</command:parameterValue> <command:parameterValue required="false" variableLength="false">IoCompletion</command:parameterValue> <command:parameterValue required="false" variableLength="false">Job</command:parameterValue> <command:parameterValue required="false" variableLength="false">Key</command:parameterValue> <command:parameterValue required="false" variableLength="false">Mutant</command:parameterValue> <command:parameterValue required="false" variableLength="false">Partition</command:parameterValue> <command:parameterValue required="false" variableLength="false">Process</command:parameterValue> <command:parameterValue required="false" variableLength="false">RegistryTransaction</command:parameterValue> <command:parameterValue required="false" variableLength="false">Section</command:parameterValue> <command:parameterValue required="false" variableLength="false">Semaphore</command:parameterValue> <command:parameterValue required="false" variableLength="false">Session</command:parameterValue> <command:parameterValue required="false" variableLength="false">SymbolicLink</command:parameterValue> <command:parameterValue required="false" variableLength="false">Thread</command:parameterValue> <command:parameterValue required="false" variableLength="false">Token</command:parameterValue> <command:parameterValue required="false" variableLength="false">TmTx</command:parameterValue> <command:parameterValue required="false" variableLength="false">WindowStation</command:parameterValue> <command:parameterValue required="false" variableLength="false">TmRm</command:parameterValue> <command:parameterValue required="false" variableLength="false">TmEn</command:parameterValue> <command:parameterValue required="false" variableLength="false">TmTm</command:parameterValue> <command:parameterValue required="false" variableLength="false">Transaction</command:parameterValue> <command:parameterValue required="false" variableLength="false">ResourceManager</command:parameterValue> <command:parameterValue required="false" variableLength="false">Enlistment</command:parameterValue> <command:parameterValue required="false" variableLength="false">TransactionManager</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: ToTypeAccess --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ToTypeAccess</maml:name> <maml:description> <maml:para>Return access as specific access type based on the NtType object.</maml:para> </maml:description> <command:parameterValue required="true">NtType</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtType</maml:name> <maml:uri /> </dev:type> </command:parameter> </command:syntaxItem> <!-- Parameter set: FromIoCompletion --> <command:syntaxItem> <maml:name>Get-NtAccessMask</maml:name> <!-- Parameter: IoCompletionAccess --> <command:parameter required="true" globbing="false" pipelineInput="false" position="named"> <maml:name>IoCompletionAccess</maml:name> <maml:description> <maml:para>Specify IO Completion access rights.</maml:para> <maml:para>Possible values: QueryState, SetCompletion, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">IoCompletionAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.IoCompletionAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>0</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">QueryState</command:parameterValue> <command:parameterValue required="false" variableLength="false">SetCompletion</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: MapGenericRights --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>MapGenericRights</maml:name> <maml:description> <maml:para>Specify that any generic rights should be mapped to type specific rights.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ToGenericAccess --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ToGenericAccess</maml:name> <maml:description> <maml:para>Return access as GenericAccess.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ToMandatoryLabelPolicy --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ToMandatoryLabelPolicy</maml:name> <maml:description> <maml:para>Return access as ManadatoryLabelPolicy.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ToSpecificAccess --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ToSpecificAccess</maml:name> <maml:description> <maml:para>Return access as specific access type based on the type enumeration.</maml:para> <maml:para>Possible values: None, ALPCPort, DebugObject, Desktop, Directory, Event, File, Device, IoCompletion, Job, Key, Mutant, Partition, Process, RegistryTransaction, Section, Semaphore, Session, SymbolicLink, Thread, Token, TmTx, WindowStation, TmRm, TmEn, TmTm, Transaction, ResourceManager, Enlistment, TransactionManager</maml:para> </maml:description> <command:parameterValue required="true">SpecificAccessType</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SpecificAccessType</maml:name> <maml:uri /> <maml:description> <maml:para>Enumeration for specific access type mapping.</maml:para> </maml:description> </dev:type> <dev:defaultValue>None</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ALPCPort</command:parameterValue> <command:parameterValue required="false" variableLength="false">DebugObject</command:parameterValue> <command:parameterValue required="false" variableLength="false">Desktop</command:parameterValue> <command:parameterValue required="false" variableLength="false">Directory</command:parameterValue> <command:parameterValue required="false" variableLength="false">Event</command:parameterValue> <command:parameterValue required="false" variableLength="false">File</command:parameterValue> <command:parameterValue required="false" variableLength="false">Device</command:parameterValue> <command:parameterValue required="false" variableLength="false">IoCompletion</command:parameterValue> <command:parameterValue required="false" variableLength="false">Job</command:parameterValue> <command:parameterValue required="false" variableLength="false">Key</command:parameterValue> <command:parameterValue required="false" variableLength="false">Mutant</command:parameterValue> <command:parameterValue required="false" variableLength="false">Partition</command:parameterValue> <command:parameterValue required="false" variableLength="false">Process</command:parameterValue> <command:parameterValue required="false" variableLength="false">RegistryTransaction</command:parameterValue> <command:parameterValue required="false" variableLength="false">Section</command:parameterValue> <command:parameterValue required="false" variableLength="false">Semaphore</command:parameterValue> <command:parameterValue required="false" variableLength="false">Session</command:parameterValue> <command:parameterValue required="false" variableLength="false">SymbolicLink</command:parameterValue> <command:parameterValue required="false" variableLength="false">Thread</command:parameterValue> <command:parameterValue required="false" variableLength="false">Token</command:parameterValue> <command:parameterValue required="false" variableLength="false">TmTx</command:parameterValue> <command:parameterValue required="false" variableLength="false">WindowStation</command:parameterValue> <command:parameterValue required="false" variableLength="false">TmRm</command:parameterValue> <command:parameterValue required="false" variableLength="false">TmEn</command:parameterValue> <command:parameterValue required="false" variableLength="false">TmTm</command:parameterValue> <command:parameterValue required="false" variableLength="false">Transaction</command:parameterValue> <command:parameterValue required="false" variableLength="false">ResourceManager</command:parameterValue> <command:parameterValue required="false" variableLength="false">Enlistment</command:parameterValue> <command:parameterValue required="false" variableLength="false">TransactionManager</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: ToTypeAccess --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ToTypeAccess</maml:name> <maml:description> <maml:para>Return access as specific access type based on the NtType object.</maml:para> </maml:description> <command:parameterValue required="true">NtType</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtType</maml:name> <maml:uri /> </dev:type> </command:parameter> </command:syntaxItem> <!-- Parameter set: FromMutant --> <command:syntaxItem> <maml:name>Get-NtAccessMask</maml:name> <!-- Parameter: MutantAccess --> <command:parameter required="true" globbing="false" pipelineInput="false" position="named"> <maml:name>MutantAccess</maml:name> <maml:description> <maml:para>Specify Mutant access rights.</maml:para> <maml:para>Possible values: None, QueryState, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">MutantAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.MutantAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">QueryState</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: MapGenericRights --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>MapGenericRights</maml:name> <maml:description> <maml:para>Specify that any generic rights should be mapped to type specific rights.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ToGenericAccess --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ToGenericAccess</maml:name> <maml:description> <maml:para>Return access as GenericAccess.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ToMandatoryLabelPolicy --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ToMandatoryLabelPolicy</maml:name> <maml:description> <maml:para>Return access as ManadatoryLabelPolicy.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ToSpecificAccess --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ToSpecificAccess</maml:name> <maml:description> <maml:para>Return access as specific access type based on the type enumeration.</maml:para> <maml:para>Possible values: None, ALPCPort, DebugObject, Desktop, Directory, Event, File, Device, IoCompletion, Job, Key, Mutant, Partition, Process, RegistryTransaction, Section, Semaphore, Session, SymbolicLink, Thread, Token, TmTx, WindowStation, TmRm, TmEn, TmTm, Transaction, ResourceManager, Enlistment, TransactionManager</maml:para> </maml:description> <command:parameterValue required="true">SpecificAccessType</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SpecificAccessType</maml:name> <maml:uri /> <maml:description> <maml:para>Enumeration for specific access type mapping.</maml:para> </maml:description> </dev:type> <dev:defaultValue>None</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ALPCPort</command:parameterValue> <command:parameterValue required="false" variableLength="false">DebugObject</command:parameterValue> <command:parameterValue required="false" variableLength="false">Desktop</command:parameterValue> <command:parameterValue required="false" variableLength="false">Directory</command:parameterValue> <command:parameterValue required="false" variableLength="false">Event</command:parameterValue> <command:parameterValue required="false" variableLength="false">File</command:parameterValue> <command:parameterValue required="false" variableLength="false">Device</command:parameterValue> <command:parameterValue required="false" variableLength="false">IoCompletion</command:parameterValue> <command:parameterValue required="false" variableLength="false">Job</command:parameterValue> <command:parameterValue required="false" variableLength="false">Key</command:parameterValue> <command:parameterValue required="false" variableLength="false">Mutant</command:parameterValue> <command:parameterValue required="false" variableLength="false">Partition</command:parameterValue> <command:parameterValue required="false" variableLength="false">Process</command:parameterValue> <command:parameterValue required="false" variableLength="false">RegistryTransaction</command:parameterValue> <command:parameterValue required="false" variableLength="false">Section</command:parameterValue> <command:parameterValue required="false" variableLength="false">Semaphore</command:parameterValue> <command:parameterValue required="false" variableLength="false">Session</command:parameterValue> <command:parameterValue required="false" variableLength="false">SymbolicLink</command:parameterValue> <command:parameterValue required="false" variableLength="false">Thread</command:parameterValue> <command:parameterValue required="false" variableLength="false">Token</command:parameterValue> <command:parameterValue required="false" variableLength="false">TmTx</command:parameterValue> <command:parameterValue required="false" variableLength="false">WindowStation</command:parameterValue> <command:parameterValue required="false" variableLength="false">TmRm</command:parameterValue> <command:parameterValue required="false" variableLength="false">TmEn</command:parameterValue> <command:parameterValue required="false" variableLength="false">TmTm</command:parameterValue> <command:parameterValue required="false" variableLength="false">Transaction</command:parameterValue> <command:parameterValue required="false" variableLength="false">ResourceManager</command:parameterValue> <command:parameterValue required="false" variableLength="false">Enlistment</command:parameterValue> <command:parameterValue required="false" variableLength="false">TransactionManager</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: ToTypeAccess --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ToTypeAccess</maml:name> <maml:description> <maml:para>Return access as specific access type based on the NtType object.</maml:para> </maml:description> <command:parameterValue required="true">NtType</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtType</maml:name> <maml:uri /> </dev:type> </command:parameter> </command:syntaxItem> <!-- Parameter set: FromSemaphore --> <command:syntaxItem> <maml:name>Get-NtAccessMask</maml:name> <!-- Parameter: SemaphoreAccess --> <command:parameter required="true" globbing="false" pipelineInput="false" position="named"> <maml:name>SemaphoreAccess</maml:name> <maml:description> <maml:para>Specify Semaphore access rights.</maml:para> <maml:para>Possible values: None, QueryState, ModifyState, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">SemaphoreAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SemaphoreAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">QueryState</command:parameterValue> <command:parameterValue required="false" variableLength="false">ModifyState</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: MapGenericRights --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>MapGenericRights</maml:name> <maml:description> <maml:para>Specify that any generic rights should be mapped to type specific rights.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ToGenericAccess --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ToGenericAccess</maml:name> <maml:description> <maml:para>Return access as GenericAccess.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ToMandatoryLabelPolicy --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ToMandatoryLabelPolicy</maml:name> <maml:description> <maml:para>Return access as ManadatoryLabelPolicy.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ToSpecificAccess --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ToSpecificAccess</maml:name> <maml:description> <maml:para>Return access as specific access type based on the type enumeration.</maml:para> <maml:para>Possible values: None, ALPCPort, DebugObject, Desktop, Directory, Event, File, Device, IoCompletion, Job, Key, Mutant, Partition, Process, RegistryTransaction, Section, Semaphore, Session, SymbolicLink, Thread, Token, TmTx, WindowStation, TmRm, TmEn, TmTm, Transaction, ResourceManager, Enlistment, TransactionManager</maml:para> </maml:description> <command:parameterValue required="true">SpecificAccessType</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SpecificAccessType</maml:name> <maml:uri /> <maml:description> <maml:para>Enumeration for specific access type mapping.</maml:para> </maml:description> </dev:type> <dev:defaultValue>None</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ALPCPort</command:parameterValue> <command:parameterValue required="false" variableLength="false">DebugObject</command:parameterValue> <command:parameterValue required="false" variableLength="false">Desktop</command:parameterValue> <command:parameterValue required="false" variableLength="false">Directory</command:parameterValue> <command:parameterValue required="false" variableLength="false">Event</command:parameterValue> <command:parameterValue required="false" variableLength="false">File</command:parameterValue> <command:parameterValue required="false" variableLength="false">Device</command:parameterValue> <command:parameterValue required="false" variableLength="false">IoCompletion</command:parameterValue> <command:parameterValue required="false" variableLength="false">Job</command:parameterValue> <command:parameterValue required="false" variableLength="false">Key</command:parameterValue> <command:parameterValue required="false" variableLength="false">Mutant</command:parameterValue> <command:parameterValue required="false" variableLength="false">Partition</command:parameterValue> <command:parameterValue required="false" variableLength="false">Process</command:parameterValue> <command:parameterValue required="false" variableLength="false">RegistryTransaction</command:parameterValue> <command:parameterValue required="false" variableLength="false">Section</command:parameterValue> <command:parameterValue required="false" variableLength="false">Semaphore</command:parameterValue> <command:parameterValue required="false" variableLength="false">Session</command:parameterValue> <command:parameterValue required="false" variableLength="false">SymbolicLink</command:parameterValue> <command:parameterValue required="false" variableLength="false">Thread</command:parameterValue> <command:parameterValue required="false" variableLength="false">Token</command:parameterValue> <command:parameterValue required="false" variableLength="false">TmTx</command:parameterValue> <command:parameterValue required="false" variableLength="false">WindowStation</command:parameterValue> <command:parameterValue required="false" variableLength="false">TmRm</command:parameterValue> <command:parameterValue required="false" variableLength="false">TmEn</command:parameterValue> <command:parameterValue required="false" variableLength="false">TmTm</command:parameterValue> <command:parameterValue required="false" variableLength="false">Transaction</command:parameterValue> <command:parameterValue required="false" variableLength="false">ResourceManager</command:parameterValue> <command:parameterValue required="false" variableLength="false">Enlistment</command:parameterValue> <command:parameterValue required="false" variableLength="false">TransactionManager</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: ToTypeAccess --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ToTypeAccess</maml:name> <maml:description> <maml:para>Return access as specific access type based on the NtType object.</maml:para> </maml:description> <command:parameterValue required="true">NtType</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtType</maml:name> <maml:uri /> </dev:type> </command:parameter> </command:syntaxItem> <!-- Parameter set: FromRegTrans --> <command:syntaxItem> <maml:name>Get-NtAccessMask</maml:name> <!-- Parameter: RegistryTransactionAccess --> <command:parameter required="true" globbing="false" pipelineInput="false" position="named"> <maml:name>RegistryTransactionAccess</maml:name> <maml:description> <maml:para>Specify Registry Transaction access rights.</maml:para> <maml:para>Possible values: QueryInformation, SetInformation, Enlist, Commit, Rollback, Propagate, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">RegistryTransactionAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.RegistryTransactionAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>0</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">QueryInformation</command:parameterValue> <command:parameterValue required="false" variableLength="false">SetInformation</command:parameterValue> <command:parameterValue required="false" variableLength="false">Enlist</command:parameterValue> <command:parameterValue required="false" variableLength="false">Commit</command:parameterValue> <command:parameterValue required="false" variableLength="false">Rollback</command:parameterValue> <command:parameterValue required="false" variableLength="false">Propagate</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: MapGenericRights --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>MapGenericRights</maml:name> <maml:description> <maml:para>Specify that any generic rights should be mapped to type specific rights.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ToGenericAccess --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ToGenericAccess</maml:name> <maml:description> <maml:para>Return access as GenericAccess.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ToMandatoryLabelPolicy --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ToMandatoryLabelPolicy</maml:name> <maml:description> <maml:para>Return access as ManadatoryLabelPolicy.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ToSpecificAccess --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ToSpecificAccess</maml:name> <maml:description> <maml:para>Return access as specific access type based on the type enumeration.</maml:para> <maml:para>Possible values: None, ALPCPort, DebugObject, Desktop, Directory, Event, File, Device, IoCompletion, Job, Key, Mutant, Partition, Process, RegistryTransaction, Section, Semaphore, Session, SymbolicLink, Thread, Token, TmTx, WindowStation, TmRm, TmEn, TmTm, Transaction, ResourceManager, Enlistment, TransactionManager</maml:para> </maml:description> <command:parameterValue required="true">SpecificAccessType</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SpecificAccessType</maml:name> <maml:uri /> <maml:description> <maml:para>Enumeration for specific access type mapping.</maml:para> </maml:description> </dev:type> <dev:defaultValue>None</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ALPCPort</command:parameterValue> <command:parameterValue required="false" variableLength="false">DebugObject</command:parameterValue> <command:parameterValue required="false" variableLength="false">Desktop</command:parameterValue> <command:parameterValue required="false" variableLength="false">Directory</command:parameterValue> <command:parameterValue required="false" variableLength="false">Event</command:parameterValue> <command:parameterValue required="false" variableLength="false">File</command:parameterValue> <command:parameterValue required="false" variableLength="false">Device</command:parameterValue> <command:parameterValue required="false" variableLength="false">IoCompletion</command:parameterValue> <command:parameterValue required="false" variableLength="false">Job</command:parameterValue> <command:parameterValue required="false" variableLength="false">Key</command:parameterValue> <command:parameterValue required="false" variableLength="false">Mutant</command:parameterValue> <command:parameterValue required="false" variableLength="false">Partition</command:parameterValue> <command:parameterValue required="false" variableLength="false">Process</command:parameterValue> <command:parameterValue required="false" variableLength="false">RegistryTransaction</command:parameterValue> <command:parameterValue required="false" variableLength="false">Section</command:parameterValue> <command:parameterValue required="false" variableLength="false">Semaphore</command:parameterValue> <command:parameterValue required="false" variableLength="false">Session</command:parameterValue> <command:parameterValue required="false" variableLength="false">SymbolicLink</command:parameterValue> <command:parameterValue required="false" variableLength="false">Thread</command:parameterValue> <command:parameterValue required="false" variableLength="false">Token</command:parameterValue> <command:parameterValue required="false" variableLength="false">TmTx</command:parameterValue> <command:parameterValue required="false" variableLength="false">WindowStation</command:parameterValue> <command:parameterValue required="false" variableLength="false">TmRm</command:parameterValue> <command:parameterValue required="false" variableLength="false">TmEn</command:parameterValue> <command:parameterValue required="false" variableLength="false">TmTm</command:parameterValue> <command:parameterValue required="false" variableLength="false">Transaction</command:parameterValue> <command:parameterValue required="false" variableLength="false">ResourceManager</command:parameterValue> <command:parameterValue required="false" variableLength="false">Enlistment</command:parameterValue> <command:parameterValue required="false" variableLength="false">TransactionManager</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: ToTypeAccess --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ToTypeAccess</maml:name> <maml:description> <maml:para>Return access as specific access type based on the NtType object.</maml:para> </maml:description> <command:parameterValue required="true">NtType</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtType</maml:name> <maml:uri /> </dev:type> </command:parameter> </command:syntaxItem> <!-- Parameter set: FromAlpc --> <command:syntaxItem> <maml:name>Get-NtAccessMask</maml:name> <!-- Parameter: AlpcPortAccess --> <command:parameter required="true" globbing="false" pipelineInput="false" position="named"> <maml:name>AlpcPortAccess</maml:name> <maml:description> <maml:para>Specify ALPC Port access rights.</maml:para> <maml:para>Possible values: Connect, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">AlpcAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.AlpcAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>0</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">Connect</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: MapGenericRights --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>MapGenericRights</maml:name> <maml:description> <maml:para>Specify that any generic rights should be mapped to type specific rights.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ToGenericAccess --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ToGenericAccess</maml:name> <maml:description> <maml:para>Return access as GenericAccess.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ToMandatoryLabelPolicy --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ToMandatoryLabelPolicy</maml:name> <maml:description> <maml:para>Return access as ManadatoryLabelPolicy.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ToSpecificAccess --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ToSpecificAccess</maml:name> <maml:description> <maml:para>Return access as specific access type based on the type enumeration.</maml:para> <maml:para>Possible values: None, ALPCPort, DebugObject, Desktop, Directory, Event, File, Device, IoCompletion, Job, Key, Mutant, Partition, Process, RegistryTransaction, Section, Semaphore, Session, SymbolicLink, Thread, Token, TmTx, WindowStation, TmRm, TmEn, TmTm, Transaction, ResourceManager, Enlistment, TransactionManager</maml:para> </maml:description> <command:parameterValue required="true">SpecificAccessType</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SpecificAccessType</maml:name> <maml:uri /> <maml:description> <maml:para>Enumeration for specific access type mapping.</maml:para> </maml:description> </dev:type> <dev:defaultValue>None</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ALPCPort</command:parameterValue> <command:parameterValue required="false" variableLength="false">DebugObject</command:parameterValue> <command:parameterValue required="false" variableLength="false">Desktop</command:parameterValue> <command:parameterValue required="false" variableLength="false">Directory</command:parameterValue> <command:parameterValue required="false" variableLength="false">Event</command:parameterValue> <command:parameterValue required="false" variableLength="false">File</command:parameterValue> <command:parameterValue required="false" variableLength="false">Device</command:parameterValue> <command:parameterValue required="false" variableLength="false">IoCompletion</command:parameterValue> <command:parameterValue required="false" variableLength="false">Job</command:parameterValue> <command:parameterValue required="false" variableLength="false">Key</command:parameterValue> <command:parameterValue required="false" variableLength="false">Mutant</command:parameterValue> <command:parameterValue required="false" variableLength="false">Partition</command:parameterValue> <command:parameterValue required="false" variableLength="false">Process</command:parameterValue> <command:parameterValue required="false" variableLength="false">RegistryTransaction</command:parameterValue> <command:parameterValue required="false" variableLength="false">Section</command:parameterValue> <command:parameterValue required="false" variableLength="false">Semaphore</command:parameterValue> <command:parameterValue required="false" variableLength="false">Session</command:parameterValue> <command:parameterValue required="false" variableLength="false">SymbolicLink</command:parameterValue> <command:parameterValue required="false" variableLength="false">Thread</command:parameterValue> <command:parameterValue required="false" variableLength="false">Token</command:parameterValue> <command:parameterValue required="false" variableLength="false">TmTx</command:parameterValue> <command:parameterValue required="false" variableLength="false">WindowStation</command:parameterValue> <command:parameterValue required="false" variableLength="false">TmRm</command:parameterValue> <command:parameterValue required="false" variableLength="false">TmEn</command:parameterValue> <command:parameterValue required="false" variableLength="false">TmTm</command:parameterValue> <command:parameterValue required="false" variableLength="false">Transaction</command:parameterValue> <command:parameterValue required="false" variableLength="false">ResourceManager</command:parameterValue> <command:parameterValue required="false" variableLength="false">Enlistment</command:parameterValue> <command:parameterValue required="false" variableLength="false">TransactionManager</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: ToTypeAccess --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ToTypeAccess</maml:name> <maml:description> <maml:para>Return access as specific access type based on the NtType object.</maml:para> </maml:description> <command:parameterValue required="true">NtType</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtType</maml:name> <maml:uri /> </dev:type> </command:parameter> </command:syntaxItem> <!-- Parameter set: FromSection --> <command:syntaxItem> <maml:name>Get-NtAccessMask</maml:name> <!-- Parameter: SectionAccess --> <command:parameter required="true" globbing="false" pipelineInput="false" position="named"> <maml:name>SectionAccess</maml:name> <maml:description> <maml:para>Specify Section access rights.</maml:para> <maml:para>Possible values: Query, MapWrite, MapRead, MapExecute, ExtendSize, MapExecuteExplicit, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">SectionAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SectionAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>0</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">Query</command:parameterValue> <command:parameterValue required="false" variableLength="false">MapWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">MapRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">MapExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">ExtendSize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MapExecuteExplicit</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: MapGenericRights --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>MapGenericRights</maml:name> <maml:description> <maml:para>Specify that any generic rights should be mapped to type specific rights.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ToGenericAccess --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ToGenericAccess</maml:name> <maml:description> <maml:para>Return access as GenericAccess.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ToMandatoryLabelPolicy --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ToMandatoryLabelPolicy</maml:name> <maml:description> <maml:para>Return access as ManadatoryLabelPolicy.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ToSpecificAccess --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ToSpecificAccess</maml:name> <maml:description> <maml:para>Return access as specific access type based on the type enumeration.</maml:para> <maml:para>Possible values: None, ALPCPort, DebugObject, Desktop, Directory, Event, File, Device, IoCompletion, Job, Key, Mutant, Partition, Process, RegistryTransaction, Section, Semaphore, Session, SymbolicLink, Thread, Token, TmTx, WindowStation, TmRm, TmEn, TmTm, Transaction, ResourceManager, Enlistment, TransactionManager</maml:para> </maml:description> <command:parameterValue required="true">SpecificAccessType</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SpecificAccessType</maml:name> <maml:uri /> <maml:description> <maml:para>Enumeration for specific access type mapping.</maml:para> </maml:description> </dev:type> <dev:defaultValue>None</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ALPCPort</command:parameterValue> <command:parameterValue required="false" variableLength="false">DebugObject</command:parameterValue> <command:parameterValue required="false" variableLength="false">Desktop</command:parameterValue> <command:parameterValue required="false" variableLength="false">Directory</command:parameterValue> <command:parameterValue required="false" variableLength="false">Event</command:parameterValue> <command:parameterValue required="false" variableLength="false">File</command:parameterValue> <command:parameterValue required="false" variableLength="false">Device</command:parameterValue> <command:parameterValue required="false" variableLength="false">IoCompletion</command:parameterValue> <command:parameterValue required="false" variableLength="false">Job</command:parameterValue> <command:parameterValue required="false" variableLength="false">Key</command:parameterValue> <command:parameterValue required="false" variableLength="false">Mutant</command:parameterValue> <command:parameterValue required="false" variableLength="false">Partition</command:parameterValue> <command:parameterValue required="false" variableLength="false">Process</command:parameterValue> <command:parameterValue required="false" variableLength="false">RegistryTransaction</command:parameterValue> <command:parameterValue required="false" variableLength="false">Section</command:parameterValue> <command:parameterValue required="false" variableLength="false">Semaphore</command:parameterValue> <command:parameterValue required="false" variableLength="false">Session</command:parameterValue> <command:parameterValue required="false" variableLength="false">SymbolicLink</command:parameterValue> <command:parameterValue required="false" variableLength="false">Thread</command:parameterValue> <command:parameterValue required="false" variableLength="false">Token</command:parameterValue> <command:parameterValue required="false" variableLength="false">TmTx</command:parameterValue> <command:parameterValue required="false" variableLength="false">WindowStation</command:parameterValue> <command:parameterValue required="false" variableLength="false">TmRm</command:parameterValue> <command:parameterValue required="false" variableLength="false">TmEn</command:parameterValue> <command:parameterValue required="false" variableLength="false">TmTm</command:parameterValue> <command:parameterValue required="false" variableLength="false">Transaction</command:parameterValue> <command:parameterValue required="false" variableLength="false">ResourceManager</command:parameterValue> <command:parameterValue required="false" variableLength="false">Enlistment</command:parameterValue> <command:parameterValue required="false" variableLength="false">TransactionManager</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: ToTypeAccess --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ToTypeAccess</maml:name> <maml:description> <maml:para>Return access as specific access type based on the NtType object.</maml:para> </maml:description> <command:parameterValue required="true">NtType</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtType</maml:name> <maml:uri /> </dev:type> </command:parameter> </command:syntaxItem> <!-- Parameter set: FromKey --> <command:syntaxItem> <maml:name>Get-NtAccessMask</maml:name> <!-- Parameter: KeyAccess --> <command:parameter required="true" globbing="false" pipelineInput="false" position="named"> <maml:name>KeyAccess</maml:name> <maml:description> <maml:para>Specify Key access rights.</maml:para> <maml:para>Possible values: QueryValue, SetValue, CreateSubKey, EnumerateSubKeys, Notify, CreateLink, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">KeyAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.KeyAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>0</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">QueryValue</command:parameterValue> <command:parameterValue required="false" variableLength="false">SetValue</command:parameterValue> <command:parameterValue required="false" variableLength="false">CreateSubKey</command:parameterValue> <command:parameterValue required="false" variableLength="false">EnumerateSubKeys</command:parameterValue> <command:parameterValue required="false" variableLength="false">Notify</command:parameterValue> <command:parameterValue required="false" variableLength="false">CreateLink</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: MapGenericRights --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>MapGenericRights</maml:name> <maml:description> <maml:para>Specify that any generic rights should be mapped to type specific rights.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ToGenericAccess --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ToGenericAccess</maml:name> <maml:description> <maml:para>Return access as GenericAccess.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ToMandatoryLabelPolicy --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ToMandatoryLabelPolicy</maml:name> <maml:description> <maml:para>Return access as ManadatoryLabelPolicy.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ToSpecificAccess --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ToSpecificAccess</maml:name> <maml:description> <maml:para>Return access as specific access type based on the type enumeration.</maml:para> <maml:para>Possible values: None, ALPCPort, DebugObject, Desktop, Directory, Event, File, Device, IoCompletion, Job, Key, Mutant, Partition, Process, RegistryTransaction, Section, Semaphore, Session, SymbolicLink, Thread, Token, TmTx, WindowStation, TmRm, TmEn, TmTm, Transaction, ResourceManager, Enlistment, TransactionManager</maml:para> </maml:description> <command:parameterValue required="true">SpecificAccessType</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SpecificAccessType</maml:name> <maml:uri /> <maml:description> <maml:para>Enumeration for specific access type mapping.</maml:para> </maml:description> </dev:type> <dev:defaultValue>None</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ALPCPort</command:parameterValue> <command:parameterValue required="false" variableLength="false">DebugObject</command:parameterValue> <command:parameterValue required="false" variableLength="false">Desktop</command:parameterValue> <command:parameterValue required="false" variableLength="false">Directory</command:parameterValue> <command:parameterValue required="false" variableLength="false">Event</command:parameterValue> <command:parameterValue required="false" variableLength="false">File</command:parameterValue> <command:parameterValue required="false" variableLength="false">Device</command:parameterValue> <command:parameterValue required="false" variableLength="false">IoCompletion</command:parameterValue> <command:parameterValue required="false" variableLength="false">Job</command:parameterValue> <command:parameterValue required="false" variableLength="false">Key</command:parameterValue> <command:parameterValue required="false" variableLength="false">Mutant</command:parameterValue> <command:parameterValue required="false" variableLength="false">Partition</command:parameterValue> <command:parameterValue required="false" variableLength="false">Process</command:parameterValue> <command:parameterValue required="false" variableLength="false">RegistryTransaction</command:parameterValue> <command:parameterValue required="false" variableLength="false">Section</command:parameterValue> <command:parameterValue required="false" variableLength="false">Semaphore</command:parameterValue> <command:parameterValue required="false" variableLength="false">Session</command:parameterValue> <command:parameterValue required="false" variableLength="false">SymbolicLink</command:parameterValue> <command:parameterValue required="false" variableLength="false">Thread</command:parameterValue> <command:parameterValue required="false" variableLength="false">Token</command:parameterValue> <command:parameterValue required="false" variableLength="false">TmTx</command:parameterValue> <command:parameterValue required="false" variableLength="false">WindowStation</command:parameterValue> <command:parameterValue required="false" variableLength="false">TmRm</command:parameterValue> <command:parameterValue required="false" variableLength="false">TmEn</command:parameterValue> <command:parameterValue required="false" variableLength="false">TmTm</command:parameterValue> <command:parameterValue required="false" variableLength="false">Transaction</command:parameterValue> <command:parameterValue required="false" variableLength="false">ResourceManager</command:parameterValue> <command:parameterValue required="false" variableLength="false">Enlistment</command:parameterValue> <command:parameterValue required="false" variableLength="false">TransactionManager</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: ToTypeAccess --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ToTypeAccess</maml:name> <maml:description> <maml:para>Return access as specific access type based on the NtType object.</maml:para> </maml:description> <command:parameterValue required="true">NtType</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtType</maml:name> <maml:uri /> </dev:type> </command:parameter> </command:syntaxItem> <!-- Parameter set: FromEvent --> <command:syntaxItem> <maml:name>Get-NtAccessMask</maml:name> <!-- Parameter: EventAccess --> <command:parameter required="true" globbing="false" pipelineInput="false" position="named"> <maml:name>EventAccess</maml:name> <maml:description> <maml:para>Specify Event access rights.</maml:para> <maml:para>Possible values: QueryState, ModifyState, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">EventAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.EventAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>0</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">QueryState</command:parameterValue> <command:parameterValue required="false" variableLength="false">ModifyState</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: MapGenericRights --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>MapGenericRights</maml:name> <maml:description> <maml:para>Specify that any generic rights should be mapped to type specific rights.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ToGenericAccess --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ToGenericAccess</maml:name> <maml:description> <maml:para>Return access as GenericAccess.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ToMandatoryLabelPolicy --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ToMandatoryLabelPolicy</maml:name> <maml:description> <maml:para>Return access as ManadatoryLabelPolicy.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ToSpecificAccess --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ToSpecificAccess</maml:name> <maml:description> <maml:para>Return access as specific access type based on the type enumeration.</maml:para> <maml:para>Possible values: None, ALPCPort, DebugObject, Desktop, Directory, Event, File, Device, IoCompletion, Job, Key, Mutant, Partition, Process, RegistryTransaction, Section, Semaphore, Session, SymbolicLink, Thread, Token, TmTx, WindowStation, TmRm, TmEn, TmTm, Transaction, ResourceManager, Enlistment, TransactionManager</maml:para> </maml:description> <command:parameterValue required="true">SpecificAccessType</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SpecificAccessType</maml:name> <maml:uri /> <maml:description> <maml:para>Enumeration for specific access type mapping.</maml:para> </maml:description> </dev:type> <dev:defaultValue>None</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ALPCPort</command:parameterValue> <command:parameterValue required="false" variableLength="false">DebugObject</command:parameterValue> <command:parameterValue required="false" variableLength="false">Desktop</command:parameterValue> <command:parameterValue required="false" variableLength="false">Directory</command:parameterValue> <command:parameterValue required="false" variableLength="false">Event</command:parameterValue> <command:parameterValue required="false" variableLength="false">File</command:parameterValue> <command:parameterValue required="false" variableLength="false">Device</command:parameterValue> <command:parameterValue required="false" variableLength="false">IoCompletion</command:parameterValue> <command:parameterValue required="false" variableLength="false">Job</command:parameterValue> <command:parameterValue required="false" variableLength="false">Key</command:parameterValue> <command:parameterValue required="false" variableLength="false">Mutant</command:parameterValue> <command:parameterValue required="false" variableLength="false">Partition</command:parameterValue> <command:parameterValue required="false" variableLength="false">Process</command:parameterValue> <command:parameterValue required="false" variableLength="false">RegistryTransaction</command:parameterValue> <command:parameterValue required="false" variableLength="false">Section</command:parameterValue> <command:parameterValue required="false" variableLength="false">Semaphore</command:parameterValue> <command:parameterValue required="false" variableLength="false">Session</command:parameterValue> <command:parameterValue required="false" variableLength="false">SymbolicLink</command:parameterValue> <command:parameterValue required="false" variableLength="false">Thread</command:parameterValue> <command:parameterValue required="false" variableLength="false">Token</command:parameterValue> <command:parameterValue required="false" variableLength="false">TmTx</command:parameterValue> <command:parameterValue required="false" variableLength="false">WindowStation</command:parameterValue> <command:parameterValue required="false" variableLength="false">TmRm</command:parameterValue> <command:parameterValue required="false" variableLength="false">TmEn</command:parameterValue> <command:parameterValue required="false" variableLength="false">TmTm</command:parameterValue> <command:parameterValue required="false" variableLength="false">Transaction</command:parameterValue> <command:parameterValue required="false" variableLength="false">ResourceManager</command:parameterValue> <command:parameterValue required="false" variableLength="false">Enlistment</command:parameterValue> <command:parameterValue required="false" variableLength="false">TransactionManager</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: ToTypeAccess --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ToTypeAccess</maml:name> <maml:description> <maml:para>Return access as specific access type based on the NtType object.</maml:para> </maml:description> <command:parameterValue required="true">NtType</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtType</maml:name> <maml:uri /> </dev:type> </command:parameter> </command:syntaxItem> <!-- Parameter set: FromSymbolicLink --> <command:syntaxItem> <maml:name>Get-NtAccessMask</maml:name> <!-- Parameter: SymbolicLinkAccess --> <command:parameter required="true" globbing="false" pipelineInput="false" position="named"> <maml:name>SymbolicLinkAccess</maml:name> <maml:description> <maml:para>Specify Symbolic Link access rights.</maml:para> <maml:para>Possible values: Query, Set, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed</maml:para> </maml:description> <command:parameterValue required="true">SymbolicLinkAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SymbolicLinkAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>0</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">Query</command:parameterValue> <command:parameterValue required="false" variableLength="false">Set</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: MapGenericRights --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>MapGenericRights</maml:name> <maml:description> <maml:para>Specify that any generic rights should be mapped to type specific rights.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ToGenericAccess --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ToGenericAccess</maml:name> <maml:description> <maml:para>Return access as GenericAccess.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ToMandatoryLabelPolicy --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ToMandatoryLabelPolicy</maml:name> <maml:description> <maml:para>Return access as ManadatoryLabelPolicy.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ToSpecificAccess --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ToSpecificAccess</maml:name> <maml:description> <maml:para>Return access as specific access type based on the type enumeration.</maml:para> <maml:para>Possible values: None, ALPCPort, DebugObject, Desktop, Directory, Event, File, Device, IoCompletion, Job, Key, Mutant, Partition, Process, RegistryTransaction, Section, Semaphore, Session, SymbolicLink, Thread, Token, TmTx, WindowStation, TmRm, TmEn, TmTm, Transaction, ResourceManager, Enlistment, TransactionManager</maml:para> </maml:description> <command:parameterValue required="true">SpecificAccessType</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SpecificAccessType</maml:name> <maml:uri /> <maml:description> <maml:para>Enumeration for specific access type mapping.</maml:para> </maml:description> </dev:type> <dev:defaultValue>None</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ALPCPort</command:parameterValue> <command:parameterValue required="false" variableLength="false">DebugObject</command:parameterValue> <command:parameterValue required="false" variableLength="false">Desktop</command:parameterValue> <command:parameterValue required="false" variableLength="false">Directory</command:parameterValue> <command:parameterValue required="false" variableLength="false">Event</command:parameterValue> <command:parameterValue required="false" variableLength="false">File</command:parameterValue> <command:parameterValue required="false" variableLength="false">Device</command:parameterValue> <command:parameterValue required="false" variableLength="false">IoCompletion</command:parameterValue> <command:parameterValue required="false" variableLength="false">Job</command:parameterValue> <command:parameterValue required="false" variableLength="false">Key</command:parameterValue> <command:parameterValue required="false" variableLength="false">Mutant</command:parameterValue> <command:parameterValue required="false" variableLength="false">Partition</command:parameterValue> <command:parameterValue required="false" variableLength="false">Process</command:parameterValue> <command:parameterValue required="false" variableLength="false">RegistryTransaction</command:parameterValue> <command:parameterValue required="false" variableLength="false">Section</command:parameterValue> <command:parameterValue required="false" variableLength="false">Semaphore</command:parameterValue> <command:parameterValue required="false" variableLength="false">Session</command:parameterValue> <command:parameterValue required="false" variableLength="false">SymbolicLink</command:parameterValue> <command:parameterValue required="false" variableLength="false">Thread</command:parameterValue> <command:parameterValue required="false" variableLength="false">Token</command:parameterValue> <command:parameterValue required="false" variableLength="false">TmTx</command:parameterValue> <command:parameterValue required="false" variableLength="false">WindowStation</command:parameterValue> <command:parameterValue required="false" variableLength="false">TmRm</command:parameterValue> <command:parameterValue required="false" variableLength="false">TmEn</command:parameterValue> <command:parameterValue required="false" variableLength="false">TmTm</command:parameterValue> <command:parameterValue required="false" variableLength="false">Transaction</command:parameterValue> <command:parameterValue required="false" variableLength="false">ResourceManager</command:parameterValue> <command:parameterValue required="false" variableLength="false">Enlistment</command:parameterValue> <command:parameterValue required="false" variableLength="false">TransactionManager</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: ToTypeAccess --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ToTypeAccess</maml:name> <maml:description> <maml:para>Return access as specific access type based on the NtType object.</maml:para> </maml:description> <command:parameterValue required="true">NtType</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtType</maml:name> <maml:uri /> </dev:type> </command:parameter> </command:syntaxItem> <!-- Parameter set: FromToken --> <command:syntaxItem> <maml:name>Get-NtAccessMask</maml:name> <!-- Parameter: TokenAccess --> <command:parameter required="true" globbing="false" pipelineInput="false" position="named"> <maml:name>TokenAccess</maml:name> <maml:description> <maml:para>Specify Token access rights.</maml:para> <maml:para>Possible values: AssignPrimary, Duplicate, Impersonate, Query, QuerySource, AdjustPrivileges, AdjustGroups, AdjustDefault, AdjustSessionId, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">TokenAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.TokenAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>0</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">AssignPrimary</command:parameterValue> <command:parameterValue required="false" variableLength="false">Duplicate</command:parameterValue> <command:parameterValue required="false" variableLength="false">Impersonate</command:parameterValue> <command:parameterValue required="false" variableLength="false">Query</command:parameterValue> <command:parameterValue required="false" variableLength="false">QuerySource</command:parameterValue> <command:parameterValue required="false" variableLength="false">AdjustPrivileges</command:parameterValue> <command:parameterValue required="false" variableLength="false">AdjustGroups</command:parameterValue> <command:parameterValue required="false" variableLength="false">AdjustDefault</command:parameterValue> <command:parameterValue required="false" variableLength="false">AdjustSessionId</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: MapGenericRights --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>MapGenericRights</maml:name> <maml:description> <maml:para>Specify that any generic rights should be mapped to type specific rights.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ToGenericAccess --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ToGenericAccess</maml:name> <maml:description> <maml:para>Return access as GenericAccess.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ToMandatoryLabelPolicy --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ToMandatoryLabelPolicy</maml:name> <maml:description> <maml:para>Return access as ManadatoryLabelPolicy.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ToSpecificAccess --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ToSpecificAccess</maml:name> <maml:description> <maml:para>Return access as specific access type based on the type enumeration.</maml:para> <maml:para>Possible values: None, ALPCPort, DebugObject, Desktop, Directory, Event, File, Device, IoCompletion, Job, Key, Mutant, Partition, Process, RegistryTransaction, Section, Semaphore, Session, SymbolicLink, Thread, Token, TmTx, WindowStation, TmRm, TmEn, TmTm, Transaction, ResourceManager, Enlistment, TransactionManager</maml:para> </maml:description> <command:parameterValue required="true">SpecificAccessType</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SpecificAccessType</maml:name> <maml:uri /> <maml:description> <maml:para>Enumeration for specific access type mapping.</maml:para> </maml:description> </dev:type> <dev:defaultValue>None</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ALPCPort</command:parameterValue> <command:parameterValue required="false" variableLength="false">DebugObject</command:parameterValue> <command:parameterValue required="false" variableLength="false">Desktop</command:parameterValue> <command:parameterValue required="false" variableLength="false">Directory</command:parameterValue> <command:parameterValue required="false" variableLength="false">Event</command:parameterValue> <command:parameterValue required="false" variableLength="false">File</command:parameterValue> <command:parameterValue required="false" variableLength="false">Device</command:parameterValue> <command:parameterValue required="false" variableLength="false">IoCompletion</command:parameterValue> <command:parameterValue required="false" variableLength="false">Job</command:parameterValue> <command:parameterValue required="false" variableLength="false">Key</command:parameterValue> <command:parameterValue required="false" variableLength="false">Mutant</command:parameterValue> <command:parameterValue required="false" variableLength="false">Partition</command:parameterValue> <command:parameterValue required="false" variableLength="false">Process</command:parameterValue> <command:parameterValue required="false" variableLength="false">RegistryTransaction</command:parameterValue> <command:parameterValue required="false" variableLength="false">Section</command:parameterValue> <command:parameterValue required="false" variableLength="false">Semaphore</command:parameterValue> <command:parameterValue required="false" variableLength="false">Session</command:parameterValue> <command:parameterValue required="false" variableLength="false">SymbolicLink</command:parameterValue> <command:parameterValue required="false" variableLength="false">Thread</command:parameterValue> <command:parameterValue required="false" variableLength="false">Token</command:parameterValue> <command:parameterValue required="false" variableLength="false">TmTx</command:parameterValue> <command:parameterValue required="false" variableLength="false">WindowStation</command:parameterValue> <command:parameterValue required="false" variableLength="false">TmRm</command:parameterValue> <command:parameterValue required="false" variableLength="false">TmEn</command:parameterValue> <command:parameterValue required="false" variableLength="false">TmTm</command:parameterValue> <command:parameterValue required="false" variableLength="false">Transaction</command:parameterValue> <command:parameterValue required="false" variableLength="false">ResourceManager</command:parameterValue> <command:parameterValue required="false" variableLength="false">Enlistment</command:parameterValue> <command:parameterValue required="false" variableLength="false">TransactionManager</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: ToTypeAccess --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ToTypeAccess</maml:name> <maml:description> <maml:para>Return access as specific access type based on the NtType object.</maml:para> </maml:description> <command:parameterValue required="true">NtType</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtType</maml:name> <maml:uri /> </dev:type> </command:parameter> </command:syntaxItem> <!-- Parameter set: FromGeneric --> <command:syntaxItem> <maml:name>Get-NtAccessMask</maml:name> <!-- Parameter: GenericAccess --> <command:parameter required="true" globbing="false" pipelineInput="false" position="named"> <maml:name>GenericAccess</maml:name> <maml:description> <maml:para>Specify Generic access rights.</maml:para> <maml:para>Possible values: None, Access0, Access1, Access2, Access3, Access4, Access5, Access6, Access7, Access8, Access9, Access10, Access11, Access12, Access13, Access14, Access15, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, AccessSystemSecurity, MaximumAllowed, GenericAll, GenericExecute, GenericWrite, GenericRead</maml:para> </maml:description> <command:parameterValue required="true">GenericAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.GenericAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">Access0</command:parameterValue> <command:parameterValue required="false" variableLength="false">Access1</command:parameterValue> <command:parameterValue required="false" variableLength="false">Access2</command:parameterValue> <command:parameterValue required="false" variableLength="false">Access3</command:parameterValue> <command:parameterValue required="false" variableLength="false">Access4</command:parameterValue> <command:parameterValue required="false" variableLength="false">Access5</command:parameterValue> <command:parameterValue required="false" variableLength="false">Access6</command:parameterValue> <command:parameterValue required="false" variableLength="false">Access7</command:parameterValue> <command:parameterValue required="false" variableLength="false">Access8</command:parameterValue> <command:parameterValue required="false" variableLength="false">Access9</command:parameterValue> <command:parameterValue required="false" variableLength="false">Access10</command:parameterValue> <command:parameterValue required="false" variableLength="false">Access11</command:parameterValue> <command:parameterValue required="false" variableLength="false">Access12</command:parameterValue> <command:parameterValue required="false" variableLength="false">Access13</command:parameterValue> <command:parameterValue required="false" variableLength="false">Access14</command:parameterValue> <command:parameterValue required="false" variableLength="false">Access15</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: MapGenericRights --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>MapGenericRights</maml:name> <maml:description> <maml:para>Specify that any generic rights should be mapped to type specific rights.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ToGenericAccess --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ToGenericAccess</maml:name> <maml:description> <maml:para>Return access as GenericAccess.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ToMandatoryLabelPolicy --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ToMandatoryLabelPolicy</maml:name> <maml:description> <maml:para>Return access as ManadatoryLabelPolicy.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ToSpecificAccess --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ToSpecificAccess</maml:name> <maml:description> <maml:para>Return access as specific access type based on the type enumeration.</maml:para> <maml:para>Possible values: None, ALPCPort, DebugObject, Desktop, Directory, Event, File, Device, IoCompletion, Job, Key, Mutant, Partition, Process, RegistryTransaction, Section, Semaphore, Session, SymbolicLink, Thread, Token, TmTx, WindowStation, TmRm, TmEn, TmTm, Transaction, ResourceManager, Enlistment, TransactionManager</maml:para> </maml:description> <command:parameterValue required="true">SpecificAccessType</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SpecificAccessType</maml:name> <maml:uri /> <maml:description> <maml:para>Enumeration for specific access type mapping.</maml:para> </maml:description> </dev:type> <dev:defaultValue>None</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ALPCPort</command:parameterValue> <command:parameterValue required="false" variableLength="false">DebugObject</command:parameterValue> <command:parameterValue required="false" variableLength="false">Desktop</command:parameterValue> <command:parameterValue required="false" variableLength="false">Directory</command:parameterValue> <command:parameterValue required="false" variableLength="false">Event</command:parameterValue> <command:parameterValue required="false" variableLength="false">File</command:parameterValue> <command:parameterValue required="false" variableLength="false">Device</command:parameterValue> <command:parameterValue required="false" variableLength="false">IoCompletion</command:parameterValue> <command:parameterValue required="false" variableLength="false">Job</command:parameterValue> <command:parameterValue required="false" variableLength="false">Key</command:parameterValue> <command:parameterValue required="false" variableLength="false">Mutant</command:parameterValue> <command:parameterValue required="false" variableLength="false">Partition</command:parameterValue> <command:parameterValue required="false" variableLength="false">Process</command:parameterValue> <command:parameterValue required="false" variableLength="false">RegistryTransaction</command:parameterValue> <command:parameterValue required="false" variableLength="false">Section</command:parameterValue> <command:parameterValue required="false" variableLength="false">Semaphore</command:parameterValue> <command:parameterValue required="false" variableLength="false">Session</command:parameterValue> <command:parameterValue required="false" variableLength="false">SymbolicLink</command:parameterValue> <command:parameterValue required="false" variableLength="false">Thread</command:parameterValue> <command:parameterValue required="false" variableLength="false">Token</command:parameterValue> <command:parameterValue required="false" variableLength="false">TmTx</command:parameterValue> <command:parameterValue required="false" variableLength="false">WindowStation</command:parameterValue> <command:parameterValue required="false" variableLength="false">TmRm</command:parameterValue> <command:parameterValue required="false" variableLength="false">TmEn</command:parameterValue> <command:parameterValue required="false" variableLength="false">TmTm</command:parameterValue> <command:parameterValue required="false" variableLength="false">Transaction</command:parameterValue> <command:parameterValue required="false" variableLength="false">ResourceManager</command:parameterValue> <command:parameterValue required="false" variableLength="false">Enlistment</command:parameterValue> <command:parameterValue required="false" variableLength="false">TransactionManager</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: ToTypeAccess --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ToTypeAccess</maml:name> <maml:description> <maml:para>Return access as specific access type based on the NtType object.</maml:para> </maml:description> <command:parameterValue required="true">NtType</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtType</maml:name> <maml:uri /> </dev:type> </command:parameter> </command:syntaxItem> <!-- Parameter set: FromDirectory --> <command:syntaxItem> <maml:name>Get-NtAccessMask</maml:name> <!-- Parameter: DirectoryAccess --> <command:parameter required="true" globbing="false" pipelineInput="false" position="named"> <maml:name>DirectoryAccess</maml:name> <maml:description> <maml:para>Specify Directory access rights.</maml:para> <maml:para>Possible values: Query, Traverse, CreateObject, CreateSubDirectory, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">DirectoryAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.DirectoryAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>0</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">Query</command:parameterValue> <command:parameterValue required="false" variableLength="false">Traverse</command:parameterValue> <command:parameterValue required="false" variableLength="false">CreateObject</command:parameterValue> <command:parameterValue required="false" variableLength="false">CreateSubDirectory</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: MapGenericRights --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>MapGenericRights</maml:name> <maml:description> <maml:para>Specify that any generic rights should be mapped to type specific rights.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ToGenericAccess --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ToGenericAccess</maml:name> <maml:description> <maml:para>Return access as GenericAccess.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ToMandatoryLabelPolicy --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ToMandatoryLabelPolicy</maml:name> <maml:description> <maml:para>Return access as ManadatoryLabelPolicy.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ToSpecificAccess --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ToSpecificAccess</maml:name> <maml:description> <maml:para>Return access as specific access type based on the type enumeration.</maml:para> <maml:para>Possible values: None, ALPCPort, DebugObject, Desktop, Directory, Event, File, Device, IoCompletion, Job, Key, Mutant, Partition, Process, RegistryTransaction, Section, Semaphore, Session, SymbolicLink, Thread, Token, TmTx, WindowStation, TmRm, TmEn, TmTm, Transaction, ResourceManager, Enlistment, TransactionManager</maml:para> </maml:description> <command:parameterValue required="true">SpecificAccessType</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SpecificAccessType</maml:name> <maml:uri /> <maml:description> <maml:para>Enumeration for specific access type mapping.</maml:para> </maml:description> </dev:type> <dev:defaultValue>None</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ALPCPort</command:parameterValue> <command:parameterValue required="false" variableLength="false">DebugObject</command:parameterValue> <command:parameterValue required="false" variableLength="false">Desktop</command:parameterValue> <command:parameterValue required="false" variableLength="false">Directory</command:parameterValue> <command:parameterValue required="false" variableLength="false">Event</command:parameterValue> <command:parameterValue required="false" variableLength="false">File</command:parameterValue> <command:parameterValue required="false" variableLength="false">Device</command:parameterValue> <command:parameterValue required="false" variableLength="false">IoCompletion</command:parameterValue> <command:parameterValue required="false" variableLength="false">Job</command:parameterValue> <command:parameterValue required="false" variableLength="false">Key</command:parameterValue> <command:parameterValue required="false" variableLength="false">Mutant</command:parameterValue> <command:parameterValue required="false" variableLength="false">Partition</command:parameterValue> <command:parameterValue required="false" variableLength="false">Process</command:parameterValue> <command:parameterValue required="false" variableLength="false">RegistryTransaction</command:parameterValue> <command:parameterValue required="false" variableLength="false">Section</command:parameterValue> <command:parameterValue required="false" variableLength="false">Semaphore</command:parameterValue> <command:parameterValue required="false" variableLength="false">Session</command:parameterValue> <command:parameterValue required="false" variableLength="false">SymbolicLink</command:parameterValue> <command:parameterValue required="false" variableLength="false">Thread</command:parameterValue> <command:parameterValue required="false" variableLength="false">Token</command:parameterValue> <command:parameterValue required="false" variableLength="false">TmTx</command:parameterValue> <command:parameterValue required="false" variableLength="false">WindowStation</command:parameterValue> <command:parameterValue required="false" variableLength="false">TmRm</command:parameterValue> <command:parameterValue required="false" variableLength="false">TmEn</command:parameterValue> <command:parameterValue required="false" variableLength="false">TmTm</command:parameterValue> <command:parameterValue required="false" variableLength="false">Transaction</command:parameterValue> <command:parameterValue required="false" variableLength="false">ResourceManager</command:parameterValue> <command:parameterValue required="false" variableLength="false">Enlistment</command:parameterValue> <command:parameterValue required="false" variableLength="false">TransactionManager</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: ToTypeAccess --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ToTypeAccess</maml:name> <maml:description> <maml:para>Return access as specific access type based on the NtType object.</maml:para> </maml:description> <command:parameterValue required="true">NtType</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtType</maml:name> <maml:uri /> </dev:type> </command:parameter> </command:syntaxItem> <!-- Parameter set: FromThread --> <command:syntaxItem> <maml:name>Get-NtAccessMask</maml:name> <!-- Parameter: ThreadAccess --> <command:parameter required="true" globbing="false" pipelineInput="false" position="named"> <maml:name>ThreadAccess</maml:name> <maml:description> <maml:para>Specify Thread access rights.</maml:para> <maml:para>Possible values: Terminate, SuspendResume, Alert, GetContext, SetContext, SetInformation, QueryInformation, SetThreadToken, Impersonate, DirectImpersonation, SetLimitedInformation, QueryLimitedInformation, Resume, AllAccess, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">ThreadAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.ThreadAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>0</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">Terminate</command:parameterValue> <command:parameterValue required="false" variableLength="false">SuspendResume</command:parameterValue> <command:parameterValue required="false" variableLength="false">Alert</command:parameterValue> <command:parameterValue required="false" variableLength="false">GetContext</command:parameterValue> <command:parameterValue required="false" variableLength="false">SetContext</command:parameterValue> <command:parameterValue required="false" variableLength="false">SetInformation</command:parameterValue> <command:parameterValue required="false" variableLength="false">QueryInformation</command:parameterValue> <command:parameterValue required="false" variableLength="false">SetThreadToken</command:parameterValue> <command:parameterValue required="false" variableLength="false">Impersonate</command:parameterValue> <command:parameterValue required="false" variableLength="false">DirectImpersonation</command:parameterValue> <command:parameterValue required="false" variableLength="false">SetLimitedInformation</command:parameterValue> <command:parameterValue required="false" variableLength="false">QueryLimitedInformation</command:parameterValue> <command:parameterValue required="false" variableLength="false">Resume</command:parameterValue> <command:parameterValue required="false" variableLength="false">AllAccess</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: MapGenericRights --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>MapGenericRights</maml:name> <maml:description> <maml:para>Specify that any generic rights should be mapped to type specific rights.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ToGenericAccess --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ToGenericAccess</maml:name> <maml:description> <maml:para>Return access as GenericAccess.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ToMandatoryLabelPolicy --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ToMandatoryLabelPolicy</maml:name> <maml:description> <maml:para>Return access as ManadatoryLabelPolicy.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ToSpecificAccess --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ToSpecificAccess</maml:name> <maml:description> <maml:para>Return access as specific access type based on the type enumeration.</maml:para> <maml:para>Possible values: None, ALPCPort, DebugObject, Desktop, Directory, Event, File, Device, IoCompletion, Job, Key, Mutant, Partition, Process, RegistryTransaction, Section, Semaphore, Session, SymbolicLink, Thread, Token, TmTx, WindowStation, TmRm, TmEn, TmTm, Transaction, ResourceManager, Enlistment, TransactionManager</maml:para> </maml:description> <command:parameterValue required="true">SpecificAccessType</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SpecificAccessType</maml:name> <maml:uri /> <maml:description> <maml:para>Enumeration for specific access type mapping.</maml:para> </maml:description> </dev:type> <dev:defaultValue>None</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ALPCPort</command:parameterValue> <command:parameterValue required="false" variableLength="false">DebugObject</command:parameterValue> <command:parameterValue required="false" variableLength="false">Desktop</command:parameterValue> <command:parameterValue required="false" variableLength="false">Directory</command:parameterValue> <command:parameterValue required="false" variableLength="false">Event</command:parameterValue> <command:parameterValue required="false" variableLength="false">File</command:parameterValue> <command:parameterValue required="false" variableLength="false">Device</command:parameterValue> <command:parameterValue required="false" variableLength="false">IoCompletion</command:parameterValue> <command:parameterValue required="false" variableLength="false">Job</command:parameterValue> <command:parameterValue required="false" variableLength="false">Key</command:parameterValue> <command:parameterValue required="false" variableLength="false">Mutant</command:parameterValue> <command:parameterValue required="false" variableLength="false">Partition</command:parameterValue> <command:parameterValue required="false" variableLength="false">Process</command:parameterValue> <command:parameterValue required="false" variableLength="false">RegistryTransaction</command:parameterValue> <command:parameterValue required="false" variableLength="false">Section</command:parameterValue> <command:parameterValue required="false" variableLength="false">Semaphore</command:parameterValue> <command:parameterValue required="false" variableLength="false">Session</command:parameterValue> <command:parameterValue required="false" variableLength="false">SymbolicLink</command:parameterValue> <command:parameterValue required="false" variableLength="false">Thread</command:parameterValue> <command:parameterValue required="false" variableLength="false">Token</command:parameterValue> <command:parameterValue required="false" variableLength="false">TmTx</command:parameterValue> <command:parameterValue required="false" variableLength="false">WindowStation</command:parameterValue> <command:parameterValue required="false" variableLength="false">TmRm</command:parameterValue> <command:parameterValue required="false" variableLength="false">TmEn</command:parameterValue> <command:parameterValue required="false" variableLength="false">TmTm</command:parameterValue> <command:parameterValue required="false" variableLength="false">Transaction</command:parameterValue> <command:parameterValue required="false" variableLength="false">ResourceManager</command:parameterValue> <command:parameterValue required="false" variableLength="false">Enlistment</command:parameterValue> <command:parameterValue required="false" variableLength="false">TransactionManager</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: ToTypeAccess --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ToTypeAccess</maml:name> <maml:description> <maml:para>Return access as specific access type based on the NtType object.</maml:para> </maml:description> <command:parameterValue required="true">NtType</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtType</maml:name> <maml:uri /> </dev:type> </command:parameter> </command:syntaxItem> <!-- Parameter set: FromDebugObject --> <command:syntaxItem> <maml:name>Get-NtAccessMask</maml:name> <!-- Parameter: DebugObjectAccess --> <command:parameter required="true" globbing="false" pipelineInput="false" position="named"> <maml:name>DebugObjectAccess</maml:name> <maml:description> <maml:para>Specify Debug Object access rights.</maml:para> <maml:para>Possible values: ReadEvent, ProcessAssign, SetInformation, QueryInformation, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">DebugAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.DebugAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>0</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">ReadEvent</command:parameterValue> <command:parameterValue required="false" variableLength="false">ProcessAssign</command:parameterValue> <command:parameterValue required="false" variableLength="false">SetInformation</command:parameterValue> <command:parameterValue required="false" variableLength="false">QueryInformation</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: MapGenericRights --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>MapGenericRights</maml:name> <maml:description> <maml:para>Specify that any generic rights should be mapped to type specific rights.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ToGenericAccess --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ToGenericAccess</maml:name> <maml:description> <maml:para>Return access as GenericAccess.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ToMandatoryLabelPolicy --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ToMandatoryLabelPolicy</maml:name> <maml:description> <maml:para>Return access as ManadatoryLabelPolicy.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ToSpecificAccess --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ToSpecificAccess</maml:name> <maml:description> <maml:para>Return access as specific access type based on the type enumeration.</maml:para> <maml:para>Possible values: None, ALPCPort, DebugObject, Desktop, Directory, Event, File, Device, IoCompletion, Job, Key, Mutant, Partition, Process, RegistryTransaction, Section, Semaphore, Session, SymbolicLink, Thread, Token, TmTx, WindowStation, TmRm, TmEn, TmTm, Transaction, ResourceManager, Enlistment, TransactionManager</maml:para> </maml:description> <command:parameterValue required="true">SpecificAccessType</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SpecificAccessType</maml:name> <maml:uri /> <maml:description> <maml:para>Enumeration for specific access type mapping.</maml:para> </maml:description> </dev:type> <dev:defaultValue>None</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ALPCPort</command:parameterValue> <command:parameterValue required="false" variableLength="false">DebugObject</command:parameterValue> <command:parameterValue required="false" variableLength="false">Desktop</command:parameterValue> <command:parameterValue required="false" variableLength="false">Directory</command:parameterValue> <command:parameterValue required="false" variableLength="false">Event</command:parameterValue> <command:parameterValue required="false" variableLength="false">File</command:parameterValue> <command:parameterValue required="false" variableLength="false">Device</command:parameterValue> <command:parameterValue required="false" variableLength="false">IoCompletion</command:parameterValue> <command:parameterValue required="false" variableLength="false">Job</command:parameterValue> <command:parameterValue required="false" variableLength="false">Key</command:parameterValue> <command:parameterValue required="false" variableLength="false">Mutant</command:parameterValue> <command:parameterValue required="false" variableLength="false">Partition</command:parameterValue> <command:parameterValue required="false" variableLength="false">Process</command:parameterValue> <command:parameterValue required="false" variableLength="false">RegistryTransaction</command:parameterValue> <command:parameterValue required="false" variableLength="false">Section</command:parameterValue> <command:parameterValue required="false" variableLength="false">Semaphore</command:parameterValue> <command:parameterValue required="false" variableLength="false">Session</command:parameterValue> <command:parameterValue required="false" variableLength="false">SymbolicLink</command:parameterValue> <command:parameterValue required="false" variableLength="false">Thread</command:parameterValue> <command:parameterValue required="false" variableLength="false">Token</command:parameterValue> <command:parameterValue required="false" variableLength="false">TmTx</command:parameterValue> <command:parameterValue required="false" variableLength="false">WindowStation</command:parameterValue> <command:parameterValue required="false" variableLength="false">TmRm</command:parameterValue> <command:parameterValue required="false" variableLength="false">TmEn</command:parameterValue> <command:parameterValue required="false" variableLength="false">TmTm</command:parameterValue> <command:parameterValue required="false" variableLength="false">Transaction</command:parameterValue> <command:parameterValue required="false" variableLength="false">ResourceManager</command:parameterValue> <command:parameterValue required="false" variableLength="false">Enlistment</command:parameterValue> <command:parameterValue required="false" variableLength="false">TransactionManager</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: ToTypeAccess --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ToTypeAccess</maml:name> <maml:description> <maml:para>Return access as specific access type based on the NtType object.</maml:para> </maml:description> <command:parameterValue required="true">NtType</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtType</maml:name> <maml:uri /> </dev:type> </command:parameter> </command:syntaxItem> <!-- Parameter set: FromJob --> <command:syntaxItem> <maml:name>Get-NtAccessMask</maml:name> <!-- Parameter: JobAccess --> <command:parameter required="true" globbing="false" pipelineInput="false" position="named"> <maml:name>JobAccess</maml:name> <maml:description> <maml:para>Specify Job access rights.</maml:para> <maml:para>Possible values: None, AssignProcess, SetAttributes, Query, Terminate, SetSecurityAttributes, Impersonate, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">JobAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.JobAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">AssignProcess</command:parameterValue> <command:parameterValue required="false" variableLength="false">SetAttributes</command:parameterValue> <command:parameterValue required="false" variableLength="false">Query</command:parameterValue> <command:parameterValue required="false" variableLength="false">Terminate</command:parameterValue> <command:parameterValue required="false" variableLength="false">SetSecurityAttributes</command:parameterValue> <command:parameterValue required="false" variableLength="false">Impersonate</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: MapGenericRights --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>MapGenericRights</maml:name> <maml:description> <maml:para>Specify that any generic rights should be mapped to type specific rights.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ToGenericAccess --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ToGenericAccess</maml:name> <maml:description> <maml:para>Return access as GenericAccess.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ToMandatoryLabelPolicy --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ToMandatoryLabelPolicy</maml:name> <maml:description> <maml:para>Return access as ManadatoryLabelPolicy.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ToSpecificAccess --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ToSpecificAccess</maml:name> <maml:description> <maml:para>Return access as specific access type based on the type enumeration.</maml:para> <maml:para>Possible values: None, ALPCPort, DebugObject, Desktop, Directory, Event, File, Device, IoCompletion, Job, Key, Mutant, Partition, Process, RegistryTransaction, Section, Semaphore, Session, SymbolicLink, Thread, Token, TmTx, WindowStation, TmRm, TmEn, TmTm, Transaction, ResourceManager, Enlistment, TransactionManager</maml:para> </maml:description> <command:parameterValue required="true">SpecificAccessType</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SpecificAccessType</maml:name> <maml:uri /> <maml:description> <maml:para>Enumeration for specific access type mapping.</maml:para> </maml:description> </dev:type> <dev:defaultValue>None</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ALPCPort</command:parameterValue> <command:parameterValue required="false" variableLength="false">DebugObject</command:parameterValue> <command:parameterValue required="false" variableLength="false">Desktop</command:parameterValue> <command:parameterValue required="false" variableLength="false">Directory</command:parameterValue> <command:parameterValue required="false" variableLength="false">Event</command:parameterValue> <command:parameterValue required="false" variableLength="false">File</command:parameterValue> <command:parameterValue required="false" variableLength="false">Device</command:parameterValue> <command:parameterValue required="false" variableLength="false">IoCompletion</command:parameterValue> <command:parameterValue required="false" variableLength="false">Job</command:parameterValue> <command:parameterValue required="false" variableLength="false">Key</command:parameterValue> <command:parameterValue required="false" variableLength="false">Mutant</command:parameterValue> <command:parameterValue required="false" variableLength="false">Partition</command:parameterValue> <command:parameterValue required="false" variableLength="false">Process</command:parameterValue> <command:parameterValue required="false" variableLength="false">RegistryTransaction</command:parameterValue> <command:parameterValue required="false" variableLength="false">Section</command:parameterValue> <command:parameterValue required="false" variableLength="false">Semaphore</command:parameterValue> <command:parameterValue required="false" variableLength="false">Session</command:parameterValue> <command:parameterValue required="false" variableLength="false">SymbolicLink</command:parameterValue> <command:parameterValue required="false" variableLength="false">Thread</command:parameterValue> <command:parameterValue required="false" variableLength="false">Token</command:parameterValue> <command:parameterValue required="false" variableLength="false">TmTx</command:parameterValue> <command:parameterValue required="false" variableLength="false">WindowStation</command:parameterValue> <command:parameterValue required="false" variableLength="false">TmRm</command:parameterValue> <command:parameterValue required="false" variableLength="false">TmEn</command:parameterValue> <command:parameterValue required="false" variableLength="false">TmTm</command:parameterValue> <command:parameterValue required="false" variableLength="false">Transaction</command:parameterValue> <command:parameterValue required="false" variableLength="false">ResourceManager</command:parameterValue> <command:parameterValue required="false" variableLength="false">Enlistment</command:parameterValue> <command:parameterValue required="false" variableLength="false">TransactionManager</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: ToTypeAccess --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ToTypeAccess</maml:name> <maml:description> <maml:para>Return access as specific access type based on the NtType object.</maml:para> </maml:description> <command:parameterValue required="true">NtType</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtType</maml:name> <maml:uri /> </dev:type> </command:parameter> </command:syntaxItem> <!-- Parameter set: FromProcess --> <command:syntaxItem> <maml:name>Get-NtAccessMask</maml:name> <!-- Parameter: ProcessAccess --> <command:parameter required="true" globbing="false" pipelineInput="false" position="named"> <maml:name>ProcessAccess</maml:name> <maml:description> <maml:para>Specify Process access rights.</maml:para> <maml:para>Possible values: None, Terminate, CreateThread, SetSessionId, VmOperation, VmRead, VmWrite, DupHandle, CreateProcess, SetQuota, SetInformation, QueryInformation, SuspendResume, QueryLimitedInformation, SetLimitedInformation, AllAccess, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">ProcessAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.ProcessAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">Terminate</command:parameterValue> <command:parameterValue required="false" variableLength="false">CreateThread</command:parameterValue> <command:parameterValue required="false" variableLength="false">SetSessionId</command:parameterValue> <command:parameterValue required="false" variableLength="false">VmOperation</command:parameterValue> <command:parameterValue required="false" variableLength="false">VmRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">VmWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">DupHandle</command:parameterValue> <command:parameterValue required="false" variableLength="false">CreateProcess</command:parameterValue> <command:parameterValue required="false" variableLength="false">SetQuota</command:parameterValue> <command:parameterValue required="false" variableLength="false">SetInformation</command:parameterValue> <command:parameterValue required="false" variableLength="false">QueryInformation</command:parameterValue> <command:parameterValue required="false" variableLength="false">SuspendResume</command:parameterValue> <command:parameterValue required="false" variableLength="false">QueryLimitedInformation</command:parameterValue> <command:parameterValue required="false" variableLength="false">SetLimitedInformation</command:parameterValue> <command:parameterValue required="false" variableLength="false">AllAccess</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: MapGenericRights --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>MapGenericRights</maml:name> <maml:description> <maml:para>Specify that any generic rights should be mapped to type specific rights.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ToGenericAccess --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ToGenericAccess</maml:name> <maml:description> <maml:para>Return access as GenericAccess.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ToMandatoryLabelPolicy --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ToMandatoryLabelPolicy</maml:name> <maml:description> <maml:para>Return access as ManadatoryLabelPolicy.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ToSpecificAccess --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ToSpecificAccess</maml:name> <maml:description> <maml:para>Return access as specific access type based on the type enumeration.</maml:para> <maml:para>Possible values: None, ALPCPort, DebugObject, Desktop, Directory, Event, File, Device, IoCompletion, Job, Key, Mutant, Partition, Process, RegistryTransaction, Section, Semaphore, Session, SymbolicLink, Thread, Token, TmTx, WindowStation, TmRm, TmEn, TmTm, Transaction, ResourceManager, Enlistment, TransactionManager</maml:para> </maml:description> <command:parameterValue required="true">SpecificAccessType</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SpecificAccessType</maml:name> <maml:uri /> <maml:description> <maml:para>Enumeration for specific access type mapping.</maml:para> </maml:description> </dev:type> <dev:defaultValue>None</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ALPCPort</command:parameterValue> <command:parameterValue required="false" variableLength="false">DebugObject</command:parameterValue> <command:parameterValue required="false" variableLength="false">Desktop</command:parameterValue> <command:parameterValue required="false" variableLength="false">Directory</command:parameterValue> <command:parameterValue required="false" variableLength="false">Event</command:parameterValue> <command:parameterValue required="false" variableLength="false">File</command:parameterValue> <command:parameterValue required="false" variableLength="false">Device</command:parameterValue> <command:parameterValue required="false" variableLength="false">IoCompletion</command:parameterValue> <command:parameterValue required="false" variableLength="false">Job</command:parameterValue> <command:parameterValue required="false" variableLength="false">Key</command:parameterValue> <command:parameterValue required="false" variableLength="false">Mutant</command:parameterValue> <command:parameterValue required="false" variableLength="false">Partition</command:parameterValue> <command:parameterValue required="false" variableLength="false">Process</command:parameterValue> <command:parameterValue required="false" variableLength="false">RegistryTransaction</command:parameterValue> <command:parameterValue required="false" variableLength="false">Section</command:parameterValue> <command:parameterValue required="false" variableLength="false">Semaphore</command:parameterValue> <command:parameterValue required="false" variableLength="false">Session</command:parameterValue> <command:parameterValue required="false" variableLength="false">SymbolicLink</command:parameterValue> <command:parameterValue required="false" variableLength="false">Thread</command:parameterValue> <command:parameterValue required="false" variableLength="false">Token</command:parameterValue> <command:parameterValue required="false" variableLength="false">TmTx</command:parameterValue> <command:parameterValue required="false" variableLength="false">WindowStation</command:parameterValue> <command:parameterValue required="false" variableLength="false">TmRm</command:parameterValue> <command:parameterValue required="false" variableLength="false">TmEn</command:parameterValue> <command:parameterValue required="false" variableLength="false">TmTm</command:parameterValue> <command:parameterValue required="false" variableLength="false">Transaction</command:parameterValue> <command:parameterValue required="false" variableLength="false">ResourceManager</command:parameterValue> <command:parameterValue required="false" variableLength="false">Enlistment</command:parameterValue> <command:parameterValue required="false" variableLength="false">TransactionManager</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: ToTypeAccess --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ToTypeAccess</maml:name> <maml:description> <maml:para>Return access as specific access type based on the NtType object.</maml:para> </maml:description> <command:parameterValue required="true">NtType</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtType</maml:name> <maml:uri /> </dev:type> </command:parameter> </command:syntaxItem> <!-- Parameter set: FromTransaction --> <command:syntaxItem> <maml:name>Get-NtAccessMask</maml:name> <!-- Parameter: TransactionAccess --> <command:parameter required="true" globbing="false" pipelineInput="false" position="named"> <maml:name>TransactionAccess</maml:name> <maml:description> <maml:para>Specify transaction access rights.</maml:para> <maml:para>Possible values: QueryInformation, SetInformation, Enlist, Commit, Rollback, Propagate, RightReserved1, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">TransactionAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.TransactionAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>0</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">QueryInformation</command:parameterValue> <command:parameterValue required="false" variableLength="false">SetInformation</command:parameterValue> <command:parameterValue required="false" variableLength="false">Enlist</command:parameterValue> <command:parameterValue required="false" variableLength="false">Commit</command:parameterValue> <command:parameterValue required="false" variableLength="false">Rollback</command:parameterValue> <command:parameterValue required="false" variableLength="false">Propagate</command:parameterValue> <command:parameterValue required="false" variableLength="false">RightReserved1</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: MapGenericRights --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>MapGenericRights</maml:name> <maml:description> <maml:para>Specify that any generic rights should be mapped to type specific rights.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ToGenericAccess --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ToGenericAccess</maml:name> <maml:description> <maml:para>Return access as GenericAccess.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ToMandatoryLabelPolicy --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ToMandatoryLabelPolicy</maml:name> <maml:description> <maml:para>Return access as ManadatoryLabelPolicy.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ToSpecificAccess --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ToSpecificAccess</maml:name> <maml:description> <maml:para>Return access as specific access type based on the type enumeration.</maml:para> <maml:para>Possible values: None, ALPCPort, DebugObject, Desktop, Directory, Event, File, Device, IoCompletion, Job, Key, Mutant, Partition, Process, RegistryTransaction, Section, Semaphore, Session, SymbolicLink, Thread, Token, TmTx, WindowStation, TmRm, TmEn, TmTm, Transaction, ResourceManager, Enlistment, TransactionManager</maml:para> </maml:description> <command:parameterValue required="true">SpecificAccessType</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SpecificAccessType</maml:name> <maml:uri /> <maml:description> <maml:para>Enumeration for specific access type mapping.</maml:para> </maml:description> </dev:type> <dev:defaultValue>None</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ALPCPort</command:parameterValue> <command:parameterValue required="false" variableLength="false">DebugObject</command:parameterValue> <command:parameterValue required="false" variableLength="false">Desktop</command:parameterValue> <command:parameterValue required="false" variableLength="false">Directory</command:parameterValue> <command:parameterValue required="false" variableLength="false">Event</command:parameterValue> <command:parameterValue required="false" variableLength="false">File</command:parameterValue> <command:parameterValue required="false" variableLength="false">Device</command:parameterValue> <command:parameterValue required="false" variableLength="false">IoCompletion</command:parameterValue> <command:parameterValue required="false" variableLength="false">Job</command:parameterValue> <command:parameterValue required="false" variableLength="false">Key</command:parameterValue> <command:parameterValue required="false" variableLength="false">Mutant</command:parameterValue> <command:parameterValue required="false" variableLength="false">Partition</command:parameterValue> <command:parameterValue required="false" variableLength="false">Process</command:parameterValue> <command:parameterValue required="false" variableLength="false">RegistryTransaction</command:parameterValue> <command:parameterValue required="false" variableLength="false">Section</command:parameterValue> <command:parameterValue required="false" variableLength="false">Semaphore</command:parameterValue> <command:parameterValue required="false" variableLength="false">Session</command:parameterValue> <command:parameterValue required="false" variableLength="false">SymbolicLink</command:parameterValue> <command:parameterValue required="false" variableLength="false">Thread</command:parameterValue> <command:parameterValue required="false" variableLength="false">Token</command:parameterValue> <command:parameterValue required="false" variableLength="false">TmTx</command:parameterValue> <command:parameterValue required="false" variableLength="false">WindowStation</command:parameterValue> <command:parameterValue required="false" variableLength="false">TmRm</command:parameterValue> <command:parameterValue required="false" variableLength="false">TmEn</command:parameterValue> <command:parameterValue required="false" variableLength="false">TmTm</command:parameterValue> <command:parameterValue required="false" variableLength="false">Transaction</command:parameterValue> <command:parameterValue required="false" variableLength="false">ResourceManager</command:parameterValue> <command:parameterValue required="false" variableLength="false">Enlistment</command:parameterValue> <command:parameterValue required="false" variableLength="false">TransactionManager</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: ToTypeAccess --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ToTypeAccess</maml:name> <maml:description> <maml:para>Return access as specific access type based on the NtType object.</maml:para> </maml:description> <command:parameterValue required="true">NtType</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtType</maml:name> <maml:uri /> </dev:type> </command:parameter> </command:syntaxItem> <!-- Parameter set: FromTransactionManager --> <command:syntaxItem> <maml:name>Get-NtAccessMask</maml:name> <!-- Parameter: TransactionManagerAccess --> <command:parameter required="true" globbing="false" pipelineInput="false" position="named"> <maml:name>TransactionManagerAccess</maml:name> <maml:description> <maml:para>Specify transaction manager access rights.</maml:para> <maml:para>Possible values: QueryInformation, SetInformation, Recover, Rename, CreateRm, BindTransaction, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">TransactionManagerAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.TransactionManagerAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>0</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">QueryInformation</command:parameterValue> <command:parameterValue required="false" variableLength="false">SetInformation</command:parameterValue> <command:parameterValue required="false" variableLength="false">Recover</command:parameterValue> <command:parameterValue required="false" variableLength="false">Rename</command:parameterValue> <command:parameterValue required="false" variableLength="false">CreateRm</command:parameterValue> <command:parameterValue required="false" variableLength="false">BindTransaction</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: MapGenericRights --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>MapGenericRights</maml:name> <maml:description> <maml:para>Specify that any generic rights should be mapped to type specific rights.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ToGenericAccess --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ToGenericAccess</maml:name> <maml:description> <maml:para>Return access as GenericAccess.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ToMandatoryLabelPolicy --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ToMandatoryLabelPolicy</maml:name> <maml:description> <maml:para>Return access as ManadatoryLabelPolicy.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ToSpecificAccess --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ToSpecificAccess</maml:name> <maml:description> <maml:para>Return access as specific access type based on the type enumeration.</maml:para> <maml:para>Possible values: None, ALPCPort, DebugObject, Desktop, Directory, Event, File, Device, IoCompletion, Job, Key, Mutant, Partition, Process, RegistryTransaction, Section, Semaphore, Session, SymbolicLink, Thread, Token, TmTx, WindowStation, TmRm, TmEn, TmTm, Transaction, ResourceManager, Enlistment, TransactionManager</maml:para> </maml:description> <command:parameterValue required="true">SpecificAccessType</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SpecificAccessType</maml:name> <maml:uri /> <maml:description> <maml:para>Enumeration for specific access type mapping.</maml:para> </maml:description> </dev:type> <dev:defaultValue>None</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ALPCPort</command:parameterValue> <command:parameterValue required="false" variableLength="false">DebugObject</command:parameterValue> <command:parameterValue required="false" variableLength="false">Desktop</command:parameterValue> <command:parameterValue required="false" variableLength="false">Directory</command:parameterValue> <command:parameterValue required="false" variableLength="false">Event</command:parameterValue> <command:parameterValue required="false" variableLength="false">File</command:parameterValue> <command:parameterValue required="false" variableLength="false">Device</command:parameterValue> <command:parameterValue required="false" variableLength="false">IoCompletion</command:parameterValue> <command:parameterValue required="false" variableLength="false">Job</command:parameterValue> <command:parameterValue required="false" variableLength="false">Key</command:parameterValue> <command:parameterValue required="false" variableLength="false">Mutant</command:parameterValue> <command:parameterValue required="false" variableLength="false">Partition</command:parameterValue> <command:parameterValue required="false" variableLength="false">Process</command:parameterValue> <command:parameterValue required="false" variableLength="false">RegistryTransaction</command:parameterValue> <command:parameterValue required="false" variableLength="false">Section</command:parameterValue> <command:parameterValue required="false" variableLength="false">Semaphore</command:parameterValue> <command:parameterValue required="false" variableLength="false">Session</command:parameterValue> <command:parameterValue required="false" variableLength="false">SymbolicLink</command:parameterValue> <command:parameterValue required="false" variableLength="false">Thread</command:parameterValue> <command:parameterValue required="false" variableLength="false">Token</command:parameterValue> <command:parameterValue required="false" variableLength="false">TmTx</command:parameterValue> <command:parameterValue required="false" variableLength="false">WindowStation</command:parameterValue> <command:parameterValue required="false" variableLength="false">TmRm</command:parameterValue> <command:parameterValue required="false" variableLength="false">TmEn</command:parameterValue> <command:parameterValue required="false" variableLength="false">TmTm</command:parameterValue> <command:parameterValue required="false" variableLength="false">Transaction</command:parameterValue> <command:parameterValue required="false" variableLength="false">ResourceManager</command:parameterValue> <command:parameterValue required="false" variableLength="false">Enlistment</command:parameterValue> <command:parameterValue required="false" variableLength="false">TransactionManager</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: ToTypeAccess --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ToTypeAccess</maml:name> <maml:description> <maml:para>Return access as specific access type based on the NtType object.</maml:para> </maml:description> <command:parameterValue required="true">NtType</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtType</maml:name> <maml:uri /> </dev:type> </command:parameter> </command:syntaxItem> <!-- Parameter set: FromResourceManager --> <command:syntaxItem> <maml:name>Get-NtAccessMask</maml:name> <!-- Parameter: ResourceManagerAccess --> <command:parameter required="true" globbing="false" pipelineInput="false" position="named"> <maml:name>ResourceManagerAccess</maml:name> <maml:description> <maml:para>Specify resource manager access rights.</maml:para> <maml:para>Possible values: QueryInformation, SetInformation, Recover, Enlist, GetNotification, RegisterProtocol, CompletePropagation, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">ResourceManagerAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.ResourceManagerAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>0</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">QueryInformation</command:parameterValue> <command:parameterValue required="false" variableLength="false">SetInformation</command:parameterValue> <command:parameterValue required="false" variableLength="false">Recover</command:parameterValue> <command:parameterValue required="false" variableLength="false">Enlist</command:parameterValue> <command:parameterValue required="false" variableLength="false">GetNotification</command:parameterValue> <command:parameterValue required="false" variableLength="false">RegisterProtocol</command:parameterValue> <command:parameterValue required="false" variableLength="false">CompletePropagation</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: MapGenericRights --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>MapGenericRights</maml:name> <maml:description> <maml:para>Specify that any generic rights should be mapped to type specific rights.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ToGenericAccess --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ToGenericAccess</maml:name> <maml:description> <maml:para>Return access as GenericAccess.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ToMandatoryLabelPolicy --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ToMandatoryLabelPolicy</maml:name> <maml:description> <maml:para>Return access as ManadatoryLabelPolicy.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ToSpecificAccess --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ToSpecificAccess</maml:name> <maml:description> <maml:para>Return access as specific access type based on the type enumeration.</maml:para> <maml:para>Possible values: None, ALPCPort, DebugObject, Desktop, Directory, Event, File, Device, IoCompletion, Job, Key, Mutant, Partition, Process, RegistryTransaction, Section, Semaphore, Session, SymbolicLink, Thread, Token, TmTx, WindowStation, TmRm, TmEn, TmTm, Transaction, ResourceManager, Enlistment, TransactionManager</maml:para> </maml:description> <command:parameterValue required="true">SpecificAccessType</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SpecificAccessType</maml:name> <maml:uri /> <maml:description> <maml:para>Enumeration for specific access type mapping.</maml:para> </maml:description> </dev:type> <dev:defaultValue>None</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ALPCPort</command:parameterValue> <command:parameterValue required="false" variableLength="false">DebugObject</command:parameterValue> <command:parameterValue required="false" variableLength="false">Desktop</command:parameterValue> <command:parameterValue required="false" variableLength="false">Directory</command:parameterValue> <command:parameterValue required="false" variableLength="false">Event</command:parameterValue> <command:parameterValue required="false" variableLength="false">File</command:parameterValue> <command:parameterValue required="false" variableLength="false">Device</command:parameterValue> <command:parameterValue required="false" variableLength="false">IoCompletion</command:parameterValue> <command:parameterValue required="false" variableLength="false">Job</command:parameterValue> <command:parameterValue required="false" variableLength="false">Key</command:parameterValue> <command:parameterValue required="false" variableLength="false">Mutant</command:parameterValue> <command:parameterValue required="false" variableLength="false">Partition</command:parameterValue> <command:parameterValue required="false" variableLength="false">Process</command:parameterValue> <command:parameterValue required="false" variableLength="false">RegistryTransaction</command:parameterValue> <command:parameterValue required="false" variableLength="false">Section</command:parameterValue> <command:parameterValue required="false" variableLength="false">Semaphore</command:parameterValue> <command:parameterValue required="false" variableLength="false">Session</command:parameterValue> <command:parameterValue required="false" variableLength="false">SymbolicLink</command:parameterValue> <command:parameterValue required="false" variableLength="false">Thread</command:parameterValue> <command:parameterValue required="false" variableLength="false">Token</command:parameterValue> <command:parameterValue required="false" variableLength="false">TmTx</command:parameterValue> <command:parameterValue required="false" variableLength="false">WindowStation</command:parameterValue> <command:parameterValue required="false" variableLength="false">TmRm</command:parameterValue> <command:parameterValue required="false" variableLength="false">TmEn</command:parameterValue> <command:parameterValue required="false" variableLength="false">TmTm</command:parameterValue> <command:parameterValue required="false" variableLength="false">Transaction</command:parameterValue> <command:parameterValue required="false" variableLength="false">ResourceManager</command:parameterValue> <command:parameterValue required="false" variableLength="false">Enlistment</command:parameterValue> <command:parameterValue required="false" variableLength="false">TransactionManager</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: ToTypeAccess --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ToTypeAccess</maml:name> <maml:description> <maml:para>Return access as specific access type based on the NtType object.</maml:para> </maml:description> <command:parameterValue required="true">NtType</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtType</maml:name> <maml:uri /> </dev:type> </command:parameter> </command:syntaxItem> <!-- Parameter set: FromEnlistment --> <command:syntaxItem> <maml:name>Get-NtAccessMask</maml:name> <!-- Parameter: EnlistmentAccess --> <command:parameter required="true" globbing="false" pipelineInput="false" position="named"> <maml:name>EnlistmentAccess</maml:name> <maml:description> <maml:para>Specify enlistment access rights.</maml:para> <maml:para>Possible values: None, QueryInformation, SetInformation, Recover, SubordinateRights, SuperiorRights, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">EnlistmentAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.EnlistmentAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">QueryInformation</command:parameterValue> <command:parameterValue required="false" variableLength="false">SetInformation</command:parameterValue> <command:parameterValue required="false" variableLength="false">Recover</command:parameterValue> <command:parameterValue required="false" variableLength="false">SubordinateRights</command:parameterValue> <command:parameterValue required="false" variableLength="false">SuperiorRights</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: MapGenericRights --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>MapGenericRights</maml:name> <maml:description> <maml:para>Specify that any generic rights should be mapped to type specific rights.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ToGenericAccess --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ToGenericAccess</maml:name> <maml:description> <maml:para>Return access as GenericAccess.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ToMandatoryLabelPolicy --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ToMandatoryLabelPolicy</maml:name> <maml:description> <maml:para>Return access as ManadatoryLabelPolicy.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ToSpecificAccess --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ToSpecificAccess</maml:name> <maml:description> <maml:para>Return access as specific access type based on the type enumeration.</maml:para> <maml:para>Possible values: None, ALPCPort, DebugObject, Desktop, Directory, Event, File, Device, IoCompletion, Job, Key, Mutant, Partition, Process, RegistryTransaction, Section, Semaphore, Session, SymbolicLink, Thread, Token, TmTx, WindowStation, TmRm, TmEn, TmTm, Transaction, ResourceManager, Enlistment, TransactionManager</maml:para> </maml:description> <command:parameterValue required="true">SpecificAccessType</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SpecificAccessType</maml:name> <maml:uri /> <maml:description> <maml:para>Enumeration for specific access type mapping.</maml:para> </maml:description> </dev:type> <dev:defaultValue>None</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ALPCPort</command:parameterValue> <command:parameterValue required="false" variableLength="false">DebugObject</command:parameterValue> <command:parameterValue required="false" variableLength="false">Desktop</command:parameterValue> <command:parameterValue required="false" variableLength="false">Directory</command:parameterValue> <command:parameterValue required="false" variableLength="false">Event</command:parameterValue> <command:parameterValue required="false" variableLength="false">File</command:parameterValue> <command:parameterValue required="false" variableLength="false">Device</command:parameterValue> <command:parameterValue required="false" variableLength="false">IoCompletion</command:parameterValue> <command:parameterValue required="false" variableLength="false">Job</command:parameterValue> <command:parameterValue required="false" variableLength="false">Key</command:parameterValue> <command:parameterValue required="false" variableLength="false">Mutant</command:parameterValue> <command:parameterValue required="false" variableLength="false">Partition</command:parameterValue> <command:parameterValue required="false" variableLength="false">Process</command:parameterValue> <command:parameterValue required="false" variableLength="false">RegistryTransaction</command:parameterValue> <command:parameterValue required="false" variableLength="false">Section</command:parameterValue> <command:parameterValue required="false" variableLength="false">Semaphore</command:parameterValue> <command:parameterValue required="false" variableLength="false">Session</command:parameterValue> <command:parameterValue required="false" variableLength="false">SymbolicLink</command:parameterValue> <command:parameterValue required="false" variableLength="false">Thread</command:parameterValue> <command:parameterValue required="false" variableLength="false">Token</command:parameterValue> <command:parameterValue required="false" variableLength="false">TmTx</command:parameterValue> <command:parameterValue required="false" variableLength="false">WindowStation</command:parameterValue> <command:parameterValue required="false" variableLength="false">TmRm</command:parameterValue> <command:parameterValue required="false" variableLength="false">TmEn</command:parameterValue> <command:parameterValue required="false" variableLength="false">TmTm</command:parameterValue> <command:parameterValue required="false" variableLength="false">Transaction</command:parameterValue> <command:parameterValue required="false" variableLength="false">ResourceManager</command:parameterValue> <command:parameterValue required="false" variableLength="false">Enlistment</command:parameterValue> <command:parameterValue required="false" variableLength="false">TransactionManager</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: ToTypeAccess --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ToTypeAccess</maml:name> <maml:description> <maml:para>Return access as specific access type based on the NtType object.</maml:para> </maml:description> <command:parameterValue required="true">NtType</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtType</maml:name> <maml:uri /> </dev:type> </command:parameter> </command:syntaxItem> <!-- Parameter set: FromMandatoryLabel --> <command:syntaxItem> <maml:name>Get-NtAccessMask</maml:name> <!-- Parameter: ManadatoryLabelPolicy --> <command:parameter required="true" globbing="false" pipelineInput="false" position="named"> <maml:name>ManadatoryLabelPolicy</maml:name> <maml:description> <maml:para>Specify mandatory label policy.</maml:para> <maml:para>Possible values: None, NoWriteUp, NoReadUp, NoExecuteUp</maml:para> </maml:description> <command:parameterValue required="true">MandatoryLabelPolicy</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.MandatoryLabelPolicy</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">NoWriteUp</command:parameterValue> <command:parameterValue required="false" variableLength="false">NoReadUp</command:parameterValue> <command:parameterValue required="false" variableLength="false">NoExecuteUp</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: MapGenericRights --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>MapGenericRights</maml:name> <maml:description> <maml:para>Specify that any generic rights should be mapped to type specific rights.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ToGenericAccess --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ToGenericAccess</maml:name> <maml:description> <maml:para>Return access as GenericAccess.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ToMandatoryLabelPolicy --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ToMandatoryLabelPolicy</maml:name> <maml:description> <maml:para>Return access as ManadatoryLabelPolicy.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ToSpecificAccess --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ToSpecificAccess</maml:name> <maml:description> <maml:para>Return access as specific access type based on the type enumeration.</maml:para> <maml:para>Possible values: None, ALPCPort, DebugObject, Desktop, Directory, Event, File, Device, IoCompletion, Job, Key, Mutant, Partition, Process, RegistryTransaction, Section, Semaphore, Session, SymbolicLink, Thread, Token, TmTx, WindowStation, TmRm, TmEn, TmTm, Transaction, ResourceManager, Enlistment, TransactionManager</maml:para> </maml:description> <command:parameterValue required="true">SpecificAccessType</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SpecificAccessType</maml:name> <maml:uri /> <maml:description> <maml:para>Enumeration for specific access type mapping.</maml:para> </maml:description> </dev:type> <dev:defaultValue>None</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ALPCPort</command:parameterValue> <command:parameterValue required="false" variableLength="false">DebugObject</command:parameterValue> <command:parameterValue required="false" variableLength="false">Desktop</command:parameterValue> <command:parameterValue required="false" variableLength="false">Directory</command:parameterValue> <command:parameterValue required="false" variableLength="false">Event</command:parameterValue> <command:parameterValue required="false" variableLength="false">File</command:parameterValue> <command:parameterValue required="false" variableLength="false">Device</command:parameterValue> <command:parameterValue required="false" variableLength="false">IoCompletion</command:parameterValue> <command:parameterValue required="false" variableLength="false">Job</command:parameterValue> <command:parameterValue required="false" variableLength="false">Key</command:parameterValue> <command:parameterValue required="false" variableLength="false">Mutant</command:parameterValue> <command:parameterValue required="false" variableLength="false">Partition</command:parameterValue> <command:parameterValue required="false" variableLength="false">Process</command:parameterValue> <command:parameterValue required="false" variableLength="false">RegistryTransaction</command:parameterValue> <command:parameterValue required="false" variableLength="false">Section</command:parameterValue> <command:parameterValue required="false" variableLength="false">Semaphore</command:parameterValue> <command:parameterValue required="false" variableLength="false">Session</command:parameterValue> <command:parameterValue required="false" variableLength="false">SymbolicLink</command:parameterValue> <command:parameterValue required="false" variableLength="false">Thread</command:parameterValue> <command:parameterValue required="false" variableLength="false">Token</command:parameterValue> <command:parameterValue required="false" variableLength="false">TmTx</command:parameterValue> <command:parameterValue required="false" variableLength="false">WindowStation</command:parameterValue> <command:parameterValue required="false" variableLength="false">TmRm</command:parameterValue> <command:parameterValue required="false" variableLength="false">TmEn</command:parameterValue> <command:parameterValue required="false" variableLength="false">TmTm</command:parameterValue> <command:parameterValue required="false" variableLength="false">Transaction</command:parameterValue> <command:parameterValue required="false" variableLength="false">ResourceManager</command:parameterValue> <command:parameterValue required="false" variableLength="false">Enlistment</command:parameterValue> <command:parameterValue required="false" variableLength="false">TransactionManager</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: ToTypeAccess --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ToTypeAccess</maml:name> <maml:description> <maml:para>Return access as specific access type based on the NtType object.</maml:para> </maml:description> <command:parameterValue required="true">NtType</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtType</maml:name> <maml:uri /> </dev:type> </command:parameter> </command:syntaxItem> <!-- Parameter set: FromAce --> <command:syntaxItem> <maml:name>Get-NtAccessMask</maml:name> <!-- Parameter: AccessControlEntry --> <command:parameter required="true" globbing="false" pipelineInput="true (ByValue)" position="0"> <maml:name>AccessControlEntry</maml:name> <maml:description> <maml:para>Specify an ACE to extract the mask to map.</maml:para> </maml:description> <command:parameterValue required="true">Ace</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.Ace</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: MapGenericRights --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>MapGenericRights</maml:name> <maml:description> <maml:para>Specify that any generic rights should be mapped to type specific rights.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ToGenericAccess --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ToGenericAccess</maml:name> <maml:description> <maml:para>Return access as GenericAccess.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ToMandatoryLabelPolicy --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ToMandatoryLabelPolicy</maml:name> <maml:description> <maml:para>Return access as ManadatoryLabelPolicy.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ToSpecificAccess --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ToSpecificAccess</maml:name> <maml:description> <maml:para>Return access as specific access type based on the type enumeration.</maml:para> <maml:para>Possible values: None, ALPCPort, DebugObject, Desktop, Directory, Event, File, Device, IoCompletion, Job, Key, Mutant, Partition, Process, RegistryTransaction, Section, Semaphore, Session, SymbolicLink, Thread, Token, TmTx, WindowStation, TmRm, TmEn, TmTm, Transaction, ResourceManager, Enlistment, TransactionManager</maml:para> </maml:description> <command:parameterValue required="true">SpecificAccessType</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SpecificAccessType</maml:name> <maml:uri /> <maml:description> <maml:para>Enumeration for specific access type mapping.</maml:para> </maml:description> </dev:type> <dev:defaultValue>None</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ALPCPort</command:parameterValue> <command:parameterValue required="false" variableLength="false">DebugObject</command:parameterValue> <command:parameterValue required="false" variableLength="false">Desktop</command:parameterValue> <command:parameterValue required="false" variableLength="false">Directory</command:parameterValue> <command:parameterValue required="false" variableLength="false">Event</command:parameterValue> <command:parameterValue required="false" variableLength="false">File</command:parameterValue> <command:parameterValue required="false" variableLength="false">Device</command:parameterValue> <command:parameterValue required="false" variableLength="false">IoCompletion</command:parameterValue> <command:parameterValue required="false" variableLength="false">Job</command:parameterValue> <command:parameterValue required="false" variableLength="false">Key</command:parameterValue> <command:parameterValue required="false" variableLength="false">Mutant</command:parameterValue> <command:parameterValue required="false" variableLength="false">Partition</command:parameterValue> <command:parameterValue required="false" variableLength="false">Process</command:parameterValue> <command:parameterValue required="false" variableLength="false">RegistryTransaction</command:parameterValue> <command:parameterValue required="false" variableLength="false">Section</command:parameterValue> <command:parameterValue required="false" variableLength="false">Semaphore</command:parameterValue> <command:parameterValue required="false" variableLength="false">Session</command:parameterValue> <command:parameterValue required="false" variableLength="false">SymbolicLink</command:parameterValue> <command:parameterValue required="false" variableLength="false">Thread</command:parameterValue> <command:parameterValue required="false" variableLength="false">Token</command:parameterValue> <command:parameterValue required="false" variableLength="false">TmTx</command:parameterValue> <command:parameterValue required="false" variableLength="false">WindowStation</command:parameterValue> <command:parameterValue required="false" variableLength="false">TmRm</command:parameterValue> <command:parameterValue required="false" variableLength="false">TmEn</command:parameterValue> <command:parameterValue required="false" variableLength="false">TmTm</command:parameterValue> <command:parameterValue required="false" variableLength="false">Transaction</command:parameterValue> <command:parameterValue required="false" variableLength="false">ResourceManager</command:parameterValue> <command:parameterValue required="false" variableLength="false">Enlistment</command:parameterValue> <command:parameterValue required="false" variableLength="false">TransactionManager</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: ToTypeAccess --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ToTypeAccess</maml:name> <maml:description> <maml:para>Return access as specific access type based on the NtType object.</maml:para> </maml:description> <command:parameterValue required="true">NtType</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtType</maml:name> <maml:uri /> </dev:type> </command:parameter> </command:syntaxItem> </command:syntax> <command:parameters> <!-- Parameter: AccessMask --> <command:parameter required="true" globbing="false" pipelineInput="false" position="0"> <maml:name>AccessMask</maml:name> <maml:description> <maml:para>Specify a raw access mask.</maml:para> </maml:description> <command:parameterValue required="true">AccessMask</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.AccessMask</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>00000000</dev:defaultValue> </command:parameter> <!-- Parameter: FileAccess --> <command:parameter required="true" globbing="false" pipelineInput="false" position="named"> <maml:name>FileAccess</maml:name> <maml:description> <maml:para>Specify File access rights.</maml:para> <maml:para>Possible values: None, ReadData, WriteData, AppendData, ReadEa, WriteEa, Execute, DeleteChild, ReadAttributes, WriteAttributes, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">FileAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.FileAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadData</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteData</command:parameterValue> <command:parameterValue required="false" variableLength="false">AppendData</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadEa</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteEa</command:parameterValue> <command:parameterValue required="false" variableLength="false">Execute</command:parameterValue> <command:parameterValue required="false" variableLength="false">DeleteChild</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadAttributes</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteAttributes</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: FileDirectoryAccess --> <command:parameter required="true" globbing="false" pipelineInput="false" position="named"> <maml:name>FileDirectoryAccess</maml:name> <maml:description> <maml:para>Specify File Directory access rights.</maml:para> <maml:para>Possible values: None, ListDirectory, AddFile, AddSubDirectory, ReadEa, WriteEa, Traverse, DeleteChild, ReadAttributes, WriteAttributes, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">FileDirectoryAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.FileDirectoryAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ListDirectory</command:parameterValue> <command:parameterValue required="false" variableLength="false">AddFile</command:parameterValue> <command:parameterValue required="false" variableLength="false">AddSubDirectory</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadEa</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteEa</command:parameterValue> <command:parameterValue required="false" variableLength="false">Traverse</command:parameterValue> <command:parameterValue required="false" variableLength="false">DeleteChild</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadAttributes</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteAttributes</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: IoCompletionAccess --> <command:parameter required="true" globbing="false" pipelineInput="false" position="named"> <maml:name>IoCompletionAccess</maml:name> <maml:description> <maml:para>Specify IO Completion access rights.</maml:para> <maml:para>Possible values: QueryState, SetCompletion, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">IoCompletionAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.IoCompletionAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>0</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">QueryState</command:parameterValue> <command:parameterValue required="false" variableLength="false">SetCompletion</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: MutantAccess --> <command:parameter required="true" globbing="false" pipelineInput="false" position="named"> <maml:name>MutantAccess</maml:name> <maml:description> <maml:para>Specify Mutant access rights.</maml:para> <maml:para>Possible values: None, QueryState, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">MutantAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.MutantAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">QueryState</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: SemaphoreAccess --> <command:parameter required="true" globbing="false" pipelineInput="false" position="named"> <maml:name>SemaphoreAccess</maml:name> <maml:description> <maml:para>Specify Semaphore access rights.</maml:para> <maml:para>Possible values: None, QueryState, ModifyState, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">SemaphoreAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SemaphoreAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">QueryState</command:parameterValue> <command:parameterValue required="false" variableLength="false">ModifyState</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: RegistryTransactionAccess --> <command:parameter required="true" globbing="false" pipelineInput="false" position="named"> <maml:name>RegistryTransactionAccess</maml:name> <maml:description> <maml:para>Specify Registry Transaction access rights.</maml:para> <maml:para>Possible values: QueryInformation, SetInformation, Enlist, Commit, Rollback, Propagate, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">RegistryTransactionAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.RegistryTransactionAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>0</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">QueryInformation</command:parameterValue> <command:parameterValue required="false" variableLength="false">SetInformation</command:parameterValue> <command:parameterValue required="false" variableLength="false">Enlist</command:parameterValue> <command:parameterValue required="false" variableLength="false">Commit</command:parameterValue> <command:parameterValue required="false" variableLength="false">Rollback</command:parameterValue> <command:parameterValue required="false" variableLength="false">Propagate</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: AlpcPortAccess --> <command:parameter required="true" globbing="false" pipelineInput="false" position="named"> <maml:name>AlpcPortAccess</maml:name> <maml:description> <maml:para>Specify ALPC Port access rights.</maml:para> <maml:para>Possible values: Connect, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">AlpcAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.AlpcAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>0</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">Connect</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: SectionAccess --> <command:parameter required="true" globbing="false" pipelineInput="false" position="named"> <maml:name>SectionAccess</maml:name> <maml:description> <maml:para>Specify Section access rights.</maml:para> <maml:para>Possible values: Query, MapWrite, MapRead, MapExecute, ExtendSize, MapExecuteExplicit, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">SectionAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SectionAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>0</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">Query</command:parameterValue> <command:parameterValue required="false" variableLength="false">MapWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">MapRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">MapExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">ExtendSize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MapExecuteExplicit</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: KeyAccess --> <command:parameter required="true" globbing="false" pipelineInput="false" position="named"> <maml:name>KeyAccess</maml:name> <maml:description> <maml:para>Specify Key access rights.</maml:para> <maml:para>Possible values: QueryValue, SetValue, CreateSubKey, EnumerateSubKeys, Notify, CreateLink, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">KeyAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.KeyAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>0</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">QueryValue</command:parameterValue> <command:parameterValue required="false" variableLength="false">SetValue</command:parameterValue> <command:parameterValue required="false" variableLength="false">CreateSubKey</command:parameterValue> <command:parameterValue required="false" variableLength="false">EnumerateSubKeys</command:parameterValue> <command:parameterValue required="false" variableLength="false">Notify</command:parameterValue> <command:parameterValue required="false" variableLength="false">CreateLink</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: EventAccess --> <command:parameter required="true" globbing="false" pipelineInput="false" position="named"> <maml:name>EventAccess</maml:name> <maml:description> <maml:para>Specify Event access rights.</maml:para> <maml:para>Possible values: QueryState, ModifyState, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">EventAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.EventAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>0</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">QueryState</command:parameterValue> <command:parameterValue required="false" variableLength="false">ModifyState</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: SymbolicLinkAccess --> <command:parameter required="true" globbing="false" pipelineInput="false" position="named"> <maml:name>SymbolicLinkAccess</maml:name> <maml:description> <maml:para>Specify Symbolic Link access rights.</maml:para> <maml:para>Possible values: Query, Set, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed</maml:para> </maml:description> <command:parameterValue required="true">SymbolicLinkAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SymbolicLinkAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>0</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">Query</command:parameterValue> <command:parameterValue required="false" variableLength="false">Set</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: TokenAccess --> <command:parameter required="true" globbing="false" pipelineInput="false" position="named"> <maml:name>TokenAccess</maml:name> <maml:description> <maml:para>Specify Token access rights.</maml:para> <maml:para>Possible values: AssignPrimary, Duplicate, Impersonate, Query, QuerySource, AdjustPrivileges, AdjustGroups, AdjustDefault, AdjustSessionId, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">TokenAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.TokenAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>0</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">AssignPrimary</command:parameterValue> <command:parameterValue required="false" variableLength="false">Duplicate</command:parameterValue> <command:parameterValue required="false" variableLength="false">Impersonate</command:parameterValue> <command:parameterValue required="false" variableLength="false">Query</command:parameterValue> <command:parameterValue required="false" variableLength="false">QuerySource</command:parameterValue> <command:parameterValue required="false" variableLength="false">AdjustPrivileges</command:parameterValue> <command:parameterValue required="false" variableLength="false">AdjustGroups</command:parameterValue> <command:parameterValue required="false" variableLength="false">AdjustDefault</command:parameterValue> <command:parameterValue required="false" variableLength="false">AdjustSessionId</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: GenericAccess --> <command:parameter required="true" globbing="false" pipelineInput="false" position="named"> <maml:name>GenericAccess</maml:name> <maml:description> <maml:para>Specify Generic access rights.</maml:para> <maml:para>Possible values: None, Access0, Access1, Access2, Access3, Access4, Access5, Access6, Access7, Access8, Access9, Access10, Access11, Access12, Access13, Access14, Access15, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, AccessSystemSecurity, MaximumAllowed, GenericAll, GenericExecute, GenericWrite, GenericRead</maml:para> </maml:description> <command:parameterValue required="true">GenericAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.GenericAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">Access0</command:parameterValue> <command:parameterValue required="false" variableLength="false">Access1</command:parameterValue> <command:parameterValue required="false" variableLength="false">Access2</command:parameterValue> <command:parameterValue required="false" variableLength="false">Access3</command:parameterValue> <command:parameterValue required="false" variableLength="false">Access4</command:parameterValue> <command:parameterValue required="false" variableLength="false">Access5</command:parameterValue> <command:parameterValue required="false" variableLength="false">Access6</command:parameterValue> <command:parameterValue required="false" variableLength="false">Access7</command:parameterValue> <command:parameterValue required="false" variableLength="false">Access8</command:parameterValue> <command:parameterValue required="false" variableLength="false">Access9</command:parameterValue> <command:parameterValue required="false" variableLength="false">Access10</command:parameterValue> <command:parameterValue required="false" variableLength="false">Access11</command:parameterValue> <command:parameterValue required="false" variableLength="false">Access12</command:parameterValue> <command:parameterValue required="false" variableLength="false">Access13</command:parameterValue> <command:parameterValue required="false" variableLength="false">Access14</command:parameterValue> <command:parameterValue required="false" variableLength="false">Access15</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: DirectoryAccess --> <command:parameter required="true" globbing="false" pipelineInput="false" position="named"> <maml:name>DirectoryAccess</maml:name> <maml:description> <maml:para>Specify Directory access rights.</maml:para> <maml:para>Possible values: Query, Traverse, CreateObject, CreateSubDirectory, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">DirectoryAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.DirectoryAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>0</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">Query</command:parameterValue> <command:parameterValue required="false" variableLength="false">Traverse</command:parameterValue> <command:parameterValue required="false" variableLength="false">CreateObject</command:parameterValue> <command:parameterValue required="false" variableLength="false">CreateSubDirectory</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: ThreadAccess --> <command:parameter required="true" globbing="false" pipelineInput="false" position="named"> <maml:name>ThreadAccess</maml:name> <maml:description> <maml:para>Specify Thread access rights.</maml:para> <maml:para>Possible values: Terminate, SuspendResume, Alert, GetContext, SetContext, SetInformation, QueryInformation, SetThreadToken, Impersonate, DirectImpersonation, SetLimitedInformation, QueryLimitedInformation, Resume, AllAccess, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">ThreadAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.ThreadAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>0</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">Terminate</command:parameterValue> <command:parameterValue required="false" variableLength="false">SuspendResume</command:parameterValue> <command:parameterValue required="false" variableLength="false">Alert</command:parameterValue> <command:parameterValue required="false" variableLength="false">GetContext</command:parameterValue> <command:parameterValue required="false" variableLength="false">SetContext</command:parameterValue> <command:parameterValue required="false" variableLength="false">SetInformation</command:parameterValue> <command:parameterValue required="false" variableLength="false">QueryInformation</command:parameterValue> <command:parameterValue required="false" variableLength="false">SetThreadToken</command:parameterValue> <command:parameterValue required="false" variableLength="false">Impersonate</command:parameterValue> <command:parameterValue required="false" variableLength="false">DirectImpersonation</command:parameterValue> <command:parameterValue required="false" variableLength="false">SetLimitedInformation</command:parameterValue> <command:parameterValue required="false" variableLength="false">QueryLimitedInformation</command:parameterValue> <command:parameterValue required="false" variableLength="false">Resume</command:parameterValue> <command:parameterValue required="false" variableLength="false">AllAccess</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: DebugObjectAccess --> <command:parameter required="true" globbing="false" pipelineInput="false" position="named"> <maml:name>DebugObjectAccess</maml:name> <maml:description> <maml:para>Specify Debug Object access rights.</maml:para> <maml:para>Possible values: ReadEvent, ProcessAssign, SetInformation, QueryInformation, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">DebugAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.DebugAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>0</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">ReadEvent</command:parameterValue> <command:parameterValue required="false" variableLength="false">ProcessAssign</command:parameterValue> <command:parameterValue required="false" variableLength="false">SetInformation</command:parameterValue> <command:parameterValue required="false" variableLength="false">QueryInformation</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: JobAccess --> <command:parameter required="true" globbing="false" pipelineInput="false" position="named"> <maml:name>JobAccess</maml:name> <maml:description> <maml:para>Specify Job access rights.</maml:para> <maml:para>Possible values: None, AssignProcess, SetAttributes, Query, Terminate, SetSecurityAttributes, Impersonate, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">JobAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.JobAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">AssignProcess</command:parameterValue> <command:parameterValue required="false" variableLength="false">SetAttributes</command:parameterValue> <command:parameterValue required="false" variableLength="false">Query</command:parameterValue> <command:parameterValue required="false" variableLength="false">Terminate</command:parameterValue> <command:parameterValue required="false" variableLength="false">SetSecurityAttributes</command:parameterValue> <command:parameterValue required="false" variableLength="false">Impersonate</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: ProcessAccess --> <command:parameter required="true" globbing="false" pipelineInput="false" position="named"> <maml:name>ProcessAccess</maml:name> <maml:description> <maml:para>Specify Process access rights.</maml:para> <maml:para>Possible values: None, Terminate, CreateThread, SetSessionId, VmOperation, VmRead, VmWrite, DupHandle, CreateProcess, SetQuota, SetInformation, QueryInformation, SuspendResume, QueryLimitedInformation, SetLimitedInformation, AllAccess, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">ProcessAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.ProcessAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">Terminate</command:parameterValue> <command:parameterValue required="false" variableLength="false">CreateThread</command:parameterValue> <command:parameterValue required="false" variableLength="false">SetSessionId</command:parameterValue> <command:parameterValue required="false" variableLength="false">VmOperation</command:parameterValue> <command:parameterValue required="false" variableLength="false">VmRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">VmWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">DupHandle</command:parameterValue> <command:parameterValue required="false" variableLength="false">CreateProcess</command:parameterValue> <command:parameterValue required="false" variableLength="false">SetQuota</command:parameterValue> <command:parameterValue required="false" variableLength="false">SetInformation</command:parameterValue> <command:parameterValue required="false" variableLength="false">QueryInformation</command:parameterValue> <command:parameterValue required="false" variableLength="false">SuspendResume</command:parameterValue> <command:parameterValue required="false" variableLength="false">QueryLimitedInformation</command:parameterValue> <command:parameterValue required="false" variableLength="false">SetLimitedInformation</command:parameterValue> <command:parameterValue required="false" variableLength="false">AllAccess</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: TransactionAccess --> <command:parameter required="true" globbing="false" pipelineInput="false" position="named"> <maml:name>TransactionAccess</maml:name> <maml:description> <maml:para>Specify transaction access rights.</maml:para> <maml:para>Possible values: QueryInformation, SetInformation, Enlist, Commit, Rollback, Propagate, RightReserved1, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">TransactionAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.TransactionAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>0</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">QueryInformation</command:parameterValue> <command:parameterValue required="false" variableLength="false">SetInformation</command:parameterValue> <command:parameterValue required="false" variableLength="false">Enlist</command:parameterValue> <command:parameterValue required="false" variableLength="false">Commit</command:parameterValue> <command:parameterValue required="false" variableLength="false">Rollback</command:parameterValue> <command:parameterValue required="false" variableLength="false">Propagate</command:parameterValue> <command:parameterValue required="false" variableLength="false">RightReserved1</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: TransactionManagerAccess --> <command:parameter required="true" globbing="false" pipelineInput="false" position="named"> <maml:name>TransactionManagerAccess</maml:name> <maml:description> <maml:para>Specify transaction manager access rights.</maml:para> <maml:para>Possible values: QueryInformation, SetInformation, Recover, Rename, CreateRm, BindTransaction, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">TransactionManagerAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.TransactionManagerAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>0</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">QueryInformation</command:parameterValue> <command:parameterValue required="false" variableLength="false">SetInformation</command:parameterValue> <command:parameterValue required="false" variableLength="false">Recover</command:parameterValue> <command:parameterValue required="false" variableLength="false">Rename</command:parameterValue> <command:parameterValue required="false" variableLength="false">CreateRm</command:parameterValue> <command:parameterValue required="false" variableLength="false">BindTransaction</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: ResourceManagerAccess --> <command:parameter required="true" globbing="false" pipelineInput="false" position="named"> <maml:name>ResourceManagerAccess</maml:name> <maml:description> <maml:para>Specify resource manager access rights.</maml:para> <maml:para>Possible values: QueryInformation, SetInformation, Recover, Enlist, GetNotification, RegisterProtocol, CompletePropagation, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">ResourceManagerAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.ResourceManagerAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>0</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">QueryInformation</command:parameterValue> <command:parameterValue required="false" variableLength="false">SetInformation</command:parameterValue> <command:parameterValue required="false" variableLength="false">Recover</command:parameterValue> <command:parameterValue required="false" variableLength="false">Enlist</command:parameterValue> <command:parameterValue required="false" variableLength="false">GetNotification</command:parameterValue> <command:parameterValue required="false" variableLength="false">RegisterProtocol</command:parameterValue> <command:parameterValue required="false" variableLength="false">CompletePropagation</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: EnlistmentAccess --> <command:parameter required="true" globbing="false" pipelineInput="false" position="named"> <maml:name>EnlistmentAccess</maml:name> <maml:description> <maml:para>Specify enlistment access rights.</maml:para> <maml:para>Possible values: None, QueryInformation, SetInformation, Recover, SubordinateRights, SuperiorRights, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">EnlistmentAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.EnlistmentAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">QueryInformation</command:parameterValue> <command:parameterValue required="false" variableLength="false">SetInformation</command:parameterValue> <command:parameterValue required="false" variableLength="false">Recover</command:parameterValue> <command:parameterValue required="false" variableLength="false">SubordinateRights</command:parameterValue> <command:parameterValue required="false" variableLength="false">SuperiorRights</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: ManadatoryLabelPolicy --> <command:parameter required="true" globbing="false" pipelineInput="false" position="named"> <maml:name>ManadatoryLabelPolicy</maml:name> <maml:description> <maml:para>Specify mandatory label policy.</maml:para> <maml:para>Possible values: None, NoWriteUp, NoReadUp, NoExecuteUp</maml:para> </maml:description> <command:parameterValue required="true">MandatoryLabelPolicy</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.MandatoryLabelPolicy</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">NoWriteUp</command:parameterValue> <command:parameterValue required="false" variableLength="false">NoReadUp</command:parameterValue> <command:parameterValue required="false" variableLength="false">NoExecuteUp</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: AccessControlEntry --> <command:parameter required="true" globbing="false" pipelineInput="true (ByValue)" position="0"> <maml:name>AccessControlEntry</maml:name> <maml:description> <maml:para>Specify an ACE to extract the mask to map.</maml:para> </maml:description> <command:parameterValue required="true">Ace</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.Ace</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: ToGenericAccess --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ToGenericAccess</maml:name> <maml:description> <maml:para>Return access as GenericAccess.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ToMandatoryLabelPolicy --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ToMandatoryLabelPolicy</maml:name> <maml:description> <maml:para>Return access as ManadatoryLabelPolicy.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ToSpecificAccess --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ToSpecificAccess</maml:name> <maml:description> <maml:para>Return access as specific access type based on the type enumeration.</maml:para> <maml:para>Possible values: None, ALPCPort, DebugObject, Desktop, Directory, Event, File, Device, IoCompletion, Job, Key, Mutant, Partition, Process, RegistryTransaction, Section, Semaphore, Session, SymbolicLink, Thread, Token, TmTx, WindowStation, TmRm, TmEn, TmTm, Transaction, ResourceManager, Enlistment, TransactionManager</maml:para> </maml:description> <command:parameterValue required="true">SpecificAccessType</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SpecificAccessType</maml:name> <maml:uri /> <maml:description> <maml:para>Enumeration for specific access type mapping.</maml:para> </maml:description> </dev:type> <dev:defaultValue>None</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ALPCPort</command:parameterValue> <command:parameterValue required="false" variableLength="false">DebugObject</command:parameterValue> <command:parameterValue required="false" variableLength="false">Desktop</command:parameterValue> <command:parameterValue required="false" variableLength="false">Directory</command:parameterValue> <command:parameterValue required="false" variableLength="false">Event</command:parameterValue> <command:parameterValue required="false" variableLength="false">File</command:parameterValue> <command:parameterValue required="false" variableLength="false">Device</command:parameterValue> <command:parameterValue required="false" variableLength="false">IoCompletion</command:parameterValue> <command:parameterValue required="false" variableLength="false">Job</command:parameterValue> <command:parameterValue required="false" variableLength="false">Key</command:parameterValue> <command:parameterValue required="false" variableLength="false">Mutant</command:parameterValue> <command:parameterValue required="false" variableLength="false">Partition</command:parameterValue> <command:parameterValue required="false" variableLength="false">Process</command:parameterValue> <command:parameterValue required="false" variableLength="false">RegistryTransaction</command:parameterValue> <command:parameterValue required="false" variableLength="false">Section</command:parameterValue> <command:parameterValue required="false" variableLength="false">Semaphore</command:parameterValue> <command:parameterValue required="false" variableLength="false">Session</command:parameterValue> <command:parameterValue required="false" variableLength="false">SymbolicLink</command:parameterValue> <command:parameterValue required="false" variableLength="false">Thread</command:parameterValue> <command:parameterValue required="false" variableLength="false">Token</command:parameterValue> <command:parameterValue required="false" variableLength="false">TmTx</command:parameterValue> <command:parameterValue required="false" variableLength="false">WindowStation</command:parameterValue> <command:parameterValue required="false" variableLength="false">TmRm</command:parameterValue> <command:parameterValue required="false" variableLength="false">TmEn</command:parameterValue> <command:parameterValue required="false" variableLength="false">TmTm</command:parameterValue> <command:parameterValue required="false" variableLength="false">Transaction</command:parameterValue> <command:parameterValue required="false" variableLength="false">ResourceManager</command:parameterValue> <command:parameterValue required="false" variableLength="false">Enlistment</command:parameterValue> <command:parameterValue required="false" variableLength="false">TransactionManager</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: ToTypeAccess --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ToTypeAccess</maml:name> <maml:description> <maml:para>Return access as specific access type based on the NtType object.</maml:para> </maml:description> <command:parameterValue required="true">NtType</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtType</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: MapGenericRights --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>MapGenericRights</maml:name> <maml:description> <maml:para>Specify that any generic rights should be mapped to type specific rights.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> </command:parameters> <command:inputTypes> <command:inputType> <dev:type> <maml:name>NtApiDotNet.Ace</maml:name> <maml:uri /> </dev:type> <maml:description> <maml:para>Specify an ACE to extract the mask to map.</maml:para> </maml:description> </command:inputType> </command:inputTypes> <command:returnValues /> <command:examples> <command:example> <maml:title>---------- EXAMPLE 1 ----------</maml:title> <dev:code>Get-NtAccessMask -ProcessAccess DupHandle</dev:code> <dev:remarks> <maml:para>Get the Process DupHandle access right as an AccessMask</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 2 ----------</maml:title> <dev:code>Get-NtAccessMask -ProcessAccess DupHandle -ToGenericAccess</dev:code> <dev:remarks> <maml:para>Get the Process DupHandle access right as a GenericAccess value</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 3 ----------</maml:title> <dev:code>Get-NtAccessMask -AccessMask 0xFF -ToSpecificAccess Process</dev:code> <dev:remarks> <maml:para>Convert a raw access mask to a process access mask.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 4 ----------</maml:title> <dev:code>Get-NtAccessMask -AccessControlEntry $sd.Dacl[0] -ToSpecificAccess Thread</dev:code> <dev:remarks> <maml:para>Get the access mask from a security descriptor ACE and map to thread access.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 5 ----------</maml:title> <dev:code>$sd.Dacl | Get-NtAccessMask -ToSpecificAccess Thread</dev:code> <dev:remarks> <maml:para>Get the access mask from a list of security descriptor ACEs and map to thread access.</maml:para> </dev:remarks> </command:example> </command:examples> </command:command> <!-- Cmdlet: Connect-NtAlpcClient --> <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"> <command:details> <command:name>Connect-NtAlpcClient</command:name> <command:verb>Connect</command:verb> <command:noun>NtAlpcClient</command:noun> <maml:description> <maml:para>Connects to an ALPC server by path.</maml:para> </maml:description> </command:details> <maml:description> <maml:para>This cmdlet connects to an existing NT ALPC server. The absolute path to the object in the NT object manager name space must be specified. It's also possible to create the object relative to an existing object by specified the -Root parameter (if running on Win8+).</maml:para> </maml:description> <command:syntax> <!-- Parameter set: SidCheck --> <command:syntaxItem> <maml:name>Connect-NtAlpcClient</maml:name> <!-- Parameter: Path --> <command:parameter required="true" globbing="false" pipelineInput="false" position="0"> <maml:name>Path</maml:name> <maml:description> <maml:para>The NT object manager path to the object to use.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: CloseRoot --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CloseRoot</maml:name> <maml:description> <maml:para>Automatically close the Root object when this cmdlet finishes processing. Useful for pipelines.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ConnectionMessage --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ConnectionMessage</maml:name> <maml:description> <maml:para>Optional initial connection message.</maml:para> </maml:description> <command:parameterValue required="true">AlpcMessage</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.AlpcMessage</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: CreateDirectories --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CreateDirectories</maml:name> <maml:description> <maml:para>Create any necessary NtDirectory objects to create the required object. Will return the created directories as well as the object in the output. The new object will be the first entry in the list. This doesn't work when opening an object or creating keys/files.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: Flags --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Flags</maml:name> <maml:description> <maml:para>Flags for sending the initial message.</maml:para> <maml:para>Possible values: None, ReplyMessage, LpcMode, ReleaseMessage, SyncRequest, TrackPortReferences, WaitUserMode, WaitAlertable, WaitChargePolicy, Unknown1000000, Wow64Call</maml:para> </maml:description> <command:parameterValue required="true">AlpcMessageFlags</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.AlpcMessageFlags</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>SyncRequest</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReplyMessage</command:parameterValue> <command:parameterValue required="false" variableLength="false">LpcMode</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReleaseMessage</command:parameterValue> <command:parameterValue required="false" variableLength="false">SyncRequest</command:parameterValue> <command:parameterValue required="false" variableLength="false">TrackPortReferences</command:parameterValue> <command:parameterValue required="false" variableLength="false">WaitUserMode</command:parameterValue> <command:parameterValue required="false" variableLength="false">WaitAlertable</command:parameterValue> <command:parameterValue required="false" variableLength="false">WaitChargePolicy</command:parameterValue> <command:parameterValue required="false" variableLength="false">Unknown1000000</command:parameterValue> <command:parameterValue required="false" variableLength="false">Wow64Call</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: HandleObjectAttributes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>HandleObjectAttributes</maml:name> <maml:description> <maml:para>Optional object attributes for the handle.</maml:para> </maml:description> <command:parameterValue required="true">ObjectAttributes</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.ObjectAttributes</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Inherit --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Inherit</maml:name> <maml:description> <maml:para>Set to mark the new handle as inheritable. Can be used with ObjectAttributes.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: InMessageAttributes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>InMessageAttributes</maml:name> <maml:description> <maml:para>Optional inbound message attributes.</maml:para> </maml:description> <command:parameterValue required="true">AlpcReceiveMessageAttributes</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.AlpcReceiveMessageAttributes</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: ObjectAttributes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ObjectAttributes</maml:name> <maml:description> <maml:para>Object Attribute flags used during Open/Create calls.</maml:para> <maml:para>Possible values: None, ProtectClose, Inherit, AuditObjectClose, Permanent, Exclusive, CaseInsensitive, OpenIf, OpenLink, KernelHandle, ForceAccessCheck, IgnoreImpersonatedDevicemap, DontReparse</maml:para> </maml:description> <command:parameterValue required="true">AttributeFlags</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.AttributeFlags</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>CaseInsensitive</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ProtectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Inherit</command:parameterValue> <command:parameterValue required="false" variableLength="false">AuditObjectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Permanent</command:parameterValue> <command:parameterValue required="false" variableLength="false">Exclusive</command:parameterValue> <command:parameterValue required="false" variableLength="false">CaseInsensitive</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenIf</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenLink</command:parameterValue> <command:parameterValue required="false" variableLength="false">KernelHandle</command:parameterValue> <command:parameterValue required="false" variableLength="false">ForceAccessCheck</command:parameterValue> <command:parameterValue required="false" variableLength="false">IgnoreImpersonatedDevicemap</command:parameterValue> <command:parameterValue required="false" variableLength="false">DontReparse</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: OutMessageAttributes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>OutMessageAttributes</maml:name> <maml:description> <maml:para>Optional outbound message attributes.</maml:para> </maml:description> <command:parameterValue required="true">AlpcSendMessageAttributes</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.AlpcSendMessageAttributes</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: PortAttributes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>PortAttributes</maml:name> <maml:description> <maml:para>Optional port attributes.</maml:para> </maml:description> <command:parameterValue required="true">AlpcPortAttributes</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.AlpcPortAttributes</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: RequiredServerSid --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>RequiredServerSid</maml:name> <maml:description> <maml:para>Optional SID to verify the server's identity.</maml:para> </maml:description> <command:parameterValue required="true">Sid</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.Sid</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Root --> <command:parameter required="false" globbing="false" pipelineInput="true (ByValue)" position="named"> <maml:name>Root</maml:name> <maml:description> <maml:para>An existing open NT object to use when Path is relative.</maml:para> </maml:description> <command:parameterValue required="true">NtObject</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtObject</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Sddl --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Sddl</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object in SDDL format.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SecurityDescriptor --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityDescriptor</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object.</maml:para> </maml:description> <command:parameterValue required="true">SecurityDescriptor</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityDescriptor</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SecurityQualityOfService --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityQualityOfService</maml:name> <maml:description> <maml:para>Set to provide an explicit security quality of service when opening files/namedpipes.</maml:para> </maml:description> <command:parameterValue required="true">SecurityQualityOfService</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityQualityOfService</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Timeout --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Timeout</maml:name> <maml:description> <maml:para>Optional connection timeout.</maml:para> </maml:description> <command:parameterValue required="true">NtWaitTimeout</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtWaitTimeout</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Win32Path --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Win32Path</maml:name> <maml:description> <maml:para>Use a Win32 path for lookups. For NT objects this means relative to BNO, for files means a DOS style path.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> </command:syntaxItem> <!-- Parameter set: SdCheck --> <command:syntaxItem> <maml:name>Connect-NtAlpcClient</maml:name> <!-- Parameter: Path --> <command:parameter required="true" globbing="false" pipelineInput="false" position="0"> <maml:name>Path</maml:name> <maml:description> <maml:para>The NT object manager path to the object to use.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: CloseRoot --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CloseRoot</maml:name> <maml:description> <maml:para>Automatically close the Root object when this cmdlet finishes processing. Useful for pipelines.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ConnectionMessage --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ConnectionMessage</maml:name> <maml:description> <maml:para>Optional initial connection message.</maml:para> </maml:description> <command:parameterValue required="true">AlpcMessage</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.AlpcMessage</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: CreateDirectories --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CreateDirectories</maml:name> <maml:description> <maml:para>Create any necessary NtDirectory objects to create the required object. Will return the created directories as well as the object in the output. The new object will be the first entry in the list. This doesn't work when opening an object or creating keys/files.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: Flags --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Flags</maml:name> <maml:description> <maml:para>Flags for sending the initial message.</maml:para> <maml:para>Possible values: None, ReplyMessage, LpcMode, ReleaseMessage, SyncRequest, TrackPortReferences, WaitUserMode, WaitAlertable, WaitChargePolicy, Unknown1000000, Wow64Call</maml:para> </maml:description> <command:parameterValue required="true">AlpcMessageFlags</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.AlpcMessageFlags</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>SyncRequest</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReplyMessage</command:parameterValue> <command:parameterValue required="false" variableLength="false">LpcMode</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReleaseMessage</command:parameterValue> <command:parameterValue required="false" variableLength="false">SyncRequest</command:parameterValue> <command:parameterValue required="false" variableLength="false">TrackPortReferences</command:parameterValue> <command:parameterValue required="false" variableLength="false">WaitUserMode</command:parameterValue> <command:parameterValue required="false" variableLength="false">WaitAlertable</command:parameterValue> <command:parameterValue required="false" variableLength="false">WaitChargePolicy</command:parameterValue> <command:parameterValue required="false" variableLength="false">Unknown1000000</command:parameterValue> <command:parameterValue required="false" variableLength="false">Wow64Call</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: HandleObjectAttributes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>HandleObjectAttributes</maml:name> <maml:description> <maml:para>Optional object attributes for the handle.</maml:para> </maml:description> <command:parameterValue required="true">ObjectAttributes</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.ObjectAttributes</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Inherit --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Inherit</maml:name> <maml:description> <maml:para>Set to mark the new handle as inheritable. Can be used with ObjectAttributes.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: InMessageAttributes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>InMessageAttributes</maml:name> <maml:description> <maml:para>Optional inbound message attributes.</maml:para> </maml:description> <command:parameterValue required="true">AlpcReceiveMessageAttributes</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.AlpcReceiveMessageAttributes</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: ObjectAttributes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ObjectAttributes</maml:name> <maml:description> <maml:para>Object Attribute flags used during Open/Create calls.</maml:para> <maml:para>Possible values: None, ProtectClose, Inherit, AuditObjectClose, Permanent, Exclusive, CaseInsensitive, OpenIf, OpenLink, KernelHandle, ForceAccessCheck, IgnoreImpersonatedDevicemap, DontReparse</maml:para> </maml:description> <command:parameterValue required="true">AttributeFlags</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.AttributeFlags</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>CaseInsensitive</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ProtectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Inherit</command:parameterValue> <command:parameterValue required="false" variableLength="false">AuditObjectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Permanent</command:parameterValue> <command:parameterValue required="false" variableLength="false">Exclusive</command:parameterValue> <command:parameterValue required="false" variableLength="false">CaseInsensitive</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenIf</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenLink</command:parameterValue> <command:parameterValue required="false" variableLength="false">KernelHandle</command:parameterValue> <command:parameterValue required="false" variableLength="false">ForceAccessCheck</command:parameterValue> <command:parameterValue required="false" variableLength="false">IgnoreImpersonatedDevicemap</command:parameterValue> <command:parameterValue required="false" variableLength="false">DontReparse</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: OutMessageAttributes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>OutMessageAttributes</maml:name> <maml:description> <maml:para>Optional outbound message attributes.</maml:para> </maml:description> <command:parameterValue required="true">AlpcSendMessageAttributes</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.AlpcSendMessageAttributes</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: PortAttributes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>PortAttributes</maml:name> <maml:description> <maml:para>Optional port attributes.</maml:para> </maml:description> <command:parameterValue required="true">AlpcPortAttributes</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.AlpcPortAttributes</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Root --> <command:parameter required="false" globbing="false" pipelineInput="true (ByValue)" position="named"> <maml:name>Root</maml:name> <maml:description> <maml:para>An existing open NT object to use when Path is relative.</maml:para> </maml:description> <command:parameterValue required="true">NtObject</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtObject</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Sddl --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Sddl</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object in SDDL format.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SecurityDescriptor --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityDescriptor</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object.</maml:para> </maml:description> <command:parameterValue required="true">SecurityDescriptor</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityDescriptor</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SecurityQualityOfService --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityQualityOfService</maml:name> <maml:description> <maml:para>Set to provide an explicit security quality of service when opening files/namedpipes.</maml:para> </maml:description> <command:parameterValue required="true">SecurityQualityOfService</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityQualityOfService</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: ServerSecurityRequirements --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ServerSecurityRequirements</maml:name> <maml:description> <maml:para>Optional security descriptor to verify the server's identity.</maml:para> </maml:description> <command:parameterValue required="true">SecurityDescriptor</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityDescriptor</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Timeout --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Timeout</maml:name> <maml:description> <maml:para>Optional connection timeout.</maml:para> </maml:description> <command:parameterValue required="true">NtWaitTimeout</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtWaitTimeout</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Win32Path --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Win32Path</maml:name> <maml:description> <maml:para>Use a Win32 path for lookups. For NT objects this means relative to BNO, for files means a DOS style path.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> </command:syntaxItem> </command:syntax> <command:parameters> <!-- Parameter: Path --> <command:parameter required="true" globbing="false" pipelineInput="false" position="0"> <maml:name>Path</maml:name> <maml:description> <maml:para>The NT object manager path to the object to use.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: HandleObjectAttributes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>HandleObjectAttributes</maml:name> <maml:description> <maml:para>Optional object attributes for the handle.</maml:para> </maml:description> <command:parameterValue required="true">ObjectAttributes</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.ObjectAttributes</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: PortAttributes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>PortAttributes</maml:name> <maml:description> <maml:para>Optional port attributes.</maml:para> </maml:description> <command:parameterValue required="true">AlpcPortAttributes</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.AlpcPortAttributes</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Flags --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Flags</maml:name> <maml:description> <maml:para>Flags for sending the initial message.</maml:para> <maml:para>Possible values: None, ReplyMessage, LpcMode, ReleaseMessage, SyncRequest, TrackPortReferences, WaitUserMode, WaitAlertable, WaitChargePolicy, Unknown1000000, Wow64Call</maml:para> </maml:description> <command:parameterValue required="true">AlpcMessageFlags</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.AlpcMessageFlags</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>SyncRequest</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReplyMessage</command:parameterValue> <command:parameterValue required="false" variableLength="false">LpcMode</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReleaseMessage</command:parameterValue> <command:parameterValue required="false" variableLength="false">SyncRequest</command:parameterValue> <command:parameterValue required="false" variableLength="false">TrackPortReferences</command:parameterValue> <command:parameterValue required="false" variableLength="false">WaitUserMode</command:parameterValue> <command:parameterValue required="false" variableLength="false">WaitAlertable</command:parameterValue> <command:parameterValue required="false" variableLength="false">WaitChargePolicy</command:parameterValue> <command:parameterValue required="false" variableLength="false">Unknown1000000</command:parameterValue> <command:parameterValue required="false" variableLength="false">Wow64Call</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: RequiredServerSid --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>RequiredServerSid</maml:name> <maml:description> <maml:para>Optional SID to verify the server's identity.</maml:para> </maml:description> <command:parameterValue required="true">Sid</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.Sid</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: ServerSecurityRequirements --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ServerSecurityRequirements</maml:name> <maml:description> <maml:para>Optional security descriptor to verify the server's identity.</maml:para> </maml:description> <command:parameterValue required="true">SecurityDescriptor</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityDescriptor</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: ConnectionMessage --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ConnectionMessage</maml:name> <maml:description> <maml:para>Optional initial connection message.</maml:para> </maml:description> <command:parameterValue required="true">AlpcMessage</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.AlpcMessage</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: OutMessageAttributes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>OutMessageAttributes</maml:name> <maml:description> <maml:para>Optional outbound message attributes.</maml:para> </maml:description> <command:parameterValue required="true">AlpcSendMessageAttributes</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.AlpcSendMessageAttributes</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: InMessageAttributes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>InMessageAttributes</maml:name> <maml:description> <maml:para>Optional inbound message attributes.</maml:para> </maml:description> <command:parameterValue required="true">AlpcReceiveMessageAttributes</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.AlpcReceiveMessageAttributes</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Timeout --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Timeout</maml:name> <maml:description> <maml:para>Optional connection timeout.</maml:para> </maml:description> <command:parameterValue required="true">NtWaitTimeout</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtWaitTimeout</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Root --> <command:parameter required="false" globbing="false" pipelineInput="true (ByValue)" position="named"> <maml:name>Root</maml:name> <maml:description> <maml:para>An existing open NT object to use when Path is relative.</maml:para> </maml:description> <command:parameterValue required="true">NtObject</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtObject</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Win32Path --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Win32Path</maml:name> <maml:description> <maml:para>Use a Win32 path for lookups. For NT objects this means relative to BNO, for files means a DOS style path.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: CloseRoot --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CloseRoot</maml:name> <maml:description> <maml:para>Automatically close the Root object when this cmdlet finishes processing. Useful for pipelines.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: CreateDirectories --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CreateDirectories</maml:name> <maml:description> <maml:para>Create any necessary NtDirectory objects to create the required object. Will return the created directories as well as the object in the output. The new object will be the first entry in the list. This doesn't work when opening an object or creating keys/files.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ObjectAttributes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ObjectAttributes</maml:name> <maml:description> <maml:para>Object Attribute flags used during Open/Create calls.</maml:para> <maml:para>Possible values: None, ProtectClose, Inherit, AuditObjectClose, Permanent, Exclusive, CaseInsensitive, OpenIf, OpenLink, KernelHandle, ForceAccessCheck, IgnoreImpersonatedDevicemap, DontReparse</maml:para> </maml:description> <command:parameterValue required="true">AttributeFlags</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.AttributeFlags</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>CaseInsensitive</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ProtectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Inherit</command:parameterValue> <command:parameterValue required="false" variableLength="false">AuditObjectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Permanent</command:parameterValue> <command:parameterValue required="false" variableLength="false">Exclusive</command:parameterValue> <command:parameterValue required="false" variableLength="false">CaseInsensitive</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenIf</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenLink</command:parameterValue> <command:parameterValue required="false" variableLength="false">KernelHandle</command:parameterValue> <command:parameterValue required="false" variableLength="false">ForceAccessCheck</command:parameterValue> <command:parameterValue required="false" variableLength="false">IgnoreImpersonatedDevicemap</command:parameterValue> <command:parameterValue required="false" variableLength="false">DontReparse</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: SecurityDescriptor --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityDescriptor</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object.</maml:para> </maml:description> <command:parameterValue required="true">SecurityDescriptor</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityDescriptor</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Inherit --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Inherit</maml:name> <maml:description> <maml:para>Set to mark the new handle as inheritable. Can be used with ObjectAttributes.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: Sddl --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Sddl</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object in SDDL format.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SecurityQualityOfService --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityQualityOfService</maml:name> <maml:description> <maml:para>Set to provide an explicit security quality of service when opening files/namedpipes.</maml:para> </maml:description> <command:parameterValue required="true">SecurityQualityOfService</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityQualityOfService</maml:name> <maml:uri /> </dev:type> </command:parameter> </command:parameters> <command:inputTypes> <command:inputType> <dev:type> <maml:name>NtApiDotNet.NtObject</maml:name> <maml:uri /> </dev:type> <maml:description> <maml:para>An existing open NT object to use when Path is relative.</maml:para> </maml:description> </command:inputType> </command:inputTypes> <command:returnValues> <!-- OutputType: NtAlpcClient --> <command:returnValue> <dev:type> <maml:name>NtApiDotNet.NtAlpcClient</maml:name> <maml:uri /> </dev:type> </command:returnValue> </command:returnValues> <command:examples> <command:example> <maml:title>---------- EXAMPLE 1 ----------</maml:title> <dev:code>$obj = Connect-NtAlpcClient "\RPC Control\ABC"</dev:code> <dev:remarks> <maml:para>Connect to an ALPC object with an absolute path.</maml:para> </dev:remarks> </command:example> </command:examples> <maml:relatedLinks> <maml:navigationLink> <maml:linkText>about_ManagingNtObjectLifetime</maml:linkText> </maml:navigationLink> </maml:relatedLinks> </command:command> <!-- Cmdlet: New-NtAlpcDataView --> <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"> <command:details> <command:name>New-NtAlpcDataView</command:name> <command:verb>New</command:verb> <command:noun>NtAlpcDataView</command:noun> <maml:description> <maml:para>Creates a new data view from a port section.</maml:para> </maml:description> </command:details> <maml:description> <maml:para>This cmdlet creates a new data view from a port section specified size and flags.</maml:para> </maml:description> <command:syntax> <!-- Parameter set: __AllParameterSets --> <command:syntaxItem> <maml:name>New-NtAlpcDataView</maml:name> <!-- Parameter: Section --> <command:parameter required="true" globbing="false" pipelineInput="false" position="0"> <maml:name>Section</maml:name> <maml:description> <maml:para>Specify the port to create the port section from.</maml:para> </maml:description> <command:parameterValue required="true">AlpcPortSection</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.AlpcPortSection</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Size --> <command:parameter required="false" globbing="false" pipelineInput="false" position="1"> <maml:name>Size</maml:name> <maml:description> <maml:para>Specify the size of the data view. This will be rounded up to the nearest allocation boundary.</maml:para> </maml:description> <command:parameterValue required="true">long</command:parameterValue> <dev:type> <maml:name>System.Int64</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>0</dev:defaultValue> </command:parameter> <!-- Parameter: Flags --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Flags</maml:name> <maml:description> <maml:para>Specify data view attribute flags.</maml:para> <maml:para>Possible values: None, ReleaseView, AutoRelease, Secure</maml:para> </maml:description> <command:parameterValue required="true">AlpcDataViewAttrFlags</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.AlpcDataViewAttrFlags</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReleaseView</command:parameterValue> <command:parameterValue required="false" variableLength="false">AutoRelease</command:parameterValue> <command:parameterValue required="false" variableLength="false">Secure</command:parameterValue> </command:parameterValueGroup> </command:parameter> </command:syntaxItem> </command:syntax> <command:parameters> <!-- Parameter: Section --> <command:parameter required="true" globbing="false" pipelineInput="false" position="0"> <maml:name>Section</maml:name> <maml:description> <maml:para>Specify the port to create the port section from.</maml:para> </maml:description> <command:parameterValue required="true">AlpcPortSection</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.AlpcPortSection</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Size --> <command:parameter required="false" globbing="false" pipelineInput="false" position="1"> <maml:name>Size</maml:name> <maml:description> <maml:para>Specify the size of the data view. This will be rounded up to the nearest allocation boundary.</maml:para> </maml:description> <command:parameterValue required="true">long</command:parameterValue> <dev:type> <maml:name>System.Int64</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>0</dev:defaultValue> </command:parameter> <!-- Parameter: Flags --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Flags</maml:name> <maml:description> <maml:para>Specify data view attribute flags.</maml:para> <maml:para>Possible values: None, ReleaseView, AutoRelease, Secure</maml:para> </maml:description> <command:parameterValue required="true">AlpcDataViewAttrFlags</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.AlpcDataViewAttrFlags</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReleaseView</command:parameterValue> <command:parameterValue required="false" variableLength="false">AutoRelease</command:parameterValue> <command:parameterValue required="false" variableLength="false">Secure</command:parameterValue> </command:parameterValueGroup> </command:parameter> </command:parameters> <command:inputTypes /> <command:returnValues> <!-- OutputType: SafeAlpcDataViewBuffer --> <command:returnValue> <dev:type> <maml:name>NtApiDotNet.SafeAlpcDataViewBuffer</maml:name> <maml:uri /> </dev:type> </command:returnValue> </command:returnValues> <command:examples> <command:example> <maml:title>---------- EXAMPLE 1 ----------</maml:title> <dev:code>$s = New-NtAlpcDataView -Section $section -Size 10000</dev:code> <dev:remarks> <maml:para>Create a new data view with size 10000.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 2 ----------</maml:title> <dev:code>$s = New-NtAlpcDataView -Size 10000 -Flags Secure</dev:code> <dev:remarks> <maml:para>Create a new secure data view section of size 10000.</maml:para> </dev:remarks> </command:example> </command:examples> <maml:relatedLinks> <maml:navigationLink> <maml:linkText>about_ManagingNtObjectLifetime</maml:linkText> </maml:navigationLink> </maml:relatedLinks> </command:command> <!-- Cmdlet: New-NtAlpcMessage --> <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"> <command:details> <command:name>New-NtAlpcMessage</command:name> <command:verb>New</command:verb> <command:noun>NtAlpcMessage</command:noun> <maml:description> <maml:para>Creates a new ALPC message.</maml:para> </maml:description> </command:details> <maml:description> <maml:para>This cmdlet creates a new ALPC message based on a byte array or an length initializer. You can also specify a text encoding which allows you to use the DataString property.</maml:para> </maml:description> <command:syntax> <!-- Parameter set: FromBytes --> <command:syntaxItem> <maml:name>New-NtAlpcMessage</maml:name> <!-- Parameter: Bytes --> <command:parameter required="true" globbing="false" pipelineInput="false" position="0"> <maml:name>Bytes</maml:name> <maml:description> <maml:para>Create the message from a byte array.</maml:para> </maml:description> <command:parameterValue required="true">byte[]</command:parameterValue> <dev:type> <maml:name>System.Byte[]</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: AllocatedDataLength --> <command:parameter required="false" globbing="false" pipelineInput="false" position="1"> <maml:name>AllocatedDataLength</maml:name> <maml:description> <maml:para>Specify the message with allocated length.</maml:para> </maml:description> <command:parameterValue required="true">int</command:parameterValue> <dev:type> <maml:name>System.Int32</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>65495</dev:defaultValue> </command:parameter> <!-- Parameter: Encoding --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Encoding</maml:name> <maml:description> <maml:para>Get or set the text encoding for this message.</maml:para> <maml:para>Possible values: Binary, Unicode, BigEndianUnicode, UTF8, UTF32, UTF7</maml:para> </maml:description> <command:parameterValue required="true">TextEncodingType</command:parameterValue> <dev:type> <maml:name>NtObjectManager.TextEncodingType</maml:name> <maml:uri /> <maml:description> <maml:para>Enumeration to specify a text encoding.</maml:para> </maml:description> </dev:type> <dev:defaultValue>Unicode</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">Binary</command:parameterValue> <command:parameterValue required="false" variableLength="false">Unicode</command:parameterValue> <command:parameterValue required="false" variableLength="false">BigEndianUnicode</command:parameterValue> <command:parameterValue required="false" variableLength="false">UTF8</command:parameterValue> <command:parameterValue required="false" variableLength="false">UTF32</command:parameterValue> <command:parameterValue required="false" variableLength="false">UTF7</command:parameterValue> </command:parameterValueGroup> </command:parameter> </command:syntaxItem> <!-- Parameter set: FromString --> <command:syntaxItem> <maml:name>New-NtAlpcMessage</maml:name> <!-- Parameter: String --> <command:parameter required="true" globbing="false" pipelineInput="false" position="0"> <maml:name>String</maml:name> <maml:description> <maml:para>Create the message from a string.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: AllocatedDataLength --> <command:parameter required="false" globbing="false" pipelineInput="false" position="1"> <maml:name>AllocatedDataLength</maml:name> <maml:description> <maml:para>Specify the message with allocated length.</maml:para> </maml:description> <command:parameterValue required="true">int</command:parameterValue> <dev:type> <maml:name>System.Int32</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>65495</dev:defaultValue> </command:parameter> <!-- Parameter: Encoding --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Encoding</maml:name> <maml:description> <maml:para>Get or set the text encoding for this message.</maml:para> <maml:para>Possible values: Binary, Unicode, BigEndianUnicode, UTF8, UTF32, UTF7</maml:para> </maml:description> <command:parameterValue required="true">TextEncodingType</command:parameterValue> <dev:type> <maml:name>NtObjectManager.TextEncodingType</maml:name> <maml:uri /> <maml:description> <maml:para>Enumeration to specify a text encoding.</maml:para> </maml:description> </dev:type> <dev:defaultValue>Unicode</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">Binary</command:parameterValue> <command:parameterValue required="false" variableLength="false">Unicode</command:parameterValue> <command:parameterValue required="false" variableLength="false">BigEndianUnicode</command:parameterValue> <command:parameterValue required="false" variableLength="false">UTF8</command:parameterValue> <command:parameterValue required="false" variableLength="false">UTF32</command:parameterValue> <command:parameterValue required="false" variableLength="false">UTF7</command:parameterValue> </command:parameterValueGroup> </command:parameter> </command:syntaxItem> <!-- Parameter set: FromLength --> <command:syntaxItem> <maml:name>New-NtAlpcMessage</maml:name> <!-- Parameter: AllocatedDataLength --> <command:parameter required="false" globbing="false" pipelineInput="false" position="0"> <maml:name>AllocatedDataLength</maml:name> <maml:description> <maml:para>Specify the message with allocated length.</maml:para> </maml:description> <command:parameterValue required="true">int</command:parameterValue> <dev:type> <maml:name>System.Int32</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>65495</dev:defaultValue> </command:parameter> <!-- Parameter: Encoding --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Encoding</maml:name> <maml:description> <maml:para>Get or set the text encoding for this message.</maml:para> <maml:para>Possible values: Binary, Unicode, BigEndianUnicode, UTF8, UTF32, UTF7</maml:para> </maml:description> <command:parameterValue required="true">TextEncodingType</command:parameterValue> <dev:type> <maml:name>NtObjectManager.TextEncodingType</maml:name> <maml:uri /> <maml:description> <maml:para>Enumeration to specify a text encoding.</maml:para> </maml:description> </dev:type> <dev:defaultValue>Unicode</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">Binary</command:parameterValue> <command:parameterValue required="false" variableLength="false">Unicode</command:parameterValue> <command:parameterValue required="false" variableLength="false">BigEndianUnicode</command:parameterValue> <command:parameterValue required="false" variableLength="false">UTF8</command:parameterValue> <command:parameterValue required="false" variableLength="false">UTF32</command:parameterValue> <command:parameterValue required="false" variableLength="false">UTF7</command:parameterValue> </command:parameterValueGroup> </command:parameter> </command:syntaxItem> </command:syntax> <command:parameters> <!-- Parameter: Bytes --> <command:parameter required="true" globbing="false" pipelineInput="false" position="0"> <maml:name>Bytes</maml:name> <maml:description> <maml:para>Create the message from a byte array.</maml:para> </maml:description> <command:parameterValue required="true">byte[]</command:parameterValue> <dev:type> <maml:name>System.Byte[]</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: String --> <command:parameter required="true" globbing="false" pipelineInput="false" position="0"> <maml:name>String</maml:name> <maml:description> <maml:para>Create the message from a string.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Encoding --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Encoding</maml:name> <maml:description> <maml:para>Get or set the text encoding for this message.</maml:para> <maml:para>Possible values: Binary, Unicode, BigEndianUnicode, UTF8, UTF32, UTF7</maml:para> </maml:description> <command:parameterValue required="true">TextEncodingType</command:parameterValue> <dev:type> <maml:name>NtObjectManager.TextEncodingType</maml:name> <maml:uri /> <maml:description> <maml:para>Enumeration to specify a text encoding.</maml:para> </maml:description> </dev:type> <dev:defaultValue>Unicode</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">Binary</command:parameterValue> <command:parameterValue required="false" variableLength="false">Unicode</command:parameterValue> <command:parameterValue required="false" variableLength="false">BigEndianUnicode</command:parameterValue> <command:parameterValue required="false" variableLength="false">UTF8</command:parameterValue> <command:parameterValue required="false" variableLength="false">UTF32</command:parameterValue> <command:parameterValue required="false" variableLength="false">UTF7</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: AllocatedDataLength --> <command:parameter required="false" globbing="false" pipelineInput="false" position="0"> <maml:name>AllocatedDataLength</maml:name> <maml:description> <maml:para>Specify the message with allocated length.</maml:para> </maml:description> <command:parameterValue required="true">int</command:parameterValue> <dev:type> <maml:name>System.Int32</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>65495</dev:defaultValue> </command:parameter> </command:parameters> <command:inputTypes /> <command:returnValues> <!-- OutputType: AlpcMessage --> <command:returnValue> <dev:type> <maml:name>NtApiDotNet.AlpcMessage</maml:name> <maml:uri /> </dev:type> </command:returnValue> </command:returnValues> <command:examples> <command:example> <maml:title>---------- EXAMPLE 1 ----------</maml:title> <dev:code>$msg = New-NtAlpcMessage -Bytes @(0, 1, 2, 3)</dev:code> <dev:remarks> <maml:para>Create a new message from a byte array.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 2 ----------</maml:title> <dev:code>$msg = New-NtAlpcMessage -Bytes @(0, 1, 2, 3) -AllocatedDataLength 1000</dev:code> <dev:remarks> <maml:para>Create a new message from a byte array with an allocated length of 1000 bytes.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 3 ----------</maml:title> <dev:code>$msg = New-NtAlpcMessage -AllocatedDataLength 1000</dev:code> <dev:remarks> <maml:para>Create a new message with an allocated length of 1000 bytes.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 4 ----------</maml:title> <dev:code>$msg = New-NtAlpcMessage -AllocatedDataLength 1000 -Encoding UTF8</dev:code> <dev:remarks> <maml:para>Create a new message with an allocated length of 1000 bytes and the message encoding is UTF8.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 5 ----------</maml:title> <dev:code>$msg = New-NtAlpcMessage -String "Hello World!"</dev:code> <dev:remarks> <maml:para>Create a new message from a unicode string.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 6 ----------</maml:title> <dev:code>$msg = New-NtAlpcMessage -String "Hello World!" -Encoding UTF8</dev:code> <dev:remarks> <maml:para>Create a new message from a UTF8 string.</maml:para> </dev:remarks> </command:example> </command:examples> <maml:relatedLinks> <maml:navigationLink> <maml:linkText>about_ManagingNtObjectLifetime</maml:linkText> </maml:navigationLink> </maml:relatedLinks> </command:command> <!-- Cmdlet: Receive-NtAlpcMessage --> <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"> <command:details> <command:name>Receive-NtAlpcMessage</command:name> <command:verb>Receive</command:verb> <command:noun>NtAlpcMessage</command:noun> <maml:description> <maml:para>Receives a message on an ALPC port.</maml:para> </maml:description> </command:details> <maml:description> <maml:para>This cmdlet receives a message on an ALPC port.</maml:para> </maml:description> <command:syntax> <!-- Parameter set: __AllParameterSets --> <command:syntaxItem> <maml:name>Receive-NtAlpcMessage</maml:name> <!-- Parameter: Port --> <command:parameter required="true" globbing="false" pipelineInput="false" position="0"> <maml:name>Port</maml:name> <maml:description> <maml:para>Specify the port to send the message on.</maml:para> </maml:description> <command:parameterValue required="true">NtAlpc</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtAlpc</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: ReceiveLength --> <command:parameter required="false" globbing="false" pipelineInput="false" position="1"> <maml:name>ReceiveLength</maml:name> <maml:description> <maml:para>Specify the maximum length of message to receive.</maml:para> </maml:description> <command:parameterValue required="true">int</command:parameterValue> <dev:type> <maml:name>System.Int32</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>65495</dev:defaultValue> </command:parameter> <!-- Parameter: Flags --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Flags</maml:name> <maml:description> <maml:para>Specify send flags.</maml:para> <maml:para>Possible values: None, ReplyMessage, LpcMode, ReleaseMessage, SyncRequest, TrackPortReferences, WaitUserMode, WaitAlertable, WaitChargePolicy, Unknown1000000, Wow64Call</maml:para> </maml:description> <command:parameterValue required="true">AlpcMessageFlags</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.AlpcMessageFlags</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>ReleaseMessage</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReplyMessage</command:parameterValue> <command:parameterValue required="false" variableLength="false">LpcMode</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReleaseMessage</command:parameterValue> <command:parameterValue required="false" variableLength="false">SyncRequest</command:parameterValue> <command:parameterValue required="false" variableLength="false">TrackPortReferences</command:parameterValue> <command:parameterValue required="false" variableLength="false">WaitUserMode</command:parameterValue> <command:parameterValue required="false" variableLength="false">WaitAlertable</command:parameterValue> <command:parameterValue required="false" variableLength="false">WaitChargePolicy</command:parameterValue> <command:parameterValue required="false" variableLength="false">Unknown1000000</command:parameterValue> <command:parameterValue required="false" variableLength="false">Wow64Call</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: ReceiveAttributes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ReceiveAttributes</maml:name> <maml:description> <maml:para>Specify receive attributes.</maml:para> </maml:description> <command:parameterValue required="true">AlpcReceiveMessageAttributes</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.AlpcReceiveMessageAttributes</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: TimeoutMs --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>TimeoutMs</maml:name> <maml:description> <maml:para>Specify optional timeout in MS.</maml:para> </maml:description> <command:parameterValue required="true">long</command:parameterValue> <dev:type> <maml:name>System.Int64</maml:name> <maml:uri /> </dev:type> </command:parameter> </command:syntaxItem> </command:syntax> <command:parameters> <!-- Parameter: Port --> <command:parameter required="true" globbing="false" pipelineInput="false" position="0"> <maml:name>Port</maml:name> <maml:description> <maml:para>Specify the port to send the message on.</maml:para> </maml:description> <command:parameterValue required="true">NtAlpc</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtAlpc</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Flags --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Flags</maml:name> <maml:description> <maml:para>Specify send flags.</maml:para> <maml:para>Possible values: None, ReplyMessage, LpcMode, ReleaseMessage, SyncRequest, TrackPortReferences, WaitUserMode, WaitAlertable, WaitChargePolicy, Unknown1000000, Wow64Call</maml:para> </maml:description> <command:parameterValue required="true">AlpcMessageFlags</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.AlpcMessageFlags</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>ReleaseMessage</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReplyMessage</command:parameterValue> <command:parameterValue required="false" variableLength="false">LpcMode</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReleaseMessage</command:parameterValue> <command:parameterValue required="false" variableLength="false">SyncRequest</command:parameterValue> <command:parameterValue required="false" variableLength="false">TrackPortReferences</command:parameterValue> <command:parameterValue required="false" variableLength="false">WaitUserMode</command:parameterValue> <command:parameterValue required="false" variableLength="false">WaitAlertable</command:parameterValue> <command:parameterValue required="false" variableLength="false">WaitChargePolicy</command:parameterValue> <command:parameterValue required="false" variableLength="false">Unknown1000000</command:parameterValue> <command:parameterValue required="false" variableLength="false">Wow64Call</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: TimeoutMs --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>TimeoutMs</maml:name> <maml:description> <maml:para>Specify optional timeout in MS.</maml:para> </maml:description> <command:parameterValue required="true">long</command:parameterValue> <dev:type> <maml:name>System.Int64</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: ReceiveLength --> <command:parameter required="false" globbing="false" pipelineInput="false" position="1"> <maml:name>ReceiveLength</maml:name> <maml:description> <maml:para>Specify the maximum length of message to receive.</maml:para> </maml:description> <command:parameterValue required="true">int</command:parameterValue> <dev:type> <maml:name>System.Int32</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>65495</dev:defaultValue> </command:parameter> <!-- Parameter: ReceiveAttributes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ReceiveAttributes</maml:name> <maml:description> <maml:para>Specify receive attributes.</maml:para> </maml:description> <command:parameterValue required="true">AlpcReceiveMessageAttributes</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.AlpcReceiveMessageAttributes</maml:name> <maml:uri /> </dev:type> </command:parameter> </command:parameters> <command:inputTypes /> <command:returnValues /> <command:examples> <command:example> <maml:title>---------- EXAMPLE 1 ----------</maml:title> <dev:code>$recv_msg = Receive-NtAlpcMessage -Port $port -ReceiveLength 80</dev:code> <dev:remarks> <maml:para>Receive a message of up to 80 bytes.</maml:para> </dev:remarks> </command:example> </command:examples> <maml:relatedLinks> <maml:navigationLink> <maml:linkText>about_ManagingNtObjectLifetime</maml:linkText> </maml:navigationLink> </maml:relatedLinks> </command:command> <!-- Cmdlet: Send-NtAlpcMessage --> <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"> <command:details> <command:name>Send-NtAlpcMessage</command:name> <command:verb>Send</command:verb> <command:noun>NtAlpcMessage</command:noun> <maml:description> <maml:para>Sends a message on an ALPC port and optionally receives one as well.</maml:para> </maml:description> </command:details> <maml:description> <maml:para>This cmdlet sends a message on an ALPC port and optionally receives ones.</maml:para> </maml:description> <command:syntax> <!-- Parameter set: FromBytes --> <command:syntaxItem> <maml:name>Send-NtAlpcMessage</maml:name> <!-- Parameter: Port --> <command:parameter required="true" globbing="false" pipelineInput="false" position="0"> <maml:name>Port</maml:name> <maml:description> <maml:para>Specify the port to send the message on.</maml:para> </maml:description> <command:parameterValue required="true">NtAlpc</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtAlpc</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Bytes --> <command:parameter required="true" globbing="false" pipelineInput="false" position="1"> <maml:name>Bytes</maml:name> <maml:description> <maml:para>Specify message to send from a byte array.</maml:para> </maml:description> <command:parameterValue required="true">byte[]</command:parameterValue> <dev:type> <maml:name>System.Byte[]</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Flags --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Flags</maml:name> <maml:description> <maml:para>Specify send flags.</maml:para> <maml:para>Possible values: None, ReplyMessage, LpcMode, ReleaseMessage, SyncRequest, TrackPortReferences, WaitUserMode, WaitAlertable, WaitChargePolicy, Unknown1000000, Wow64Call</maml:para> </maml:description> <command:parameterValue required="true">AlpcMessageFlags</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.AlpcMessageFlags</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>ReleaseMessage</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReplyMessage</command:parameterValue> <command:parameterValue required="false" variableLength="false">LpcMode</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReleaseMessage</command:parameterValue> <command:parameterValue required="false" variableLength="false">SyncRequest</command:parameterValue> <command:parameterValue required="false" variableLength="false">TrackPortReferences</command:parameterValue> <command:parameterValue required="false" variableLength="false">WaitUserMode</command:parameterValue> <command:parameterValue required="false" variableLength="false">WaitAlertable</command:parameterValue> <command:parameterValue required="false" variableLength="false">WaitChargePolicy</command:parameterValue> <command:parameterValue required="false" variableLength="false">Unknown1000000</command:parameterValue> <command:parameterValue required="false" variableLength="false">Wow64Call</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: ReceiveAttributes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ReceiveAttributes</maml:name> <maml:description> <maml:para>Specify receive attributes.</maml:para> </maml:description> <command:parameterValue required="true">AlpcReceiveMessageAttributes</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.AlpcReceiveMessageAttributes</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: ReceiveLength --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ReceiveLength</maml:name> <maml:description> <maml:para>Specify optional length of message to receive.</maml:para> </maml:description> <command:parameterValue required="true">int</command:parameterValue> <dev:type> <maml:name>System.Int32</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SendAttributes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SendAttributes</maml:name> <maml:description> <maml:para>Specify send attributes.</maml:para> </maml:description> <command:parameterValue required="true">AlpcSendMessageAttributes</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.AlpcSendMessageAttributes</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: TimeoutMs --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>TimeoutMs</maml:name> <maml:description> <maml:para>Specify optional timeout in MS.</maml:para> </maml:description> <command:parameterValue required="true">long</command:parameterValue> <dev:type> <maml:name>System.Int64</maml:name> <maml:uri /> </dev:type> </command:parameter> </command:syntaxItem> <!-- Parameter set: FromMsg --> <command:syntaxItem> <maml:name>Send-NtAlpcMessage</maml:name> <!-- Parameter: Port --> <command:parameter required="true" globbing="false" pipelineInput="false" position="0"> <maml:name>Port</maml:name> <maml:description> <maml:para>Specify the port to send the message on.</maml:para> </maml:description> <command:parameterValue required="true">NtAlpc</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtAlpc</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Message --> <command:parameter required="true" globbing="false" pipelineInput="false" position="1"> <maml:name>Message</maml:name> <maml:description> <maml:para>Specify message to send.</maml:para> </maml:description> <command:parameterValue required="true">AlpcMessage</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.AlpcMessage</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Flags --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Flags</maml:name> <maml:description> <maml:para>Specify send flags.</maml:para> <maml:para>Possible values: None, ReplyMessage, LpcMode, ReleaseMessage, SyncRequest, TrackPortReferences, WaitUserMode, WaitAlertable, WaitChargePolicy, Unknown1000000, Wow64Call</maml:para> </maml:description> <command:parameterValue required="true">AlpcMessageFlags</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.AlpcMessageFlags</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>ReleaseMessage</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReplyMessage</command:parameterValue> <command:parameterValue required="false" variableLength="false">LpcMode</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReleaseMessage</command:parameterValue> <command:parameterValue required="false" variableLength="false">SyncRequest</command:parameterValue> <command:parameterValue required="false" variableLength="false">TrackPortReferences</command:parameterValue> <command:parameterValue required="false" variableLength="false">WaitUserMode</command:parameterValue> <command:parameterValue required="false" variableLength="false">WaitAlertable</command:parameterValue> <command:parameterValue required="false" variableLength="false">WaitChargePolicy</command:parameterValue> <command:parameterValue required="false" variableLength="false">Unknown1000000</command:parameterValue> <command:parameterValue required="false" variableLength="false">Wow64Call</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: ReceiveAttributes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ReceiveAttributes</maml:name> <maml:description> <maml:para>Specify receive attributes.</maml:para> </maml:description> <command:parameterValue required="true">AlpcReceiveMessageAttributes</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.AlpcReceiveMessageAttributes</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: ReceiveLength --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ReceiveLength</maml:name> <maml:description> <maml:para>Specify optional length of message to receive.</maml:para> </maml:description> <command:parameterValue required="true">int</command:parameterValue> <dev:type> <maml:name>System.Int32</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SendAttributes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SendAttributes</maml:name> <maml:description> <maml:para>Specify send attributes.</maml:para> </maml:description> <command:parameterValue required="true">AlpcSendMessageAttributes</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.AlpcSendMessageAttributes</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: TimeoutMs --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>TimeoutMs</maml:name> <maml:description> <maml:para>Specify optional timeout in MS.</maml:para> </maml:description> <command:parameterValue required="true">long</command:parameterValue> <dev:type> <maml:name>System.Int64</maml:name> <maml:uri /> </dev:type> </command:parameter> </command:syntaxItem> </command:syntax> <command:parameters> <!-- Parameter: Port --> <command:parameter required="true" globbing="false" pipelineInput="false" position="0"> <maml:name>Port</maml:name> <maml:description> <maml:para>Specify the port to send the message on.</maml:para> </maml:description> <command:parameterValue required="true">NtAlpc</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtAlpc</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Bytes --> <command:parameter required="true" globbing="false" pipelineInput="false" position="1"> <maml:name>Bytes</maml:name> <maml:description> <maml:para>Specify message to send from a byte array.</maml:para> </maml:description> <command:parameterValue required="true">byte[]</command:parameterValue> <dev:type> <maml:name>System.Byte[]</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Message --> <command:parameter required="true" globbing="false" pipelineInput="false" position="1"> <maml:name>Message</maml:name> <maml:description> <maml:para>Specify message to send.</maml:para> </maml:description> <command:parameterValue required="true">AlpcMessage</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.AlpcMessage</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Flags --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Flags</maml:name> <maml:description> <maml:para>Specify send flags.</maml:para> <maml:para>Possible values: None, ReplyMessage, LpcMode, ReleaseMessage, SyncRequest, TrackPortReferences, WaitUserMode, WaitAlertable, WaitChargePolicy, Unknown1000000, Wow64Call</maml:para> </maml:description> <command:parameterValue required="true">AlpcMessageFlags</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.AlpcMessageFlags</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>ReleaseMessage</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReplyMessage</command:parameterValue> <command:parameterValue required="false" variableLength="false">LpcMode</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReleaseMessage</command:parameterValue> <command:parameterValue required="false" variableLength="false">SyncRequest</command:parameterValue> <command:parameterValue required="false" variableLength="false">TrackPortReferences</command:parameterValue> <command:parameterValue required="false" variableLength="false">WaitUserMode</command:parameterValue> <command:parameterValue required="false" variableLength="false">WaitAlertable</command:parameterValue> <command:parameterValue required="false" variableLength="false">WaitChargePolicy</command:parameterValue> <command:parameterValue required="false" variableLength="false">Unknown1000000</command:parameterValue> <command:parameterValue required="false" variableLength="false">Wow64Call</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: SendAttributes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SendAttributes</maml:name> <maml:description> <maml:para>Specify send attributes.</maml:para> </maml:description> <command:parameterValue required="true">AlpcSendMessageAttributes</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.AlpcSendMessageAttributes</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: TimeoutMs --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>TimeoutMs</maml:name> <maml:description> <maml:para>Specify optional timeout in MS.</maml:para> </maml:description> <command:parameterValue required="true">long</command:parameterValue> <dev:type> <maml:name>System.Int64</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: ReceiveLength --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ReceiveLength</maml:name> <maml:description> <maml:para>Specify optional length of message to receive.</maml:para> </maml:description> <command:parameterValue required="true">int</command:parameterValue> <dev:type> <maml:name>System.Int32</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: ReceiveAttributes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ReceiveAttributes</maml:name> <maml:description> <maml:para>Specify receive attributes.</maml:para> </maml:description> <command:parameterValue required="true">AlpcReceiveMessageAttributes</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.AlpcReceiveMessageAttributes</maml:name> <maml:uri /> </dev:type> </command:parameter> </command:parameters> <command:inputTypes /> <command:returnValues> <!-- OutputType: AlpcMessage --> <command:returnValue> <dev:type> <maml:name>NtApiDotNet.AlpcMessage</maml:name> <maml:uri /> </dev:type> </command:returnValue> </command:returnValues> <command:examples> <command:example> <maml:title>---------- EXAMPLE 1 ----------</maml:title> <dev:code>Send-NtAlpcMessage -Port $port -Message $msg</dev:code> <dev:remarks> <maml:para>Send a message on a port.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 2 ----------</maml:title> <dev:code>$recv_msg = Send-NtAlpcMessage -Port $port -Message $msg -ReceiveLength 80 -Flags SyncMessage</dev:code> <dev:remarks> <maml:para>Send a message on a port and waits for a message of up to 80 bytes.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 3 ----------</maml:title> <dev:code>Send-NtAlpcMessage -Port $port -Bytes @(0, 1, 2, 3)</dev:code> <dev:remarks> <maml:para>Send a message on a port from a byte array.</maml:para> </dev:remarks> </command:example> </command:examples> <maml:relatedLinks> <maml:navigationLink> <maml:linkText>about_ManagingNtObjectLifetime</maml:linkText> </maml:navigationLink> </maml:relatedLinks> </command:command> <!-- Cmdlet: New-NtAlpcPortAttributes --> <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"> <command:details> <command:name>New-NtAlpcPortAttributes</command:name> <command:verb>New</command:verb> <command:noun>NtAlpcPortAttributes</command:noun> <maml:description> <maml:para>Creates a new ALPC port attributes structure.</maml:para> </maml:description> </command:details> <maml:description> <maml:para>This cmdlet creates a new ALPC port attributes structure based on single components.</maml:para> </maml:description> <command:syntax> <!-- Parameter set: __AllParameterSets --> <command:syntaxItem> <maml:name>New-NtAlpcPortAttributes</maml:name> <!-- Parameter: ContextTrackingMode --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ContextTrackingMode</maml:name> <maml:description> <maml:para>Security Quality of Service context tracking mode.</maml:para> <maml:para>Possible values: Static, Dynamic</maml:para> </maml:description> <command:parameterValue required="true">SecurityContextTrackingMode</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityContextTrackingMode</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>Static</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">Static</command:parameterValue> <command:parameterValue required="false" variableLength="false">Dynamic</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: DupObjectTypes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>DupObjectTypes</maml:name> <maml:description> <maml:para>Duplicate object types..</maml:para> <maml:para>Possible values: None, File, Invalid0002, Thread, Semaphore, Event, Process, Mutex, Section, RegKey, Token, Composition, Job, AllObjects</maml:para> </maml:description> <command:parameterValue required="true">AlpcHandleObjectType</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.AlpcHandleObjectType</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>AllObjects</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">File</command:parameterValue> <command:parameterValue required="false" variableLength="false">Invalid0002</command:parameterValue> <command:parameterValue required="false" variableLength="false">Thread</command:parameterValue> <command:parameterValue required="false" variableLength="false">Semaphore</command:parameterValue> <command:parameterValue required="false" variableLength="false">Event</command:parameterValue> <command:parameterValue required="false" variableLength="false">Process</command:parameterValue> <command:parameterValue required="false" variableLength="false">Mutex</command:parameterValue> <command:parameterValue required="false" variableLength="false">Section</command:parameterValue> <command:parameterValue required="false" variableLength="false">RegKey</command:parameterValue> <command:parameterValue required="false" variableLength="false">Token</command:parameterValue> <command:parameterValue required="false" variableLength="false">Composition</command:parameterValue> <command:parameterValue required="false" variableLength="false">Job</command:parameterValue> <command:parameterValue required="false" variableLength="false">AllObjects</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: EffectiveOnly --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>EffectiveOnly</maml:name> <maml:description> <maml:para>Security Quality of Service effective only.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: Flags --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Flags</maml:name> <maml:description> <maml:para>Port attributes flags</maml:para> <maml:para>Possible values: None, LpcPort, AllowImpersonation, AllowLpcRequests, WaitablePort, AllowDupObject, SystemProcess, LrpcWakePolicy1, LrpcWakePolicy2, LrpcWakePolicy3, DirectMessage, AllowMultiHandleAttribute</maml:para> </maml:description> <command:parameterValue required="true">AlpcPortAttributeFlags</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.AlpcPortAttributeFlags</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>AllowLpcRequests, AllowDupObject</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">LpcPort</command:parameterValue> <command:parameterValue required="false" variableLength="false">AllowImpersonation</command:parameterValue> <command:parameterValue required="false" variableLength="false">AllowLpcRequests</command:parameterValue> <command:parameterValue required="false" variableLength="false">WaitablePort</command:parameterValue> <command:parameterValue required="false" variableLength="false">AllowDupObject</command:parameterValue> <command:parameterValue required="false" variableLength="false">SystemProcess</command:parameterValue> <command:parameterValue required="false" variableLength="false">LrpcWakePolicy1</command:parameterValue> <command:parameterValue required="false" variableLength="false">LrpcWakePolicy2</command:parameterValue> <command:parameterValue required="false" variableLength="false">LrpcWakePolicy3</command:parameterValue> <command:parameterValue required="false" variableLength="false">DirectMessage</command:parameterValue> <command:parameterValue required="false" variableLength="false">AllowMultiHandleAttribute</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: ImpersonationLevel --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ImpersonationLevel</maml:name> <maml:description> <maml:para>Security Quality of Service impersonation level.</maml:para> <maml:para>Possible values: Anonymous, Identification, Impersonation, Delegation</maml:para> </maml:description> <command:parameterValue required="true">SecurityImpersonationLevel</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityImpersonationLevel</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>Impersonation</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">Anonymous</command:parameterValue> <command:parameterValue required="false" variableLength="false">Identification</command:parameterValue> <command:parameterValue required="false" variableLength="false">Impersonation</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delegation</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: MaxMessageLength --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>MaxMessageLength</maml:name> <maml:description> <maml:para>Maximum message length.</maml:para> </maml:description> <command:parameterValue required="true">IntPtr</command:parameterValue> <dev:type> <maml:name>System.IntPtr</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>32767</dev:defaultValue> </command:parameter> <!-- Parameter: MaxPoolUsage --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>MaxPoolUsage</maml:name> <maml:description> <maml:para>Max pool usage.</maml:para> </maml:description> <command:parameterValue required="true">IntPtr</command:parameterValue> <dev:type> <maml:name>System.IntPtr</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>-1</dev:defaultValue> </command:parameter> <!-- Parameter: MaxSectionSize --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>MaxSectionSize</maml:name> <maml:description> <maml:para>Max section size.</maml:para> </maml:description> <command:parameterValue required="true">IntPtr</command:parameterValue> <dev:type> <maml:name>System.IntPtr</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>-1</dev:defaultValue> </command:parameter> <!-- Parameter: MaxTotalSectionSize --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>MaxTotalSectionSize</maml:name> <maml:description> <maml:para>Max total section size.</maml:para> </maml:description> <command:parameterValue required="true">IntPtr</command:parameterValue> <dev:type> <maml:name>System.IntPtr</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>-1</dev:defaultValue> </command:parameter> <!-- Parameter: MaxViewSize --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>MaxViewSize</maml:name> <maml:description> <maml:para>Max view size.</maml:para> </maml:description> <command:parameterValue required="true">IntPtr</command:parameterValue> <dev:type> <maml:name>System.IntPtr</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>-1</dev:defaultValue> </command:parameter> <!-- Parameter: MemoryBandwidth --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>MemoryBandwidth</maml:name> <maml:description> <maml:para>Memory bandwidth.</maml:para> </maml:description> <command:parameterValue required="true">IntPtr</command:parameterValue> <dev:type> <maml:name>System.IntPtr</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>-1</dev:defaultValue> </command:parameter> </command:syntaxItem> </command:syntax> <command:parameters> <!-- Parameter: Flags --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Flags</maml:name> <maml:description> <maml:para>Port attributes flags</maml:para> <maml:para>Possible values: None, LpcPort, AllowImpersonation, AllowLpcRequests, WaitablePort, AllowDupObject, SystemProcess, LrpcWakePolicy1, LrpcWakePolicy2, LrpcWakePolicy3, DirectMessage, AllowMultiHandleAttribute</maml:para> </maml:description> <command:parameterValue required="true">AlpcPortAttributeFlags</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.AlpcPortAttributeFlags</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>AllowLpcRequests, AllowDupObject</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">LpcPort</command:parameterValue> <command:parameterValue required="false" variableLength="false">AllowImpersonation</command:parameterValue> <command:parameterValue required="false" variableLength="false">AllowLpcRequests</command:parameterValue> <command:parameterValue required="false" variableLength="false">WaitablePort</command:parameterValue> <command:parameterValue required="false" variableLength="false">AllowDupObject</command:parameterValue> <command:parameterValue required="false" variableLength="false">SystemProcess</command:parameterValue> <command:parameterValue required="false" variableLength="false">LrpcWakePolicy1</command:parameterValue> <command:parameterValue required="false" variableLength="false">LrpcWakePolicy2</command:parameterValue> <command:parameterValue required="false" variableLength="false">LrpcWakePolicy3</command:parameterValue> <command:parameterValue required="false" variableLength="false">DirectMessage</command:parameterValue> <command:parameterValue required="false" variableLength="false">AllowMultiHandleAttribute</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: ImpersonationLevel --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ImpersonationLevel</maml:name> <maml:description> <maml:para>Security Quality of Service impersonation level.</maml:para> <maml:para>Possible values: Anonymous, Identification, Impersonation, Delegation</maml:para> </maml:description> <command:parameterValue required="true">SecurityImpersonationLevel</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityImpersonationLevel</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>Impersonation</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">Anonymous</command:parameterValue> <command:parameterValue required="false" variableLength="false">Identification</command:parameterValue> <command:parameterValue required="false" variableLength="false">Impersonation</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delegation</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: ContextTrackingMode --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ContextTrackingMode</maml:name> <maml:description> <maml:para>Security Quality of Service context tracking mode.</maml:para> <maml:para>Possible values: Static, Dynamic</maml:para> </maml:description> <command:parameterValue required="true">SecurityContextTrackingMode</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityContextTrackingMode</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>Static</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">Static</command:parameterValue> <command:parameterValue required="false" variableLength="false">Dynamic</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: EffectiveOnly --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>EffectiveOnly</maml:name> <maml:description> <maml:para>Security Quality of Service effective only.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: MaxMessageLength --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>MaxMessageLength</maml:name> <maml:description> <maml:para>Maximum message length.</maml:para> </maml:description> <command:parameterValue required="true">IntPtr</command:parameterValue> <dev:type> <maml:name>System.IntPtr</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>32767</dev:defaultValue> </command:parameter> <!-- Parameter: MemoryBandwidth --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>MemoryBandwidth</maml:name> <maml:description> <maml:para>Memory bandwidth.</maml:para> </maml:description> <command:parameterValue required="true">IntPtr</command:parameterValue> <dev:type> <maml:name>System.IntPtr</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>-1</dev:defaultValue> </command:parameter> <!-- Parameter: MaxPoolUsage --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>MaxPoolUsage</maml:name> <maml:description> <maml:para>Max pool usage.</maml:para> </maml:description> <command:parameterValue required="true">IntPtr</command:parameterValue> <dev:type> <maml:name>System.IntPtr</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>-1</dev:defaultValue> </command:parameter> <!-- Parameter: MaxSectionSize --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>MaxSectionSize</maml:name> <maml:description> <maml:para>Max section size.</maml:para> </maml:description> <command:parameterValue required="true">IntPtr</command:parameterValue> <dev:type> <maml:name>System.IntPtr</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>-1</dev:defaultValue> </command:parameter> <!-- Parameter: MaxViewSize --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>MaxViewSize</maml:name> <maml:description> <maml:para>Max view size.</maml:para> </maml:description> <command:parameterValue required="true">IntPtr</command:parameterValue> <dev:type> <maml:name>System.IntPtr</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>-1</dev:defaultValue> </command:parameter> <!-- Parameter: MaxTotalSectionSize --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>MaxTotalSectionSize</maml:name> <maml:description> <maml:para>Max total section size.</maml:para> </maml:description> <command:parameterValue required="true">IntPtr</command:parameterValue> <dev:type> <maml:name>System.IntPtr</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>-1</dev:defaultValue> </command:parameter> <!-- Parameter: DupObjectTypes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>DupObjectTypes</maml:name> <maml:description> <maml:para>Duplicate object types..</maml:para> <maml:para>Possible values: None, File, Invalid0002, Thread, Semaphore, Event, Process, Mutex, Section, RegKey, Token, Composition, Job, AllObjects</maml:para> </maml:description> <command:parameterValue required="true">AlpcHandleObjectType</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.AlpcHandleObjectType</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>AllObjects</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">File</command:parameterValue> <command:parameterValue required="false" variableLength="false">Invalid0002</command:parameterValue> <command:parameterValue required="false" variableLength="false">Thread</command:parameterValue> <command:parameterValue required="false" variableLength="false">Semaphore</command:parameterValue> <command:parameterValue required="false" variableLength="false">Event</command:parameterValue> <command:parameterValue required="false" variableLength="false">Process</command:parameterValue> <command:parameterValue required="false" variableLength="false">Mutex</command:parameterValue> <command:parameterValue required="false" variableLength="false">Section</command:parameterValue> <command:parameterValue required="false" variableLength="false">RegKey</command:parameterValue> <command:parameterValue required="false" variableLength="false">Token</command:parameterValue> <command:parameterValue required="false" variableLength="false">Composition</command:parameterValue> <command:parameterValue required="false" variableLength="false">Job</command:parameterValue> <command:parameterValue required="false" variableLength="false">AllObjects</command:parameterValue> </command:parameterValueGroup> </command:parameter> </command:parameters> <command:inputTypes /> <command:returnValues> <!-- OutputType: AlpcPortAttributes --> <command:returnValue> <dev:type> <maml:name>NtApiDotNet.AlpcPortAttributes</maml:name> <maml:uri /> </dev:type> </command:returnValue> </command:returnValues> <command:examples> <command:example> <maml:title>---------- EXAMPLE 1 ----------</maml:title> <dev:code>$attr = New-NtAlpcPortAttributes</dev:code> <dev:remarks> <maml:para>Create a new ALPC port attributes structure with default values.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 2 ----------</maml:title> <dev:code>$attr = New-NtAlpcPortAttributes -Flags None</dev:code> <dev:remarks> <maml:para>Create a new ALPC port attributes structure.</maml:para> </dev:remarks> </command:example> </command:examples> <maml:relatedLinks> <maml:navigationLink> <maml:linkText>about_ManagingNtObjectLifetime</maml:linkText> </maml:navigationLink> </maml:relatedLinks> </command:command> <!-- Cmdlet: New-NtAlpcPortSection --> <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"> <command:details> <command:name>New-NtAlpcPortSection</command:name> <command:verb>New</command:verb> <command:noun>NtAlpcPortSection</command:noun> <maml:description> <maml:para>Creates a new port section from a port.</maml:para> </maml:description> </command:details> <maml:description> <maml:para>This cmdlet creates a new port section with a specified size and flags for a port. You can then write to buffer and pass it as a view attribute.</maml:para> </maml:description> <command:syntax> <!-- Parameter set: FromSize --> <command:syntaxItem> <maml:name>New-NtAlpcPortSection</maml:name> <!-- Parameter: Port --> <command:parameter required="true" globbing="false" pipelineInput="false" position="0"> <maml:name>Port</maml:name> <maml:description> <maml:para>Specify the port to create the port section from.</maml:para> </maml:description> <command:parameterValue required="true">NtAlpc</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtAlpc</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Size --> <command:parameter required="true" globbing="false" pipelineInput="false" position="1"> <maml:name>Size</maml:name> <maml:description> <maml:para>Specify the size of the port section. This will be rounded up to the nearest allocation boundary.</maml:para> </maml:description> <command:parameterValue required="true">long</command:parameterValue> <dev:type> <maml:name>System.Int64</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>0</dev:defaultValue> </command:parameter> <!-- Parameter: Secure --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Secure</maml:name> <maml:description> <maml:para>Create a secure section.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> </command:syntaxItem> <!-- Parameter set: FromSection --> <command:syntaxItem> <maml:name>New-NtAlpcPortSection</maml:name> <!-- Parameter: Port --> <command:parameter required="true" globbing="false" pipelineInput="false" position="0"> <maml:name>Port</maml:name> <maml:description> <maml:para>Specify the port to create the port section from.</maml:para> </maml:description> <command:parameterValue required="true">NtAlpc</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtAlpc</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Section --> <command:parameter required="true" globbing="false" pipelineInput="false" position="1"> <maml:name>Section</maml:name> <maml:description> <maml:para>Specify an existing section to back the port section.</maml:para> </maml:description> <command:parameterValue required="true">NtSection</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtSection</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Size --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Size</maml:name> <maml:description> <maml:para>Specify the size of the port section. This will be rounded up to the nearest allocation boundary.</maml:para> </maml:description> <command:parameterValue required="true">long</command:parameterValue> <dev:type> <maml:name>System.Int64</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>0</dev:defaultValue> </command:parameter> </command:syntaxItem> </command:syntax> <command:parameters> <!-- Parameter: Port --> <command:parameter required="true" globbing="false" pipelineInput="false" position="0"> <maml:name>Port</maml:name> <maml:description> <maml:para>Specify the port to create the port section from.</maml:para> </maml:description> <command:parameterValue required="true">NtAlpc</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtAlpc</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Size --> <command:parameter required="true" globbing="false" pipelineInput="false" position="1"> <maml:name>Size</maml:name> <maml:description> <maml:para>Specify the size of the port section. This will be rounded up to the nearest allocation boundary.</maml:para> </maml:description> <command:parameterValue required="true">long</command:parameterValue> <dev:type> <maml:name>System.Int64</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>0</dev:defaultValue> </command:parameter> <!-- Parameter: Secure --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Secure</maml:name> <maml:description> <maml:para>Create a secure section.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: Section --> <command:parameter required="true" globbing="false" pipelineInput="false" position="1"> <maml:name>Section</maml:name> <maml:description> <maml:para>Specify an existing section to back the port section.</maml:para> </maml:description> <command:parameterValue required="true">NtSection</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtSection</maml:name> <maml:uri /> </dev:type> </command:parameter> </command:parameters> <command:inputTypes /> <command:returnValues> <!-- OutputType: AlpcPortSection --> <command:returnValue> <dev:type> <maml:name>NtApiDotNet.AlpcPortSection</maml:name> <maml:uri /> </dev:type> </command:returnValue> </command:returnValues> <command:examples> <command:example> <maml:title>---------- EXAMPLE 1 ----------</maml:title> <dev:code>$s = New-NtAlpcPortSection -Size 10000</dev:code> <dev:remarks> <maml:para>Create a new port section of size 10000.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 2 ----------</maml:title> <dev:code>$s = New-NtAlpcPortSection -Size 10000 -Secure</dev:code> <dev:remarks> <maml:para>Create a new secure port section of size 10000.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 3 ----------</maml:title> <dev:code>$s = New-NtAlpcPortSection -Section $sect</dev:code> <dev:remarks> <maml:para>>Create a new port section backed by an existing section.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 4 ----------</maml:title> <dev:code>$s = New-NtAlpcPortSection -Section $sect -Size 10000</dev:code> <dev:remarks> <maml:para>>Create a new port section backed by an existing section with an explicit view size.</maml:para> </dev:remarks> </command:example> </command:examples> <maml:relatedLinks> <maml:navigationLink> <maml:linkText>about_ManagingNtObjectLifetime</maml:linkText> </maml:navigationLink> </maml:relatedLinks> </command:command> <!-- Cmdlet: New-NtAlpcReceiveAttributes --> <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"> <command:details> <command:name>New-NtAlpcReceiveAttributes</command:name> <command:verb>New</command:verb> <command:noun>NtAlpcReceiveAttributes</command:noun> <maml:description> <maml:para>Creates a new receive attributes buffer.</maml:para> </maml:description> </command:details> <maml:description> <maml:para>This cmdlet creates a new receive attributes buffer for the specified set of attributes. This defaults to all known attributes.</maml:para> </maml:description> <command:syntax> <!-- Parameter set: __AllParameterSets --> <command:syntaxItem> <maml:name>New-NtAlpcReceiveAttributes</maml:name> <!-- Parameter: Attributes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="0"> <maml:name>Attributes</maml:name> <maml:description> <maml:para>Specify the list of attributes for the receive buffer.</maml:para> <maml:para>Possible values: None, WorkOnBehalfOf, Direct, Token, Handle, Context, View, Security, AllAttributes</maml:para> </maml:description> <command:parameterValue required="true">AlpcMessageAttributeFlags</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.AlpcMessageAttributeFlags</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>AllAttributes</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">WorkOnBehalfOf</command:parameterValue> <command:parameterValue required="false" variableLength="false">Direct</command:parameterValue> <command:parameterValue required="false" variableLength="false">Token</command:parameterValue> <command:parameterValue required="false" variableLength="false">Handle</command:parameterValue> <command:parameterValue required="false" variableLength="false">Context</command:parameterValue> <command:parameterValue required="false" variableLength="false">View</command:parameterValue> <command:parameterValue required="false" variableLength="false">Security</command:parameterValue> <command:parameterValue required="false" variableLength="false">AllAttributes</command:parameterValue> </command:parameterValueGroup> </command:parameter> </command:syntaxItem> </command:syntax> <command:parameters> <!-- Parameter: Attributes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="0"> <maml:name>Attributes</maml:name> <maml:description> <maml:para>Specify the list of attributes for the receive buffer.</maml:para> <maml:para>Possible values: None, WorkOnBehalfOf, Direct, Token, Handle, Context, View, Security, AllAttributes</maml:para> </maml:description> <command:parameterValue required="true">AlpcMessageAttributeFlags</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.AlpcMessageAttributeFlags</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>AllAttributes</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">WorkOnBehalfOf</command:parameterValue> <command:parameterValue required="false" variableLength="false">Direct</command:parameterValue> <command:parameterValue required="false" variableLength="false">Token</command:parameterValue> <command:parameterValue required="false" variableLength="false">Handle</command:parameterValue> <command:parameterValue required="false" variableLength="false">Context</command:parameterValue> <command:parameterValue required="false" variableLength="false">View</command:parameterValue> <command:parameterValue required="false" variableLength="false">Security</command:parameterValue> <command:parameterValue required="false" variableLength="false">AllAttributes</command:parameterValue> </command:parameterValueGroup> </command:parameter> </command:parameters> <command:inputTypes /> <command:returnValues> <!-- OutputType: AlpcReceiveMessageAttributes --> <command:returnValue> <dev:type> <maml:name>NtApiDotNet.AlpcReceiveMessageAttributes</maml:name> <maml:uri /> </dev:type> </command:returnValue> </command:returnValues> <command:examples> <command:example> <maml:title>---------- EXAMPLE 1 ----------</maml:title> <dev:code>$attrs = New-NtAlpcReceiveAttributes</dev:code> <dev:remarks> <maml:para>Create a new receive attributes buffer with space for all known attributes.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 2 ----------</maml:title> <dev:code>$attrs = New-NtAlpcReceiveAttributes -Attributes View, Context</dev:code> <dev:remarks> <maml:para>Create a new receive attributes buffer with space for only View and Context attributes.</maml:para> </dev:remarks> </command:example> </command:examples> <maml:relatedLinks> <maml:navigationLink> <maml:linkText>about_ManagingNtObjectLifetime</maml:linkText> </maml:navigationLink> </maml:relatedLinks> </command:command> <!-- Cmdlet: New-NtAlpcSecurityContext --> <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"> <command:details> <command:name>New-NtAlpcSecurityContext</command:name> <command:verb>New</command:verb> <command:noun>NtAlpcSecurityContext</command:noun> <maml:description> <maml:para>Creates a new ALPC security context.</maml:para> </maml:description> </command:details> <maml:description> <maml:para>This cmdlet creates a new ALPC security context pages of a specified security quality of serice..</maml:para> </maml:description> <command:syntax> <!-- Parameter set: FromParts --> <command:syntaxItem> <maml:name>New-NtAlpcSecurityContext</maml:name> <!-- Parameter: Port --> <command:parameter required="true" globbing="false" pipelineInput="false" position="0"> <maml:name>Port</maml:name> <maml:description> <maml:para>Specify the port to create the context from.</maml:para> </maml:description> <command:parameterValue required="true">NtAlpc</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtAlpc</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: ImpersonationLevel --> <command:parameter required="false" globbing="false" pipelineInput="false" position="1" aliases="imp"> <maml:name>ImpersonationLevel</maml:name> <maml:description> <maml:para>Specify the impersonation level.</maml:para> <maml:para>Possible values: Anonymous, Identification, Impersonation, Delegation</maml:para> </maml:description> <command:parameterValue required="true">SecurityImpersonationLevel</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityImpersonationLevel</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>Impersonation</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">Anonymous</command:parameterValue> <command:parameterValue required="false" variableLength="false">Identification</command:parameterValue> <command:parameterValue required="false" variableLength="false">Impersonation</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delegation</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: ContextTrackingMode --> <command:parameter required="false" globbing="false" pipelineInput="false" position="2" aliases="ctx"> <maml:name>ContextTrackingMode</maml:name> <maml:description> <maml:para>Specify the list of attributes for the receive buffer.</maml:para> <maml:para>Possible values: Static, Dynamic</maml:para> </maml:description> <command:parameterValue required="true">SecurityContextTrackingMode</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityContextTrackingMode</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>Static</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">Static</command:parameterValue> <command:parameterValue required="false" variableLength="false">Dynamic</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: EffectiveOnly --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named" aliases="eo"> <maml:name>EffectiveOnly</maml:name> <maml:description> <maml:para>Specify the list of attributes for the receive buffer.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: Flags --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Flags</maml:name> <maml:description> <maml:para>Specify the creation flags.</maml:para> <maml:para>Possible values: None</maml:para> </maml:description> <command:parameterValue required="true">AlpcCreateSecurityContextFlags</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.AlpcCreateSecurityContextFlags</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> </command:parameterValueGroup> </command:parameter> </command:syntaxItem> <!-- Parameter set: FromSqos --> <command:syntaxItem> <maml:name>New-NtAlpcSecurityContext</maml:name> <!-- Parameter: Port --> <command:parameter required="true" globbing="false" pipelineInput="false" position="0"> <maml:name>Port</maml:name> <maml:description> <maml:para>Specify the port to create the context from.</maml:para> </maml:description> <command:parameterValue required="true">NtAlpc</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtAlpc</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Flags --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Flags</maml:name> <maml:description> <maml:para>Specify the creation flags.</maml:para> <maml:para>Possible values: None</maml:para> </maml:description> <command:parameterValue required="true">AlpcCreateSecurityContextFlags</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.AlpcCreateSecurityContextFlags</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: SecurityQualityOfService --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named" aliases="sqos"> <maml:name>SecurityQualityOfService</maml:name> <maml:description> <maml:para>Specify the list of attributes for the receive buffer.</maml:para> </maml:description> <command:parameterValue required="true">SecurityQualityOfService</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityQualityOfService</maml:name> <maml:uri /> </dev:type> </command:parameter> </command:syntaxItem> </command:syntax> <command:parameters> <!-- Parameter: Port --> <command:parameter required="true" globbing="false" pipelineInput="false" position="0"> <maml:name>Port</maml:name> <maml:description> <maml:para>Specify the port to create the context from.</maml:para> </maml:description> <command:parameterValue required="true">NtAlpc</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtAlpc</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Flags --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Flags</maml:name> <maml:description> <maml:para>Specify the creation flags.</maml:para> <maml:para>Possible values: None</maml:para> </maml:description> <command:parameterValue required="true">AlpcCreateSecurityContextFlags</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.AlpcCreateSecurityContextFlags</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: ImpersonationLevel --> <command:parameter required="false" globbing="false" pipelineInput="false" position="1" aliases="imp"> <maml:name>ImpersonationLevel</maml:name> <maml:description> <maml:para>Specify the impersonation level.</maml:para> <maml:para>Possible values: Anonymous, Identification, Impersonation, Delegation</maml:para> </maml:description> <command:parameterValue required="true">SecurityImpersonationLevel</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityImpersonationLevel</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>Impersonation</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">Anonymous</command:parameterValue> <command:parameterValue required="false" variableLength="false">Identification</command:parameterValue> <command:parameterValue required="false" variableLength="false">Impersonation</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delegation</command:parameterValue> </command:parameterValueGroup> </command:parameter> <command:parameter required="false" globbing="false" pipelineInput="false" position="1" aliases="imp"> <maml:name>imp</maml:name> <maml:description> <maml:para>Specify the impersonation level.</maml:para> <maml:para>Possible values: Anonymous, Identification, Impersonation, Delegation</maml:para> <maml:para>This is an alias of the ImpersonationLevel parameter.</maml:para> </maml:description> <command:parameterValue required="true">SecurityImpersonationLevel</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityImpersonationLevel</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>Impersonation</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">Anonymous</command:parameterValue> <command:parameterValue required="false" variableLength="false">Identification</command:parameterValue> <command:parameterValue required="false" variableLength="false">Impersonation</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delegation</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: ContextTrackingMode --> <command:parameter required="false" globbing="false" pipelineInput="false" position="2" aliases="ctx"> <maml:name>ContextTrackingMode</maml:name> <maml:description> <maml:para>Specify the list of attributes for the receive buffer.</maml:para> <maml:para>Possible values: Static, Dynamic</maml:para> </maml:description> <command:parameterValue required="true">SecurityContextTrackingMode</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityContextTrackingMode</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>Static</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">Static</command:parameterValue> <command:parameterValue required="false" variableLength="false">Dynamic</command:parameterValue> </command:parameterValueGroup> </command:parameter> <command:parameter required="false" globbing="false" pipelineInput="false" position="2" aliases="ctx"> <maml:name>ctx</maml:name> <maml:description> <maml:para>Specify the list of attributes for the receive buffer.</maml:para> <maml:para>Possible values: Static, Dynamic</maml:para> <maml:para>This is an alias of the ContextTrackingMode parameter.</maml:para> </maml:description> <command:parameterValue required="true">SecurityContextTrackingMode</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityContextTrackingMode</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>Static</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">Static</command:parameterValue> <command:parameterValue required="false" variableLength="false">Dynamic</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: EffectiveOnly --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named" aliases="eo"> <maml:name>EffectiveOnly</maml:name> <maml:description> <maml:para>Specify the list of attributes for the receive buffer.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <command:parameter required="false" globbing="false" pipelineInput="false" position="named" aliases="eo"> <maml:name>eo</maml:name> <maml:description> <maml:para>Specify the list of attributes for the receive buffer.</maml:para> <maml:para>This is an alias of the EffectiveOnly parameter.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: SecurityQualityOfService --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named" aliases="sqos"> <maml:name>SecurityQualityOfService</maml:name> <maml:description> <maml:para>Specify the list of attributes for the receive buffer.</maml:para> </maml:description> <command:parameterValue required="true">SecurityQualityOfService</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityQualityOfService</maml:name> <maml:uri /> </dev:type> </command:parameter> <command:parameter required="false" globbing="false" pipelineInput="false" position="named" aliases="sqos"> <maml:name>sqos</maml:name> <maml:description> <maml:para>Specify the list of attributes for the receive buffer.</maml:para> <maml:para>This is an alias of the SecurityQualityOfService parameter.</maml:para> </maml:description> <command:parameterValue required="true">SecurityQualityOfService</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityQualityOfService</maml:name> <maml:uri /> </dev:type> </command:parameter> </command:parameters> <command:inputTypes /> <command:returnValues> <!-- OutputType: SafeAlpcSecurityContextHandle --> <command:returnValue> <dev:type> <maml:name>NtApiDotNet.SafeAlpcSecurityContextHandle</maml:name> <maml:uri /> </dev:type> </command:returnValue> </command:returnValues> <command:examples> <command:example> <maml:title>---------- EXAMPLE 1 ----------</maml:title> <dev:code>$ctx = New-NtAlpcSecurityContext -Port $port</dev:code> <dev:remarks> <maml:para>Create a new security context with default values.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 2 ----------</maml:title> <dev:code>$ctx = New-NtAlpcSecurityContext -Port $port -ImpersonationLevel Identification</dev:code> <dev:remarks> <maml:para>Create a new security context with impersonation level of Identitification.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 3 ----------</maml:title> <dev:code>$ctx = New-NtAlpcSecurityContext -Port $port -SecurityQualityOfService $sqos</dev:code> <dev:remarks> <maml:para>Create a new security context from a security quality of service.</maml:para> </dev:remarks> </command:example> </command:examples> <maml:relatedLinks> <maml:navigationLink> <maml:linkText>about_ManagingNtObjectLifetime</maml:linkText> </maml:navigationLink> </maml:relatedLinks> </command:command> <!-- Cmdlet: New-NtAlpcSendAttributes --> <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"> <command:details> <command:name>New-NtAlpcSendAttributes</command:name> <command:verb>New</command:verb> <command:noun>NtAlpcSendAttributes</command:noun> <maml:description> <maml:para>Creates a new send attributes buffer.</maml:para> </maml:description> </command:details> <maml:description> <maml:para>This cmdlet creates a new send attributes buffer. The buffer can be initialized with a list of attributes or by specifying specific values.</maml:para> </maml:description> <command:syntax> <!-- Parameter set: FromAttributes --> <command:syntaxItem> <maml:name>New-NtAlpcSendAttributes</maml:name> <!-- Parameter: Attributes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="0"> <maml:name>Attributes</maml:name> <maml:description> <maml:para>Specify the list of attributes for the send buffer.</maml:para> </maml:description> <command:parameterValue required="true">AlpcMessageAttribute[]</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.AlpcMessageAttribute[]</maml:name> <maml:uri /> </dev:type> </command:parameter> </command:syntaxItem> <!-- Parameter set: FromParts --> <command:syntaxItem> <maml:name>New-NtAlpcSendAttributes</maml:name> <!-- Parameter: DataView --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named" aliases="dv"> <maml:name>DataView</maml:name> <maml:description> <maml:para>Add a data view attribute.</maml:para> </maml:description> <command:parameterValue required="true">SafeAlpcDataViewBuffer</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SafeAlpcDataViewBuffer</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Handle --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named" aliases="hs"> <maml:name>Handle</maml:name> <maml:description> <maml:para>Create a handle attribute from a list of handle entries.</maml:para> </maml:description> <command:parameterValue required="true">AlpcHandleMessageAttributeEntry[]</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.AlpcHandleMessageAttributeEntry[]</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Object --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named" aliases="os"> <maml:name>Object</maml:name> <maml:description> <maml:para>Create a handle attribute from a list of objects.</maml:para> </maml:description> <command:parameterValue required="true">NtObject[]</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtObject[]</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SecurityContext --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named" aliases="sctx"> <maml:name>SecurityContext</maml:name> <maml:description> <maml:para>Specify a security context attribute.</maml:para> </maml:description> <command:parameterValue required="true">SafeAlpcSecurityContextHandle</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SafeAlpcSecurityContextHandle</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SecurityQualityOfService --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named" aliases="sqos"> <maml:name>SecurityQualityOfService</maml:name> <maml:description> <maml:para>Automatically create a security context attribute with a specified security quality of service.</maml:para> </maml:description> <command:parameterValue required="true">SecurityQualityOfService</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityQualityOfService</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: WorkOnBehalfOf --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>WorkOnBehalfOf</maml:name> <maml:description> <maml:para>Add a Work on Behalf of attribute.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> </command:syntaxItem> </command:syntax> <command:parameters> <!-- Parameter: Attributes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="0"> <maml:name>Attributes</maml:name> <maml:description> <maml:para>Specify the list of attributes for the send buffer.</maml:para> </maml:description> <command:parameterValue required="true">AlpcMessageAttribute[]</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.AlpcMessageAttribute[]</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Object --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named" aliases="os"> <maml:name>Object</maml:name> <maml:description> <maml:para>Create a handle attribute from a list of objects.</maml:para> </maml:description> <command:parameterValue required="true">NtObject[]</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtObject[]</maml:name> <maml:uri /> </dev:type> </command:parameter> <command:parameter required="false" globbing="false" pipelineInput="false" position="named" aliases="os"> <maml:name>os</maml:name> <maml:description> <maml:para>Create a handle attribute from a list of objects.</maml:para> <maml:para>This is an alias of the Object parameter.</maml:para> </maml:description> <command:parameterValue required="true">NtObject[]</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtObject[]</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Handle --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named" aliases="hs"> <maml:name>Handle</maml:name> <maml:description> <maml:para>Create a handle attribute from a list of handle entries.</maml:para> </maml:description> <command:parameterValue required="true">AlpcHandleMessageAttributeEntry[]</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.AlpcHandleMessageAttributeEntry[]</maml:name> <maml:uri /> </dev:type> </command:parameter> <command:parameter required="false" globbing="false" pipelineInput="false" position="named" aliases="hs"> <maml:name>hs</maml:name> <maml:description> <maml:para>Create a handle attribute from a list of handle entries.</maml:para> <maml:para>This is an alias of the Handle parameter.</maml:para> </maml:description> <command:parameterValue required="true">AlpcHandleMessageAttributeEntry[]</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.AlpcHandleMessageAttributeEntry[]</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: WorkOnBehalfOf --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>WorkOnBehalfOf</maml:name> <maml:description> <maml:para>Add a Work on Behalf of attribute.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: DataView --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named" aliases="dv"> <maml:name>DataView</maml:name> <maml:description> <maml:para>Add a data view attribute.</maml:para> </maml:description> <command:parameterValue required="true">SafeAlpcDataViewBuffer</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SafeAlpcDataViewBuffer</maml:name> <maml:uri /> </dev:type> </command:parameter> <command:parameter required="false" globbing="false" pipelineInput="false" position="named" aliases="dv"> <maml:name>dv</maml:name> <maml:description> <maml:para>Add a data view attribute.</maml:para> <maml:para>This is an alias of the DataView parameter.</maml:para> </maml:description> <command:parameterValue required="true">SafeAlpcDataViewBuffer</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SafeAlpcDataViewBuffer</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SecurityQualityOfService --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named" aliases="sqos"> <maml:name>SecurityQualityOfService</maml:name> <maml:description> <maml:para>Automatically create a security context attribute with a specified security quality of service.</maml:para> </maml:description> <command:parameterValue required="true">SecurityQualityOfService</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityQualityOfService</maml:name> <maml:uri /> </dev:type> </command:parameter> <command:parameter required="false" globbing="false" pipelineInput="false" position="named" aliases="sqos"> <maml:name>sqos</maml:name> <maml:description> <maml:para>Automatically create a security context attribute with a specified security quality of service.</maml:para> <maml:para>This is an alias of the SecurityQualityOfService parameter.</maml:para> </maml:description> <command:parameterValue required="true">SecurityQualityOfService</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityQualityOfService</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SecurityContext --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named" aliases="sctx"> <maml:name>SecurityContext</maml:name> <maml:description> <maml:para>Specify a security context attribute.</maml:para> </maml:description> <command:parameterValue required="true">SafeAlpcSecurityContextHandle</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SafeAlpcSecurityContextHandle</maml:name> <maml:uri /> </dev:type> </command:parameter> <command:parameter required="false" globbing="false" pipelineInput="false" position="named" aliases="sctx"> <maml:name>sctx</maml:name> <maml:description> <maml:para>Specify a security context attribute.</maml:para> <maml:para>This is an alias of the SecurityContext parameter.</maml:para> </maml:description> <command:parameterValue required="true">SafeAlpcSecurityContextHandle</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SafeAlpcSecurityContextHandle</maml:name> <maml:uri /> </dev:type> </command:parameter> </command:parameters> <command:inputTypes /> <command:returnValues> <!-- OutputType: AlpcSendMessageAttributes --> <command:returnValue> <dev:type> <maml:name>NtApiDotNet.AlpcSendMessageAttributes</maml:name> <maml:uri /> </dev:type> </command:returnValue> </command:returnValues> <command:examples> <command:example> <maml:title>---------- EXAMPLE 1 ----------</maml:title> <dev:code>$attrs = New-NtAlpcSendAttributes</dev:code> <dev:remarks> <maml:para>Create a new empty send attributes buffer.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 2 ----------</maml:title> <dev:code>$attrs = New-NtAlpcSendAttributes -Attributes $view, $handle</dev:code> <dev:remarks> <maml:para>Create a new send attributes buffer with view and handle attribute objects.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 3 ----------</maml:title> <dev:code>$attrs = New-NtAlpcSendAttributes -Object $proc</dev:code> <dev:remarks> <maml:para>Create a new send attributes buffer with a handle attribute from a process handle.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 4 ----------</maml:title> <dev:code>$attrs = New-NtAlpcSendAttributes -WorkOnBehalfOf</dev:code> <dev:remarks> <maml:para>Create a new send attributes buffer with a Work on Behalf of attribute.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 5 ----------</maml:title> <dev:code>$attrs = New-NtAlpcSendAttributes -DataView $dataview</dev:code> <dev:remarks> <maml:para>Create a new send attributes buffer with data view.</maml:para> </dev:remarks> </command:example> </command:examples> </command:command> <!-- Cmdlet: Connect-NtAlpcServer --> <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"> <command:details> <command:name>Connect-NtAlpcServer</command:name> <command:verb>Connect</command:verb> <command:noun>NtAlpcServer</command:noun> <maml:description> <maml:para>Accepts a connection on an ALPC server port.</maml:para> </maml:description> </command:details> <maml:description> <maml:para>This cmdlet accepts a connection on an ALPC server port and returns the new server port to communicate with the client.</maml:para> </maml:description> <command:syntax> <!-- Parameter set: __AllParameterSets --> <command:syntaxItem> <maml:name>Connect-NtAlpcServer</maml:name> <!-- Parameter: Port --> <command:parameter required="true" globbing="false" pipelineInput="false" position="0"> <maml:name>Port</maml:name> <maml:description> <maml:para>The server port to accept the connection.</maml:para> </maml:description> <command:parameterValue required="true">NtAlpcServer</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtAlpcServer</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: ConnectionMessage --> <command:parameter required="true" globbing="false" pipelineInput="false" position="1"> <maml:name>ConnectionMessage</maml:name> <maml:description> <maml:para>Initial connection message from the initial receive call.</maml:para> </maml:description> <command:parameterValue required="true">AlpcMessage</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.AlpcMessage</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: ConnectionAttributes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ConnectionAttributes</maml:name> <maml:description> <maml:para>Optional connection message attributes.</maml:para> </maml:description> <command:parameterValue required="true">AlpcSendMessageAttributes</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.AlpcSendMessageAttributes</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Flags --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Flags</maml:name> <maml:description> <maml:para>Flags for sending the initial message.</maml:para> <maml:para>Possible values: None, ReplyMessage, LpcMode, ReleaseMessage, SyncRequest, TrackPortReferences, WaitUserMode, WaitAlertable, WaitChargePolicy, Unknown1000000, Wow64Call</maml:para> </maml:description> <command:parameterValue required="true">AlpcMessageFlags</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.AlpcMessageFlags</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReplyMessage</command:parameterValue> <command:parameterValue required="false" variableLength="false">LpcMode</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReleaseMessage</command:parameterValue> <command:parameterValue required="false" variableLength="false">SyncRequest</command:parameterValue> <command:parameterValue required="false" variableLength="false">TrackPortReferences</command:parameterValue> <command:parameterValue required="false" variableLength="false">WaitUserMode</command:parameterValue> <command:parameterValue required="false" variableLength="false">WaitAlertable</command:parameterValue> <command:parameterValue required="false" variableLength="false">WaitChargePolicy</command:parameterValue> <command:parameterValue required="false" variableLength="false">Unknown1000000</command:parameterValue> <command:parameterValue required="false" variableLength="false">Wow64Call</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Inherit --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Inherit</maml:name> <maml:description> <maml:para>Set to mark the new handle as inheritable. Can be used with ObjectAttributes.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ObjectAttributes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ObjectAttributes</maml:name> <maml:description> <maml:para>Object Attribute flags used during Open/Create calls.</maml:para> <maml:para>Possible values: None, ProtectClose, Inherit, AuditObjectClose, Permanent, Exclusive, CaseInsensitive, OpenIf, OpenLink, KernelHandle, ForceAccessCheck, IgnoreImpersonatedDevicemap, DontReparse</maml:para> </maml:description> <command:parameterValue required="true">AttributeFlags</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.AttributeFlags</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>CaseInsensitive</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ProtectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Inherit</command:parameterValue> <command:parameterValue required="false" variableLength="false">AuditObjectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Permanent</command:parameterValue> <command:parameterValue required="false" variableLength="false">Exclusive</command:parameterValue> <command:parameterValue required="false" variableLength="false">CaseInsensitive</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenIf</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenLink</command:parameterValue> <command:parameterValue required="false" variableLength="false">KernelHandle</command:parameterValue> <command:parameterValue required="false" variableLength="false">ForceAccessCheck</command:parameterValue> <command:parameterValue required="false" variableLength="false">IgnoreImpersonatedDevicemap</command:parameterValue> <command:parameterValue required="false" variableLength="false">DontReparse</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: PortAttributes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>PortAttributes</maml:name> <maml:description> <maml:para>Optional port attributes.</maml:para> </maml:description> <command:parameterValue required="true">AlpcPortAttributes</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.AlpcPortAttributes</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: PortContext --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>PortContext</maml:name> <maml:description> <maml:para>Optional context value for the new port.</maml:para> </maml:description> <command:parameterValue required="true">IntPtr</command:parameterValue> <dev:type> <maml:name>System.IntPtr</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>0</dev:defaultValue> </command:parameter> <!-- Parameter: Reject --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Reject</maml:name> <maml:description> <maml:para>Specify to reject the client connection.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: Sddl --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Sddl</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object in SDDL format.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SecurityDescriptor --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityDescriptor</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object.</maml:para> </maml:description> <command:parameterValue required="true">SecurityDescriptor</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityDescriptor</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SecurityQualityOfService --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityQualityOfService</maml:name> <maml:description> <maml:para>Set to provide an explicit security quality of service when opening files/namedpipes.</maml:para> </maml:description> <command:parameterValue required="true">SecurityQualityOfService</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityQualityOfService</maml:name> <maml:uri /> </dev:type> </command:parameter> </command:syntaxItem> </command:syntax> <command:parameters> <!-- Parameter: Port --> <command:parameter required="true" globbing="false" pipelineInput="false" position="0"> <maml:name>Port</maml:name> <maml:description> <maml:para>The server port to accept the connection.</maml:para> </maml:description> <command:parameterValue required="true">NtAlpcServer</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtAlpcServer</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: ConnectionMessage --> <command:parameter required="true" globbing="false" pipelineInput="false" position="1"> <maml:name>ConnectionMessage</maml:name> <maml:description> <maml:para>Initial connection message from the initial receive call.</maml:para> </maml:description> <command:parameterValue required="true">AlpcMessage</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.AlpcMessage</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: PortContext --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>PortContext</maml:name> <maml:description> <maml:para>Optional context value for the new port.</maml:para> </maml:description> <command:parameterValue required="true">IntPtr</command:parameterValue> <dev:type> <maml:name>System.IntPtr</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>0</dev:defaultValue> </command:parameter> <!-- Parameter: PortAttributes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>PortAttributes</maml:name> <maml:description> <maml:para>Optional port attributes.</maml:para> </maml:description> <command:parameterValue required="true">AlpcPortAttributes</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.AlpcPortAttributes</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Flags --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Flags</maml:name> <maml:description> <maml:para>Flags for sending the initial message.</maml:para> <maml:para>Possible values: None, ReplyMessage, LpcMode, ReleaseMessage, SyncRequest, TrackPortReferences, WaitUserMode, WaitAlertable, WaitChargePolicy, Unknown1000000, Wow64Call</maml:para> </maml:description> <command:parameterValue required="true">AlpcMessageFlags</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.AlpcMessageFlags</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReplyMessage</command:parameterValue> <command:parameterValue required="false" variableLength="false">LpcMode</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReleaseMessage</command:parameterValue> <command:parameterValue required="false" variableLength="false">SyncRequest</command:parameterValue> <command:parameterValue required="false" variableLength="false">TrackPortReferences</command:parameterValue> <command:parameterValue required="false" variableLength="false">WaitUserMode</command:parameterValue> <command:parameterValue required="false" variableLength="false">WaitAlertable</command:parameterValue> <command:parameterValue required="false" variableLength="false">WaitChargePolicy</command:parameterValue> <command:parameterValue required="false" variableLength="false">Unknown1000000</command:parameterValue> <command:parameterValue required="false" variableLength="false">Wow64Call</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: ConnectionAttributes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ConnectionAttributes</maml:name> <maml:description> <maml:para>Optional connection message attributes.</maml:para> </maml:description> <command:parameterValue required="true">AlpcSendMessageAttributes</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.AlpcSendMessageAttributes</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Reject --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Reject</maml:name> <maml:description> <maml:para>Specify to reject the client connection.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ObjectAttributes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ObjectAttributes</maml:name> <maml:description> <maml:para>Object Attribute flags used during Open/Create calls.</maml:para> <maml:para>Possible values: None, ProtectClose, Inherit, AuditObjectClose, Permanent, Exclusive, CaseInsensitive, OpenIf, OpenLink, KernelHandle, ForceAccessCheck, IgnoreImpersonatedDevicemap, DontReparse</maml:para> </maml:description> <command:parameterValue required="true">AttributeFlags</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.AttributeFlags</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>CaseInsensitive</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ProtectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Inherit</command:parameterValue> <command:parameterValue required="false" variableLength="false">AuditObjectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Permanent</command:parameterValue> <command:parameterValue required="false" variableLength="false">Exclusive</command:parameterValue> <command:parameterValue required="false" variableLength="false">CaseInsensitive</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenIf</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenLink</command:parameterValue> <command:parameterValue required="false" variableLength="false">KernelHandle</command:parameterValue> <command:parameterValue required="false" variableLength="false">ForceAccessCheck</command:parameterValue> <command:parameterValue required="false" variableLength="false">IgnoreImpersonatedDevicemap</command:parameterValue> <command:parameterValue required="false" variableLength="false">DontReparse</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: SecurityDescriptor --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityDescriptor</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object.</maml:para> </maml:description> <command:parameterValue required="true">SecurityDescriptor</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityDescriptor</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Inherit --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Inherit</maml:name> <maml:description> <maml:para>Set to mark the new handle as inheritable. Can be used with ObjectAttributes.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: Sddl --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Sddl</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object in SDDL format.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SecurityQualityOfService --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityQualityOfService</maml:name> <maml:description> <maml:para>Set to provide an explicit security quality of service when opening files/namedpipes.</maml:para> </maml:description> <command:parameterValue required="true">SecurityQualityOfService</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityQualityOfService</maml:name> <maml:uri /> </dev:type> </command:parameter> </command:parameters> <command:inputTypes /> <command:returnValues> <!-- OutputType: NtAlpcServer --> <command:returnValue> <dev:type> <maml:name>NtApiDotNet.NtAlpcServer</maml:name> <maml:uri /> </dev:type> </command:returnValue> </command:returnValues> <command:examples> <command:example> <maml:title>---------- EXAMPLE 1 ----------</maml:title> <dev:code>$conn = Connect-NtAlpcServer -Port $port -ConnectionMessage $msg</dev:code> <dev:remarks> <maml:para>Accepts a connection on an ALPC server port.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 2 ----------</maml:title> <dev:code>$conn = Connect-NtAlpcServer -Port $port -ConnectionMessage $msg -Reject</dev:code> <dev:remarks> <maml:para>Reject a connection on an ALPC server port.</maml:para> </dev:remarks> </command:example> </command:examples> <maml:relatedLinks> <maml:navigationLink> <maml:linkText>about_ManagingNtObjectLifetime</maml:linkText> </maml:navigationLink> </maml:relatedLinks> </command:command> <!-- Cmdlet: New-NtAlpcServer --> <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"> <command:details> <command:name>New-NtAlpcServer</command:name> <command:verb>New</command:verb> <command:noun>NtAlpcServer</command:noun> <maml:description> <maml:para>Creates a new ALPC server by path.</maml:para> </maml:description> </command:details> <maml:description> <maml:para>This cmdlet creates a new NT ALPC server. The absolute path to the object in the NT object manager name space must be specified.</maml:para> </maml:description> <command:syntax> <!-- Parameter set: __AllParameterSets --> <command:syntaxItem> <maml:name>New-NtAlpcServer</maml:name> <!-- Parameter: Path --> <command:parameter required="true" globbing="false" pipelineInput="false" position="0"> <maml:name>Path</maml:name> <maml:description> <maml:para>The NT object manager path to the object to use.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: CloseRoot --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CloseRoot</maml:name> <maml:description> <maml:para>Automatically close the Root object when this cmdlet finishes processing. Useful for pipelines.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: CreateDirectories --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CreateDirectories</maml:name> <maml:description> <maml:para>Create any necessary NtDirectory objects to create the required object. Will return the created directories as well as the object in the output. The new object will be the first entry in the list. This doesn't work when opening an object or creating keys/files.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: Inherit --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Inherit</maml:name> <maml:description> <maml:para>Set to mark the new handle as inheritable. Can be used with ObjectAttributes.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ObjectAttributes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ObjectAttributes</maml:name> <maml:description> <maml:para>Object Attribute flags used during Open/Create calls.</maml:para> <maml:para>Possible values: None, ProtectClose, Inherit, AuditObjectClose, Permanent, Exclusive, CaseInsensitive, OpenIf, OpenLink, KernelHandle, ForceAccessCheck, IgnoreImpersonatedDevicemap, DontReparse</maml:para> </maml:description> <command:parameterValue required="true">AttributeFlags</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.AttributeFlags</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>CaseInsensitive</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ProtectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Inherit</command:parameterValue> <command:parameterValue required="false" variableLength="false">AuditObjectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Permanent</command:parameterValue> <command:parameterValue required="false" variableLength="false">Exclusive</command:parameterValue> <command:parameterValue required="false" variableLength="false">CaseInsensitive</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenIf</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenLink</command:parameterValue> <command:parameterValue required="false" variableLength="false">KernelHandle</command:parameterValue> <command:parameterValue required="false" variableLength="false">ForceAccessCheck</command:parameterValue> <command:parameterValue required="false" variableLength="false">IgnoreImpersonatedDevicemap</command:parameterValue> <command:parameterValue required="false" variableLength="false">DontReparse</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: PortAttributes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>PortAttributes</maml:name> <maml:description> <maml:para>Optional port attributes.</maml:para> </maml:description> <command:parameterValue required="true">AlpcPortAttributes</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.AlpcPortAttributes</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Root --> <command:parameter required="false" globbing="false" pipelineInput="true (ByValue)" position="named"> <maml:name>Root</maml:name> <maml:description> <maml:para>An existing open NT object to use when Path is relative.</maml:para> </maml:description> <command:parameterValue required="true">NtObject</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtObject</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Sddl --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Sddl</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object in SDDL format.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SecurityDescriptor --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityDescriptor</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object.</maml:para> </maml:description> <command:parameterValue required="true">SecurityDescriptor</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityDescriptor</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SecurityQualityOfService --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityQualityOfService</maml:name> <maml:description> <maml:para>Set to provide an explicit security quality of service when opening files/namedpipes.</maml:para> </maml:description> <command:parameterValue required="true">SecurityQualityOfService</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityQualityOfService</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Win32Path --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Win32Path</maml:name> <maml:description> <maml:para>Use a Win32 path for lookups. For NT objects this means relative to BNO, for files means a DOS style path.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> </command:syntaxItem> </command:syntax> <command:parameters> <!-- Parameter: Path --> <command:parameter required="true" globbing="false" pipelineInput="false" position="0"> <maml:name>Path</maml:name> <maml:description> <maml:para>The NT object manager path to the object to use.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: PortAttributes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>PortAttributes</maml:name> <maml:description> <maml:para>Optional port attributes.</maml:para> </maml:description> <command:parameterValue required="true">AlpcPortAttributes</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.AlpcPortAttributes</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Root --> <command:parameter required="false" globbing="false" pipelineInput="true (ByValue)" position="named"> <maml:name>Root</maml:name> <maml:description> <maml:para>An existing open NT object to use when Path is relative.</maml:para> </maml:description> <command:parameterValue required="true">NtObject</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtObject</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Win32Path --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Win32Path</maml:name> <maml:description> <maml:para>Use a Win32 path for lookups. For NT objects this means relative to BNO, for files means a DOS style path.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: CloseRoot --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CloseRoot</maml:name> <maml:description> <maml:para>Automatically close the Root object when this cmdlet finishes processing. Useful for pipelines.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: CreateDirectories --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CreateDirectories</maml:name> <maml:description> <maml:para>Create any necessary NtDirectory objects to create the required object. Will return the created directories as well as the object in the output. The new object will be the first entry in the list. This doesn't work when opening an object or creating keys/files.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ObjectAttributes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ObjectAttributes</maml:name> <maml:description> <maml:para>Object Attribute flags used during Open/Create calls.</maml:para> <maml:para>Possible values: None, ProtectClose, Inherit, AuditObjectClose, Permanent, Exclusive, CaseInsensitive, OpenIf, OpenLink, KernelHandle, ForceAccessCheck, IgnoreImpersonatedDevicemap, DontReparse</maml:para> </maml:description> <command:parameterValue required="true">AttributeFlags</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.AttributeFlags</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>CaseInsensitive</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ProtectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Inherit</command:parameterValue> <command:parameterValue required="false" variableLength="false">AuditObjectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Permanent</command:parameterValue> <command:parameterValue required="false" variableLength="false">Exclusive</command:parameterValue> <command:parameterValue required="false" variableLength="false">CaseInsensitive</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenIf</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenLink</command:parameterValue> <command:parameterValue required="false" variableLength="false">KernelHandle</command:parameterValue> <command:parameterValue required="false" variableLength="false">ForceAccessCheck</command:parameterValue> <command:parameterValue required="false" variableLength="false">IgnoreImpersonatedDevicemap</command:parameterValue> <command:parameterValue required="false" variableLength="false">DontReparse</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: SecurityDescriptor --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityDescriptor</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object.</maml:para> </maml:description> <command:parameterValue required="true">SecurityDescriptor</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityDescriptor</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Inherit --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Inherit</maml:name> <maml:description> <maml:para>Set to mark the new handle as inheritable. Can be used with ObjectAttributes.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: Sddl --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Sddl</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object in SDDL format.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SecurityQualityOfService --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityQualityOfService</maml:name> <maml:description> <maml:para>Set to provide an explicit security quality of service when opening files/namedpipes.</maml:para> </maml:description> <command:parameterValue required="true">SecurityQualityOfService</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityQualityOfService</maml:name> <maml:uri /> </dev:type> </command:parameter> </command:parameters> <command:inputTypes> <command:inputType> <dev:type> <maml:name>NtApiDotNet.NtObject</maml:name> <maml:uri /> </dev:type> <maml:description> <maml:para>An existing open NT object to use when Path is relative.</maml:para> </maml:description> </command:inputType> </command:inputTypes> <command:returnValues> <!-- OutputType: NtAlpcServer --> <command:returnValue> <dev:type> <maml:name>NtApiDotNet.NtAlpcServer</maml:name> <maml:uri /> </dev:type> </command:returnValue> </command:returnValues> <command:examples> <command:example> <maml:title>---------- EXAMPLE 1 ----------</maml:title> <dev:code>$obj = New-NtAlpcServer "\RPC Control\ABC"</dev:code> <dev:remarks> <maml:para>Create a new ALPC server with an absolute path.</maml:para> </dev:remarks> </command:example> </command:examples> <maml:relatedLinks> <maml:navigationLink> <maml:linkText>about_ManagingNtObjectLifetime</maml:linkText> </maml:navigationLink> </maml:relatedLinks> </command:command> <!-- Cmdlet: Get-NtDebug --> <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"> <command:details> <command:name>Get-NtDebug</command:name> <command:verb>Get</command:verb> <command:noun>NtDebug</command:noun> <maml:description> <maml:para>Open a NT debug object by path.</maml:para> </maml:description> </command:details> <maml:description> <maml:para>This cmdlet opens an existing NT debug object. The absolute path to the object in the NT object manager name space must be specified. It's also possible to create the object relative to an existing object by specified the -Root parameter.</maml:para> </maml:description> <command:syntax> <!-- Parameter set: FromPath --> <command:syntaxItem> <maml:name>Get-NtDebug</maml:name> <!-- Parameter: Path --> <command:parameter required="true" globbing="false" pipelineInput="false" position="0"> <maml:name>Path</maml:name> <maml:description> <maml:para>The NT object manager path to the object to use.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Access --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Access</maml:name> <maml:description> <maml:para>Specify the access rights for a new handle when creating/opening an object.</maml:para> <maml:para>Possible values: ReadEvent, ProcessAssign, SetInformation, QueryInformation, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">DebugAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.DebugAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>MaximumAllowed</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">ReadEvent</command:parameterValue> <command:parameterValue required="false" variableLength="false">ProcessAssign</command:parameterValue> <command:parameterValue required="false" variableLength="false">SetInformation</command:parameterValue> <command:parameterValue required="false" variableLength="false">QueryInformation</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: CloseRoot --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CloseRoot</maml:name> <maml:description> <maml:para>Automatically close the Root object when this cmdlet finishes processing. Useful for pipelines.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: CreateDirectories --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CreateDirectories</maml:name> <maml:description> <maml:para>Create any necessary NtDirectory objects to create the required object. Will return the created directories as well as the object in the output. The new object will be the first entry in the list. This doesn't work when opening an object or creating keys/files.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: Inherit --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Inherit</maml:name> <maml:description> <maml:para>Set to mark the new handle as inheritable. Can be used with ObjectAttributes.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ObjectAttributes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ObjectAttributes</maml:name> <maml:description> <maml:para>Object Attribute flags used during Open/Create calls.</maml:para> <maml:para>Possible values: None, ProtectClose, Inherit, AuditObjectClose, Permanent, Exclusive, CaseInsensitive, OpenIf, OpenLink, KernelHandle, ForceAccessCheck, IgnoreImpersonatedDevicemap, DontReparse</maml:para> </maml:description> <command:parameterValue required="true">AttributeFlags</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.AttributeFlags</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>CaseInsensitive</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ProtectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Inherit</command:parameterValue> <command:parameterValue required="false" variableLength="false">AuditObjectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Permanent</command:parameterValue> <command:parameterValue required="false" variableLength="false">Exclusive</command:parameterValue> <command:parameterValue required="false" variableLength="false">CaseInsensitive</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenIf</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenLink</command:parameterValue> <command:parameterValue required="false" variableLength="false">KernelHandle</command:parameterValue> <command:parameterValue required="false" variableLength="false">ForceAccessCheck</command:parameterValue> <command:parameterValue required="false" variableLength="false">IgnoreImpersonatedDevicemap</command:parameterValue> <command:parameterValue required="false" variableLength="false">DontReparse</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Root --> <command:parameter required="false" globbing="false" pipelineInput="true (ByValue)" position="named"> <maml:name>Root</maml:name> <maml:description> <maml:para>An existing open NT object to use when Path is relative.</maml:para> </maml:description> <command:parameterValue required="true">NtObject</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtObject</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Sddl --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Sddl</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object in SDDL format.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SecurityDescriptor --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityDescriptor</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object.</maml:para> </maml:description> <command:parameterValue required="true">SecurityDescriptor</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityDescriptor</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SecurityQualityOfService --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityQualityOfService</maml:name> <maml:description> <maml:para>Set to provide an explicit security quality of service when opening files/namedpipes.</maml:para> </maml:description> <command:parameterValue required="true">SecurityQualityOfService</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityQualityOfService</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Win32Path --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Win32Path</maml:name> <maml:description> <maml:para>Use a Win32 path for lookups. For NT objects this means relative to BNO, for files means a DOS style path.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> </command:syntaxItem> <!-- Parameter set: FromCurrent --> <command:syntaxItem> <maml:name>Get-NtDebug</maml:name> <!-- Parameter: Path --> <command:parameter required="false" globbing="false" pipelineInput="false" position="0"> <maml:name>Path</maml:name> <maml:description> <maml:para>The NT object manager path to the object to use.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Current --> <command:parameter required="true" globbing="false" pipelineInput="false" position="named"> <maml:name>Current</maml:name> <maml:description> <maml:para>Open the current thread's debug object. Most parameters on this cmdlet will be ignored.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: Access --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Access</maml:name> <maml:description> <maml:para>Specify the access rights for a new handle when creating/opening an object.</maml:para> <maml:para>Possible values: ReadEvent, ProcessAssign, SetInformation, QueryInformation, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">DebugAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.DebugAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>MaximumAllowed</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">ReadEvent</command:parameterValue> <command:parameterValue required="false" variableLength="false">ProcessAssign</command:parameterValue> <command:parameterValue required="false" variableLength="false">SetInformation</command:parameterValue> <command:parameterValue required="false" variableLength="false">QueryInformation</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: CloseRoot --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CloseRoot</maml:name> <maml:description> <maml:para>Automatically close the Root object when this cmdlet finishes processing. Useful for pipelines.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: CreateDirectories --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CreateDirectories</maml:name> <maml:description> <maml:para>Create any necessary NtDirectory objects to create the required object. Will return the created directories as well as the object in the output. The new object will be the first entry in the list. This doesn't work when opening an object or creating keys/files.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: Inherit --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Inherit</maml:name> <maml:description> <maml:para>Set to mark the new handle as inheritable. Can be used with ObjectAttributes.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ObjectAttributes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ObjectAttributes</maml:name> <maml:description> <maml:para>Object Attribute flags used during Open/Create calls.</maml:para> <maml:para>Possible values: None, ProtectClose, Inherit, AuditObjectClose, Permanent, Exclusive, CaseInsensitive, OpenIf, OpenLink, KernelHandle, ForceAccessCheck, IgnoreImpersonatedDevicemap, DontReparse</maml:para> </maml:description> <command:parameterValue required="true">AttributeFlags</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.AttributeFlags</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>CaseInsensitive</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ProtectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Inherit</command:parameterValue> <command:parameterValue required="false" variableLength="false">AuditObjectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Permanent</command:parameterValue> <command:parameterValue required="false" variableLength="false">Exclusive</command:parameterValue> <command:parameterValue required="false" variableLength="false">CaseInsensitive</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenIf</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenLink</command:parameterValue> <command:parameterValue required="false" variableLength="false">KernelHandle</command:parameterValue> <command:parameterValue required="false" variableLength="false">ForceAccessCheck</command:parameterValue> <command:parameterValue required="false" variableLength="false">IgnoreImpersonatedDevicemap</command:parameterValue> <command:parameterValue required="false" variableLength="false">DontReparse</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Root --> <command:parameter required="false" globbing="false" pipelineInput="true (ByValue)" position="named"> <maml:name>Root</maml:name> <maml:description> <maml:para>An existing open NT object to use when Path is relative.</maml:para> </maml:description> <command:parameterValue required="true">NtObject</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtObject</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Sddl --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Sddl</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object in SDDL format.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SecurityDescriptor --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityDescriptor</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object.</maml:para> </maml:description> <command:parameterValue required="true">SecurityDescriptor</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityDescriptor</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SecurityQualityOfService --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityQualityOfService</maml:name> <maml:description> <maml:para>Set to provide an explicit security quality of service when opening files/namedpipes.</maml:para> </maml:description> <command:parameterValue required="true">SecurityQualityOfService</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityQualityOfService</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Win32Path --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Win32Path</maml:name> <maml:description> <maml:para>Use a Win32 path for lookups. For NT objects this means relative to BNO, for files means a DOS style path.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> </command:syntaxItem> <!-- Parameter set: FromProcess --> <command:syntaxItem> <maml:name>Get-NtDebug</maml:name> <!-- Parameter: Path --> <command:parameter required="false" globbing="false" pipelineInput="false" position="0"> <maml:name>Path</maml:name> <maml:description> <maml:para>The NT object manager path to the object to use.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Process --> <command:parameter required="true" globbing="false" pipelineInput="false" position="named"> <maml:name>Process</maml:name> <maml:description> <maml:para>Open the debug object from a process. Most parameters on this cmdlet will be ignored.</maml:para> </maml:description> <command:parameterValue required="true">NtProcess</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtProcess</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Access --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Access</maml:name> <maml:description> <maml:para>Specify the access rights for a new handle when creating/opening an object.</maml:para> <maml:para>Possible values: ReadEvent, ProcessAssign, SetInformation, QueryInformation, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">DebugAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.DebugAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>MaximumAllowed</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">ReadEvent</command:parameterValue> <command:parameterValue required="false" variableLength="false">ProcessAssign</command:parameterValue> <command:parameterValue required="false" variableLength="false">SetInformation</command:parameterValue> <command:parameterValue required="false" variableLength="false">QueryInformation</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: CloseRoot --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CloseRoot</maml:name> <maml:description> <maml:para>Automatically close the Root object when this cmdlet finishes processing. Useful for pipelines.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: CreateDirectories --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CreateDirectories</maml:name> <maml:description> <maml:para>Create any necessary NtDirectory objects to create the required object. Will return the created directories as well as the object in the output. The new object will be the first entry in the list. This doesn't work when opening an object or creating keys/files.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: Inherit --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Inherit</maml:name> <maml:description> <maml:para>Set to mark the new handle as inheritable. Can be used with ObjectAttributes.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ObjectAttributes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ObjectAttributes</maml:name> <maml:description> <maml:para>Object Attribute flags used during Open/Create calls.</maml:para> <maml:para>Possible values: None, ProtectClose, Inherit, AuditObjectClose, Permanent, Exclusive, CaseInsensitive, OpenIf, OpenLink, KernelHandle, ForceAccessCheck, IgnoreImpersonatedDevicemap, DontReparse</maml:para> </maml:description> <command:parameterValue required="true">AttributeFlags</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.AttributeFlags</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>CaseInsensitive</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ProtectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Inherit</command:parameterValue> <command:parameterValue required="false" variableLength="false">AuditObjectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Permanent</command:parameterValue> <command:parameterValue required="false" variableLength="false">Exclusive</command:parameterValue> <command:parameterValue required="false" variableLength="false">CaseInsensitive</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenIf</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenLink</command:parameterValue> <command:parameterValue required="false" variableLength="false">KernelHandle</command:parameterValue> <command:parameterValue required="false" variableLength="false">ForceAccessCheck</command:parameterValue> <command:parameterValue required="false" variableLength="false">IgnoreImpersonatedDevicemap</command:parameterValue> <command:parameterValue required="false" variableLength="false">DontReparse</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Root --> <command:parameter required="false" globbing="false" pipelineInput="true (ByValue)" position="named"> <maml:name>Root</maml:name> <maml:description> <maml:para>An existing open NT object to use when Path is relative.</maml:para> </maml:description> <command:parameterValue required="true">NtObject</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtObject</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Sddl --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Sddl</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object in SDDL format.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SecurityDescriptor --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityDescriptor</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object.</maml:para> </maml:description> <command:parameterValue required="true">SecurityDescriptor</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityDescriptor</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SecurityQualityOfService --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityQualityOfService</maml:name> <maml:description> <maml:para>Set to provide an explicit security quality of service when opening files/namedpipes.</maml:para> </maml:description> <command:parameterValue required="true">SecurityQualityOfService</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityQualityOfService</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Win32Path --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Win32Path</maml:name> <maml:description> <maml:para>Use a Win32 path for lookups. For NT objects this means relative to BNO, for files means a DOS style path.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> </command:syntaxItem> </command:syntax> <command:parameters> <!-- Parameter: Path --> <command:parameter required="true" globbing="false" pipelineInput="false" position="0"> <maml:name>Path</maml:name> <maml:description> <maml:para>The NT object manager path to the object to use.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Current --> <command:parameter required="true" globbing="false" pipelineInput="false" position="named"> <maml:name>Current</maml:name> <maml:description> <maml:para>Open the current thread's debug object. Most parameters on this cmdlet will be ignored.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: Process --> <command:parameter required="true" globbing="false" pipelineInput="false" position="named"> <maml:name>Process</maml:name> <maml:description> <maml:para>Open the debug object from a process. Most parameters on this cmdlet will be ignored.</maml:para> </maml:description> <command:parameterValue required="true">NtProcess</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtProcess</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Access --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Access</maml:name> <maml:description> <maml:para>Specify the access rights for a new handle when creating/opening an object.</maml:para> <maml:para>Possible values: ReadEvent, ProcessAssign, SetInformation, QueryInformation, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">DebugAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.DebugAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>MaximumAllowed</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">ReadEvent</command:parameterValue> <command:parameterValue required="false" variableLength="false">ProcessAssign</command:parameterValue> <command:parameterValue required="false" variableLength="false">SetInformation</command:parameterValue> <command:parameterValue required="false" variableLength="false">QueryInformation</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Root --> <command:parameter required="false" globbing="false" pipelineInput="true (ByValue)" position="named"> <maml:name>Root</maml:name> <maml:description> <maml:para>An existing open NT object to use when Path is relative.</maml:para> </maml:description> <command:parameterValue required="true">NtObject</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtObject</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Win32Path --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Win32Path</maml:name> <maml:description> <maml:para>Use a Win32 path for lookups. For NT objects this means relative to BNO, for files means a DOS style path.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: CloseRoot --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CloseRoot</maml:name> <maml:description> <maml:para>Automatically close the Root object when this cmdlet finishes processing. Useful for pipelines.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: CreateDirectories --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CreateDirectories</maml:name> <maml:description> <maml:para>Create any necessary NtDirectory objects to create the required object. Will return the created directories as well as the object in the output. The new object will be the first entry in the list. This doesn't work when opening an object or creating keys/files.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ObjectAttributes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ObjectAttributes</maml:name> <maml:description> <maml:para>Object Attribute flags used during Open/Create calls.</maml:para> <maml:para>Possible values: None, ProtectClose, Inherit, AuditObjectClose, Permanent, Exclusive, CaseInsensitive, OpenIf, OpenLink, KernelHandle, ForceAccessCheck, IgnoreImpersonatedDevicemap, DontReparse</maml:para> </maml:description> <command:parameterValue required="true">AttributeFlags</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.AttributeFlags</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>CaseInsensitive</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ProtectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Inherit</command:parameterValue> <command:parameterValue required="false" variableLength="false">AuditObjectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Permanent</command:parameterValue> <command:parameterValue required="false" variableLength="false">Exclusive</command:parameterValue> <command:parameterValue required="false" variableLength="false">CaseInsensitive</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenIf</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenLink</command:parameterValue> <command:parameterValue required="false" variableLength="false">KernelHandle</command:parameterValue> <command:parameterValue required="false" variableLength="false">ForceAccessCheck</command:parameterValue> <command:parameterValue required="false" variableLength="false">IgnoreImpersonatedDevicemap</command:parameterValue> <command:parameterValue required="false" variableLength="false">DontReparse</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: SecurityDescriptor --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityDescriptor</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object.</maml:para> </maml:description> <command:parameterValue required="true">SecurityDescriptor</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityDescriptor</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Inherit --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Inherit</maml:name> <maml:description> <maml:para>Set to mark the new handle as inheritable. Can be used with ObjectAttributes.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: Sddl --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Sddl</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object in SDDL format.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SecurityQualityOfService --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityQualityOfService</maml:name> <maml:description> <maml:para>Set to provide an explicit security quality of service when opening files/namedpipes.</maml:para> </maml:description> <command:parameterValue required="true">SecurityQualityOfService</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityQualityOfService</maml:name> <maml:uri /> </dev:type> </command:parameter> </command:parameters> <command:inputTypes> <command:inputType> <dev:type> <maml:name>NtApiDotNet.NtObject</maml:name> <maml:uri /> </dev:type> <maml:description> <maml:para>An existing open NT object to use when Path is relative.</maml:para> </maml:description> </command:inputType> </command:inputTypes> <command:returnValues> <!-- OutputType: NtDebug --> <command:returnValue> <dev:type> <maml:name>NtApiDotNet.NtDebug</maml:name> <maml:uri /> </dev:type> </command:returnValue> </command:returnValues> <command:examples> <command:example> <maml:title>---------- EXAMPLE 1 ----------</maml:title> <dev:code>$obj = Get-NtDebug \BaseNamedObjects\ABC</dev:code> <dev:remarks> <maml:para>Get a debug object with an absolute path.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 2 ----------</maml:title> <dev:code>$root = Get-NtDirectory \BaseNamedObjects $obj = Get-NtDebug ABC -Root $root</dev:code> <dev:remarks> <maml:para>Get a debug object with a relative path.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 3 ----------</maml:title> <dev:code>$obj = Get-NtDebug -Path \BaseNamedObjects\ABC $obj.Wait()</dev:code> <dev:remarks> <maml:para>Get a debug object, wait for it to be set.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 4 ----------</maml:title> <dev:code>$obj = Get-NtDebug -Path \BaseNamedObjects\ABC $obj.Set()</dev:code> <dev:remarks> <maml:para>Get a debug object, and set it.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 5 ----------</maml:title> <dev:code>cd NtObject:\BaseNamedObjects $obj = Get-NtDebug ABC</dev:code> <dev:remarks> <maml:para>Get a debug object with a relative path based on the current location.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 6 ----------</maml:title> <dev:code>Get-NtDebug -Current</dev:code> <dev:remarks> <maml:para>Get the current debug object.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 7 ----------</maml:title> <dev:code>Get-NtDebug -Process $p</dev:code> <dev:remarks> <maml:para>Get the debug object from a process.</maml:para> </dev:remarks> </command:example> </command:examples> <maml:relatedLinks> <maml:navigationLink> <maml:linkText>about_ManagingNtObjectLifetime</maml:linkText> </maml:navigationLink> </maml:relatedLinks> </command:command> <!-- Cmdlet: New-NtDebug --> <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"> <command:details> <command:name>New-NtDebug</command:name> <command:verb>New</command:verb> <command:noun>NtDebug</command:noun> <maml:description> <maml:para>Create a new NT debug object.</maml:para> </maml:description> </command:details> <maml:description> <maml:para>This cmdlet creates a new NT debug object. The absolute path to the object in the NT object manager name space can be specified. It's also possible to create the object relative to an existing object by specified the -Root parameter. If no path is specified than an unnamed object will be created which can only be duplicated by handle. You can also attach a process to the new debug object immediately after creation.</maml:para> </maml:description> <command:syntax> <!-- Parameter set: AttachPid --> <command:syntaxItem> <maml:name>New-NtDebug</maml:name> <!-- Parameter: Path --> <command:parameter required="false" globbing="false" pipelineInput="false" position="0"> <maml:name>Path</maml:name> <maml:description> <maml:para>The NT object manager path to the object to use.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: ProcessId --> <command:parameter required="true" globbing="false" pipelineInput="false" position="named" aliases="pid"> <maml:name>ProcessId</maml:name> <maml:description> <maml:para>Specify a process ID to attach to after creation.</maml:para> </maml:description> <command:parameterValue required="true">int</command:parameterValue> <dev:type> <maml:name>System.Int32</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>0</dev:defaultValue> </command:parameter> <!-- Parameter: Access --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Access</maml:name> <maml:description> <maml:para>Specify the access rights for a new handle when creating/opening an object.</maml:para> <maml:para>Possible values: ReadEvent, ProcessAssign, SetInformation, QueryInformation, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">DebugAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.DebugAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>MaximumAllowed</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">ReadEvent</command:parameterValue> <command:parameterValue required="false" variableLength="false">ProcessAssign</command:parameterValue> <command:parameterValue required="false" variableLength="false">SetInformation</command:parameterValue> <command:parameterValue required="false" variableLength="false">QueryInformation</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: CloseRoot --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CloseRoot</maml:name> <maml:description> <maml:para>Automatically close the Root object when this cmdlet finishes processing. Useful for pipelines.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: CreateDirectories --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CreateDirectories</maml:name> <maml:description> <maml:para>Create any necessary NtDirectory objects to create the required object. Will return the created directories as well as the object in the output. The new object will be the first entry in the list. This doesn't work when opening an object or creating keys/files.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: Flags --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Flags</maml:name> <maml:description> <maml:para>Specify flags for create.</maml:para> <maml:para>Possible values: None, KillOnClose</maml:para> </maml:description> <command:parameterValue required="true">DebugObjectFlags</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.DebugObjectFlags</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">KillOnClose</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Inherit --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Inherit</maml:name> <maml:description> <maml:para>Set to mark the new handle as inheritable. Can be used with ObjectAttributes.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ObjectAttributes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ObjectAttributes</maml:name> <maml:description> <maml:para>Object Attribute flags used during Open/Create calls.</maml:para> <maml:para>Possible values: None, ProtectClose, Inherit, AuditObjectClose, Permanent, Exclusive, CaseInsensitive, OpenIf, OpenLink, KernelHandle, ForceAccessCheck, IgnoreImpersonatedDevicemap, DontReparse</maml:para> </maml:description> <command:parameterValue required="true">AttributeFlags</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.AttributeFlags</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>CaseInsensitive</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ProtectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Inherit</command:parameterValue> <command:parameterValue required="false" variableLength="false">AuditObjectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Permanent</command:parameterValue> <command:parameterValue required="false" variableLength="false">Exclusive</command:parameterValue> <command:parameterValue required="false" variableLength="false">CaseInsensitive</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenIf</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenLink</command:parameterValue> <command:parameterValue required="false" variableLength="false">KernelHandle</command:parameterValue> <command:parameterValue required="false" variableLength="false">ForceAccessCheck</command:parameterValue> <command:parameterValue required="false" variableLength="false">IgnoreImpersonatedDevicemap</command:parameterValue> <command:parameterValue required="false" variableLength="false">DontReparse</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Root --> <command:parameter required="false" globbing="false" pipelineInput="true (ByValue)" position="named"> <maml:name>Root</maml:name> <maml:description> <maml:para>An existing open NT object to use when Path is relative.</maml:para> </maml:description> <command:parameterValue required="true">NtObject</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtObject</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Sddl --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Sddl</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object in SDDL format.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SecurityDescriptor --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityDescriptor</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object.</maml:para> </maml:description> <command:parameterValue required="true">SecurityDescriptor</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityDescriptor</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SecurityQualityOfService --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityQualityOfService</maml:name> <maml:description> <maml:para>Set to provide an explicit security quality of service when opening files/namedpipes.</maml:para> </maml:description> <command:parameterValue required="true">SecurityQualityOfService</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityQualityOfService</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Win32Path --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Win32Path</maml:name> <maml:description> <maml:para>Use a Win32 path for lookups. For NT objects this means relative to BNO, for files means a DOS style path.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> </command:syntaxItem> <!-- Parameter set: AttachProcess --> <command:syntaxItem> <maml:name>New-NtDebug</maml:name> <!-- Parameter: Path --> <command:parameter required="false" globbing="false" pipelineInput="false" position="0"> <maml:name>Path</maml:name> <maml:description> <maml:para>The NT object manager path to the object to use.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Process --> <command:parameter required="true" globbing="false" pipelineInput="false" position="named"> <maml:name>Process</maml:name> <maml:description> <maml:para>Specify a process to attach to after creation.</maml:para> </maml:description> <command:parameterValue required="true">NtProcess</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtProcess</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Access --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Access</maml:name> <maml:description> <maml:para>Specify the access rights for a new handle when creating/opening an object.</maml:para> <maml:para>Possible values: ReadEvent, ProcessAssign, SetInformation, QueryInformation, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">DebugAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.DebugAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>MaximumAllowed</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">ReadEvent</command:parameterValue> <command:parameterValue required="false" variableLength="false">ProcessAssign</command:parameterValue> <command:parameterValue required="false" variableLength="false">SetInformation</command:parameterValue> <command:parameterValue required="false" variableLength="false">QueryInformation</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: CloseRoot --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CloseRoot</maml:name> <maml:description> <maml:para>Automatically close the Root object when this cmdlet finishes processing. Useful for pipelines.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: CreateDirectories --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CreateDirectories</maml:name> <maml:description> <maml:para>Create any necessary NtDirectory objects to create the required object. Will return the created directories as well as the object in the output. The new object will be the first entry in the list. This doesn't work when opening an object or creating keys/files.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: Flags --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Flags</maml:name> <maml:description> <maml:para>Specify flags for create.</maml:para> <maml:para>Possible values: None, KillOnClose</maml:para> </maml:description> <command:parameterValue required="true">DebugObjectFlags</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.DebugObjectFlags</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">KillOnClose</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Inherit --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Inherit</maml:name> <maml:description> <maml:para>Set to mark the new handle as inheritable. Can be used with ObjectAttributes.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ObjectAttributes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ObjectAttributes</maml:name> <maml:description> <maml:para>Object Attribute flags used during Open/Create calls.</maml:para> <maml:para>Possible values: None, ProtectClose, Inherit, AuditObjectClose, Permanent, Exclusive, CaseInsensitive, OpenIf, OpenLink, KernelHandle, ForceAccessCheck, IgnoreImpersonatedDevicemap, DontReparse</maml:para> </maml:description> <command:parameterValue required="true">AttributeFlags</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.AttributeFlags</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>CaseInsensitive</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ProtectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Inherit</command:parameterValue> <command:parameterValue required="false" variableLength="false">AuditObjectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Permanent</command:parameterValue> <command:parameterValue required="false" variableLength="false">Exclusive</command:parameterValue> <command:parameterValue required="false" variableLength="false">CaseInsensitive</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenIf</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenLink</command:parameterValue> <command:parameterValue required="false" variableLength="false">KernelHandle</command:parameterValue> <command:parameterValue required="false" variableLength="false">ForceAccessCheck</command:parameterValue> <command:parameterValue required="false" variableLength="false">IgnoreImpersonatedDevicemap</command:parameterValue> <command:parameterValue required="false" variableLength="false">DontReparse</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Root --> <command:parameter required="false" globbing="false" pipelineInput="true (ByValue)" position="named"> <maml:name>Root</maml:name> <maml:description> <maml:para>An existing open NT object to use when Path is relative.</maml:para> </maml:description> <command:parameterValue required="true">NtObject</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtObject</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Sddl --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Sddl</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object in SDDL format.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SecurityDescriptor --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityDescriptor</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object.</maml:para> </maml:description> <command:parameterValue required="true">SecurityDescriptor</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityDescriptor</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SecurityQualityOfService --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityQualityOfService</maml:name> <maml:description> <maml:para>Set to provide an explicit security quality of service when opening files/namedpipes.</maml:para> </maml:description> <command:parameterValue required="true">SecurityQualityOfService</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityQualityOfService</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Win32Path --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Win32Path</maml:name> <maml:description> <maml:para>Use a Win32 path for lookups. For NT objects this means relative to BNO, for files means a DOS style path.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> </command:syntaxItem> </command:syntax> <command:parameters> <!-- Parameter: ProcessId --> <command:parameter required="true" globbing="false" pipelineInput="false" position="named" aliases="pid"> <maml:name>ProcessId</maml:name> <maml:description> <maml:para>Specify a process ID to attach to after creation.</maml:para> </maml:description> <command:parameterValue required="true">int</command:parameterValue> <dev:type> <maml:name>System.Int32</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>0</dev:defaultValue> </command:parameter> <command:parameter required="true" globbing="false" pipelineInput="false" position="named" aliases="pid"> <maml:name>pid</maml:name> <maml:description> <maml:para>Specify a process ID to attach to after creation.</maml:para> <maml:para>This is an alias of the ProcessId parameter.</maml:para> </maml:description> <command:parameterValue required="true">int</command:parameterValue> <dev:type> <maml:name>System.Int32</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>0</dev:defaultValue> </command:parameter> <!-- Parameter: Process --> <command:parameter required="true" globbing="false" pipelineInput="false" position="named"> <maml:name>Process</maml:name> <maml:description> <maml:para>Specify a process to attach to after creation.</maml:para> </maml:description> <command:parameterValue required="true">NtProcess</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtProcess</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Flags --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Flags</maml:name> <maml:description> <maml:para>Specify flags for create.</maml:para> <maml:para>Possible values: None, KillOnClose</maml:para> </maml:description> <command:parameterValue required="true">DebugObjectFlags</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.DebugObjectFlags</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">KillOnClose</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Access --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Access</maml:name> <maml:description> <maml:para>Specify the access rights for a new handle when creating/opening an object.</maml:para> <maml:para>Possible values: ReadEvent, ProcessAssign, SetInformation, QueryInformation, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">DebugAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.DebugAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>MaximumAllowed</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">ReadEvent</command:parameterValue> <command:parameterValue required="false" variableLength="false">ProcessAssign</command:parameterValue> <command:parameterValue required="false" variableLength="false">SetInformation</command:parameterValue> <command:parameterValue required="false" variableLength="false">QueryInformation</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Path --> <command:parameter required="false" globbing="false" pipelineInput="false" position="0"> <maml:name>Path</maml:name> <maml:description> <maml:para>The NT object manager path to the object to use.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Root --> <command:parameter required="false" globbing="false" pipelineInput="true (ByValue)" position="named"> <maml:name>Root</maml:name> <maml:description> <maml:para>An existing open NT object to use when Path is relative.</maml:para> </maml:description> <command:parameterValue required="true">NtObject</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtObject</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Win32Path --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Win32Path</maml:name> <maml:description> <maml:para>Use a Win32 path for lookups. For NT objects this means relative to BNO, for files means a DOS style path.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: CloseRoot --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CloseRoot</maml:name> <maml:description> <maml:para>Automatically close the Root object when this cmdlet finishes processing. Useful for pipelines.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: CreateDirectories --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CreateDirectories</maml:name> <maml:description> <maml:para>Create any necessary NtDirectory objects to create the required object. Will return the created directories as well as the object in the output. The new object will be the first entry in the list. This doesn't work when opening an object or creating keys/files.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ObjectAttributes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ObjectAttributes</maml:name> <maml:description> <maml:para>Object Attribute flags used during Open/Create calls.</maml:para> <maml:para>Possible values: None, ProtectClose, Inherit, AuditObjectClose, Permanent, Exclusive, CaseInsensitive, OpenIf, OpenLink, KernelHandle, ForceAccessCheck, IgnoreImpersonatedDevicemap, DontReparse</maml:para> </maml:description> <command:parameterValue required="true">AttributeFlags</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.AttributeFlags</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>CaseInsensitive</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ProtectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Inherit</command:parameterValue> <command:parameterValue required="false" variableLength="false">AuditObjectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Permanent</command:parameterValue> <command:parameterValue required="false" variableLength="false">Exclusive</command:parameterValue> <command:parameterValue required="false" variableLength="false">CaseInsensitive</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenIf</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenLink</command:parameterValue> <command:parameterValue required="false" variableLength="false">KernelHandle</command:parameterValue> <command:parameterValue required="false" variableLength="false">ForceAccessCheck</command:parameterValue> <command:parameterValue required="false" variableLength="false">IgnoreImpersonatedDevicemap</command:parameterValue> <command:parameterValue required="false" variableLength="false">DontReparse</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: SecurityDescriptor --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityDescriptor</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object.</maml:para> </maml:description> <command:parameterValue required="true">SecurityDescriptor</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityDescriptor</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Inherit --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Inherit</maml:name> <maml:description> <maml:para>Set to mark the new handle as inheritable. Can be used with ObjectAttributes.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: Sddl --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Sddl</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object in SDDL format.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SecurityQualityOfService --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityQualityOfService</maml:name> <maml:description> <maml:para>Set to provide an explicit security quality of service when opening files/namedpipes.</maml:para> </maml:description> <command:parameterValue required="true">SecurityQualityOfService</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityQualityOfService</maml:name> <maml:uri /> </dev:type> </command:parameter> </command:parameters> <command:inputTypes> <command:inputType> <dev:type> <maml:name>NtApiDotNet.NtObject</maml:name> <maml:uri /> </dev:type> <maml:description> <maml:para>An existing open NT object to use when Path is relative.</maml:para> </maml:description> </command:inputType> </command:inputTypes> <command:returnValues> <!-- OutputType: NtDebug --> <command:returnValue> <dev:type> <maml:name>NtApiDotNet.NtDebug</maml:name> <maml:uri /> </dev:type> </command:returnValue> </command:returnValues> <command:examples> <command:example> <maml:title>---------- EXAMPLE 1 ----------</maml:title> <dev:code>$obj = New-NtDebug</dev:code> <dev:remarks> <maml:para>Create a new anonymous debug object.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 2 ----------</maml:title> <dev:code>$obj = New-NtDebug \BaseNamedObjects\ABC</dev:code> <dev:remarks> <maml:para>Create a new debug object with an absolute path.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 3 ----------</maml:title> <dev:code>$root = Get-NtDirectory \BaseNamedObjects $obj = New-NtDebug ABC -Root $root</dev:code> <dev:remarks> <maml:para>Create a new debug object with a relative path.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 4 ----------</maml:title> <dev:code>cd NtObject:\BaseNamedObjects $obj = New-NtDebug ABC</dev:code> <dev:remarks> <maml:para>Create a new debug object with a relative path based on the current location.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 5 ----------</maml:title> <dev:code>$obj = New-NtDebug -ProcessId 12345</dev:code> <dev:remarks> <maml:para>Create a new anonymous debug object and attach to PID 12345.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 6 ----------</maml:title> <dev:code>$obj = New-NtDebug -Process $proc</dev:code> <dev:remarks> <maml:para>Create a new anonymous debug object and attach to a process object.</maml:para> </dev:remarks> </command:example> </command:examples> <maml:relatedLinks> <maml:navigationLink> <maml:linkText>about_ManagingNtObjectLifetime</maml:linkText> </maml:navigationLink> </maml:relatedLinks> </command:command> <!-- Cmdlet: Add-NtDebugProcess --> <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"> <command:details> <command:name>Add-NtDebugProcess</command:name> <command:verb>Add</command:verb> <command:noun>NtDebugProcess</command:noun> <maml:description> <maml:para>Attach a process to a debug object.</maml:para> </maml:description> </command:details> <maml:description> <maml:para>This cmdlet attaches a process to a debug object. You can remove it again using Remove-NtDebugProcess.</maml:para> </maml:description> <command:syntax> <!-- Parameter set: AttachPid --> <command:syntaxItem> <maml:name>Add-NtDebugProcess</maml:name> <!-- Parameter: DebugObject --> <command:parameter required="true" globbing="false" pipelineInput="false" position="0"> <maml:name>DebugObject</maml:name> <maml:description> <maml:para>Specify the debug object to attach the process to.</maml:para> </maml:description> <command:parameterValue required="true">NtDebug</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtDebug</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: ProcessId --> <command:parameter required="true" globbing="false" pipelineInput="false" position="named" aliases="pid"> <maml:name>ProcessId</maml:name> <maml:description> <maml:para>Specify a process ID to attach to .</maml:para> </maml:description> <command:parameterValue required="true">int</command:parameterValue> <dev:type> <maml:name>System.Int32</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>0</dev:defaultValue> </command:parameter> </command:syntaxItem> <!-- Parameter set: AttachProcess --> <command:syntaxItem> <maml:name>Add-NtDebugProcess</maml:name> <!-- Parameter: DebugObject --> <command:parameter required="true" globbing="false" pipelineInput="false" position="0"> <maml:name>DebugObject</maml:name> <maml:description> <maml:para>Specify the debug object to attach the process to.</maml:para> </maml:description> <command:parameterValue required="true">NtDebug</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtDebug</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Process --> <command:parameter required="true" globbing="false" pipelineInput="false" position="named"> <maml:name>Process</maml:name> <maml:description> <maml:para>Specify a process to attach to.</maml:para> </maml:description> <command:parameterValue required="true">NtProcess</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtProcess</maml:name> <maml:uri /> </dev:type> </command:parameter> </command:syntaxItem> </command:syntax> <command:parameters> <!-- Parameter: DebugObject --> <command:parameter required="true" globbing="false" pipelineInput="false" position="0"> <maml:name>DebugObject</maml:name> <maml:description> <maml:para>Specify the debug object to attach the process to.</maml:para> </maml:description> <command:parameterValue required="true">NtDebug</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtDebug</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: ProcessId --> <command:parameter required="true" globbing="false" pipelineInput="false" position="named" aliases="pid"> <maml:name>ProcessId</maml:name> <maml:description> <maml:para>Specify a process ID to attach to .</maml:para> </maml:description> <command:parameterValue required="true">int</command:parameterValue> <dev:type> <maml:name>System.Int32</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>0</dev:defaultValue> </command:parameter> <command:parameter required="true" globbing="false" pipelineInput="false" position="named" aliases="pid"> <maml:name>pid</maml:name> <maml:description> <maml:para>Specify a process ID to attach to .</maml:para> <maml:para>This is an alias of the ProcessId parameter.</maml:para> </maml:description> <command:parameterValue required="true">int</command:parameterValue> <dev:type> <maml:name>System.Int32</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>0</dev:defaultValue> </command:parameter> <!-- Parameter: Process --> <command:parameter required="true" globbing="false" pipelineInput="false" position="named"> <maml:name>Process</maml:name> <maml:description> <maml:para>Specify a process to attach to.</maml:para> </maml:description> <command:parameterValue required="true">NtProcess</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtProcess</maml:name> <maml:uri /> </dev:type> </command:parameter> </command:parameters> <command:inputTypes /> <command:returnValues /> <command:examples> <command:example> <maml:title>---------- EXAMPLE 1 ----------</maml:title> <dev:code>Add-NtDebugProcess $dbg -ProcessId 12345</dev:code> <dev:remarks> <maml:para>Attach process 12345 to the debug object..</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 2 ----------</maml:title> <dev:code>Add-NtDebugProcess $dbg -Process $proc</dev:code> <dev:remarks> <maml:para>Attach a process object to the debug object..</maml:para> </dev:remarks> </command:example> </command:examples> </command:command> <!-- Cmdlet: Remove-NtDebugProcess --> <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"> <command:details> <command:name>Remove-NtDebugProcess</command:name> <command:verb>Remove</command:verb> <command:noun>NtDebugProcess</command:noun> <maml:description> <maml:para>Detach a process from a debug object.</maml:para> </maml:description> </command:details> <maml:description> <maml:para>This cmdlet detachs a process remove a debug object.</maml:para> </maml:description> <command:syntax> <!-- Parameter set: DetachPid --> <command:syntaxItem> <maml:name>Remove-NtDebugProcess</maml:name> <!-- Parameter: DebugObject --> <command:parameter required="true" globbing="false" pipelineInput="false" position="0"> <maml:name>DebugObject</maml:name> <maml:description> <maml:para>Specify the debug object to debug the process from.</maml:para> </maml:description> <command:parameterValue required="true">NtDebug</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtDebug</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: ProcessId --> <command:parameter required="true" globbing="false" pipelineInput="false" position="named" aliases="pid"> <maml:name>ProcessId</maml:name> <maml:description> <maml:para>Specify a process ID to detach.</maml:para> </maml:description> <command:parameterValue required="true">int</command:parameterValue> <dev:type> <maml:name>System.Int32</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>0</dev:defaultValue> </command:parameter> </command:syntaxItem> <!-- Parameter set: DetachProcess --> <command:syntaxItem> <maml:name>Remove-NtDebugProcess</maml:name> <!-- Parameter: DebugObject --> <command:parameter required="true" globbing="false" pipelineInput="false" position="0"> <maml:name>DebugObject</maml:name> <maml:description> <maml:para>Specify the debug object to debug the process from.</maml:para> </maml:description> <command:parameterValue required="true">NtDebug</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtDebug</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Process --> <command:parameter required="true" globbing="false" pipelineInput="false" position="named"> <maml:name>Process</maml:name> <maml:description> <maml:para>Specify a process to detach.</maml:para> </maml:description> <command:parameterValue required="true">NtProcess</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtProcess</maml:name> <maml:uri /> </dev:type> </command:parameter> </command:syntaxItem> </command:syntax> <command:parameters> <!-- Parameter: DebugObject --> <command:parameter required="true" globbing="false" pipelineInput="false" position="0"> <maml:name>DebugObject</maml:name> <maml:description> <maml:para>Specify the debug object to debug the process from.</maml:para> </maml:description> <command:parameterValue required="true">NtDebug</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtDebug</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: ProcessId --> <command:parameter required="true" globbing="false" pipelineInput="false" position="named" aliases="pid"> <maml:name>ProcessId</maml:name> <maml:description> <maml:para>Specify a process ID to detach.</maml:para> </maml:description> <command:parameterValue required="true">int</command:parameterValue> <dev:type> <maml:name>System.Int32</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>0</dev:defaultValue> </command:parameter> <command:parameter required="true" globbing="false" pipelineInput="false" position="named" aliases="pid"> <maml:name>pid</maml:name> <maml:description> <maml:para>Specify a process ID to detach.</maml:para> <maml:para>This is an alias of the ProcessId parameter.</maml:para> </maml:description> <command:parameterValue required="true">int</command:parameterValue> <dev:type> <maml:name>System.Int32</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>0</dev:defaultValue> </command:parameter> <!-- Parameter: Process --> <command:parameter required="true" globbing="false" pipelineInput="false" position="named"> <maml:name>Process</maml:name> <maml:description> <maml:para>Specify a process to detach.</maml:para> </maml:description> <command:parameterValue required="true">NtProcess</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtProcess</maml:name> <maml:uri /> </dev:type> </command:parameter> </command:parameters> <command:inputTypes /> <command:returnValues /> <command:examples> <command:example> <maml:title>---------- EXAMPLE 1 ----------</maml:title> <dev:code>Remove-NtDebugProcess $dbg -ProcessId 12345</dev:code> <dev:remarks> <maml:para>Detach process 12345 from the debug object..</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 2 ----------</maml:title> <dev:code>Remove-NtDebugProcess $dbg -Process $proc</dev:code> <dev:remarks> <maml:para>Detach process object from the debug object..</maml:para> </dev:remarks> </command:example> </command:examples> </command:command> <!-- Cmdlet: Start-NtDebugWait --> <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"> <command:details> <command:name>Start-NtDebugWait</command:name> <command:verb>Start</command:verb> <command:noun>NtDebugWait</command:noun> <maml:description> <maml:para>Wait for an event on a debug object.</maml:para> </maml:description> </command:details> <maml:description> <maml:para>This cmdlet allows you to issue a wait for on a debug object. The timeout value is a combination of all the allowed time parameters, e.g. if you specify 1 second and 1000 milliseconds it will actually wait 2 seconds in total. Specifying -Infinite overrides the time parameters and will wait indefinitely.</maml:para> </maml:description> <command:syntax> <!-- Parameter set: time --> <command:syntaxItem> <maml:name>Start-NtDebugWait</maml:name> <!-- Parameter: DebugObject --> <command:parameter required="true" globbing="false" pipelineInput="false" position="0"> <maml:name>DebugObject</maml:name> <maml:description> <maml:para>Specify the debug object to wait on.</maml:para> </maml:description> <command:parameterValue required="true">NtDebug</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtDebug</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Alertable --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Alertable</maml:name> <maml:description> <maml:para>Specify the wait should be alertable.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ContinueEvent --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ContinueEvent</maml:name> <maml:description> <maml:para>Specify an event to continue before waiting.</maml:para> </maml:description> <command:parameterValue required="true">DebugEvent</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.DebugEvent</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: ContinueStatus --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ContinueStatus</maml:name> <maml:description> <maml:para>If continue event specified then this is the status to use.</maml:para> <maml:para>Possible values: DBG_EXCEPTION_HANDLED, DBG_CONTINUE, DBG_EXCEPTION_NOT_HANDLED, DBG_REPLY_LATER, DBG_TERMINATE_THREAD, DBG_TERMINATE_PROCESS</maml:para> </maml:description> <command:parameterValue required="true">DbgContinueStatus</command:parameterValue> <dev:type> <maml:name>NtObjectManager.DbgContinueStatus</maml:name> <maml:uri /> <maml:description> <maml:para>The allowed set of continue status</maml:para> </maml:description> </dev:type> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">DBG_EXCEPTION_HANDLED</command:parameterValue> <command:parameterValue required="false" variableLength="false">DBG_CONTINUE</command:parameterValue> <command:parameterValue required="false" variableLength="false">DBG_EXCEPTION_NOT_HANDLED</command:parameterValue> <command:parameterValue required="false" variableLength="false">DBG_REPLY_LATER</command:parameterValue> <command:parameterValue required="false" variableLength="false">DBG_TERMINATE_THREAD</command:parameterValue> <command:parameterValue required="false" variableLength="false">DBG_TERMINATE_PROCESS</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Hours --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named" aliases="h"> <maml:name>Hours</maml:name> <maml:description> <maml:para>Specify a wait time in hours.</maml:para> </maml:description> <command:parameterValue required="true">int</command:parameterValue> <dev:type> <maml:name>System.Int32</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>0</dev:defaultValue> </command:parameter> <!-- Parameter: MilliSeconds --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named" aliases="ms"> <maml:name>MilliSeconds</maml:name> <maml:description> <maml:para>Specify a wait time in milliseconds.</maml:para> </maml:description> <command:parameterValue required="true">long</command:parameterValue> <dev:type> <maml:name>System.Int64</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>0</dev:defaultValue> </command:parameter> <!-- Parameter: Minutes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named" aliases="m"> <maml:name>Minutes</maml:name> <maml:description> <maml:para>Specify a wait time in minutes.</maml:para> </maml:description> <command:parameterValue required="true">int</command:parameterValue> <dev:type> <maml:name>System.Int32</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>0</dev:defaultValue> </command:parameter> <!-- Parameter: Seconds --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named" aliases="s"> <maml:name>Seconds</maml:name> <maml:description> <maml:para>Specify a wait time in seconds.</maml:para> </maml:description> <command:parameterValue required="true">int</command:parameterValue> <dev:type> <maml:name>System.Int32</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>0</dev:defaultValue> </command:parameter> </command:syntaxItem> <!-- Parameter set: infinite --> <command:syntaxItem> <maml:name>Start-NtDebugWait</maml:name> <!-- Parameter: DebugObject --> <command:parameter required="true" globbing="false" pipelineInput="false" position="0"> <maml:name>DebugObject</maml:name> <maml:description> <maml:para>Specify the debug object to wait on.</maml:para> </maml:description> <command:parameterValue required="true">NtDebug</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtDebug</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Alertable --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Alertable</maml:name> <maml:description> <maml:para>Specify the wait should be alertable.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ContinueEvent --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ContinueEvent</maml:name> <maml:description> <maml:para>Specify an event to continue before waiting.</maml:para> </maml:description> <command:parameterValue required="true">DebugEvent</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.DebugEvent</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: ContinueStatus --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ContinueStatus</maml:name> <maml:description> <maml:para>If continue event specified then this is the status to use.</maml:para> <maml:para>Possible values: DBG_EXCEPTION_HANDLED, DBG_CONTINUE, DBG_EXCEPTION_NOT_HANDLED, DBG_REPLY_LATER, DBG_TERMINATE_THREAD, DBG_TERMINATE_PROCESS</maml:para> </maml:description> <command:parameterValue required="true">DbgContinueStatus</command:parameterValue> <dev:type> <maml:name>NtObjectManager.DbgContinueStatus</maml:name> <maml:uri /> <maml:description> <maml:para>The allowed set of continue status</maml:para> </maml:description> </dev:type> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">DBG_EXCEPTION_HANDLED</command:parameterValue> <command:parameterValue required="false" variableLength="false">DBG_CONTINUE</command:parameterValue> <command:parameterValue required="false" variableLength="false">DBG_EXCEPTION_NOT_HANDLED</command:parameterValue> <command:parameterValue required="false" variableLength="false">DBG_REPLY_LATER</command:parameterValue> <command:parameterValue required="false" variableLength="false">DBG_TERMINATE_THREAD</command:parameterValue> <command:parameterValue required="false" variableLength="false">DBG_TERMINATE_PROCESS</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Infinite --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Infinite</maml:name> <maml:description> <maml:para>Specify an infinite wait time.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> </command:syntaxItem> </command:syntax> <command:parameters> <!-- Parameter: DebugObject --> <command:parameter required="true" globbing="false" pipelineInput="false" position="0"> <maml:name>DebugObject</maml:name> <maml:description> <maml:para>Specify the debug object to wait on.</maml:para> </maml:description> <command:parameterValue required="true">NtDebug</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtDebug</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Alertable --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Alertable</maml:name> <maml:description> <maml:para>Specify the wait should be alertable.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ContinueEvent --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ContinueEvent</maml:name> <maml:description> <maml:para>Specify an event to continue before waiting.</maml:para> </maml:description> <command:parameterValue required="true">DebugEvent</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.DebugEvent</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: ContinueStatus --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ContinueStatus</maml:name> <maml:description> <maml:para>If continue event specified then this is the status to use.</maml:para> <maml:para>Possible values: DBG_EXCEPTION_HANDLED, DBG_CONTINUE, DBG_EXCEPTION_NOT_HANDLED, DBG_REPLY_LATER, DBG_TERMINATE_THREAD, DBG_TERMINATE_PROCESS</maml:para> </maml:description> <command:parameterValue required="true">DbgContinueStatus</command:parameterValue> <dev:type> <maml:name>NtObjectManager.DbgContinueStatus</maml:name> <maml:uri /> <maml:description> <maml:para>The allowed set of continue status</maml:para> </maml:description> </dev:type> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">DBG_EXCEPTION_HANDLED</command:parameterValue> <command:parameterValue required="false" variableLength="false">DBG_CONTINUE</command:parameterValue> <command:parameterValue required="false" variableLength="false">DBG_EXCEPTION_NOT_HANDLED</command:parameterValue> <command:parameterValue required="false" variableLength="false">DBG_REPLY_LATER</command:parameterValue> <command:parameterValue required="false" variableLength="false">DBG_TERMINATE_THREAD</command:parameterValue> <command:parameterValue required="false" variableLength="false">DBG_TERMINATE_PROCESS</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Seconds --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named" aliases="s"> <maml:name>Seconds</maml:name> <maml:description> <maml:para>Specify a wait time in seconds.</maml:para> </maml:description> <command:parameterValue required="true">int</command:parameterValue> <dev:type> <maml:name>System.Int32</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>0</dev:defaultValue> </command:parameter> <command:parameter required="false" globbing="false" pipelineInput="false" position="named" aliases="s"> <maml:name>s</maml:name> <maml:description> <maml:para>Specify a wait time in seconds.</maml:para> <maml:para>This is an alias of the Seconds parameter.</maml:para> </maml:description> <command:parameterValue required="true">int</command:parameterValue> <dev:type> <maml:name>System.Int32</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>0</dev:defaultValue> </command:parameter> <!-- Parameter: MilliSeconds --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named" aliases="ms"> <maml:name>MilliSeconds</maml:name> <maml:description> <maml:para>Specify a wait time in milliseconds.</maml:para> </maml:description> <command:parameterValue required="true">long</command:parameterValue> <dev:type> <maml:name>System.Int64</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>0</dev:defaultValue> </command:parameter> <command:parameter required="false" globbing="false" pipelineInput="false" position="named" aliases="ms"> <maml:name>ms</maml:name> <maml:description> <maml:para>Specify a wait time in milliseconds.</maml:para> <maml:para>This is an alias of the MilliSeconds parameter.</maml:para> </maml:description> <command:parameterValue required="true">long</command:parameterValue> <dev:type> <maml:name>System.Int64</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>0</dev:defaultValue> </command:parameter> <!-- Parameter: Minutes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named" aliases="m"> <maml:name>Minutes</maml:name> <maml:description> <maml:para>Specify a wait time in minutes.</maml:para> </maml:description> <command:parameterValue required="true">int</command:parameterValue> <dev:type> <maml:name>System.Int32</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>0</dev:defaultValue> </command:parameter> <command:parameter required="false" globbing="false" pipelineInput="false" position="named" aliases="m"> <maml:name>m</maml:name> <maml:description> <maml:para>Specify a wait time in minutes.</maml:para> <maml:para>This is an alias of the Minutes parameter.</maml:para> </maml:description> <command:parameterValue required="true">int</command:parameterValue> <dev:type> <maml:name>System.Int32</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>0</dev:defaultValue> </command:parameter> <!-- Parameter: Hours --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named" aliases="h"> <maml:name>Hours</maml:name> <maml:description> <maml:para>Specify a wait time in hours.</maml:para> </maml:description> <command:parameterValue required="true">int</command:parameterValue> <dev:type> <maml:name>System.Int32</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>0</dev:defaultValue> </command:parameter> <command:parameter required="false" globbing="false" pipelineInput="false" position="named" aliases="h"> <maml:name>h</maml:name> <maml:description> <maml:para>Specify a wait time in hours.</maml:para> <maml:para>This is an alias of the Hours parameter.</maml:para> </maml:description> <command:parameterValue required="true">int</command:parameterValue> <dev:type> <maml:name>System.Int32</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>0</dev:defaultValue> </command:parameter> <!-- Parameter: Infinite --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Infinite</maml:name> <maml:description> <maml:para>Specify an infinite wait time.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> </command:parameters> <command:inputTypes /> <command:returnValues> <!-- OutputType: DebugEvent --> <command:returnValue> <dev:type> <maml:name>NtApiDotNet.DebugEvent</maml:name> <maml:uri /> </dev:type> </command:returnValue> <!-- OutputType: NtStatus --> <command:returnValue> <dev:type> <maml:name>NtApiDotNet.NtStatus</maml:name> <maml:uri /> </dev:type> </command:returnValue> </command:returnValues> <command:examples> <command:example> <maml:title>---------- EXAMPLE 1 ----------</maml:title> <dev:code>$ev = Start-NtDebugWait $dbg</dev:code> <dev:remarks> <maml:para>Check for a debug event and return immediately.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 2 ----------</maml:title> <dev:code>$ev = Start-NtDebugWait $dbg -Seconds 10</dev:code> <dev:remarks> <maml:para>Wait for 10 seconds for a debug event to be returned.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 3 ----------</maml:title> <dev:code>$ev = Start-NtDebugWait $dbg -Infinite</dev:code> <dev:remarks> <maml:para>Wait indefinitely for a debug event to be returned.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 4 ----------</maml:title> <dev:code>$ev = Start-NtDebugWait $dbg -Infinite -Alterable</dev:code> <dev:remarks> <maml:para>Wait indefinitely for a debug event to be returned in an alertable state.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 5 ----------</maml:title> <dev:code>$ev = Start-NtDebugWait $dbg -Infinite -ContinueEvent $ev</dev:code> <dev:remarks> <maml:para>Continue a previous event with an explicit continue state for the event and wait indefinitely for a debug event to be returned.</maml:para> </dev:remarks> </command:example> </command:examples> <maml:relatedLinks> <maml:navigationLink> <maml:linkText>about_ManagingNtObjectLifetime</maml:linkText> </maml:navigationLink> </maml:relatedLinks> </command:command> <!-- Cmdlet: Get-NtDirectory --> <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"> <command:details> <command:name>Get-NtDirectory</command:name> <command:verb>Get</command:verb> <command:noun>NtDirectory</command:noun> <maml:description> <maml:para>Open a NT object directory.</maml:para> </maml:description> </command:details> <maml:description> <maml:para>This cmdlet opens an existing NT object directory. It's possible to open a directory by its NT path, such as \Some\Path or it can also open a private namespace which isn't represented by an accessible NT path but instead uses a boundary descriptor.</maml:para> </maml:description> <command:syntax> <!-- Parameter set: __AllParameterSets --> <command:syntaxItem> <maml:name>Get-NtDirectory</maml:name> <!-- Parameter: Path --> <command:parameter required="false" globbing="false" pipelineInput="false" position="0"> <maml:name>Path</maml:name> <maml:description> <maml:para>The NT object manager path to the object to use.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Access --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Access</maml:name> <maml:description> <maml:para>Specify the access rights for a new handle when creating/opening an object.</maml:para> <maml:para>Possible values: Query, Traverse, CreateObject, CreateSubDirectory, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">DirectoryAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.DirectoryAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>MaximumAllowed</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">Query</command:parameterValue> <command:parameterValue required="false" variableLength="false">Traverse</command:parameterValue> <command:parameterValue required="false" variableLength="false">CreateObject</command:parameterValue> <command:parameterValue required="false" variableLength="false">CreateSubDirectory</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: CloseRoot --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CloseRoot</maml:name> <maml:description> <maml:para>Automatically close the Root object when this cmdlet finishes processing. Useful for pipelines.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: CreateDirectories --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CreateDirectories</maml:name> <maml:description> <maml:para>Create any necessary NtDirectory objects to create the required object. Will return the created directories as well as the object in the output. The new object will be the first entry in the list. This doesn't work when opening an object or creating keys/files.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: Inherit --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Inherit</maml:name> <maml:description> <maml:para>Set to mark the new handle as inheritable. Can be used with ObjectAttributes.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ObjectAttributes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ObjectAttributes</maml:name> <maml:description> <maml:para>Object Attribute flags used during Open/Create calls.</maml:para> <maml:para>Possible values: None, ProtectClose, Inherit, AuditObjectClose, Permanent, Exclusive, CaseInsensitive, OpenIf, OpenLink, KernelHandle, ForceAccessCheck, IgnoreImpersonatedDevicemap, DontReparse</maml:para> </maml:description> <command:parameterValue required="true">AttributeFlags</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.AttributeFlags</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>CaseInsensitive</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ProtectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Inherit</command:parameterValue> <command:parameterValue required="false" variableLength="false">AuditObjectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Permanent</command:parameterValue> <command:parameterValue required="false" variableLength="false">Exclusive</command:parameterValue> <command:parameterValue required="false" variableLength="false">CaseInsensitive</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenIf</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenLink</command:parameterValue> <command:parameterValue required="false" variableLength="false">KernelHandle</command:parameterValue> <command:parameterValue required="false" variableLength="false">ForceAccessCheck</command:parameterValue> <command:parameterValue required="false" variableLength="false">IgnoreImpersonatedDevicemap</command:parameterValue> <command:parameterValue required="false" variableLength="false">DontReparse</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: PrivateNamespaceDescriptor --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>PrivateNamespaceDescriptor</maml:name> <maml:description> <maml:para>A string format of a private namespace boundary descriptor. Uses the form [SID[:SID...]@]NAME where SID is an SDDL version of a SID to add to the boundary (such as S-X-X-X or WD) and NAME is the arbitrary name.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Root --> <command:parameter required="false" globbing="false" pipelineInput="true (ByValue)" position="named"> <maml:name>Root</maml:name> <maml:description> <maml:para>An existing open NT object to use when Path is relative.</maml:para> </maml:description> <command:parameterValue required="true">NtObject</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtObject</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Sddl --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Sddl</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object in SDDL format.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SecurityDescriptor --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityDescriptor</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object.</maml:para> </maml:description> <command:parameterValue required="true">SecurityDescriptor</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityDescriptor</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SecurityQualityOfService --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityQualityOfService</maml:name> <maml:description> <maml:para>Set to provide an explicit security quality of service when opening files/namedpipes.</maml:para> </maml:description> <command:parameterValue required="true">SecurityQualityOfService</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityQualityOfService</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Win32Path --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Win32Path</maml:name> <maml:description> <maml:para>Use a Win32 path for lookups. For NT objects this means relative to BNO, for files means a DOS style path.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> </command:syntaxItem> </command:syntax> <command:parameters> <!-- Parameter: PrivateNamespaceDescriptor --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>PrivateNamespaceDescriptor</maml:name> <maml:description> <maml:para>A string format of a private namespace boundary descriptor. Uses the form [SID[:SID...]@]NAME where SID is an SDDL version of a SID to add to the boundary (such as S-X-X-X or WD) and NAME is the arbitrary name.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Access --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Access</maml:name> <maml:description> <maml:para>Specify the access rights for a new handle when creating/opening an object.</maml:para> <maml:para>Possible values: Query, Traverse, CreateObject, CreateSubDirectory, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">DirectoryAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.DirectoryAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>MaximumAllowed</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">Query</command:parameterValue> <command:parameterValue required="false" variableLength="false">Traverse</command:parameterValue> <command:parameterValue required="false" variableLength="false">CreateObject</command:parameterValue> <command:parameterValue required="false" variableLength="false">CreateSubDirectory</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Path --> <command:parameter required="false" globbing="false" pipelineInput="false" position="0"> <maml:name>Path</maml:name> <maml:description> <maml:para>The NT object manager path to the object to use.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Root --> <command:parameter required="false" globbing="false" pipelineInput="true (ByValue)" position="named"> <maml:name>Root</maml:name> <maml:description> <maml:para>An existing open NT object to use when Path is relative.</maml:para> </maml:description> <command:parameterValue required="true">NtObject</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtObject</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Win32Path --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Win32Path</maml:name> <maml:description> <maml:para>Use a Win32 path for lookups. For NT objects this means relative to BNO, for files means a DOS style path.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: CloseRoot --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CloseRoot</maml:name> <maml:description> <maml:para>Automatically close the Root object when this cmdlet finishes processing. Useful for pipelines.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: CreateDirectories --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CreateDirectories</maml:name> <maml:description> <maml:para>Create any necessary NtDirectory objects to create the required object. Will return the created directories as well as the object in the output. The new object will be the first entry in the list. This doesn't work when opening an object or creating keys/files.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ObjectAttributes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ObjectAttributes</maml:name> <maml:description> <maml:para>Object Attribute flags used during Open/Create calls.</maml:para> <maml:para>Possible values: None, ProtectClose, Inherit, AuditObjectClose, Permanent, Exclusive, CaseInsensitive, OpenIf, OpenLink, KernelHandle, ForceAccessCheck, IgnoreImpersonatedDevicemap, DontReparse</maml:para> </maml:description> <command:parameterValue required="true">AttributeFlags</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.AttributeFlags</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>CaseInsensitive</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ProtectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Inherit</command:parameterValue> <command:parameterValue required="false" variableLength="false">AuditObjectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Permanent</command:parameterValue> <command:parameterValue required="false" variableLength="false">Exclusive</command:parameterValue> <command:parameterValue required="false" variableLength="false">CaseInsensitive</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenIf</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenLink</command:parameterValue> <command:parameterValue required="false" variableLength="false">KernelHandle</command:parameterValue> <command:parameterValue required="false" variableLength="false">ForceAccessCheck</command:parameterValue> <command:parameterValue required="false" variableLength="false">IgnoreImpersonatedDevicemap</command:parameterValue> <command:parameterValue required="false" variableLength="false">DontReparse</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: SecurityDescriptor --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityDescriptor</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object.</maml:para> </maml:description> <command:parameterValue required="true">SecurityDescriptor</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityDescriptor</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Inherit --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Inherit</maml:name> <maml:description> <maml:para>Set to mark the new handle as inheritable. Can be used with ObjectAttributes.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: Sddl --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Sddl</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object in SDDL format.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SecurityQualityOfService --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityQualityOfService</maml:name> <maml:description> <maml:para>Set to provide an explicit security quality of service when opening files/namedpipes.</maml:para> </maml:description> <command:parameterValue required="true">SecurityQualityOfService</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityQualityOfService</maml:name> <maml:uri /> </dev:type> </command:parameter> </command:parameters> <command:inputTypes> <command:inputType> <dev:type> <maml:name>NtApiDotNet.NtObject</maml:name> <maml:uri /> </dev:type> <maml:description> <maml:para>An existing open NT object to use when Path is relative.</maml:para> </maml:description> </command:inputType> </command:inputTypes> <command:returnValues> <!-- OutputType: NtDirectory --> <command:returnValue> <dev:type> <maml:name>NtApiDotNet.NtDirectory</maml:name> <maml:uri /> </dev:type> </command:returnValue> </command:returnValues> <command:examples> <command:example> <maml:title>---------- EXAMPLE 1 ----------</maml:title> <dev:code>$obj = Get-NtDirectory \BaseNamedObjects</dev:code> <dev:remarks> <maml:para>Get a directory object with an absolute path.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 2 ----------</maml:title> <dev:code>$root = Get-NtDirectory \BaseNamedObjects $obj = Get-NtDirectory ABC -Root $root</dev:code> <dev:remarks> <maml:para>Get a directory object with a relative path.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 3 ----------</maml:title> <dev:code>cd NtObject:\BaseNamedObjects $obj = Get-NtDirectory ABC</dev:code> <dev:remarks> <maml:para>Get a directory object with a relative path based on the current location.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 4 ----------</maml:title> <dev:code>$obj = Get-NtDirectory -Path \BaseNamedObjects $obj.Query()</dev:code> <dev:remarks> <maml:para>Get a directory object and query its list of entries.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 5 ----------</maml:title> <dev:code>$obj = Get-NtDirectory -PrivateNamespaceDescriptor WD:LW@ABC</dev:code> <dev:remarks> <maml:para>Get a private namespace directory object with Everyone and Low Mandatory Level SIDs and name ABC.</maml:para> </dev:remarks> </command:example> </command:examples> <maml:relatedLinks> <maml:navigationLink> <maml:linkText>about_ManagingNtObjectLifetime</maml:linkText> </maml:navigationLink> <maml:navigationLink> <maml:linkText>https://msdn.microsoft.com/en-us/library/windows/desktop/ms684318(v=vs.85).aspx</maml:linkText> </maml:navigationLink> <maml:navigationLink> <maml:linkText>https://msdn.microsoft.com/en-us/library/windows/desktop/ms682121(v=vs.85).aspx</maml:linkText> </maml:navigationLink> </maml:relatedLinks> </command:command> <!-- Cmdlet: New-NtDirectory --> <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"> <command:details> <command:name>New-NtDirectory</command:name> <command:verb>New</command:verb> <command:noun>NtDirectory</command:noun> <maml:description> <maml:para>Create a new NT object directory by path.</maml:para> </maml:description> </command:details> <maml:description> <maml:para>This cmdlet creates a new NT object directory. It's possible to create a directory by its NT path, such as \Some\Path or it can also create a new private namespace which isn't represented by an accessible NT path but instead uses a boundary descriptor.</maml:para> </maml:description> <command:syntax> <!-- Parameter set: __AllParameterSets --> <command:syntaxItem> <maml:name>New-NtDirectory</maml:name> <!-- Parameter: Path --> <command:parameter required="false" globbing="false" pipelineInput="false" position="0"> <maml:name>Path</maml:name> <maml:description> <maml:para>The NT object manager path to the object to use.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Access --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Access</maml:name> <maml:description> <maml:para>Specify the access rights for a new handle when creating/opening an object.</maml:para> <maml:para>Possible values: Query, Traverse, CreateObject, CreateSubDirectory, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">DirectoryAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.DirectoryAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>MaximumAllowed</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">Query</command:parameterValue> <command:parameterValue required="false" variableLength="false">Traverse</command:parameterValue> <command:parameterValue required="false" variableLength="false">CreateObject</command:parameterValue> <command:parameterValue required="false" variableLength="false">CreateSubDirectory</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: CloseRoot --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CloseRoot</maml:name> <maml:description> <maml:para>Automatically close the Root object when this cmdlet finishes processing. Useful for pipelines.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: CreateDirectories --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CreateDirectories</maml:name> <maml:description> <maml:para>Create any necessary NtDirectory objects to create the required object. Will return the created directories as well as the object in the output. The new object will be the first entry in the list. This doesn't work when opening an object or creating keys/files.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: Flags --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Flags</maml:name> <maml:description> <maml:para>Specifies flags to use when creating the directory object.</maml:para> <maml:para>Possible values: None, AlwaysInheritSecurity, FakeObjectRoot</maml:para> </maml:description> <command:parameterValue required="true">DirectoryCreateFlags</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.DirectoryCreateFlags</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">AlwaysInheritSecurity</command:parameterValue> <command:parameterValue required="false" variableLength="false">FakeObjectRoot</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Inherit --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Inherit</maml:name> <maml:description> <maml:para>Set to mark the new handle as inheritable. Can be used with ObjectAttributes.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ObjectAttributes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ObjectAttributes</maml:name> <maml:description> <maml:para>Object Attribute flags used during Open/Create calls.</maml:para> <maml:para>Possible values: None, ProtectClose, Inherit, AuditObjectClose, Permanent, Exclusive, CaseInsensitive, OpenIf, OpenLink, KernelHandle, ForceAccessCheck, IgnoreImpersonatedDevicemap, DontReparse</maml:para> </maml:description> <command:parameterValue required="true">AttributeFlags</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.AttributeFlags</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>CaseInsensitive</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ProtectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Inherit</command:parameterValue> <command:parameterValue required="false" variableLength="false">AuditObjectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Permanent</command:parameterValue> <command:parameterValue required="false" variableLength="false">Exclusive</command:parameterValue> <command:parameterValue required="false" variableLength="false">CaseInsensitive</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenIf</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenLink</command:parameterValue> <command:parameterValue required="false" variableLength="false">KernelHandle</command:parameterValue> <command:parameterValue required="false" variableLength="false">ForceAccessCheck</command:parameterValue> <command:parameterValue required="false" variableLength="false">IgnoreImpersonatedDevicemap</command:parameterValue> <command:parameterValue required="false" variableLength="false">DontReparse</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: PrivateNamespaceDescriptor --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>PrivateNamespaceDescriptor</maml:name> <maml:description> <maml:para>A string format of a private namespace boundary descriptor. Uses the form [SID[:SID...]@]NAME where SID is an SDDL version of a SID to add to the boundary (such as S-X-X-X or WD) and NAME is the arbitrary name.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Root --> <command:parameter required="false" globbing="false" pipelineInput="true (ByValue)" position="named"> <maml:name>Root</maml:name> <maml:description> <maml:para>An existing open NT object to use when Path is relative.</maml:para> </maml:description> <command:parameterValue required="true">NtObject</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtObject</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Sddl --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Sddl</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object in SDDL format.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SecurityDescriptor --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityDescriptor</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object.</maml:para> </maml:description> <command:parameterValue required="true">SecurityDescriptor</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityDescriptor</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SecurityQualityOfService --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityQualityOfService</maml:name> <maml:description> <maml:para>Set to provide an explicit security quality of service when opening files/namedpipes.</maml:para> </maml:description> <command:parameterValue required="true">SecurityQualityOfService</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityQualityOfService</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: ShadowDirectory --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ShadowDirectory</maml:name> <maml:description> <maml:para>Specifies another NT directory object to use as a shadown directory. This changes the lookup operation so that if an entry isn't in the created directory it will try and look it up in the shadown instead.</maml:para> </maml:description> <command:parameterValue required="true">NtDirectory</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtDirectory</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Win32Path --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Win32Path</maml:name> <maml:description> <maml:para>Use a Win32 path for lookups. For NT objects this means relative to BNO, for files means a DOS style path.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> </command:syntaxItem> </command:syntax> <command:parameters> <!-- Parameter: ShadowDirectory --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ShadowDirectory</maml:name> <maml:description> <maml:para>Specifies another NT directory object to use as a shadown directory. This changes the lookup operation so that if an entry isn't in the created directory it will try and look it up in the shadown instead.</maml:para> </maml:description> <command:parameterValue required="true">NtDirectory</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtDirectory</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Flags --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Flags</maml:name> <maml:description> <maml:para>Specifies flags to use when creating the directory object.</maml:para> <maml:para>Possible values: None, AlwaysInheritSecurity, FakeObjectRoot</maml:para> </maml:description> <command:parameterValue required="true">DirectoryCreateFlags</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.DirectoryCreateFlags</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">AlwaysInheritSecurity</command:parameterValue> <command:parameterValue required="false" variableLength="false">FakeObjectRoot</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: PrivateNamespaceDescriptor --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>PrivateNamespaceDescriptor</maml:name> <maml:description> <maml:para>A string format of a private namespace boundary descriptor. Uses the form [SID[:SID...]@]NAME where SID is an SDDL version of a SID to add to the boundary (such as S-X-X-X or WD) and NAME is the arbitrary name.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Access --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Access</maml:name> <maml:description> <maml:para>Specify the access rights for a new handle when creating/opening an object.</maml:para> <maml:para>Possible values: Query, Traverse, CreateObject, CreateSubDirectory, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">DirectoryAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.DirectoryAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>MaximumAllowed</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">Query</command:parameterValue> <command:parameterValue required="false" variableLength="false">Traverse</command:parameterValue> <command:parameterValue required="false" variableLength="false">CreateObject</command:parameterValue> <command:parameterValue required="false" variableLength="false">CreateSubDirectory</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Path --> <command:parameter required="false" globbing="false" pipelineInput="false" position="0"> <maml:name>Path</maml:name> <maml:description> <maml:para>The NT object manager path to the object to use.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Root --> <command:parameter required="false" globbing="false" pipelineInput="true (ByValue)" position="named"> <maml:name>Root</maml:name> <maml:description> <maml:para>An existing open NT object to use when Path is relative.</maml:para> </maml:description> <command:parameterValue required="true">NtObject</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtObject</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Win32Path --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Win32Path</maml:name> <maml:description> <maml:para>Use a Win32 path for lookups. For NT objects this means relative to BNO, for files means a DOS style path.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: CloseRoot --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CloseRoot</maml:name> <maml:description> <maml:para>Automatically close the Root object when this cmdlet finishes processing. Useful for pipelines.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: CreateDirectories --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CreateDirectories</maml:name> <maml:description> <maml:para>Create any necessary NtDirectory objects to create the required object. Will return the created directories as well as the object in the output. The new object will be the first entry in the list. This doesn't work when opening an object or creating keys/files.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ObjectAttributes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ObjectAttributes</maml:name> <maml:description> <maml:para>Object Attribute flags used during Open/Create calls.</maml:para> <maml:para>Possible values: None, ProtectClose, Inherit, AuditObjectClose, Permanent, Exclusive, CaseInsensitive, OpenIf, OpenLink, KernelHandle, ForceAccessCheck, IgnoreImpersonatedDevicemap, DontReparse</maml:para> </maml:description> <command:parameterValue required="true">AttributeFlags</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.AttributeFlags</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>CaseInsensitive</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ProtectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Inherit</command:parameterValue> <command:parameterValue required="false" variableLength="false">AuditObjectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Permanent</command:parameterValue> <command:parameterValue required="false" variableLength="false">Exclusive</command:parameterValue> <command:parameterValue required="false" variableLength="false">CaseInsensitive</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenIf</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenLink</command:parameterValue> <command:parameterValue required="false" variableLength="false">KernelHandle</command:parameterValue> <command:parameterValue required="false" variableLength="false">ForceAccessCheck</command:parameterValue> <command:parameterValue required="false" variableLength="false">IgnoreImpersonatedDevicemap</command:parameterValue> <command:parameterValue required="false" variableLength="false">DontReparse</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: SecurityDescriptor --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityDescriptor</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object.</maml:para> </maml:description> <command:parameterValue required="true">SecurityDescriptor</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityDescriptor</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Inherit --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Inherit</maml:name> <maml:description> <maml:para>Set to mark the new handle as inheritable. Can be used with ObjectAttributes.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: Sddl --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Sddl</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object in SDDL format.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SecurityQualityOfService --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityQualityOfService</maml:name> <maml:description> <maml:para>Set to provide an explicit security quality of service when opening files/namedpipes.</maml:para> </maml:description> <command:parameterValue required="true">SecurityQualityOfService</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityQualityOfService</maml:name> <maml:uri /> </dev:type> </command:parameter> </command:parameters> <command:inputTypes> <command:inputType> <dev:type> <maml:name>NtApiDotNet.NtObject</maml:name> <maml:uri /> </dev:type> <maml:description> <maml:para>An existing open NT object to use when Path is relative.</maml:para> </maml:description> </command:inputType> </command:inputTypes> <command:returnValues> <!-- OutputType: NtDirectory --> <command:returnValue> <dev:type> <maml:name>NtApiDotNet.NtDirectory</maml:name> <maml:uri /> </dev:type> </command:returnValue> </command:returnValues> <command:examples> <command:example> <maml:title>---------- EXAMPLE 1 ----------</maml:title> <dev:code>$obj = New-NtDirectory</dev:code> <dev:remarks> <maml:para>Create a new anonymous directory object.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 2 ----------</maml:title> <dev:code>$obj = New-NtDirectory \BaseNamedObjects\ABC</dev:code> <dev:remarks> <maml:para>Create a new directory object with an absolute path.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 3 ----------</maml:title> <dev:code>$root = Get-NtDirectory \BaseNamedObjects $obj = New-NtDirectory ABC -Root $root</dev:code> <dev:remarks> <maml:para>Create a new directory object with a relative path.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 4 ----------</maml:title> <dev:code>cd NtObject:\BaseNamedObjects $obj = New-NtDirectory ABC</dev:code> <dev:remarks> <maml:para>Create a new directory object with a relative path based on the current location.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 5 ----------</maml:title> <dev:code>$shadow = Get-NtDirectory \SomeDir $obj = New-NtDirectory \BaseNamedObjects\ABC -ShadowDirectory $shadow</dev:code> <dev:remarks> <maml:para>Create a new directory object with a shadow directory.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 6 ----------</maml:title> <dev:code>$obj = New-NtDirectory -PrivateNamespaceDescriptor WD:LW@ABC</dev:code> <dev:remarks> <maml:para>Create a new private namespace directory object with Everyone and Low Mandatory Level SIDs and name ABC.</maml:para> </dev:remarks> </command:example> </command:examples> <maml:relatedLinks> <maml:navigationLink> <maml:linkText>about_ManagingNtObjectLifetime</maml:linkText> </maml:navigationLink> <maml:navigationLink> <maml:linkText>https://msdn.microsoft.com/en-us/library/windows/desktop/ms682419%28v=vs.85%29.aspx</maml:linkText> </maml:navigationLink> <maml:navigationLink> <maml:linkText>https://msdn.microsoft.com/en-us/library/windows/desktop/ms682121(v=vs.85).aspx</maml:linkText> </maml:navigationLink> </maml:relatedLinks> </command:command> <!-- Cmdlet: Get-NtDirectoryChild --> <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"> <command:details> <command:name>Get-NtDirectoryChild</command:name> <command:verb>Get</command:verb> <command:noun>NtDirectoryChild</command:noun> <maml:description> <maml:para>Get the accessible children of an object directory.</maml:para> </maml:description> </command:details> <maml:description> <maml:para>This cmdlet gets the children of a directory object. It allows the children to be extracted recursively. You can choose to get the children through the pipeline or specify a vistor script.</maml:para> </maml:description> <command:syntax> <!-- Parameter set: __AllParameterSets --> <command:syntaxItem> <maml:name>Get-NtDirectoryChild</maml:name> <!-- Parameter: Object --> <command:parameter required="true" globbing="false" pipelineInput="false" position="0"> <maml:name>Object</maml:name> <maml:description> <maml:para>Specify an object to get children from, should be a directory.</maml:para> </maml:description> <command:parameterValue required="true">NtDirectory</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtDirectory</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Access --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Access</maml:name> <maml:description> <maml:para>Specify the access when opening a child.</maml:para> <maml:para>Possible values: Query, Traverse, CreateObject, CreateSubDirectory, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">DirectoryAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.DirectoryAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>MaximumAllowed</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">Query</command:parameterValue> <command:parameterValue required="false" variableLength="false">Traverse</command:parameterValue> <command:parameterValue required="false" variableLength="false">CreateObject</command:parameterValue> <command:parameterValue required="false" variableLength="false">CreateSubDirectory</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Filter --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Filter</maml:name> <maml:description> <maml:para>Specify a script block to filter child objects. Return $true to keep the object.</maml:para> </maml:description> <command:parameterValue required="true">ScriptBlock</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.ScriptBlock</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: MaxDepth --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>MaxDepth</maml:name> <maml:description> <maml:para>When recursing specify the maximum depth of recursion. -1 indicates no limit.</maml:para> </maml:description> <command:parameterValue required="true">int</command:parameterValue> <dev:type> <maml:name>System.Int32</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>-1</dev:defaultValue> </command:parameter> <!-- Parameter: Recurse --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Recurse</maml:name> <maml:description> <maml:para>Get children recursively.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: Visitor --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Visitor</maml:name> <maml:description> <maml:para>Specify a script block to run for every child. The file object will automatically be disposed once the vistor has executed. If you want to cancel enumeration return $false.</maml:para> </maml:description> <command:parameterValue required="true">ScriptBlock</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.ScriptBlock</maml:name> <maml:uri /> </dev:type> </command:parameter> </command:syntaxItem> </command:syntax> <command:parameters> <!-- Parameter: Object --> <command:parameter required="true" globbing="false" pipelineInput="false" position="0"> <maml:name>Object</maml:name> <maml:description> <maml:para>Specify an object to get children from, should be a directory.</maml:para> </maml:description> <command:parameterValue required="true">NtDirectory</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtDirectory</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Access --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Access</maml:name> <maml:description> <maml:para>Specify the access when opening a child.</maml:para> <maml:para>Possible values: Query, Traverse, CreateObject, CreateSubDirectory, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">DirectoryAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.DirectoryAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>MaximumAllowed</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">Query</command:parameterValue> <command:parameterValue required="false" variableLength="false">Traverse</command:parameterValue> <command:parameterValue required="false" variableLength="false">CreateObject</command:parameterValue> <command:parameterValue required="false" variableLength="false">CreateSubDirectory</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Recurse --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Recurse</maml:name> <maml:description> <maml:para>Get children recursively.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: MaxDepth --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>MaxDepth</maml:name> <maml:description> <maml:para>When recursing specify the maximum depth of recursion. -1 indicates no limit.</maml:para> </maml:description> <command:parameterValue required="true">int</command:parameterValue> <dev:type> <maml:name>System.Int32</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>-1</dev:defaultValue> </command:parameter> <!-- Parameter: Visitor --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Visitor</maml:name> <maml:description> <maml:para>Specify a script block to run for every child. The file object will automatically be disposed once the vistor has executed. If you want to cancel enumeration return $false.</maml:para> </maml:description> <command:parameterValue required="true">ScriptBlock</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.ScriptBlock</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Filter --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Filter</maml:name> <maml:description> <maml:para>Specify a script block to filter child objects. Return $true to keep the object.</maml:para> </maml:description> <command:parameterValue required="true">ScriptBlock</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.ScriptBlock</maml:name> <maml:uri /> </dev:type> </command:parameter> </command:parameters> <command:inputTypes /> <command:returnValues /> <command:examples> <command:example> <maml:title>---------- EXAMPLE 1 ----------</maml:title> <dev:code>$ds = Get-NtDirectoryChild $dir</dev:code> <dev:remarks> <maml:para>Get immediate children of an object directory.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 2 ----------</maml:title> <dev:code>$ds = Get-NtDirectoryChild $dir -Recurse</dev:code> <dev:remarks> <maml:para>Get children of an object directory recursively.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 3 ----------</maml:title> <dev:code>$ds = Get-NtDirectoryChild $dir -Recurse -MaxDepth 2</dev:code> <dev:remarks> <maml:para>Get children of an object directory recursively up to a maximum depth of 2.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 4 ----------</maml:title> <dev:code>$ds = Get-NtDirectoryChild $dir Access ReadControl</dev:code> <dev:remarks> <maml:para>Get children of an object directory which can be opened for ReadControl access.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 5 ----------</maml:title> <dev:code>Get-NtDirectoryChild $dir -Visitor { $path = $_.FullPath; Write-Host $path }</dev:code> <dev:remarks> <maml:para>Get children of an object directory via the visitor pattern.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 6 ----------</maml:title> <dev:code>Get-NtDirectoryChild $dir -Recurse -Visitor { $path = $_.FullPath; Write-Host $path; $path -notmatch "BLAH" }</dev:code> <dev:remarks> <maml:para>Get children of an object directory via the visitor pattern, exiting the recursion if the object path contains the string BLAH.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 7 ----------</maml:title> <dev:code>$ds = Get-NtDirectoryChild $dir -Recurse -Filter { $_.FullPath -match "BLAH" }</dev:code> <dev:remarks> <maml:para>Get children of an object directory filtering out any objects which don't have BLAH in the name.</maml:para> </dev:remarks> </command:example> </command:examples> <maml:relatedLinks> <maml:navigationLink> <maml:linkText>about_ManagingNtObjectLifetime</maml:linkText> </maml:navigationLink> </maml:relatedLinks> </command:command> <!-- Cmdlet: Get-NtEnlistment --> <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"> <command:details> <command:name>Get-NtEnlistment</command:name> <command:verb>Get</command:verb> <command:noun>NtEnlistment</command:noun> <maml:description> <maml:para>Open a NT Enlistment object or all from a Resource Manager.</maml:para> </maml:description> </command:details> <maml:description> <maml:para>This cmdlet opens an existing NT Enlistment object or all from a Resource Manager.</maml:para> </maml:description> <command:syntax> <!-- Parameter set: FromId --> <command:syntaxItem> <maml:name>Get-NtEnlistment</maml:name> <!-- Parameter: EnlistmentGuid --> <command:parameter required="true" globbing="false" pipelineInput="false" position="0"> <maml:name>EnlistmentGuid</maml:name> <maml:description> <maml:para>Specify the Enlistment GUID to open.</maml:para> </maml:description> <command:parameterValue required="true">Guid</command:parameterValue> <dev:type> <maml:name>System.Guid</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>00000000-0000-0000-0000-000000000000</dev:defaultValue> </command:parameter> <!-- Parameter: ResourceManager --> <command:parameter required="true" globbing="false" pipelineInput="false" position="1"> <maml:name>ResourceManager</maml:name> <maml:description> <maml:para>Specify the Transaction Manager containing the Resource Manager.</maml:para> </maml:description> <command:parameterValue required="true">NtResourceManager</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtResourceManager</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Access --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Access</maml:name> <maml:description> <maml:para>Specify the access rights for a new handle when creating/opening an object.</maml:para> <maml:para>Possible values: None, QueryInformation, SetInformation, Recover, SubordinateRights, SuperiorRights, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">EnlistmentAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.EnlistmentAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>MaximumAllowed</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">QueryInformation</command:parameterValue> <command:parameterValue required="false" variableLength="false">SetInformation</command:parameterValue> <command:parameterValue required="false" variableLength="false">Recover</command:parameterValue> <command:parameterValue required="false" variableLength="false">SubordinateRights</command:parameterValue> <command:parameterValue required="false" variableLength="false">SuperiorRights</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Inherit --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Inherit</maml:name> <maml:description> <maml:para>Set to mark the new handle as inheritable. Can be used with ObjectAttributes.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ObjectAttributes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ObjectAttributes</maml:name> <maml:description> <maml:para>Object Attribute flags used during Open/Create calls.</maml:para> <maml:para>Possible values: None, ProtectClose, Inherit, AuditObjectClose, Permanent, Exclusive, CaseInsensitive, OpenIf, OpenLink, KernelHandle, ForceAccessCheck, IgnoreImpersonatedDevicemap, DontReparse</maml:para> </maml:description> <command:parameterValue required="true">AttributeFlags</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.AttributeFlags</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>CaseInsensitive</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ProtectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Inherit</command:parameterValue> <command:parameterValue required="false" variableLength="false">AuditObjectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Permanent</command:parameterValue> <command:parameterValue required="false" variableLength="false">Exclusive</command:parameterValue> <command:parameterValue required="false" variableLength="false">CaseInsensitive</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenIf</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenLink</command:parameterValue> <command:parameterValue required="false" variableLength="false">KernelHandle</command:parameterValue> <command:parameterValue required="false" variableLength="false">ForceAccessCheck</command:parameterValue> <command:parameterValue required="false" variableLength="false">IgnoreImpersonatedDevicemap</command:parameterValue> <command:parameterValue required="false" variableLength="false">DontReparse</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Sddl --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Sddl</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object in SDDL format.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SecurityDescriptor --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityDescriptor</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object.</maml:para> </maml:description> <command:parameterValue required="true">SecurityDescriptor</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityDescriptor</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SecurityQualityOfService --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityQualityOfService</maml:name> <maml:description> <maml:para>Set to provide an explicit security quality of service when opening files/namedpipes.</maml:para> </maml:description> <command:parameterValue required="true">SecurityQualityOfService</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityQualityOfService</maml:name> <maml:uri /> </dev:type> </command:parameter> </command:syntaxItem> <!-- Parameter set: All --> <command:syntaxItem> <maml:name>Get-NtEnlistment</maml:name> <!-- Parameter: ResourceManager --> <command:parameter required="true" globbing="false" pipelineInput="false" position="0"> <maml:name>ResourceManager</maml:name> <maml:description> <maml:para>Specify the Transaction Manager containing the Resource Manager.</maml:para> </maml:description> <command:parameterValue required="true">NtResourceManager</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtResourceManager</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Access --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Access</maml:name> <maml:description> <maml:para>Specify the access rights for a new handle when creating/opening an object.</maml:para> <maml:para>Possible values: None, QueryInformation, SetInformation, Recover, SubordinateRights, SuperiorRights, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">EnlistmentAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.EnlistmentAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>MaximumAllowed</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">QueryInformation</command:parameterValue> <command:parameterValue required="false" variableLength="false">SetInformation</command:parameterValue> <command:parameterValue required="false" variableLength="false">Recover</command:parameterValue> <command:parameterValue required="false" variableLength="false">SubordinateRights</command:parameterValue> <command:parameterValue required="false" variableLength="false">SuperiorRights</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Inherit --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Inherit</maml:name> <maml:description> <maml:para>Set to mark the new handle as inheritable. Can be used with ObjectAttributes.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ObjectAttributes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ObjectAttributes</maml:name> <maml:description> <maml:para>Object Attribute flags used during Open/Create calls.</maml:para> <maml:para>Possible values: None, ProtectClose, Inherit, AuditObjectClose, Permanent, Exclusive, CaseInsensitive, OpenIf, OpenLink, KernelHandle, ForceAccessCheck, IgnoreImpersonatedDevicemap, DontReparse</maml:para> </maml:description> <command:parameterValue required="true">AttributeFlags</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.AttributeFlags</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>CaseInsensitive</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ProtectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Inherit</command:parameterValue> <command:parameterValue required="false" variableLength="false">AuditObjectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Permanent</command:parameterValue> <command:parameterValue required="false" variableLength="false">Exclusive</command:parameterValue> <command:parameterValue required="false" variableLength="false">CaseInsensitive</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenIf</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenLink</command:parameterValue> <command:parameterValue required="false" variableLength="false">KernelHandle</command:parameterValue> <command:parameterValue required="false" variableLength="false">ForceAccessCheck</command:parameterValue> <command:parameterValue required="false" variableLength="false">IgnoreImpersonatedDevicemap</command:parameterValue> <command:parameterValue required="false" variableLength="false">DontReparse</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Sddl --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Sddl</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object in SDDL format.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SecurityDescriptor --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityDescriptor</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object.</maml:para> </maml:description> <command:parameterValue required="true">SecurityDescriptor</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityDescriptor</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SecurityQualityOfService --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityQualityOfService</maml:name> <maml:description> <maml:para>Set to provide an explicit security quality of service when opening files/namedpipes.</maml:para> </maml:description> <command:parameterValue required="true">SecurityQualityOfService</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityQualityOfService</maml:name> <maml:uri /> </dev:type> </command:parameter> </command:syntaxItem> </command:syntax> <command:parameters> <!-- Parameter: EnlistmentGuid --> <command:parameter required="true" globbing="false" pipelineInput="false" position="0"> <maml:name>EnlistmentGuid</maml:name> <maml:description> <maml:para>Specify the Enlistment GUID to open.</maml:para> </maml:description> <command:parameterValue required="true">Guid</command:parameterValue> <dev:type> <maml:name>System.Guid</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>00000000-0000-0000-0000-000000000000</dev:defaultValue> </command:parameter> <!-- Parameter: ResourceManager --> <command:parameter required="true" globbing="false" pipelineInput="false" position="1"> <maml:name>ResourceManager</maml:name> <maml:description> <maml:para>Specify the Transaction Manager containing the Resource Manager.</maml:para> </maml:description> <command:parameterValue required="true">NtResourceManager</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtResourceManager</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Access --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Access</maml:name> <maml:description> <maml:para>Specify the access rights for a new handle when creating/opening an object.</maml:para> <maml:para>Possible values: None, QueryInformation, SetInformation, Recover, SubordinateRights, SuperiorRights, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">EnlistmentAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.EnlistmentAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>MaximumAllowed</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">QueryInformation</command:parameterValue> <command:parameterValue required="false" variableLength="false">SetInformation</command:parameterValue> <command:parameterValue required="false" variableLength="false">Recover</command:parameterValue> <command:parameterValue required="false" variableLength="false">SubordinateRights</command:parameterValue> <command:parameterValue required="false" variableLength="false">SuperiorRights</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: ObjectAttributes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ObjectAttributes</maml:name> <maml:description> <maml:para>Object Attribute flags used during Open/Create calls.</maml:para> <maml:para>Possible values: None, ProtectClose, Inherit, AuditObjectClose, Permanent, Exclusive, CaseInsensitive, OpenIf, OpenLink, KernelHandle, ForceAccessCheck, IgnoreImpersonatedDevicemap, DontReparse</maml:para> </maml:description> <command:parameterValue required="true">AttributeFlags</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.AttributeFlags</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>CaseInsensitive</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ProtectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Inherit</command:parameterValue> <command:parameterValue required="false" variableLength="false">AuditObjectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Permanent</command:parameterValue> <command:parameterValue required="false" variableLength="false">Exclusive</command:parameterValue> <command:parameterValue required="false" variableLength="false">CaseInsensitive</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenIf</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenLink</command:parameterValue> <command:parameterValue required="false" variableLength="false">KernelHandle</command:parameterValue> <command:parameterValue required="false" variableLength="false">ForceAccessCheck</command:parameterValue> <command:parameterValue required="false" variableLength="false">IgnoreImpersonatedDevicemap</command:parameterValue> <command:parameterValue required="false" variableLength="false">DontReparse</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: SecurityDescriptor --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityDescriptor</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object.</maml:para> </maml:description> <command:parameterValue required="true">SecurityDescriptor</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityDescriptor</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Inherit --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Inherit</maml:name> <maml:description> <maml:para>Set to mark the new handle as inheritable. Can be used with ObjectAttributes.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: Sddl --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Sddl</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object in SDDL format.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SecurityQualityOfService --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityQualityOfService</maml:name> <maml:description> <maml:para>Set to provide an explicit security quality of service when opening files/namedpipes.</maml:para> </maml:description> <command:parameterValue required="true">SecurityQualityOfService</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityQualityOfService</maml:name> <maml:uri /> </dev:type> </command:parameter> </command:parameters> <command:inputTypes /> <command:returnValues> <!-- OutputType: NtEnlistment --> <command:returnValue> <dev:type> <maml:name>NtApiDotNet.NtEnlistment</maml:name> <maml:uri /> </dev:type> </command:returnValue> </command:returnValues> <command:examples> <command:example> <maml:title>---------- EXAMPLE 1 ----------</maml:title> <dev:code>$obj = Get-NtEnlistment -ResourceManager $rm</dev:code> <dev:remarks> <maml:para>Get all Enlistment objects from a Resource Manager.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 2 ----------</maml:title> <dev:code>$obj = Get-NtEnlistment -EnlistmentGuid '04422e91-63c2-4025-944d-d66fae133274' -ResourceManager $rm</dev:code> <dev:remarks> <maml:para>Get a Enlistment object from its GUID and Resource Manager.</maml:para> </dev:remarks> </command:example> </command:examples> <maml:relatedLinks> <maml:navigationLink> <maml:linkText>about_ManagingNtObjectLifetime</maml:linkText> </maml:navigationLink> </maml:relatedLinks> </command:command> <!-- Cmdlet: New-NtEnlistment --> <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"> <command:details> <command:name>New-NtEnlistment</command:name> <command:verb>New</command:verb> <command:noun>NtEnlistment</command:noun> <maml:description> <maml:para>Creates a new NT Resource Manager object.</maml:para> </maml:description> </command:details> <maml:description> <maml:para>This cmdlet creates a new NT Resource Manager object.</maml:para> </maml:description> <command:syntax> <!-- Parameter set: __AllParameterSets --> <command:syntaxItem> <maml:name>New-NtEnlistment</maml:name> <!-- Parameter: ResourceManager --> <command:parameter required="true" globbing="false" pipelineInput="false" position="0"> <maml:name>ResourceManager</maml:name> <maml:description> <maml:para>Specify the Resource Manager to contain the Enlistment.</maml:para> </maml:description> <command:parameterValue required="true">NtResourceManager</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtResourceManager</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Path --> <command:parameter required="false" globbing="false" pipelineInput="false" position="0"> <maml:name>Path</maml:name> <maml:description> <maml:para>The NT object manager path to the object to use.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Transaction --> <command:parameter required="true" globbing="false" pipelineInput="false" position="1"> <maml:name>Transaction</maml:name> <maml:description> <maml:para>Specify the Transaction to associate with the Enlistment.</maml:para> </maml:description> <command:parameterValue required="true">NtTransaction</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtTransaction</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Access --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Access</maml:name> <maml:description> <maml:para>Specify the access rights for a new handle when creating/opening an object.</maml:para> <maml:para>Possible values: None, QueryInformation, SetInformation, Recover, SubordinateRights, SuperiorRights, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">EnlistmentAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.EnlistmentAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>MaximumAllowed</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">QueryInformation</command:parameterValue> <command:parameterValue required="false" variableLength="false">SetInformation</command:parameterValue> <command:parameterValue required="false" variableLength="false">Recover</command:parameterValue> <command:parameterValue required="false" variableLength="false">SubordinateRights</command:parameterValue> <command:parameterValue required="false" variableLength="false">SuperiorRights</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: CloseRoot --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CloseRoot</maml:name> <maml:description> <maml:para>Automatically close the Root object when this cmdlet finishes processing. Useful for pipelines.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: CreateDirectories --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CreateDirectories</maml:name> <maml:description> <maml:para>Create any necessary NtDirectory objects to create the required object. Will return the created directories as well as the object in the output. The new object will be the first entry in the list. This doesn't work when opening an object or creating keys/files.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: CreateFlags --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CreateFlags</maml:name> <maml:description> <maml:para>Specify flags for Enlistment creation.</maml:para> <maml:para>Possible values: None, Superior</maml:para> </maml:description> <command:parameterValue required="true">EnlistmentCreateOptions</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.EnlistmentCreateOptions</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">Superior</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: EnlistmentKey --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>EnlistmentKey</maml:name> <maml:description> <maml:para>Specify a key to associate with the Enlistment.</maml:para> </maml:description> <command:parameterValue required="true">IntPtr</command:parameterValue> <dev:type> <maml:name>System.IntPtr</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>0</dev:defaultValue> </command:parameter> <!-- Parameter: Inherit --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Inherit</maml:name> <maml:description> <maml:para>Set to mark the new handle as inheritable. Can be used with ObjectAttributes.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: NotificationMask --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>NotificationMask</maml:name> <maml:description> <maml:para>Specify the notification mask for the Enlistment creation.</maml:para> <maml:para>Possible values: PrePrepare, Prepare, Commit, Rollback, PrePrepareComplete, PrepareComplete, CommitComplete, RollbackComplete, Recover, SinglePhaseCommit, DelegateCommit, RecoverQuery, EnlistPrePrepare, LastRecover, InDoubt, PropagatePull, PropagatePush, Marshal, EnlistMask, RmDisconnected, TmOnline, CommitRequest, Promote, PromoteNew, RequestOutcome</maml:para> </maml:description> <command:parameterValue required="true">TransactionNotificationMask</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.TransactionNotificationMask</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>0</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">PrePrepare</command:parameterValue> <command:parameterValue required="false" variableLength="false">Prepare</command:parameterValue> <command:parameterValue required="false" variableLength="false">Commit</command:parameterValue> <command:parameterValue required="false" variableLength="false">Rollback</command:parameterValue> <command:parameterValue required="false" variableLength="false">PrePrepareComplete</command:parameterValue> <command:parameterValue required="false" variableLength="false">PrepareComplete</command:parameterValue> <command:parameterValue required="false" variableLength="false">CommitComplete</command:parameterValue> <command:parameterValue required="false" variableLength="false">RollbackComplete</command:parameterValue> <command:parameterValue required="false" variableLength="false">Recover</command:parameterValue> <command:parameterValue required="false" variableLength="false">SinglePhaseCommit</command:parameterValue> <command:parameterValue required="false" variableLength="false">DelegateCommit</command:parameterValue> <command:parameterValue required="false" variableLength="false">RecoverQuery</command:parameterValue> <command:parameterValue required="false" variableLength="false">EnlistPrePrepare</command:parameterValue> <command:parameterValue required="false" variableLength="false">LastRecover</command:parameterValue> <command:parameterValue required="false" variableLength="false">InDoubt</command:parameterValue> <command:parameterValue required="false" variableLength="false">PropagatePull</command:parameterValue> <command:parameterValue required="false" variableLength="false">PropagatePush</command:parameterValue> <command:parameterValue required="false" variableLength="false">Marshal</command:parameterValue> <command:parameterValue required="false" variableLength="false">EnlistMask</command:parameterValue> <command:parameterValue required="false" variableLength="false">RmDisconnected</command:parameterValue> <command:parameterValue required="false" variableLength="false">TmOnline</command:parameterValue> <command:parameterValue required="false" variableLength="false">CommitRequest</command:parameterValue> <command:parameterValue required="false" variableLength="false">Promote</command:parameterValue> <command:parameterValue required="false" variableLength="false">PromoteNew</command:parameterValue> <command:parameterValue required="false" variableLength="false">RequestOutcome</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: ObjectAttributes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ObjectAttributes</maml:name> <maml:description> <maml:para>Object Attribute flags used during Open/Create calls.</maml:para> <maml:para>Possible values: None, ProtectClose, Inherit, AuditObjectClose, Permanent, Exclusive, CaseInsensitive, OpenIf, OpenLink, KernelHandle, ForceAccessCheck, IgnoreImpersonatedDevicemap, DontReparse</maml:para> </maml:description> <command:parameterValue required="true">AttributeFlags</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.AttributeFlags</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>CaseInsensitive</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ProtectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Inherit</command:parameterValue> <command:parameterValue required="false" variableLength="false">AuditObjectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Permanent</command:parameterValue> <command:parameterValue required="false" variableLength="false">Exclusive</command:parameterValue> <command:parameterValue required="false" variableLength="false">CaseInsensitive</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenIf</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenLink</command:parameterValue> <command:parameterValue required="false" variableLength="false">KernelHandle</command:parameterValue> <command:parameterValue required="false" variableLength="false">ForceAccessCheck</command:parameterValue> <command:parameterValue required="false" variableLength="false">IgnoreImpersonatedDevicemap</command:parameterValue> <command:parameterValue required="false" variableLength="false">DontReparse</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Root --> <command:parameter required="false" globbing="false" pipelineInput="true (ByValue)" position="named"> <maml:name>Root</maml:name> <maml:description> <maml:para>An existing open NT object to use when Path is relative.</maml:para> </maml:description> <command:parameterValue required="true">NtObject</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtObject</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Sddl --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Sddl</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object in SDDL format.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SecurityDescriptor --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityDescriptor</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object.</maml:para> </maml:description> <command:parameterValue required="true">SecurityDescriptor</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityDescriptor</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SecurityQualityOfService --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityQualityOfService</maml:name> <maml:description> <maml:para>Set to provide an explicit security quality of service when opening files/namedpipes.</maml:para> </maml:description> <command:parameterValue required="true">SecurityQualityOfService</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityQualityOfService</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Win32Path --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Win32Path</maml:name> <maml:description> <maml:para>Use a Win32 path for lookups. For NT objects this means relative to BNO, for files means a DOS style path.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> </command:syntaxItem> </command:syntax> <command:parameters> <!-- Parameter: ResourceManager --> <command:parameter required="true" globbing="false" pipelineInput="false" position="0"> <maml:name>ResourceManager</maml:name> <maml:description> <maml:para>Specify the Resource Manager to contain the Enlistment.</maml:para> </maml:description> <command:parameterValue required="true">NtResourceManager</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtResourceManager</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Transaction --> <command:parameter required="true" globbing="false" pipelineInput="false" position="1"> <maml:name>Transaction</maml:name> <maml:description> <maml:para>Specify the Transaction to associate with the Enlistment.</maml:para> </maml:description> <command:parameterValue required="true">NtTransaction</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtTransaction</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: CreateFlags --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CreateFlags</maml:name> <maml:description> <maml:para>Specify flags for Enlistment creation.</maml:para> <maml:para>Possible values: None, Superior</maml:para> </maml:description> <command:parameterValue required="true">EnlistmentCreateOptions</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.EnlistmentCreateOptions</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">Superior</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: NotificationMask --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>NotificationMask</maml:name> <maml:description> <maml:para>Specify the notification mask for the Enlistment creation.</maml:para> <maml:para>Possible values: PrePrepare, Prepare, Commit, Rollback, PrePrepareComplete, PrepareComplete, CommitComplete, RollbackComplete, Recover, SinglePhaseCommit, DelegateCommit, RecoverQuery, EnlistPrePrepare, LastRecover, InDoubt, PropagatePull, PropagatePush, Marshal, EnlistMask, RmDisconnected, TmOnline, CommitRequest, Promote, PromoteNew, RequestOutcome</maml:para> </maml:description> <command:parameterValue required="true">TransactionNotificationMask</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.TransactionNotificationMask</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>0</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">PrePrepare</command:parameterValue> <command:parameterValue required="false" variableLength="false">Prepare</command:parameterValue> <command:parameterValue required="false" variableLength="false">Commit</command:parameterValue> <command:parameterValue required="false" variableLength="false">Rollback</command:parameterValue> <command:parameterValue required="false" variableLength="false">PrePrepareComplete</command:parameterValue> <command:parameterValue required="false" variableLength="false">PrepareComplete</command:parameterValue> <command:parameterValue required="false" variableLength="false">CommitComplete</command:parameterValue> <command:parameterValue required="false" variableLength="false">RollbackComplete</command:parameterValue> <command:parameterValue required="false" variableLength="false">Recover</command:parameterValue> <command:parameterValue required="false" variableLength="false">SinglePhaseCommit</command:parameterValue> <command:parameterValue required="false" variableLength="false">DelegateCommit</command:parameterValue> <command:parameterValue required="false" variableLength="false">RecoverQuery</command:parameterValue> <command:parameterValue required="false" variableLength="false">EnlistPrePrepare</command:parameterValue> <command:parameterValue required="false" variableLength="false">LastRecover</command:parameterValue> <command:parameterValue required="false" variableLength="false">InDoubt</command:parameterValue> <command:parameterValue required="false" variableLength="false">PropagatePull</command:parameterValue> <command:parameterValue required="false" variableLength="false">PropagatePush</command:parameterValue> <command:parameterValue required="false" variableLength="false">Marshal</command:parameterValue> <command:parameterValue required="false" variableLength="false">EnlistMask</command:parameterValue> <command:parameterValue required="false" variableLength="false">RmDisconnected</command:parameterValue> <command:parameterValue required="false" variableLength="false">TmOnline</command:parameterValue> <command:parameterValue required="false" variableLength="false">CommitRequest</command:parameterValue> <command:parameterValue required="false" variableLength="false">Promote</command:parameterValue> <command:parameterValue required="false" variableLength="false">PromoteNew</command:parameterValue> <command:parameterValue required="false" variableLength="false">RequestOutcome</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: EnlistmentKey --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>EnlistmentKey</maml:name> <maml:description> <maml:para>Specify a key to associate with the Enlistment.</maml:para> </maml:description> <command:parameterValue required="true">IntPtr</command:parameterValue> <dev:type> <maml:name>System.IntPtr</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>0</dev:defaultValue> </command:parameter> <!-- Parameter: Access --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Access</maml:name> <maml:description> <maml:para>Specify the access rights for a new handle when creating/opening an object.</maml:para> <maml:para>Possible values: None, QueryInformation, SetInformation, Recover, SubordinateRights, SuperiorRights, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">EnlistmentAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.EnlistmentAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>MaximumAllowed</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">QueryInformation</command:parameterValue> <command:parameterValue required="false" variableLength="false">SetInformation</command:parameterValue> <command:parameterValue required="false" variableLength="false">Recover</command:parameterValue> <command:parameterValue required="false" variableLength="false">SubordinateRights</command:parameterValue> <command:parameterValue required="false" variableLength="false">SuperiorRights</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Path --> <command:parameter required="false" globbing="false" pipelineInput="false" position="0"> <maml:name>Path</maml:name> <maml:description> <maml:para>The NT object manager path to the object to use.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Root --> <command:parameter required="false" globbing="false" pipelineInput="true (ByValue)" position="named"> <maml:name>Root</maml:name> <maml:description> <maml:para>An existing open NT object to use when Path is relative.</maml:para> </maml:description> <command:parameterValue required="true">NtObject</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtObject</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Win32Path --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Win32Path</maml:name> <maml:description> <maml:para>Use a Win32 path for lookups. For NT objects this means relative to BNO, for files means a DOS style path.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: CloseRoot --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CloseRoot</maml:name> <maml:description> <maml:para>Automatically close the Root object when this cmdlet finishes processing. Useful for pipelines.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: CreateDirectories --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CreateDirectories</maml:name> <maml:description> <maml:para>Create any necessary NtDirectory objects to create the required object. Will return the created directories as well as the object in the output. The new object will be the first entry in the list. This doesn't work when opening an object or creating keys/files.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ObjectAttributes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ObjectAttributes</maml:name> <maml:description> <maml:para>Object Attribute flags used during Open/Create calls.</maml:para> <maml:para>Possible values: None, ProtectClose, Inherit, AuditObjectClose, Permanent, Exclusive, CaseInsensitive, OpenIf, OpenLink, KernelHandle, ForceAccessCheck, IgnoreImpersonatedDevicemap, DontReparse</maml:para> </maml:description> <command:parameterValue required="true">AttributeFlags</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.AttributeFlags</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>CaseInsensitive</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ProtectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Inherit</command:parameterValue> <command:parameterValue required="false" variableLength="false">AuditObjectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Permanent</command:parameterValue> <command:parameterValue required="false" variableLength="false">Exclusive</command:parameterValue> <command:parameterValue required="false" variableLength="false">CaseInsensitive</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenIf</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenLink</command:parameterValue> <command:parameterValue required="false" variableLength="false">KernelHandle</command:parameterValue> <command:parameterValue required="false" variableLength="false">ForceAccessCheck</command:parameterValue> <command:parameterValue required="false" variableLength="false">IgnoreImpersonatedDevicemap</command:parameterValue> <command:parameterValue required="false" variableLength="false">DontReparse</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: SecurityDescriptor --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityDescriptor</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object.</maml:para> </maml:description> <command:parameterValue required="true">SecurityDescriptor</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityDescriptor</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Inherit --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Inherit</maml:name> <maml:description> <maml:para>Set to mark the new handle as inheritable. Can be used with ObjectAttributes.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: Sddl --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Sddl</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object in SDDL format.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SecurityQualityOfService --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityQualityOfService</maml:name> <maml:description> <maml:para>Set to provide an explicit security quality of service when opening files/namedpipes.</maml:para> </maml:description> <command:parameterValue required="true">SecurityQualityOfService</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityQualityOfService</maml:name> <maml:uri /> </dev:type> </command:parameter> </command:parameters> <command:inputTypes> <command:inputType> <dev:type> <maml:name>NtApiDotNet.NtObject</maml:name> <maml:uri /> </dev:type> <maml:description> <maml:para>An existing open NT object to use when Path is relative.</maml:para> </maml:description> </command:inputType> </command:inputTypes> <command:returnValues> <!-- OutputType: NtEnlistment --> <command:returnValue> <dev:type> <maml:name>NtApiDotNet.NtEnlistment</maml:name> <maml:uri /> </dev:type> </command:returnValue> </command:returnValues> <command:examples> <command:example> <maml:title>---------- EXAMPLE 1 ----------</maml:title> <dev:code>$obj = New-NtEnlistment -ResourceManager $rm -Transaction $t </dev:code> <dev:remarks> <maml:para>Create an Enslitment with a Resource Manager and Transaction.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 2 ----------</maml:title> <dev:code>$obj = New-NtEnlistment -AutoGenerateGuid -TransactionManager $tm </dev:code> <dev:remarks> <maml:para>Create a Resource Manager object with an auto-generated GUID.</maml:para> </dev:remarks> </command:example> </command:examples> <maml:relatedLinks> <maml:navigationLink> <maml:linkText>about_ManagingNtObjectLifetime</maml:linkText> </maml:navigationLink> </maml:relatedLinks> </command:command> <!-- Cmdlet: Get-NtEvent --> <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"> <command:details> <command:name>Get-NtEvent</command:name> <command:verb>Get</command:verb> <command:noun>NtEvent</command:noun> <maml:description> <maml:para>Open a NT event object by path.</maml:para> </maml:description> </command:details> <maml:description> <maml:para>This cmdlet opens an existing NT event object. The absolute path to the object in the NT object manager name space must be specified. It's also possible to create the object relative to an existing object by specified the -Root parameter.</maml:para> </maml:description> <command:syntax> <!-- Parameter set: __AllParameterSets --> <command:syntaxItem> <maml:name>Get-NtEvent</maml:name> <!-- Parameter: Path --> <command:parameter required="true" globbing="false" pipelineInput="false" position="0"> <maml:name>Path</maml:name> <maml:description> <maml:para>The NT object manager path to the object to use.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Access --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Access</maml:name> <maml:description> <maml:para>Specify the access rights for a new handle when creating/opening an object.</maml:para> <maml:para>Possible values: QueryState, ModifyState, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">EventAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.EventAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>MaximumAllowed</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">QueryState</command:parameterValue> <command:parameterValue required="false" variableLength="false">ModifyState</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: CloseRoot --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CloseRoot</maml:name> <maml:description> <maml:para>Automatically close the Root object when this cmdlet finishes processing. Useful for pipelines.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: CreateDirectories --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CreateDirectories</maml:name> <maml:description> <maml:para>Create any necessary NtDirectory objects to create the required object. Will return the created directories as well as the object in the output. The new object will be the first entry in the list. This doesn't work when opening an object or creating keys/files.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: Inherit --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Inherit</maml:name> <maml:description> <maml:para>Set to mark the new handle as inheritable. Can be used with ObjectAttributes.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ObjectAttributes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ObjectAttributes</maml:name> <maml:description> <maml:para>Object Attribute flags used during Open/Create calls.</maml:para> <maml:para>Possible values: None, ProtectClose, Inherit, AuditObjectClose, Permanent, Exclusive, CaseInsensitive, OpenIf, OpenLink, KernelHandle, ForceAccessCheck, IgnoreImpersonatedDevicemap, DontReparse</maml:para> </maml:description> <command:parameterValue required="true">AttributeFlags</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.AttributeFlags</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>CaseInsensitive</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ProtectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Inherit</command:parameterValue> <command:parameterValue required="false" variableLength="false">AuditObjectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Permanent</command:parameterValue> <command:parameterValue required="false" variableLength="false">Exclusive</command:parameterValue> <command:parameterValue required="false" variableLength="false">CaseInsensitive</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenIf</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenLink</command:parameterValue> <command:parameterValue required="false" variableLength="false">KernelHandle</command:parameterValue> <command:parameterValue required="false" variableLength="false">ForceAccessCheck</command:parameterValue> <command:parameterValue required="false" variableLength="false">IgnoreImpersonatedDevicemap</command:parameterValue> <command:parameterValue required="false" variableLength="false">DontReparse</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Root --> <command:parameter required="false" globbing="false" pipelineInput="true (ByValue)" position="named"> <maml:name>Root</maml:name> <maml:description> <maml:para>An existing open NT object to use when Path is relative.</maml:para> </maml:description> <command:parameterValue required="true">NtObject</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtObject</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Sddl --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Sddl</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object in SDDL format.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SecurityDescriptor --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityDescriptor</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object.</maml:para> </maml:description> <command:parameterValue required="true">SecurityDescriptor</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityDescriptor</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SecurityQualityOfService --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityQualityOfService</maml:name> <maml:description> <maml:para>Set to provide an explicit security quality of service when opening files/namedpipes.</maml:para> </maml:description> <command:parameterValue required="true">SecurityQualityOfService</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityQualityOfService</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Win32Path --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Win32Path</maml:name> <maml:description> <maml:para>Use a Win32 path for lookups. For NT objects this means relative to BNO, for files means a DOS style path.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> </command:syntaxItem> </command:syntax> <command:parameters> <!-- Parameter: Path --> <command:parameter required="true" globbing="false" pipelineInput="false" position="0"> <maml:name>Path</maml:name> <maml:description> <maml:para>The NT object manager path to the object to use.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Access --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Access</maml:name> <maml:description> <maml:para>Specify the access rights for a new handle when creating/opening an object.</maml:para> <maml:para>Possible values: QueryState, ModifyState, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">EventAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.EventAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>MaximumAllowed</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">QueryState</command:parameterValue> <command:parameterValue required="false" variableLength="false">ModifyState</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Root --> <command:parameter required="false" globbing="false" pipelineInput="true (ByValue)" position="named"> <maml:name>Root</maml:name> <maml:description> <maml:para>An existing open NT object to use when Path is relative.</maml:para> </maml:description> <command:parameterValue required="true">NtObject</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtObject</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Win32Path --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Win32Path</maml:name> <maml:description> <maml:para>Use a Win32 path for lookups. For NT objects this means relative to BNO, for files means a DOS style path.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: CloseRoot --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CloseRoot</maml:name> <maml:description> <maml:para>Automatically close the Root object when this cmdlet finishes processing. Useful for pipelines.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: CreateDirectories --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CreateDirectories</maml:name> <maml:description> <maml:para>Create any necessary NtDirectory objects to create the required object. Will return the created directories as well as the object in the output. The new object will be the first entry in the list. This doesn't work when opening an object or creating keys/files.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ObjectAttributes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ObjectAttributes</maml:name> <maml:description> <maml:para>Object Attribute flags used during Open/Create calls.</maml:para> <maml:para>Possible values: None, ProtectClose, Inherit, AuditObjectClose, Permanent, Exclusive, CaseInsensitive, OpenIf, OpenLink, KernelHandle, ForceAccessCheck, IgnoreImpersonatedDevicemap, DontReparse</maml:para> </maml:description> <command:parameterValue required="true">AttributeFlags</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.AttributeFlags</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>CaseInsensitive</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ProtectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Inherit</command:parameterValue> <command:parameterValue required="false" variableLength="false">AuditObjectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Permanent</command:parameterValue> <command:parameterValue required="false" variableLength="false">Exclusive</command:parameterValue> <command:parameterValue required="false" variableLength="false">CaseInsensitive</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenIf</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenLink</command:parameterValue> <command:parameterValue required="false" variableLength="false">KernelHandle</command:parameterValue> <command:parameterValue required="false" variableLength="false">ForceAccessCheck</command:parameterValue> <command:parameterValue required="false" variableLength="false">IgnoreImpersonatedDevicemap</command:parameterValue> <command:parameterValue required="false" variableLength="false">DontReparse</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: SecurityDescriptor --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityDescriptor</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object.</maml:para> </maml:description> <command:parameterValue required="true">SecurityDescriptor</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityDescriptor</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Inherit --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Inherit</maml:name> <maml:description> <maml:para>Set to mark the new handle as inheritable. Can be used with ObjectAttributes.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: Sddl --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Sddl</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object in SDDL format.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SecurityQualityOfService --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityQualityOfService</maml:name> <maml:description> <maml:para>Set to provide an explicit security quality of service when opening files/namedpipes.</maml:para> </maml:description> <command:parameterValue required="true">SecurityQualityOfService</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityQualityOfService</maml:name> <maml:uri /> </dev:type> </command:parameter> </command:parameters> <command:inputTypes> <command:inputType> <dev:type> <maml:name>NtApiDotNet.NtObject</maml:name> <maml:uri /> </dev:type> <maml:description> <maml:para>An existing open NT object to use when Path is relative.</maml:para> </maml:description> </command:inputType> </command:inputTypes> <command:returnValues> <!-- OutputType: NtEvent --> <command:returnValue> <dev:type> <maml:name>NtApiDotNet.NtEvent</maml:name> <maml:uri /> </dev:type> </command:returnValue> </command:returnValues> <command:examples> <command:example> <maml:title>---------- EXAMPLE 1 ----------</maml:title> <dev:code>$obj = Get-NtEvent \BaseNamedObjects\ABC</dev:code> <dev:remarks> <maml:para>Get an event object with an absolute path.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 2 ----------</maml:title> <dev:code>$root = Get-NtDirectory \BaseNamedObjects $obj = Get-NtEvent ABC -Root $root</dev:code> <dev:remarks> <maml:para>Get an event object with a relative path.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 3 ----------</maml:title> <dev:code>$obj = Get-NtEvent -Path \BaseNamedObjects\ABC $obj.Wait()</dev:code> <dev:remarks> <maml:para>Get an event object, wait for it to be set.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 4 ----------</maml:title> <dev:code>$obj = Get-NtEvent -Path \BaseNamedObjects\ABC $obj.Set()</dev:code> <dev:remarks> <maml:para>Get an event object, and set it.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 5 ----------</maml:title> <dev:code>cd NtObject:\BaseNamedObjects $obj = Get-NtEvent ABC</dev:code> <dev:remarks> <maml:para>Get an event object with a relative path based on the current location.</maml:para> </dev:remarks> </command:example> </command:examples> <maml:relatedLinks> <maml:navigationLink> <maml:linkText>about_ManagingNtObjectLifetime</maml:linkText> </maml:navigationLink> </maml:relatedLinks> </command:command> <!-- Cmdlet: New-NtEvent --> <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"> <command:details> <command:name>New-NtEvent</command:name> <command:verb>New</command:verb> <command:noun>NtEvent</command:noun> <maml:description> <maml:para>Create a new NT event object.</maml:para> </maml:description> </command:details> <maml:description> <maml:para>This cmdlet creates a new NT event object. The absolute path to the object in the NT object manager name space can be specified. It's also possible to create the object relative to an existing object by specified the -Root parameter. If no path is specified than an unnamed object will be created which can only be duplicated by handle.</maml:para> </maml:description> <command:syntax> <!-- Parameter set: __AllParameterSets --> <command:syntaxItem> <maml:name>New-NtEvent</maml:name> <!-- Parameter: Path --> <command:parameter required="false" globbing="false" pipelineInput="false" position="0"> <maml:name>Path</maml:name> <maml:description> <maml:para>The NT object manager path to the object to use.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Access --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Access</maml:name> <maml:description> <maml:para>Specify the access rights for a new handle when creating/opening an object.</maml:para> <maml:para>Possible values: QueryState, ModifyState, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">EventAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.EventAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>MaximumAllowed</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">QueryState</command:parameterValue> <command:parameterValue required="false" variableLength="false">ModifyState</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: CloseRoot --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CloseRoot</maml:name> <maml:description> <maml:para>Automatically close the Root object when this cmdlet finishes processing. Useful for pipelines.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: CreateDirectories --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CreateDirectories</maml:name> <maml:description> <maml:para>Create any necessary NtDirectory objects to create the required object. Will return the created directories as well as the object in the output. The new object will be the first entry in the list. This doesn't work when opening an object or creating keys/files.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: EventType --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>EventType</maml:name> <maml:description> <maml:para>The type of event to create.</maml:para> <maml:para>Possible values: NotificationEvent, SynchronizationEvent</maml:para> </maml:description> <command:parameterValue required="true">EventType</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.EventType</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>NotificationEvent</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">NotificationEvent</command:parameterValue> <command:parameterValue required="false" variableLength="false">SynchronizationEvent</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Inherit --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Inherit</maml:name> <maml:description> <maml:para>Set to mark the new handle as inheritable. Can be used with ObjectAttributes.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: InitialState --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>InitialState</maml:name> <maml:description> <maml:para>The initial state of the event object.</maml:para> </maml:description> <command:parameterValue required="true">bool</command:parameterValue> <dev:type> <maml:name>System.Boolean</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ObjectAttributes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ObjectAttributes</maml:name> <maml:description> <maml:para>Object Attribute flags used during Open/Create calls.</maml:para> <maml:para>Possible values: None, ProtectClose, Inherit, AuditObjectClose, Permanent, Exclusive, CaseInsensitive, OpenIf, OpenLink, KernelHandle, ForceAccessCheck, IgnoreImpersonatedDevicemap, DontReparse</maml:para> </maml:description> <command:parameterValue required="true">AttributeFlags</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.AttributeFlags</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>CaseInsensitive</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ProtectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Inherit</command:parameterValue> <command:parameterValue required="false" variableLength="false">AuditObjectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Permanent</command:parameterValue> <command:parameterValue required="false" variableLength="false">Exclusive</command:parameterValue> <command:parameterValue required="false" variableLength="false">CaseInsensitive</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenIf</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenLink</command:parameterValue> <command:parameterValue required="false" variableLength="false">KernelHandle</command:parameterValue> <command:parameterValue required="false" variableLength="false">ForceAccessCheck</command:parameterValue> <command:parameterValue required="false" variableLength="false">IgnoreImpersonatedDevicemap</command:parameterValue> <command:parameterValue required="false" variableLength="false">DontReparse</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Root --> <command:parameter required="false" globbing="false" pipelineInput="true (ByValue)" position="named"> <maml:name>Root</maml:name> <maml:description> <maml:para>An existing open NT object to use when Path is relative.</maml:para> </maml:description> <command:parameterValue required="true">NtObject</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtObject</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Sddl --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Sddl</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object in SDDL format.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SecurityDescriptor --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityDescriptor</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object.</maml:para> </maml:description> <command:parameterValue required="true">SecurityDescriptor</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityDescriptor</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SecurityQualityOfService --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityQualityOfService</maml:name> <maml:description> <maml:para>Set to provide an explicit security quality of service when opening files/namedpipes.</maml:para> </maml:description> <command:parameterValue required="true">SecurityQualityOfService</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityQualityOfService</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Win32Path --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Win32Path</maml:name> <maml:description> <maml:para>Use a Win32 path for lookups. For NT objects this means relative to BNO, for files means a DOS style path.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> </command:syntaxItem> </command:syntax> <command:parameters> <!-- Parameter: InitialState --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>InitialState</maml:name> <maml:description> <maml:para>The initial state of the event object.</maml:para> </maml:description> <command:parameterValue required="true">bool</command:parameterValue> <dev:type> <maml:name>System.Boolean</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: EventType --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>EventType</maml:name> <maml:description> <maml:para>The type of event to create.</maml:para> <maml:para>Possible values: NotificationEvent, SynchronizationEvent</maml:para> </maml:description> <command:parameterValue required="true">EventType</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.EventType</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>NotificationEvent</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">NotificationEvent</command:parameterValue> <command:parameterValue required="false" variableLength="false">SynchronizationEvent</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Access --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Access</maml:name> <maml:description> <maml:para>Specify the access rights for a new handle when creating/opening an object.</maml:para> <maml:para>Possible values: QueryState, ModifyState, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">EventAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.EventAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>MaximumAllowed</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">QueryState</command:parameterValue> <command:parameterValue required="false" variableLength="false">ModifyState</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Path --> <command:parameter required="false" globbing="false" pipelineInput="false" position="0"> <maml:name>Path</maml:name> <maml:description> <maml:para>The NT object manager path to the object to use.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Root --> <command:parameter required="false" globbing="false" pipelineInput="true (ByValue)" position="named"> <maml:name>Root</maml:name> <maml:description> <maml:para>An existing open NT object to use when Path is relative.</maml:para> </maml:description> <command:parameterValue required="true">NtObject</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtObject</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Win32Path --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Win32Path</maml:name> <maml:description> <maml:para>Use a Win32 path for lookups. For NT objects this means relative to BNO, for files means a DOS style path.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: CloseRoot --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CloseRoot</maml:name> <maml:description> <maml:para>Automatically close the Root object when this cmdlet finishes processing. Useful for pipelines.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: CreateDirectories --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CreateDirectories</maml:name> <maml:description> <maml:para>Create any necessary NtDirectory objects to create the required object. Will return the created directories as well as the object in the output. The new object will be the first entry in the list. This doesn't work when opening an object or creating keys/files.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ObjectAttributes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ObjectAttributes</maml:name> <maml:description> <maml:para>Object Attribute flags used during Open/Create calls.</maml:para> <maml:para>Possible values: None, ProtectClose, Inherit, AuditObjectClose, Permanent, Exclusive, CaseInsensitive, OpenIf, OpenLink, KernelHandle, ForceAccessCheck, IgnoreImpersonatedDevicemap, DontReparse</maml:para> </maml:description> <command:parameterValue required="true">AttributeFlags</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.AttributeFlags</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>CaseInsensitive</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ProtectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Inherit</command:parameterValue> <command:parameterValue required="false" variableLength="false">AuditObjectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Permanent</command:parameterValue> <command:parameterValue required="false" variableLength="false">Exclusive</command:parameterValue> <command:parameterValue required="false" variableLength="false">CaseInsensitive</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenIf</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenLink</command:parameterValue> <command:parameterValue required="false" variableLength="false">KernelHandle</command:parameterValue> <command:parameterValue required="false" variableLength="false">ForceAccessCheck</command:parameterValue> <command:parameterValue required="false" variableLength="false">IgnoreImpersonatedDevicemap</command:parameterValue> <command:parameterValue required="false" variableLength="false">DontReparse</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: SecurityDescriptor --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityDescriptor</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object.</maml:para> </maml:description> <command:parameterValue required="true">SecurityDescriptor</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityDescriptor</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Inherit --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Inherit</maml:name> <maml:description> <maml:para>Set to mark the new handle as inheritable. Can be used with ObjectAttributes.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: Sddl --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Sddl</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object in SDDL format.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SecurityQualityOfService --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityQualityOfService</maml:name> <maml:description> <maml:para>Set to provide an explicit security quality of service when opening files/namedpipes.</maml:para> </maml:description> <command:parameterValue required="true">SecurityQualityOfService</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityQualityOfService</maml:name> <maml:uri /> </dev:type> </command:parameter> </command:parameters> <command:inputTypes> <command:inputType> <dev:type> <maml:name>NtApiDotNet.NtObject</maml:name> <maml:uri /> </dev:type> <maml:description> <maml:para>An existing open NT object to use when Path is relative.</maml:para> </maml:description> </command:inputType> </command:inputTypes> <command:returnValues> <!-- OutputType: NtEvent --> <command:returnValue> <dev:type> <maml:name>NtApiDotNet.NtEvent</maml:name> <maml:uri /> </dev:type> </command:returnValue> </command:returnValues> <command:examples> <command:example> <maml:title>---------- EXAMPLE 1 ----------</maml:title> <dev:code>$obj = New-NtEvent</dev:code> <dev:remarks> <maml:para>Create a new anonymous event object.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 2 ----------</maml:title> <dev:code>$obj = New-NtEvent \BaseNamedObjects\ABC</dev:code> <dev:remarks> <maml:para>Create a new event object with an absolute path.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 3 ----------</maml:title> <dev:code>$root = Get-NtDirectory \BaseNamedObjects $obj = New-NtEvent ABC -Root $root</dev:code> <dev:remarks> <maml:para>Create a new event object with a relative path.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 4 ----------</maml:title> <dev:code>cd NtObject:\BaseNamedObjects $obj = New-NtEvent ABC</dev:code> <dev:remarks> <maml:para>Create a new event object with a relative path based on the current location.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 5 ----------</maml:title> <dev:code>$obj = New-NtEvent -InitialState $true</dev:code> <dev:remarks> <maml:para>Create a new anonymous event object with it initially set.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 6 ----------</maml:title> <dev:code>$obj = New-NtEvent -Path \BaseNamedObjects\ABC $obj.Wait()</dev:code> <dev:remarks> <maml:para>Create a new event object, wait for it to be set.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 7 ----------</maml:title> <dev:code>$obj = New-NtEvent -Path \BaseNamedObjects\ABC $obj.Set()</dev:code> <dev:remarks> <maml:para>Create a new event object, and set it.</maml:para> </dev:remarks> </command:example> </command:examples> <maml:relatedLinks> <maml:navigationLink> <maml:linkText>about_ManagingNtObjectLifetime</maml:linkText> </maml:navigationLink> </maml:relatedLinks> </command:command> <!-- Cmdlet: Get-NtFile --> <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"> <command:details> <command:name>Get-NtFile</command:name> <command:verb>Get</command:verb> <command:noun>NtFile</command:noun> <maml:description> <maml:para>Open a existing NT file object.</maml:para> </maml:description> </command:details> <maml:description> <maml:para>This cmdlet opens a existing NT file object. The absolute path to the object in the NT object manager name space can be specified. It's also possible to open the object relative to an existing object by specified the -Root parameter. To simply calling it's also possible to specify the path in a Win32 format when using the -Win32Path parameter.</maml:para> </maml:description> <command:syntax> <!-- Parameter set: __AllParameterSets --> <command:syntaxItem> <maml:name>Get-NtFile</maml:name> <!-- Parameter: Path --> <command:parameter required="true" globbing="false" pipelineInput="false" position="0"> <maml:name>Path</maml:name> <maml:description> <maml:para>The NT object manager path to the object to use.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Access --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Access</maml:name> <maml:description> <maml:para>Specify the access rights for a new handle when creating/opening an object.</maml:para> <maml:para>Possible values: None, ReadData, WriteData, AppendData, ReadEa, WriteEa, Execute, DeleteChild, ReadAttributes, WriteAttributes, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">FileAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.FileAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>MaximumAllowed</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadData</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteData</command:parameterValue> <command:parameterValue required="false" variableLength="false">AppendData</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadEa</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteEa</command:parameterValue> <command:parameterValue required="false" variableLength="false">Execute</command:parameterValue> <command:parameterValue required="false" variableLength="false">DeleteChild</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadAttributes</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteAttributes</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: CloseRoot --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CloseRoot</maml:name> <maml:description> <maml:para>Automatically close the Root object when this cmdlet finishes processing. Useful for pipelines.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: CreateDirectories --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CreateDirectories</maml:name> <maml:description> <maml:para>Create any necessary NtDirectory objects to create the required object. Will return the created directories as well as the object in the output. The new object will be the first entry in the list. This doesn't work when opening an object or creating keys/files.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: DeviceGuid --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>DeviceGuid</maml:name> <maml:description> <maml:para>Specify that the path is a device GUID not a full path.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: DirectoryAccess --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>DirectoryAccess</maml:name> <maml:description> <maml:para>Specify file access using directory access rights.</maml:para> <maml:para>Possible values: None, ListDirectory, AddFile, AddSubDirectory, ReadEa, WriteEa, Traverse, DeleteChild, ReadAttributes, WriteAttributes, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">FileDirectoryAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.FileDirectoryAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>MaximumAllowed</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ListDirectory</command:parameterValue> <command:parameterValue required="false" variableLength="false">AddFile</command:parameterValue> <command:parameterValue required="false" variableLength="false">AddSubDirectory</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadEa</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteEa</command:parameterValue> <command:parameterValue required="false" variableLength="false">Traverse</command:parameterValue> <command:parameterValue required="false" variableLength="false">DeleteChild</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadAttributes</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteAttributes</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Inherit --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Inherit</maml:name> <maml:description> <maml:para>Set to mark the new handle as inheritable. Can be used with ObjectAttributes.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ObjectAttributes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ObjectAttributes</maml:name> <maml:description> <maml:para>Object Attribute flags used during Open/Create calls.</maml:para> <maml:para>Possible values: None, ProtectClose, Inherit, AuditObjectClose, Permanent, Exclusive, CaseInsensitive, OpenIf, OpenLink, KernelHandle, ForceAccessCheck, IgnoreImpersonatedDevicemap, DontReparse</maml:para> </maml:description> <command:parameterValue required="true">AttributeFlags</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.AttributeFlags</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>CaseInsensitive</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ProtectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Inherit</command:parameterValue> <command:parameterValue required="false" variableLength="false">AuditObjectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Permanent</command:parameterValue> <command:parameterValue required="false" variableLength="false">Exclusive</command:parameterValue> <command:parameterValue required="false" variableLength="false">CaseInsensitive</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenIf</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenLink</command:parameterValue> <command:parameterValue required="false" variableLength="false">KernelHandle</command:parameterValue> <command:parameterValue required="false" variableLength="false">ForceAccessCheck</command:parameterValue> <command:parameterValue required="false" variableLength="false">IgnoreImpersonatedDevicemap</command:parameterValue> <command:parameterValue required="false" variableLength="false">DontReparse</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Options --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Options</maml:name> <maml:description> <maml:para>The options to open the file with.</maml:para> <maml:para>Possible values: None, DirectoryFile, WriteThrough, SequentialOnly, NoIntermediateBuffering, SynchronousIoAlert, SynchronousIoNonAlert, NonDirectoryFile, CreateTreeConnection, CompleteIfOplocked, NoEaKnowledge, OpenRemoteInstance, RandomAccess, DeleteOnClose, OpenByFileId, OpenForBackupIntent, NoCompression, OpenRequiringOplock, DisallowExclusive, SessionAware, ReserveOpfilter, OpenReparsePoint, OpenNoRecall, OpenForFreeSpaceQuery</maml:para> </maml:description> <command:parameterValue required="true">FileOpenOptions</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.FileOpenOptions</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">DirectoryFile</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteThrough</command:parameterValue> <command:parameterValue required="false" variableLength="false">SequentialOnly</command:parameterValue> <command:parameterValue required="false" variableLength="false">NoIntermediateBuffering</command:parameterValue> <command:parameterValue required="false" variableLength="false">SynchronousIoAlert</command:parameterValue> <command:parameterValue required="false" variableLength="false">SynchronousIoNonAlert</command:parameterValue> <command:parameterValue required="false" variableLength="false">NonDirectoryFile</command:parameterValue> <command:parameterValue required="false" variableLength="false">CreateTreeConnection</command:parameterValue> <command:parameterValue required="false" variableLength="false">CompleteIfOplocked</command:parameterValue> <command:parameterValue required="false" variableLength="false">NoEaKnowledge</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenRemoteInstance</command:parameterValue> <command:parameterValue required="false" variableLength="false">RandomAccess</command:parameterValue> <command:parameterValue required="false" variableLength="false">DeleteOnClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenByFileId</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenForBackupIntent</command:parameterValue> <command:parameterValue required="false" variableLength="false">NoCompression</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenRequiringOplock</command:parameterValue> <command:parameterValue required="false" variableLength="false">DisallowExclusive</command:parameterValue> <command:parameterValue required="false" variableLength="false">SessionAware</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReserveOpfilter</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenReparsePoint</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenNoRecall</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenForFreeSpaceQuery</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Root --> <command:parameter required="false" globbing="false" pipelineInput="true (ByValue)" position="named"> <maml:name>Root</maml:name> <maml:description> <maml:para>An existing open NT object to use when Path is relative.</maml:para> </maml:description> <command:parameterValue required="true">NtObject</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtObject</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Sddl --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Sddl</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object in SDDL format.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SecurityDescriptor --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityDescriptor</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object.</maml:para> </maml:description> <command:parameterValue required="true">SecurityDescriptor</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityDescriptor</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SecurityQualityOfService --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityQualityOfService</maml:name> <maml:description> <maml:para>Set to provide an explicit security quality of service when opening files/namedpipes.</maml:para> </maml:description> <command:parameterValue required="true">SecurityQualityOfService</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityQualityOfService</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: ShareMode --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ShareMode</maml:name> <maml:description> <maml:para>The access share mode to open the file with.</maml:para> <maml:para>Possible values: None, Read, Write, Delete, All</maml:para> </maml:description> <command:parameterValue required="true">FileShareMode</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.FileShareMode</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">Read</command:parameterValue> <command:parameterValue required="false" variableLength="false">Write</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">All</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Transaction --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Transaction</maml:name> <maml:description> <maml:para>Specify a transaction to create the file under.</maml:para> </maml:description> <command:parameterValue required="true">NtTransaction</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtTransaction</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Win32Path --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Win32Path</maml:name> <maml:description> <maml:para>Use a Win32 path for lookups. For NT objects this means relative to BNO, for files means a DOS style path.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> </command:syntaxItem> </command:syntax> <command:parameters> <!-- Parameter: Path --> <command:parameter required="true" globbing="false" pipelineInput="false" position="0"> <maml:name>Path</maml:name> <maml:description> <maml:para>The NT object manager path to the object to use.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: DeviceGuid --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>DeviceGuid</maml:name> <maml:description> <maml:para>Specify that the path is a device GUID not a full path.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: DirectoryAccess --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>DirectoryAccess</maml:name> <maml:description> <maml:para>Specify file access using directory access rights.</maml:para> <maml:para>Possible values: None, ListDirectory, AddFile, AddSubDirectory, ReadEa, WriteEa, Traverse, DeleteChild, ReadAttributes, WriteAttributes, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">FileDirectoryAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.FileDirectoryAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>MaximumAllowed</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ListDirectory</command:parameterValue> <command:parameterValue required="false" variableLength="false">AddFile</command:parameterValue> <command:parameterValue required="false" variableLength="false">AddSubDirectory</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadEa</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteEa</command:parameterValue> <command:parameterValue required="false" variableLength="false">Traverse</command:parameterValue> <command:parameterValue required="false" variableLength="false">DeleteChild</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadAttributes</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteAttributes</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: ShareMode --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ShareMode</maml:name> <maml:description> <maml:para>The access share mode to open the file with.</maml:para> <maml:para>Possible values: None, Read, Write, Delete, All</maml:para> </maml:description> <command:parameterValue required="true">FileShareMode</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.FileShareMode</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">Read</command:parameterValue> <command:parameterValue required="false" variableLength="false">Write</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">All</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Options --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Options</maml:name> <maml:description> <maml:para>The options to open the file with.</maml:para> <maml:para>Possible values: None, DirectoryFile, WriteThrough, SequentialOnly, NoIntermediateBuffering, SynchronousIoAlert, SynchronousIoNonAlert, NonDirectoryFile, CreateTreeConnection, CompleteIfOplocked, NoEaKnowledge, OpenRemoteInstance, RandomAccess, DeleteOnClose, OpenByFileId, OpenForBackupIntent, NoCompression, OpenRequiringOplock, DisallowExclusive, SessionAware, ReserveOpfilter, OpenReparsePoint, OpenNoRecall, OpenForFreeSpaceQuery</maml:para> </maml:description> <command:parameterValue required="true">FileOpenOptions</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.FileOpenOptions</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">DirectoryFile</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteThrough</command:parameterValue> <command:parameterValue required="false" variableLength="false">SequentialOnly</command:parameterValue> <command:parameterValue required="false" variableLength="false">NoIntermediateBuffering</command:parameterValue> <command:parameterValue required="false" variableLength="false">SynchronousIoAlert</command:parameterValue> <command:parameterValue required="false" variableLength="false">SynchronousIoNonAlert</command:parameterValue> <command:parameterValue required="false" variableLength="false">NonDirectoryFile</command:parameterValue> <command:parameterValue required="false" variableLength="false">CreateTreeConnection</command:parameterValue> <command:parameterValue required="false" variableLength="false">CompleteIfOplocked</command:parameterValue> <command:parameterValue required="false" variableLength="false">NoEaKnowledge</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenRemoteInstance</command:parameterValue> <command:parameterValue required="false" variableLength="false">RandomAccess</command:parameterValue> <command:parameterValue required="false" variableLength="false">DeleteOnClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenByFileId</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenForBackupIntent</command:parameterValue> <command:parameterValue required="false" variableLength="false">NoCompression</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenRequiringOplock</command:parameterValue> <command:parameterValue required="false" variableLength="false">DisallowExclusive</command:parameterValue> <command:parameterValue required="false" variableLength="false">SessionAware</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReserveOpfilter</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenReparsePoint</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenNoRecall</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenForFreeSpaceQuery</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Transaction --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Transaction</maml:name> <maml:description> <maml:para>Specify a transaction to create the file under.</maml:para> </maml:description> <command:parameterValue required="true">NtTransaction</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtTransaction</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Access --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Access</maml:name> <maml:description> <maml:para>Specify the access rights for a new handle when creating/opening an object.</maml:para> <maml:para>Possible values: None, ReadData, WriteData, AppendData, ReadEa, WriteEa, Execute, DeleteChild, ReadAttributes, WriteAttributes, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">FileAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.FileAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>MaximumAllowed</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadData</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteData</command:parameterValue> <command:parameterValue required="false" variableLength="false">AppendData</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadEa</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteEa</command:parameterValue> <command:parameterValue required="false" variableLength="false">Execute</command:parameterValue> <command:parameterValue required="false" variableLength="false">DeleteChild</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadAttributes</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteAttributes</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Root --> <command:parameter required="false" globbing="false" pipelineInput="true (ByValue)" position="named"> <maml:name>Root</maml:name> <maml:description> <maml:para>An existing open NT object to use when Path is relative.</maml:para> </maml:description> <command:parameterValue required="true">NtObject</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtObject</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Win32Path --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Win32Path</maml:name> <maml:description> <maml:para>Use a Win32 path for lookups. For NT objects this means relative to BNO, for files means a DOS style path.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: CloseRoot --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CloseRoot</maml:name> <maml:description> <maml:para>Automatically close the Root object when this cmdlet finishes processing. Useful for pipelines.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: CreateDirectories --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CreateDirectories</maml:name> <maml:description> <maml:para>Create any necessary NtDirectory objects to create the required object. Will return the created directories as well as the object in the output. The new object will be the first entry in the list. This doesn't work when opening an object or creating keys/files.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ObjectAttributes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ObjectAttributes</maml:name> <maml:description> <maml:para>Object Attribute flags used during Open/Create calls.</maml:para> <maml:para>Possible values: None, ProtectClose, Inherit, AuditObjectClose, Permanent, Exclusive, CaseInsensitive, OpenIf, OpenLink, KernelHandle, ForceAccessCheck, IgnoreImpersonatedDevicemap, DontReparse</maml:para> </maml:description> <command:parameterValue required="true">AttributeFlags</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.AttributeFlags</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>CaseInsensitive</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ProtectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Inherit</command:parameterValue> <command:parameterValue required="false" variableLength="false">AuditObjectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Permanent</command:parameterValue> <command:parameterValue required="false" variableLength="false">Exclusive</command:parameterValue> <command:parameterValue required="false" variableLength="false">CaseInsensitive</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenIf</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenLink</command:parameterValue> <command:parameterValue required="false" variableLength="false">KernelHandle</command:parameterValue> <command:parameterValue required="false" variableLength="false">ForceAccessCheck</command:parameterValue> <command:parameterValue required="false" variableLength="false">IgnoreImpersonatedDevicemap</command:parameterValue> <command:parameterValue required="false" variableLength="false">DontReparse</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: SecurityDescriptor --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityDescriptor</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object.</maml:para> </maml:description> <command:parameterValue required="true">SecurityDescriptor</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityDescriptor</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Inherit --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Inherit</maml:name> <maml:description> <maml:para>Set to mark the new handle as inheritable. Can be used with ObjectAttributes.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: Sddl --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Sddl</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object in SDDL format.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SecurityQualityOfService --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityQualityOfService</maml:name> <maml:description> <maml:para>Set to provide an explicit security quality of service when opening files/namedpipes.</maml:para> </maml:description> <command:parameterValue required="true">SecurityQualityOfService</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityQualityOfService</maml:name> <maml:uri /> </dev:type> </command:parameter> </command:parameters> <command:inputTypes> <command:inputType> <dev:type> <maml:name>NtApiDotNet.NtObject</maml:name> <maml:uri /> </dev:type> <maml:description> <maml:para>An existing open NT object to use when Path is relative.</maml:para> </maml:description> </command:inputType> </command:inputTypes> <command:returnValues> <!-- OutputType: NtFile --> <command:returnValue> <dev:type> <maml:name>NtApiDotNet.NtFile</maml:name> <maml:uri /> </dev:type> </command:returnValue> </command:returnValues> <command:examples> <command:example> <maml:title>---------- EXAMPLE 1 ----------</maml:title> <dev:code>$obj = Get-NtFile \??\C:\Windows\Notepad.exe</dev:code> <dev:remarks> <maml:para>Open a file object with an absolute path.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 2 ----------</maml:title> <dev:code>$root = Get-NtFile \??\C:\Windows $obj = Get-NtFile Notepad.exe -Root $root</dev:code> <dev:remarks> <maml:para>Open a file object with a relative path.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 3 ----------</maml:title> <dev:code>$obj = Get-NtFile c:\Windows\Notepad.exe -Win32Path</dev:code> <dev:remarks> <maml:para>Open a file object with an absolute win32 path.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 4 ----------</maml:title> <dev:code>$obj = Get-NtFile ..\..\..\Windows\Notepad.exe -Win32Path</dev:code> <dev:remarks> <maml:para>Open a file object with a relative win32 path.</maml:para> </dev:remarks> </command:example> </command:examples> <maml:relatedLinks> <maml:navigationLink> <maml:linkText>about_ManagingNtObjectLifetime</maml:linkText> </maml:navigationLink> </maml:relatedLinks> </command:command> <!-- Cmdlet: New-NtFile --> <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"> <command:details> <command:name>New-NtFile</command:name> <command:verb>New</command:verb> <command:noun>NtFile</command:noun> <maml:description> <maml:para>Create a new NT file object.</maml:para> </maml:description> </command:details> <maml:description> <maml:para>This cmdlet creates a new NT file object. The absolute path to the object in the NT object manager name space can be specified. It's also possible to open the object relative to an existing object by specified the -Root parameter.</maml:para> </maml:description> <command:syntax> <!-- Parameter set: __AllParameterSets --> <command:syntaxItem> <maml:name>New-NtFile</maml:name> <!-- Parameter: Path --> <command:parameter required="true" globbing="false" pipelineInput="false" position="0"> <maml:name>Path</maml:name> <maml:description> <maml:para>The NT object manager path to the object to use.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Access --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Access</maml:name> <maml:description> <maml:para>Specify the access rights for a new handle when creating/opening an object.</maml:para> <maml:para>Possible values: None, ReadData, WriteData, AppendData, ReadEa, WriteEa, Execute, DeleteChild, ReadAttributes, WriteAttributes, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">FileAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.FileAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>MaximumAllowed</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadData</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteData</command:parameterValue> <command:parameterValue required="false" variableLength="false">AppendData</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadEa</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteEa</command:parameterValue> <command:parameterValue required="false" variableLength="false">Execute</command:parameterValue> <command:parameterValue required="false" variableLength="false">DeleteChild</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadAttributes</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteAttributes</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Attributes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Attributes</maml:name> <maml:description> <maml:para>Specify the file attributes for the new file.</maml:para> <maml:para>Possible values: None, ReadOnly, Hidden, System, Directory, Archive, Device, Normal, Temporary, SparseFile, ReparsePoint, Compressed, Offline, NotContentIndexed, Encrypted, IntegrityStream, Virtual, NoScrubData, Ea, Pinned, Unpinned, RecallOnDataAccess</maml:para> </maml:description> <command:parameterValue required="true">FileAttributes</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.FileAttributes</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>Normal</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadOnly</command:parameterValue> <command:parameterValue required="false" variableLength="false">Hidden</command:parameterValue> <command:parameterValue required="false" variableLength="false">System</command:parameterValue> <command:parameterValue required="false" variableLength="false">Directory</command:parameterValue> <command:parameterValue required="false" variableLength="false">Archive</command:parameterValue> <command:parameterValue required="false" variableLength="false">Device</command:parameterValue> <command:parameterValue required="false" variableLength="false">Normal</command:parameterValue> <command:parameterValue required="false" variableLength="false">Temporary</command:parameterValue> <command:parameterValue required="false" variableLength="false">SparseFile</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReparsePoint</command:parameterValue> <command:parameterValue required="false" variableLength="false">Compressed</command:parameterValue> <command:parameterValue required="false" variableLength="false">Offline</command:parameterValue> <command:parameterValue required="false" variableLength="false">NotContentIndexed</command:parameterValue> <command:parameterValue required="false" variableLength="false">Encrypted</command:parameterValue> <command:parameterValue required="false" variableLength="false">IntegrityStream</command:parameterValue> <command:parameterValue required="false" variableLength="false">Virtual</command:parameterValue> <command:parameterValue required="false" variableLength="false">NoScrubData</command:parameterValue> <command:parameterValue required="false" variableLength="false">Ea</command:parameterValue> <command:parameterValue required="false" variableLength="false">Pinned</command:parameterValue> <command:parameterValue required="false" variableLength="false">Unpinned</command:parameterValue> <command:parameterValue required="false" variableLength="false">RecallOnDataAccess</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: CloseRoot --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CloseRoot</maml:name> <maml:description> <maml:para>Automatically close the Root object when this cmdlet finishes processing. Useful for pipelines.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: CreateDirectories --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CreateDirectories</maml:name> <maml:description> <maml:para>Create any necessary NtDirectory objects to create the required object. Will return the created directories as well as the object in the output. The new object will be the first entry in the list. This doesn't work when opening an object or creating keys/files.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: DeviceGuid --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>DeviceGuid</maml:name> <maml:description> <maml:para>Specify that the path is a device GUID not a full path.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: Directory --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Directory</maml:name> <maml:description> <maml:para>Specify to create a directory instead of a file.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: DirectoryAccess --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>DirectoryAccess</maml:name> <maml:description> <maml:para>Specify file access using directory access rights.</maml:para> <maml:para>Possible values: None, ListDirectory, AddFile, AddSubDirectory, ReadEa, WriteEa, Traverse, DeleteChild, ReadAttributes, WriteAttributes, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">FileDirectoryAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.FileDirectoryAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>MaximumAllowed</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ListDirectory</command:parameterValue> <command:parameterValue required="false" variableLength="false">AddFile</command:parameterValue> <command:parameterValue required="false" variableLength="false">AddSubDirectory</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadEa</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteEa</command:parameterValue> <command:parameterValue required="false" variableLength="false">Traverse</command:parameterValue> <command:parameterValue required="false" variableLength="false">DeleteChild</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadAttributes</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteAttributes</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Disposition --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Disposition</maml:name> <maml:description> <maml:para>Specify the disposition for creating the file.</maml:para> <maml:para>Possible values: Supersede, Open, Create, OpenIf, Overwrite, OverwriteIf</maml:para> </maml:description> <command:parameterValue required="true">FileDisposition</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.FileDisposition</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>Create</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">Supersede</command:parameterValue> <command:parameterValue required="false" variableLength="false">Open</command:parameterValue> <command:parameterValue required="false" variableLength="false">Create</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenIf</command:parameterValue> <command:parameterValue required="false" variableLength="false">Overwrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">OverwriteIf</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: EaBuffer --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>EaBuffer</maml:name> <maml:description> <maml:para>Specify an EA buffer to pass to the create file call.</maml:para> </maml:description> <command:parameterValue required="true">EaBuffer</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.EaBuffer</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Inherit --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Inherit</maml:name> <maml:description> <maml:para>Set to mark the new handle as inheritable. Can be used with ObjectAttributes.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ObjectAttributes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ObjectAttributes</maml:name> <maml:description> <maml:para>Object Attribute flags used during Open/Create calls.</maml:para> <maml:para>Possible values: None, ProtectClose, Inherit, AuditObjectClose, Permanent, Exclusive, CaseInsensitive, OpenIf, OpenLink, KernelHandle, ForceAccessCheck, IgnoreImpersonatedDevicemap, DontReparse</maml:para> </maml:description> <command:parameterValue required="true">AttributeFlags</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.AttributeFlags</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>CaseInsensitive</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ProtectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Inherit</command:parameterValue> <command:parameterValue required="false" variableLength="false">AuditObjectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Permanent</command:parameterValue> <command:parameterValue required="false" variableLength="false">Exclusive</command:parameterValue> <command:parameterValue required="false" variableLength="false">CaseInsensitive</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenIf</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenLink</command:parameterValue> <command:parameterValue required="false" variableLength="false">KernelHandle</command:parameterValue> <command:parameterValue required="false" variableLength="false">ForceAccessCheck</command:parameterValue> <command:parameterValue required="false" variableLength="false">IgnoreImpersonatedDevicemap</command:parameterValue> <command:parameterValue required="false" variableLength="false">DontReparse</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Options --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Options</maml:name> <maml:description> <maml:para>The options to open the file with.</maml:para> <maml:para>Possible values: None, DirectoryFile, WriteThrough, SequentialOnly, NoIntermediateBuffering, SynchronousIoAlert, SynchronousIoNonAlert, NonDirectoryFile, CreateTreeConnection, CompleteIfOplocked, NoEaKnowledge, OpenRemoteInstance, RandomAccess, DeleteOnClose, OpenByFileId, OpenForBackupIntent, NoCompression, OpenRequiringOplock, DisallowExclusive, SessionAware, ReserveOpfilter, OpenReparsePoint, OpenNoRecall, OpenForFreeSpaceQuery</maml:para> </maml:description> <command:parameterValue required="true">FileOpenOptions</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.FileOpenOptions</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">DirectoryFile</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteThrough</command:parameterValue> <command:parameterValue required="false" variableLength="false">SequentialOnly</command:parameterValue> <command:parameterValue required="false" variableLength="false">NoIntermediateBuffering</command:parameterValue> <command:parameterValue required="false" variableLength="false">SynchronousIoAlert</command:parameterValue> <command:parameterValue required="false" variableLength="false">SynchronousIoNonAlert</command:parameterValue> <command:parameterValue required="false" variableLength="false">NonDirectoryFile</command:parameterValue> <command:parameterValue required="false" variableLength="false">CreateTreeConnection</command:parameterValue> <command:parameterValue required="false" variableLength="false">CompleteIfOplocked</command:parameterValue> <command:parameterValue required="false" variableLength="false">NoEaKnowledge</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenRemoteInstance</command:parameterValue> <command:parameterValue required="false" variableLength="false">RandomAccess</command:parameterValue> <command:parameterValue required="false" variableLength="false">DeleteOnClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenByFileId</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenForBackupIntent</command:parameterValue> <command:parameterValue required="false" variableLength="false">NoCompression</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenRequiringOplock</command:parameterValue> <command:parameterValue required="false" variableLength="false">DisallowExclusive</command:parameterValue> <command:parameterValue required="false" variableLength="false">SessionAware</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReserveOpfilter</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenReparsePoint</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenNoRecall</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenForFreeSpaceQuery</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Root --> <command:parameter required="false" globbing="false" pipelineInput="true (ByValue)" position="named"> <maml:name>Root</maml:name> <maml:description> <maml:para>An existing open NT object to use when Path is relative.</maml:para> </maml:description> <command:parameterValue required="true">NtObject</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtObject</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Sddl --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Sddl</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object in SDDL format.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SecurityDescriptor --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityDescriptor</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object.</maml:para> </maml:description> <command:parameterValue required="true">SecurityDescriptor</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityDescriptor</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SecurityQualityOfService --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityQualityOfService</maml:name> <maml:description> <maml:para>Set to provide an explicit security quality of service when opening files/namedpipes.</maml:para> </maml:description> <command:parameterValue required="true">SecurityQualityOfService</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityQualityOfService</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: ShareMode --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ShareMode</maml:name> <maml:description> <maml:para>The access share mode to open the file with.</maml:para> <maml:para>Possible values: None, Read, Write, Delete, All</maml:para> </maml:description> <command:parameterValue required="true">FileShareMode</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.FileShareMode</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">Read</command:parameterValue> <command:parameterValue required="false" variableLength="false">Write</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">All</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Transaction --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Transaction</maml:name> <maml:description> <maml:para>Specify a transaction to create the file under.</maml:para> </maml:description> <command:parameterValue required="true">NtTransaction</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtTransaction</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Win32Path --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Win32Path</maml:name> <maml:description> <maml:para>Use a Win32 path for lookups. For NT objects this means relative to BNO, for files means a DOS style path.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> </command:syntaxItem> </command:syntax> <command:parameters> <!-- Parameter: Attributes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Attributes</maml:name> <maml:description> <maml:para>Specify the file attributes for the new file.</maml:para> <maml:para>Possible values: None, ReadOnly, Hidden, System, Directory, Archive, Device, Normal, Temporary, SparseFile, ReparsePoint, Compressed, Offline, NotContentIndexed, Encrypted, IntegrityStream, Virtual, NoScrubData, Ea, Pinned, Unpinned, RecallOnDataAccess</maml:para> </maml:description> <command:parameterValue required="true">FileAttributes</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.FileAttributes</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>Normal</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadOnly</command:parameterValue> <command:parameterValue required="false" variableLength="false">Hidden</command:parameterValue> <command:parameterValue required="false" variableLength="false">System</command:parameterValue> <command:parameterValue required="false" variableLength="false">Directory</command:parameterValue> <command:parameterValue required="false" variableLength="false">Archive</command:parameterValue> <command:parameterValue required="false" variableLength="false">Device</command:parameterValue> <command:parameterValue required="false" variableLength="false">Normal</command:parameterValue> <command:parameterValue required="false" variableLength="false">Temporary</command:parameterValue> <command:parameterValue required="false" variableLength="false">SparseFile</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReparsePoint</command:parameterValue> <command:parameterValue required="false" variableLength="false">Compressed</command:parameterValue> <command:parameterValue required="false" variableLength="false">Offline</command:parameterValue> <command:parameterValue required="false" variableLength="false">NotContentIndexed</command:parameterValue> <command:parameterValue required="false" variableLength="false">Encrypted</command:parameterValue> <command:parameterValue required="false" variableLength="false">IntegrityStream</command:parameterValue> <command:parameterValue required="false" variableLength="false">Virtual</command:parameterValue> <command:parameterValue required="false" variableLength="false">NoScrubData</command:parameterValue> <command:parameterValue required="false" variableLength="false">Ea</command:parameterValue> <command:parameterValue required="false" variableLength="false">Pinned</command:parameterValue> <command:parameterValue required="false" variableLength="false">Unpinned</command:parameterValue> <command:parameterValue required="false" variableLength="false">RecallOnDataAccess</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Disposition --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Disposition</maml:name> <maml:description> <maml:para>Specify the disposition for creating the file.</maml:para> <maml:para>Possible values: Supersede, Open, Create, OpenIf, Overwrite, OverwriteIf</maml:para> </maml:description> <command:parameterValue required="true">FileDisposition</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.FileDisposition</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>Create</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">Supersede</command:parameterValue> <command:parameterValue required="false" variableLength="false">Open</command:parameterValue> <command:parameterValue required="false" variableLength="false">Create</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenIf</command:parameterValue> <command:parameterValue required="false" variableLength="false">Overwrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">OverwriteIf</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: EaBuffer --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>EaBuffer</maml:name> <maml:description> <maml:para>Specify an EA buffer to pass to the create file call.</maml:para> </maml:description> <command:parameterValue required="true">EaBuffer</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.EaBuffer</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Directory --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Directory</maml:name> <maml:description> <maml:para>Specify to create a directory instead of a file.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: Path --> <command:parameter required="true" globbing="false" pipelineInput="false" position="0"> <maml:name>Path</maml:name> <maml:description> <maml:para>The NT object manager path to the object to use.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: DeviceGuid --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>DeviceGuid</maml:name> <maml:description> <maml:para>Specify that the path is a device GUID not a full path.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: DirectoryAccess --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>DirectoryAccess</maml:name> <maml:description> <maml:para>Specify file access using directory access rights.</maml:para> <maml:para>Possible values: None, ListDirectory, AddFile, AddSubDirectory, ReadEa, WriteEa, Traverse, DeleteChild, ReadAttributes, WriteAttributes, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">FileDirectoryAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.FileDirectoryAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>MaximumAllowed</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ListDirectory</command:parameterValue> <command:parameterValue required="false" variableLength="false">AddFile</command:parameterValue> <command:parameterValue required="false" variableLength="false">AddSubDirectory</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadEa</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteEa</command:parameterValue> <command:parameterValue required="false" variableLength="false">Traverse</command:parameterValue> <command:parameterValue required="false" variableLength="false">DeleteChild</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadAttributes</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteAttributes</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: ShareMode --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ShareMode</maml:name> <maml:description> <maml:para>The access share mode to open the file with.</maml:para> <maml:para>Possible values: None, Read, Write, Delete, All</maml:para> </maml:description> <command:parameterValue required="true">FileShareMode</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.FileShareMode</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">Read</command:parameterValue> <command:parameterValue required="false" variableLength="false">Write</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">All</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Options --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Options</maml:name> <maml:description> <maml:para>The options to open the file with.</maml:para> <maml:para>Possible values: None, DirectoryFile, WriteThrough, SequentialOnly, NoIntermediateBuffering, SynchronousIoAlert, SynchronousIoNonAlert, NonDirectoryFile, CreateTreeConnection, CompleteIfOplocked, NoEaKnowledge, OpenRemoteInstance, RandomAccess, DeleteOnClose, OpenByFileId, OpenForBackupIntent, NoCompression, OpenRequiringOplock, DisallowExclusive, SessionAware, ReserveOpfilter, OpenReparsePoint, OpenNoRecall, OpenForFreeSpaceQuery</maml:para> </maml:description> <command:parameterValue required="true">FileOpenOptions</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.FileOpenOptions</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">DirectoryFile</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteThrough</command:parameterValue> <command:parameterValue required="false" variableLength="false">SequentialOnly</command:parameterValue> <command:parameterValue required="false" variableLength="false">NoIntermediateBuffering</command:parameterValue> <command:parameterValue required="false" variableLength="false">SynchronousIoAlert</command:parameterValue> <command:parameterValue required="false" variableLength="false">SynchronousIoNonAlert</command:parameterValue> <command:parameterValue required="false" variableLength="false">NonDirectoryFile</command:parameterValue> <command:parameterValue required="false" variableLength="false">CreateTreeConnection</command:parameterValue> <command:parameterValue required="false" variableLength="false">CompleteIfOplocked</command:parameterValue> <command:parameterValue required="false" variableLength="false">NoEaKnowledge</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenRemoteInstance</command:parameterValue> <command:parameterValue required="false" variableLength="false">RandomAccess</command:parameterValue> <command:parameterValue required="false" variableLength="false">DeleteOnClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenByFileId</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenForBackupIntent</command:parameterValue> <command:parameterValue required="false" variableLength="false">NoCompression</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenRequiringOplock</command:parameterValue> <command:parameterValue required="false" variableLength="false">DisallowExclusive</command:parameterValue> <command:parameterValue required="false" variableLength="false">SessionAware</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReserveOpfilter</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenReparsePoint</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenNoRecall</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenForFreeSpaceQuery</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Transaction --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Transaction</maml:name> <maml:description> <maml:para>Specify a transaction to create the file under.</maml:para> </maml:description> <command:parameterValue required="true">NtTransaction</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtTransaction</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Access --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Access</maml:name> <maml:description> <maml:para>Specify the access rights for a new handle when creating/opening an object.</maml:para> <maml:para>Possible values: None, ReadData, WriteData, AppendData, ReadEa, WriteEa, Execute, DeleteChild, ReadAttributes, WriteAttributes, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">FileAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.FileAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>MaximumAllowed</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadData</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteData</command:parameterValue> <command:parameterValue required="false" variableLength="false">AppendData</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadEa</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteEa</command:parameterValue> <command:parameterValue required="false" variableLength="false">Execute</command:parameterValue> <command:parameterValue required="false" variableLength="false">DeleteChild</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadAttributes</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteAttributes</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Root --> <command:parameter required="false" globbing="false" pipelineInput="true (ByValue)" position="named"> <maml:name>Root</maml:name> <maml:description> <maml:para>An existing open NT object to use when Path is relative.</maml:para> </maml:description> <command:parameterValue required="true">NtObject</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtObject</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Win32Path --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Win32Path</maml:name> <maml:description> <maml:para>Use a Win32 path for lookups. For NT objects this means relative to BNO, for files means a DOS style path.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: CloseRoot --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CloseRoot</maml:name> <maml:description> <maml:para>Automatically close the Root object when this cmdlet finishes processing. Useful for pipelines.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: CreateDirectories --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CreateDirectories</maml:name> <maml:description> <maml:para>Create any necessary NtDirectory objects to create the required object. Will return the created directories as well as the object in the output. The new object will be the first entry in the list. This doesn't work when opening an object or creating keys/files.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ObjectAttributes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ObjectAttributes</maml:name> <maml:description> <maml:para>Object Attribute flags used during Open/Create calls.</maml:para> <maml:para>Possible values: None, ProtectClose, Inherit, AuditObjectClose, Permanent, Exclusive, CaseInsensitive, OpenIf, OpenLink, KernelHandle, ForceAccessCheck, IgnoreImpersonatedDevicemap, DontReparse</maml:para> </maml:description> <command:parameterValue required="true">AttributeFlags</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.AttributeFlags</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>CaseInsensitive</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ProtectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Inherit</command:parameterValue> <command:parameterValue required="false" variableLength="false">AuditObjectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Permanent</command:parameterValue> <command:parameterValue required="false" variableLength="false">Exclusive</command:parameterValue> <command:parameterValue required="false" variableLength="false">CaseInsensitive</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenIf</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenLink</command:parameterValue> <command:parameterValue required="false" variableLength="false">KernelHandle</command:parameterValue> <command:parameterValue required="false" variableLength="false">ForceAccessCheck</command:parameterValue> <command:parameterValue required="false" variableLength="false">IgnoreImpersonatedDevicemap</command:parameterValue> <command:parameterValue required="false" variableLength="false">DontReparse</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: SecurityDescriptor --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityDescriptor</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object.</maml:para> </maml:description> <command:parameterValue required="true">SecurityDescriptor</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityDescriptor</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Inherit --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Inherit</maml:name> <maml:description> <maml:para>Set to mark the new handle as inheritable. Can be used with ObjectAttributes.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: Sddl --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Sddl</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object in SDDL format.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SecurityQualityOfService --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityQualityOfService</maml:name> <maml:description> <maml:para>Set to provide an explicit security quality of service when opening files/namedpipes.</maml:para> </maml:description> <command:parameterValue required="true">SecurityQualityOfService</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityQualityOfService</maml:name> <maml:uri /> </dev:type> </command:parameter> </command:parameters> <command:inputTypes> <command:inputType> <dev:type> <maml:name>NtApiDotNet.NtObject</maml:name> <maml:uri /> </dev:type> <maml:description> <maml:para>An existing open NT object to use when Path is relative.</maml:para> </maml:description> </command:inputType> </command:inputTypes> <command:returnValues> <!-- OutputType: NtFile --> <command:returnValue> <dev:type> <maml:name>NtApiDotNet.NtFile</maml:name> <maml:uri /> </dev:type> </command:returnValue> </command:returnValues> <command:examples> <command:example> <maml:title>---------- EXAMPLE 1 ----------</maml:title> <dev:code>$obj = New-NtFile \??\C:\Windows\Temp\abc.txt</dev:code> <dev:remarks> <maml:para>Creates a new file object with an absolute path.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 2 ----------</maml:title> <dev:code>$obj = New-NtFile \??\C:\Windows\Temp\ABC -Directory</dev:code> <dev:remarks> <maml:para>Creates a new directory file object with an absolute path.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 3 ----------</maml:title> <dev:code>$obj = New-NtFile \??\C:\Windows\Temp\abc.txt -Attributes Hidden</dev:code> <dev:remarks> <maml:para>Creates a new file object with an absolute path, with the hidden attribute.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 4 ----------</maml:title> <dev:code>$root = Get-NtFile \??\C:\Windows $obj = New-NtFile Temp\abc.txt -Root $root</dev:code> <dev:remarks> <maml:para>Creates a new file object with a relative path.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 5 ----------</maml:title> <dev:code>$obj = New-NtFile c:\Windows\Temp\abc.txt -Win32Path</dev:code> <dev:remarks> <maml:para>Creates a new file object with an absolute win32 path.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 6 ----------</maml:title> <dev:code>$obj = New-NtFile \??\C:\Windows\Temp\abc.txt -Disposition OpenIf</dev:code> <dev:remarks> <maml:para>Creates a new file object with an absolute path. If the file already exists then open it rather than failing.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 7 ----------</maml:title> <dev:code>$obj = New-NtFile \??\C:\Windows\Temp\abc.txt -Disposition Supersede</dev:code> <dev:remarks> <maml:para>Creates a new file object with an absolute path. If the file already exists then replace it with the new file.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 8 ----------</maml:title> <dev:code>$obj = New-NtFile \??\C:\Windows\Temp\abc.txt -Options SynchronousIoNonAlert -Access GenericRead,GenericWrite,Synchronize $stm = $obj.ToStream($true) $stm.WriteByte(1)</dev:code> <dev:remarks> <maml:para>Creates a new file object with an absolute path then writes data to it.</maml:para> </dev:remarks> </command:example> </command:examples> <maml:relatedLinks> <maml:navigationLink> <maml:linkText>about_ManagingNtObjectLifetime</maml:linkText> </maml:navigationLink> </maml:relatedLinks> </command:command> <!-- Cmdlet: Remove-NtFile --> <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"> <command:details> <command:name>Remove-NtFile</command:name> <command:verb>Remove</command:verb> <command:noun>NtFile</command:noun> <maml:description> <maml:para>Open a existing NT file object.</maml:para> </maml:description> </command:details> <maml:description> <maml:para>This cmdlet opens a existing NT file object. The absolute path to the object in the NT object manager name space can be specified. It's also possible to open the object relative to an existing object by specified the -Root parameter. To simply calling it's also possible to specify the path in a Win32 format when using the -Win32Path parameter.</maml:para> </maml:description> <command:syntax> <!-- Parameter set: __AllParameterSets --> <command:syntaxItem> <maml:name>Remove-NtFile</maml:name> <!-- Parameter: Path --> <command:parameter required="true" globbing="false" pipelineInput="false" position="0"> <maml:name>Path</maml:name> <maml:description> <maml:para>The NT object manager path to the object to use.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Access --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Access</maml:name> <maml:description> <maml:para>Specify the access rights for a new handle when creating/opening an object.</maml:para> <maml:para>Possible values: None, ReadData, WriteData, AppendData, ReadEa, WriteEa, Execute, DeleteChild, ReadAttributes, WriteAttributes, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">FileAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.FileAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>MaximumAllowed</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadData</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteData</command:parameterValue> <command:parameterValue required="false" variableLength="false">AppendData</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadEa</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteEa</command:parameterValue> <command:parameterValue required="false" variableLength="false">Execute</command:parameterValue> <command:parameterValue required="false" variableLength="false">DeleteChild</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadAttributes</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteAttributes</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: CloseRoot --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CloseRoot</maml:name> <maml:description> <maml:para>Automatically close the Root object when this cmdlet finishes processing. Useful for pipelines.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: CreateDirectories --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CreateDirectories</maml:name> <maml:description> <maml:para>Create any necessary NtDirectory objects to create the required object. Will return the created directories as well as the object in the output. The new object will be the first entry in the list. This doesn't work when opening an object or creating keys/files.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: DeleteReparsePoint --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>DeleteReparsePoint</maml:name> <maml:description> <maml:para>Specify whether to delete the reparse point or the target.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: DeviceGuid --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>DeviceGuid</maml:name> <maml:description> <maml:para>Specify that the path is a device GUID not a full path.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: DirectoryAccess --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>DirectoryAccess</maml:name> <maml:description> <maml:para>Specify file access using directory access rights.</maml:para> <maml:para>Possible values: None, ListDirectory, AddFile, AddSubDirectory, ReadEa, WriteEa, Traverse, DeleteChild, ReadAttributes, WriteAttributes, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">FileDirectoryAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.FileDirectoryAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>MaximumAllowed</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ListDirectory</command:parameterValue> <command:parameterValue required="false" variableLength="false">AddFile</command:parameterValue> <command:parameterValue required="false" variableLength="false">AddSubDirectory</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadEa</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteEa</command:parameterValue> <command:parameterValue required="false" variableLength="false">Traverse</command:parameterValue> <command:parameterValue required="false" variableLength="false">DeleteChild</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadAttributes</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteAttributes</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Inherit --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Inherit</maml:name> <maml:description> <maml:para>Set to mark the new handle as inheritable. Can be used with ObjectAttributes.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ObjectAttributes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ObjectAttributes</maml:name> <maml:description> <maml:para>Object Attribute flags used during Open/Create calls.</maml:para> <maml:para>Possible values: None, ProtectClose, Inherit, AuditObjectClose, Permanent, Exclusive, CaseInsensitive, OpenIf, OpenLink, KernelHandle, ForceAccessCheck, IgnoreImpersonatedDevicemap, DontReparse</maml:para> </maml:description> <command:parameterValue required="true">AttributeFlags</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.AttributeFlags</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>CaseInsensitive</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ProtectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Inherit</command:parameterValue> <command:parameterValue required="false" variableLength="false">AuditObjectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Permanent</command:parameterValue> <command:parameterValue required="false" variableLength="false">Exclusive</command:parameterValue> <command:parameterValue required="false" variableLength="false">CaseInsensitive</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenIf</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenLink</command:parameterValue> <command:parameterValue required="false" variableLength="false">KernelHandle</command:parameterValue> <command:parameterValue required="false" variableLength="false">ForceAccessCheck</command:parameterValue> <command:parameterValue required="false" variableLength="false">IgnoreImpersonatedDevicemap</command:parameterValue> <command:parameterValue required="false" variableLength="false">DontReparse</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Options --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Options</maml:name> <maml:description> <maml:para>The options to open the file with.</maml:para> <maml:para>Possible values: None, DirectoryFile, WriteThrough, SequentialOnly, NoIntermediateBuffering, SynchronousIoAlert, SynchronousIoNonAlert, NonDirectoryFile, CreateTreeConnection, CompleteIfOplocked, NoEaKnowledge, OpenRemoteInstance, RandomAccess, DeleteOnClose, OpenByFileId, OpenForBackupIntent, NoCompression, OpenRequiringOplock, DisallowExclusive, SessionAware, ReserveOpfilter, OpenReparsePoint, OpenNoRecall, OpenForFreeSpaceQuery</maml:para> </maml:description> <command:parameterValue required="true">FileOpenOptions</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.FileOpenOptions</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">DirectoryFile</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteThrough</command:parameterValue> <command:parameterValue required="false" variableLength="false">SequentialOnly</command:parameterValue> <command:parameterValue required="false" variableLength="false">NoIntermediateBuffering</command:parameterValue> <command:parameterValue required="false" variableLength="false">SynchronousIoAlert</command:parameterValue> <command:parameterValue required="false" variableLength="false">SynchronousIoNonAlert</command:parameterValue> <command:parameterValue required="false" variableLength="false">NonDirectoryFile</command:parameterValue> <command:parameterValue required="false" variableLength="false">CreateTreeConnection</command:parameterValue> <command:parameterValue required="false" variableLength="false">CompleteIfOplocked</command:parameterValue> <command:parameterValue required="false" variableLength="false">NoEaKnowledge</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenRemoteInstance</command:parameterValue> <command:parameterValue required="false" variableLength="false">RandomAccess</command:parameterValue> <command:parameterValue required="false" variableLength="false">DeleteOnClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenByFileId</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenForBackupIntent</command:parameterValue> <command:parameterValue required="false" variableLength="false">NoCompression</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenRequiringOplock</command:parameterValue> <command:parameterValue required="false" variableLength="false">DisallowExclusive</command:parameterValue> <command:parameterValue required="false" variableLength="false">SessionAware</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReserveOpfilter</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenReparsePoint</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenNoRecall</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenForFreeSpaceQuery</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: PosixSemantics --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>PosixSemantics</maml:name> <maml:description> <maml:para>Specify whether to delete with POSIX semantics.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: Root --> <command:parameter required="false" globbing="false" pipelineInput="true (ByValue)" position="named"> <maml:name>Root</maml:name> <maml:description> <maml:para>An existing open NT object to use when Path is relative.</maml:para> </maml:description> <command:parameterValue required="true">NtObject</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtObject</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Sddl --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Sddl</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object in SDDL format.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SecurityDescriptor --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityDescriptor</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object.</maml:para> </maml:description> <command:parameterValue required="true">SecurityDescriptor</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityDescriptor</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SecurityQualityOfService --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityQualityOfService</maml:name> <maml:description> <maml:para>Set to provide an explicit security quality of service when opening files/namedpipes.</maml:para> </maml:description> <command:parameterValue required="true">SecurityQualityOfService</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityQualityOfService</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: ShareMode --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ShareMode</maml:name> <maml:description> <maml:para>The access share mode to open the file with.</maml:para> <maml:para>Possible values: None, Read, Write, Delete, All</maml:para> </maml:description> <command:parameterValue required="true">FileShareMode</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.FileShareMode</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">Read</command:parameterValue> <command:parameterValue required="false" variableLength="false">Write</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">All</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Transaction --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Transaction</maml:name> <maml:description> <maml:para>Specify a transaction to create the file under.</maml:para> </maml:description> <command:parameterValue required="true">NtTransaction</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtTransaction</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Win32Path --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Win32Path</maml:name> <maml:description> <maml:para>Use a Win32 path for lookups. For NT objects this means relative to BNO, for files means a DOS style path.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> </command:syntaxItem> </command:syntax> <command:parameters> <!-- Parameter: PosixSemantics --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>PosixSemantics</maml:name> <maml:description> <maml:para>Specify whether to delete with POSIX semantics.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: DeleteReparsePoint --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>DeleteReparsePoint</maml:name> <maml:description> <maml:para>Specify whether to delete the reparse point or the target.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: Path --> <command:parameter required="true" globbing="false" pipelineInput="false" position="0"> <maml:name>Path</maml:name> <maml:description> <maml:para>The NT object manager path to the object to use.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: DeviceGuid --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>DeviceGuid</maml:name> <maml:description> <maml:para>Specify that the path is a device GUID not a full path.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: DirectoryAccess --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>DirectoryAccess</maml:name> <maml:description> <maml:para>Specify file access using directory access rights.</maml:para> <maml:para>Possible values: None, ListDirectory, AddFile, AddSubDirectory, ReadEa, WriteEa, Traverse, DeleteChild, ReadAttributes, WriteAttributes, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">FileDirectoryAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.FileDirectoryAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>MaximumAllowed</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ListDirectory</command:parameterValue> <command:parameterValue required="false" variableLength="false">AddFile</command:parameterValue> <command:parameterValue required="false" variableLength="false">AddSubDirectory</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadEa</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteEa</command:parameterValue> <command:parameterValue required="false" variableLength="false">Traverse</command:parameterValue> <command:parameterValue required="false" variableLength="false">DeleteChild</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadAttributes</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteAttributes</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: ShareMode --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ShareMode</maml:name> <maml:description> <maml:para>The access share mode to open the file with.</maml:para> <maml:para>Possible values: None, Read, Write, Delete, All</maml:para> </maml:description> <command:parameterValue required="true">FileShareMode</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.FileShareMode</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">Read</command:parameterValue> <command:parameterValue required="false" variableLength="false">Write</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">All</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Options --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Options</maml:name> <maml:description> <maml:para>The options to open the file with.</maml:para> <maml:para>Possible values: None, DirectoryFile, WriteThrough, SequentialOnly, NoIntermediateBuffering, SynchronousIoAlert, SynchronousIoNonAlert, NonDirectoryFile, CreateTreeConnection, CompleteIfOplocked, NoEaKnowledge, OpenRemoteInstance, RandomAccess, DeleteOnClose, OpenByFileId, OpenForBackupIntent, NoCompression, OpenRequiringOplock, DisallowExclusive, SessionAware, ReserveOpfilter, OpenReparsePoint, OpenNoRecall, OpenForFreeSpaceQuery</maml:para> </maml:description> <command:parameterValue required="true">FileOpenOptions</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.FileOpenOptions</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">DirectoryFile</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteThrough</command:parameterValue> <command:parameterValue required="false" variableLength="false">SequentialOnly</command:parameterValue> <command:parameterValue required="false" variableLength="false">NoIntermediateBuffering</command:parameterValue> <command:parameterValue required="false" variableLength="false">SynchronousIoAlert</command:parameterValue> <command:parameterValue required="false" variableLength="false">SynchronousIoNonAlert</command:parameterValue> <command:parameterValue required="false" variableLength="false">NonDirectoryFile</command:parameterValue> <command:parameterValue required="false" variableLength="false">CreateTreeConnection</command:parameterValue> <command:parameterValue required="false" variableLength="false">CompleteIfOplocked</command:parameterValue> <command:parameterValue required="false" variableLength="false">NoEaKnowledge</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenRemoteInstance</command:parameterValue> <command:parameterValue required="false" variableLength="false">RandomAccess</command:parameterValue> <command:parameterValue required="false" variableLength="false">DeleteOnClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenByFileId</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenForBackupIntent</command:parameterValue> <command:parameterValue required="false" variableLength="false">NoCompression</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenRequiringOplock</command:parameterValue> <command:parameterValue required="false" variableLength="false">DisallowExclusive</command:parameterValue> <command:parameterValue required="false" variableLength="false">SessionAware</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReserveOpfilter</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenReparsePoint</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenNoRecall</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenForFreeSpaceQuery</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Transaction --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Transaction</maml:name> <maml:description> <maml:para>Specify a transaction to create the file under.</maml:para> </maml:description> <command:parameterValue required="true">NtTransaction</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtTransaction</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Access --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Access</maml:name> <maml:description> <maml:para>Specify the access rights for a new handle when creating/opening an object.</maml:para> <maml:para>Possible values: None, ReadData, WriteData, AppendData, ReadEa, WriteEa, Execute, DeleteChild, ReadAttributes, WriteAttributes, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">FileAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.FileAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>MaximumAllowed</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadData</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteData</command:parameterValue> <command:parameterValue required="false" variableLength="false">AppendData</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadEa</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteEa</command:parameterValue> <command:parameterValue required="false" variableLength="false">Execute</command:parameterValue> <command:parameterValue required="false" variableLength="false">DeleteChild</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadAttributes</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteAttributes</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Root --> <command:parameter required="false" globbing="false" pipelineInput="true (ByValue)" position="named"> <maml:name>Root</maml:name> <maml:description> <maml:para>An existing open NT object to use when Path is relative.</maml:para> </maml:description> <command:parameterValue required="true">NtObject</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtObject</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Win32Path --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Win32Path</maml:name> <maml:description> <maml:para>Use a Win32 path for lookups. For NT objects this means relative to BNO, for files means a DOS style path.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: CloseRoot --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CloseRoot</maml:name> <maml:description> <maml:para>Automatically close the Root object when this cmdlet finishes processing. Useful for pipelines.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: CreateDirectories --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CreateDirectories</maml:name> <maml:description> <maml:para>Create any necessary NtDirectory objects to create the required object. Will return the created directories as well as the object in the output. The new object will be the first entry in the list. This doesn't work when opening an object or creating keys/files.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ObjectAttributes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ObjectAttributes</maml:name> <maml:description> <maml:para>Object Attribute flags used during Open/Create calls.</maml:para> <maml:para>Possible values: None, ProtectClose, Inherit, AuditObjectClose, Permanent, Exclusive, CaseInsensitive, OpenIf, OpenLink, KernelHandle, ForceAccessCheck, IgnoreImpersonatedDevicemap, DontReparse</maml:para> </maml:description> <command:parameterValue required="true">AttributeFlags</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.AttributeFlags</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>CaseInsensitive</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ProtectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Inherit</command:parameterValue> <command:parameterValue required="false" variableLength="false">AuditObjectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Permanent</command:parameterValue> <command:parameterValue required="false" variableLength="false">Exclusive</command:parameterValue> <command:parameterValue required="false" variableLength="false">CaseInsensitive</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenIf</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenLink</command:parameterValue> <command:parameterValue required="false" variableLength="false">KernelHandle</command:parameterValue> <command:parameterValue required="false" variableLength="false">ForceAccessCheck</command:parameterValue> <command:parameterValue required="false" variableLength="false">IgnoreImpersonatedDevicemap</command:parameterValue> <command:parameterValue required="false" variableLength="false">DontReparse</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: SecurityDescriptor --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityDescriptor</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object.</maml:para> </maml:description> <command:parameterValue required="true">SecurityDescriptor</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityDescriptor</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Inherit --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Inherit</maml:name> <maml:description> <maml:para>Set to mark the new handle as inheritable. Can be used with ObjectAttributes.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: Sddl --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Sddl</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object in SDDL format.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SecurityQualityOfService --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityQualityOfService</maml:name> <maml:description> <maml:para>Set to provide an explicit security quality of service when opening files/namedpipes.</maml:para> </maml:description> <command:parameterValue required="true">SecurityQualityOfService</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityQualityOfService</maml:name> <maml:uri /> </dev:type> </command:parameter> </command:parameters> <command:inputTypes> <command:inputType> <dev:type> <maml:name>NtApiDotNet.NtObject</maml:name> <maml:uri /> </dev:type> <maml:description> <maml:para>An existing open NT object to use when Path is relative.</maml:para> </maml:description> </command:inputType> </command:inputTypes> <command:returnValues> <!-- OutputType: NtFile --> <command:returnValue> <dev:type> <maml:name>NtApiDotNet.NtFile</maml:name> <maml:uri /> </dev:type> </command:returnValue> </command:returnValues> <command:examples> <command:example> <maml:title>---------- EXAMPLE 1 ----------</maml:title> <dev:code>Remove-NtFile \??\C:\path\file.exe</dev:code> <dev:remarks> <maml:para>Delete a file object with an absolute path.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 2 ----------</maml:title> <dev:code>$root = Get-NtFile \??\C:\path Remove-NtFile file.exe -Root $root</dev:code> <dev:remarks> <maml:para>Delete a file object with a relative path.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 3 ----------</maml:title> <dev:code>Remove-NtFile c:\path\file.exe -Win32Path</dev:code> <dev:remarks> <maml:para>Delete a file object with an absolute win32 path.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 4 ----------</maml:title> <dev:code>Remove-NtFile ..\..\..\path\file.exe -Win32Path</dev:code> <dev:remarks> <maml:para>Delete a file object with a relative win32 path.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 5 ----------</maml:title> <dev:code>Remove-NtFile \??\C:\path\file.exe -PosixSemantics</dev:code> <dev:remarks> <maml:para>Delete a file object with POSIX semantics (needs Win10 RS3+).</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 6 ----------</maml:title> <dev:code>Remove-NtFile \??\C:\path\file.exe -DeleteReparsePoint</dev:code> <dev:remarks> <maml:para>Delete a file reparse point rather than following the link.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 7 ----------</maml:title> <dev:code>Remove-NtFile \??\C:\path\file.exe -ShareMode Read</dev:code> <dev:remarks> <maml:para>Delete a file object specifying a Read sharemode.</maml:para> </dev:remarks> </command:example> </command:examples> </command:command> <!-- Cmdlet: Get-NtFileChild --> <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"> <command:details> <command:name>Get-NtFileChild</command:name> <command:verb>Get</command:verb> <command:noun>NtFileChild</command:noun> <maml:description> <maml:para>Get the accessible children of a file directory.</maml:para> </maml:description> </command:details> <maml:description> <maml:para>This cmdlet gets the children of a file directory object. It allows the children to be extracted recursively. You can choose to get the children through the pipeline or specify a vistor script.</maml:para> </maml:description> <command:syntax> <!-- Parameter set: __AllParameterSets --> <command:syntaxItem> <maml:name>Get-NtFileChild</maml:name> <!-- Parameter: Object --> <command:parameter required="true" globbing="false" pipelineInput="false" position="0"> <maml:name>Object</maml:name> <maml:description> <maml:para>Specify an object to get children from, should be a directory.</maml:para> </maml:description> <command:parameterValue required="true">NtFile</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtFile</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Access --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Access</maml:name> <maml:description> <maml:para>Specify the access when opening a child.</maml:para> <maml:para>Possible values: None, ReadData, WriteData, AppendData, ReadEa, WriteEa, Execute, DeleteChild, ReadAttributes, WriteAttributes, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">FileAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.FileAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>ReadAttributes, ReadControl</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadData</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteData</command:parameterValue> <command:parameterValue required="false" variableLength="false">AppendData</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadEa</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteEa</command:parameterValue> <command:parameterValue required="false" variableLength="false">Execute</command:parameterValue> <command:parameterValue required="false" variableLength="false">DeleteChild</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadAttributes</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteAttributes</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: DirectoryAccess --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>DirectoryAccess</maml:name> <maml:description> <maml:para>Specify file access using directory access rights.</maml:para> <maml:para>Possible values: None, ListDirectory, AddFile, AddSubDirectory, ReadEa, WriteEa, Traverse, DeleteChild, ReadAttributes, WriteAttributes, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">FileDirectoryAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.FileDirectoryAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>ReadAttributes, ReadControl</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ListDirectory</command:parameterValue> <command:parameterValue required="false" variableLength="false">AddFile</command:parameterValue> <command:parameterValue required="false" variableLength="false">AddSubDirectory</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadEa</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteEa</command:parameterValue> <command:parameterValue required="false" variableLength="false">Traverse</command:parameterValue> <command:parameterValue required="false" variableLength="false">DeleteChild</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadAttributes</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteAttributes</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: FileMask --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>FileMask</maml:name> <maml:description> <maml:para>Specify a filter name filter such as *.txt.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>*</dev:defaultValue> </command:parameter> <!-- Parameter: Filter --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Filter</maml:name> <maml:description> <maml:para>Specify a script block to filter child objects. Return $true to keep the object.</maml:para> </maml:description> <command:parameterValue required="true">ScriptBlock</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.ScriptBlock</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: MaxDepth --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>MaxDepth</maml:name> <maml:description> <maml:para>When recursing specify the maximum depth of recursion. -1 indicates no limit.</maml:para> </maml:description> <command:parameterValue required="true">int</command:parameterValue> <dev:type> <maml:name>System.Int32</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>-1</dev:defaultValue> </command:parameter> <!-- Parameter: OpenForBackup --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>OpenForBackup</maml:name> <maml:description> <maml:para>Open keys for backup. Needs SeBackupPrivilege enabled.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: Recurse --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Recurse</maml:name> <maml:description> <maml:para>Get children recursively.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ShareMode --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ShareMode</maml:name> <maml:description> <maml:para>The access share mode to open the files with.</maml:para> <maml:para>Possible values: None, Read, Write, Delete, All</maml:para> </maml:description> <command:parameterValue required="true">FileShareMode</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.FileShareMode</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">Read</command:parameterValue> <command:parameterValue required="false" variableLength="false">Write</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">All</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Streams --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Streams</maml:name> <maml:description> <maml:para>Get named streams of files as well as children.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: TypeMask --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>TypeMask</maml:name> <maml:description> <maml:para>Specify the types of files to return.</maml:para> <maml:para>Possible values: All, FilesOnly, DirectoriesOnly</maml:para> </maml:description> <command:parameterValue required="true">FileTypeMask</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.FileTypeMask</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>All</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">All</command:parameterValue> <command:parameterValue required="false" variableLength="false">FilesOnly</command:parameterValue> <command:parameterValue required="false" variableLength="false">DirectoriesOnly</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Visitor --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Visitor</maml:name> <maml:description> <maml:para>Specify a script block to run for every child. The file object will automatically be disposed once the vistor has executed. If you want to cancel enumeration return $false.</maml:para> </maml:description> <command:parameterValue required="true">ScriptBlock</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.ScriptBlock</maml:name> <maml:uri /> </dev:type> </command:parameter> </command:syntaxItem> </command:syntax> <command:parameters> <!-- Parameter: OpenForBackup --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>OpenForBackup</maml:name> <maml:description> <maml:para>Open keys for backup. Needs SeBackupPrivilege enabled.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: Streams --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Streams</maml:name> <maml:description> <maml:para>Get named streams of files as well as children.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: DirectoryAccess --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>DirectoryAccess</maml:name> <maml:description> <maml:para>Specify file access using directory access rights.</maml:para> <maml:para>Possible values: None, ListDirectory, AddFile, AddSubDirectory, ReadEa, WriteEa, Traverse, DeleteChild, ReadAttributes, WriteAttributes, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">FileDirectoryAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.FileDirectoryAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>ReadAttributes, ReadControl</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ListDirectory</command:parameterValue> <command:parameterValue required="false" variableLength="false">AddFile</command:parameterValue> <command:parameterValue required="false" variableLength="false">AddSubDirectory</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadEa</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteEa</command:parameterValue> <command:parameterValue required="false" variableLength="false">Traverse</command:parameterValue> <command:parameterValue required="false" variableLength="false">DeleteChild</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadAttributes</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteAttributes</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: ShareMode --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ShareMode</maml:name> <maml:description> <maml:para>The access share mode to open the files with.</maml:para> <maml:para>Possible values: None, Read, Write, Delete, All</maml:para> </maml:description> <command:parameterValue required="true">FileShareMode</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.FileShareMode</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">Read</command:parameterValue> <command:parameterValue required="false" variableLength="false">Write</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">All</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: FileMask --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>FileMask</maml:name> <maml:description> <maml:para>Specify a filter name filter such as *.txt.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>*</dev:defaultValue> </command:parameter> <!-- Parameter: TypeMask --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>TypeMask</maml:name> <maml:description> <maml:para>Specify the types of files to return.</maml:para> <maml:para>Possible values: All, FilesOnly, DirectoriesOnly</maml:para> </maml:description> <command:parameterValue required="true">FileTypeMask</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.FileTypeMask</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>All</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">All</command:parameterValue> <command:parameterValue required="false" variableLength="false">FilesOnly</command:parameterValue> <command:parameterValue required="false" variableLength="false">DirectoriesOnly</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Object --> <command:parameter required="true" globbing="false" pipelineInput="false" position="0"> <maml:name>Object</maml:name> <maml:description> <maml:para>Specify an object to get children from, should be a directory.</maml:para> </maml:description> <command:parameterValue required="true">NtFile</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtFile</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Access --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Access</maml:name> <maml:description> <maml:para>Specify the access when opening a child.</maml:para> <maml:para>Possible values: None, ReadData, WriteData, AppendData, ReadEa, WriteEa, Execute, DeleteChild, ReadAttributes, WriteAttributes, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">FileAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.FileAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>ReadAttributes, ReadControl</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadData</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteData</command:parameterValue> <command:parameterValue required="false" variableLength="false">AppendData</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadEa</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteEa</command:parameterValue> <command:parameterValue required="false" variableLength="false">Execute</command:parameterValue> <command:parameterValue required="false" variableLength="false">DeleteChild</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadAttributes</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteAttributes</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Recurse --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Recurse</maml:name> <maml:description> <maml:para>Get children recursively.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: MaxDepth --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>MaxDepth</maml:name> <maml:description> <maml:para>When recursing specify the maximum depth of recursion. -1 indicates no limit.</maml:para> </maml:description> <command:parameterValue required="true">int</command:parameterValue> <dev:type> <maml:name>System.Int32</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>-1</dev:defaultValue> </command:parameter> <!-- Parameter: Visitor --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Visitor</maml:name> <maml:description> <maml:para>Specify a script block to run for every child. The file object will automatically be disposed once the vistor has executed. If you want to cancel enumeration return $false.</maml:para> </maml:description> <command:parameterValue required="true">ScriptBlock</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.ScriptBlock</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Filter --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Filter</maml:name> <maml:description> <maml:para>Specify a script block to filter child objects. Return $true to keep the object.</maml:para> </maml:description> <command:parameterValue required="true">ScriptBlock</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.ScriptBlock</maml:name> <maml:uri /> </dev:type> </command:parameter> </command:parameters> <command:inputTypes /> <command:returnValues /> <command:examples> <command:example> <maml:title>---------- EXAMPLE 1 ----------</maml:title> <dev:code>$files = Get-NtFileChild $file</dev:code> <dev:remarks> <maml:para>Get immediate children of a file directory.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 2 ----------</maml:title> <dev:code>$files = Get-NtFileChild $file -Streams</dev:code> <dev:remarks> <maml:para>Get immediate children and any streams of a file.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 3 ----------</maml:title> <dev:code>$files = Get-NtFileChild $file -Recurse</dev:code> <dev:remarks> <maml:para>Get children of a file directory recursively.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 4 ----------</maml:title> <dev:code>$files = Get-NtFileChild $file -Recurse -OpenForBackup</dev:code> <dev:remarks> <maml:para>Get children of a file directory recursively.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 5 ----------</maml:title> <dev:code>$files = Get-NtFileChild $file -Recurse -MaxDepth 2</dev:code> <dev:remarks> <maml:para>Get children of a file directory recursively up to a maximum depth of 2.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 6 ----------</maml:title> <dev:code>$files = Get-NtFileChild $file -Recurse -FileMask *.txt</dev:code> <dev:remarks> <maml:para>Get children of a file directory recursively, only returning files which match the pattern *.txt.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 7 ----------</maml:title> <dev:code>$files = Get-NtFileChild $file -Recurse -TypeMask DirectoriesOnly</dev:code> <dev:remarks> <maml:para>Get children of a file directory recursively, only returning directories.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 8 ----------</maml:title> <dev:code>$files = Get-NtFileChild $file Access ReadControl</dev:code> <dev:remarks> <maml:para>Get children of a file directory which can be opened for ReadControl access.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 9 ----------</maml:title> <dev:code>Get-NtFileChild $file -Visitor { $path = $_.FullPath; Write-Host $path }</dev:code> <dev:remarks> <maml:para>Get children of a file directory via the visitor pattern.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 10 ----------</maml:title> <dev:code>Get-NtFileChild $file -Recurse -Visitor { $path = $_.FullPath; Write-Host $path; $path -notmatch "BLAH" }</dev:code> <dev:remarks> <maml:para>Get children of a file directory via the visitor pattern, exiting the recursion if the object path contains the string BLAH.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 11 ----------</maml:title> <dev:code>$files = Get-NtFileChild $file -Recurse -Filter { $_.FullPath -match "BLAH" }</dev:code> <dev:remarks> <maml:para>Get children of a file directory filtering out any objects which don't have BLAH in the name.</maml:para> </dev:remarks> </command:example> </command:examples> <maml:relatedLinks> <maml:navigationLink> <maml:linkText>about_ManagingNtObjectLifetime</maml:linkText> </maml:navigationLink> </maml:relatedLinks> </command:command> <!-- Cmdlet: Set-NtFileHardlink --> <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"> <command:details> <command:name>Set-NtFileHardlink</command:name> <command:verb>Set</command:verb> <command:noun>NtFileHardlink</command:noun> <maml:description> <maml:para>Creates a hardlink for a file.</maml:para> </maml:description> </command:details> <maml:description> <maml:para>This cmdlet creates a hard link to an existing file. The absolute path to the object in the NT object manager name space can be specified. To simplify calling it's also possible to specify the path in a Win32 format when using the -Win32Path parameter.</maml:para> </maml:description> <command:syntax> <!-- Parameter set: __AllParameterSets --> <command:syntaxItem> <maml:name>Set-NtFileHardlink</maml:name> <!-- Parameter: Path --> <command:parameter required="true" globbing="false" pipelineInput="false" position="0"> <maml:name>Path</maml:name> <maml:description> <maml:para>The NT object manager path to the object to use.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: LinkPath --> <command:parameter required="true" globbing="false" pipelineInput="false" position="1"> <maml:name>LinkPath</maml:name> <maml:description> <maml:para>Specify the path to the new link.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Access --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Access</maml:name> <maml:description> <maml:para>Specify the access rights for a new handle when creating/opening an object.</maml:para> <maml:para>Possible values: None, ReadData, WriteData, AppendData, ReadEa, WriteEa, Execute, DeleteChild, ReadAttributes, WriteAttributes, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">FileAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.FileAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>MaximumAllowed</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadData</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteData</command:parameterValue> <command:parameterValue required="false" variableLength="false">AppendData</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadEa</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteEa</command:parameterValue> <command:parameterValue required="false" variableLength="false">Execute</command:parameterValue> <command:parameterValue required="false" variableLength="false">DeleteChild</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadAttributes</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteAttributes</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: CloseRoot --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CloseRoot</maml:name> <maml:description> <maml:para>Automatically close the Root object when this cmdlet finishes processing. Useful for pipelines.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: CreateDirectories --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CreateDirectories</maml:name> <maml:description> <maml:para>Create any necessary NtDirectory objects to create the required object. Will return the created directories as well as the object in the output. The new object will be the first entry in the list. This doesn't work when opening an object or creating keys/files.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: DeviceGuid --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>DeviceGuid</maml:name> <maml:description> <maml:para>Specify that the path is a device GUID not a full path.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: DirectoryAccess --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>DirectoryAccess</maml:name> <maml:description> <maml:para>Specify file access using directory access rights.</maml:para> <maml:para>Possible values: None, ListDirectory, AddFile, AddSubDirectory, ReadEa, WriteEa, Traverse, DeleteChild, ReadAttributes, WriteAttributes, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">FileDirectoryAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.FileDirectoryAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>MaximumAllowed</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ListDirectory</command:parameterValue> <command:parameterValue required="false" variableLength="false">AddFile</command:parameterValue> <command:parameterValue required="false" variableLength="false">AddSubDirectory</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadEa</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteEa</command:parameterValue> <command:parameterValue required="false" variableLength="false">Traverse</command:parameterValue> <command:parameterValue required="false" variableLength="false">DeleteChild</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadAttributes</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteAttributes</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Inherit --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Inherit</maml:name> <maml:description> <maml:para>Set to mark the new handle as inheritable. Can be used with ObjectAttributes.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: LinkRoot --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>LinkRoot</maml:name> <maml:description> <maml:para>Specify a root object if TargetPath is relative.</maml:para> </maml:description> <command:parameterValue required="true">NtObject</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtObject</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: ObjectAttributes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ObjectAttributes</maml:name> <maml:description> <maml:para>Object Attribute flags used during Open/Create calls.</maml:para> <maml:para>Possible values: None, ProtectClose, Inherit, AuditObjectClose, Permanent, Exclusive, CaseInsensitive, OpenIf, OpenLink, KernelHandle, ForceAccessCheck, IgnoreImpersonatedDevicemap, DontReparse</maml:para> </maml:description> <command:parameterValue required="true">AttributeFlags</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.AttributeFlags</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>CaseInsensitive</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ProtectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Inherit</command:parameterValue> <command:parameterValue required="false" variableLength="false">AuditObjectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Permanent</command:parameterValue> <command:parameterValue required="false" variableLength="false">Exclusive</command:parameterValue> <command:parameterValue required="false" variableLength="false">CaseInsensitive</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenIf</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenLink</command:parameterValue> <command:parameterValue required="false" variableLength="false">KernelHandle</command:parameterValue> <command:parameterValue required="false" variableLength="false">ForceAccessCheck</command:parameterValue> <command:parameterValue required="false" variableLength="false">IgnoreImpersonatedDevicemap</command:parameterValue> <command:parameterValue required="false" variableLength="false">DontReparse</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Options --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Options</maml:name> <maml:description> <maml:para>The options to open the file with.</maml:para> <maml:para>Possible values: None, DirectoryFile, WriteThrough, SequentialOnly, NoIntermediateBuffering, SynchronousIoAlert, SynchronousIoNonAlert, NonDirectoryFile, CreateTreeConnection, CompleteIfOplocked, NoEaKnowledge, OpenRemoteInstance, RandomAccess, DeleteOnClose, OpenByFileId, OpenForBackupIntent, NoCompression, OpenRequiringOplock, DisallowExclusive, SessionAware, ReserveOpfilter, OpenReparsePoint, OpenNoRecall, OpenForFreeSpaceQuery</maml:para> </maml:description> <command:parameterValue required="true">FileOpenOptions</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.FileOpenOptions</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">DirectoryFile</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteThrough</command:parameterValue> <command:parameterValue required="false" variableLength="false">SequentialOnly</command:parameterValue> <command:parameterValue required="false" variableLength="false">NoIntermediateBuffering</command:parameterValue> <command:parameterValue required="false" variableLength="false">SynchronousIoAlert</command:parameterValue> <command:parameterValue required="false" variableLength="false">SynchronousIoNonAlert</command:parameterValue> <command:parameterValue required="false" variableLength="false">NonDirectoryFile</command:parameterValue> <command:parameterValue required="false" variableLength="false">CreateTreeConnection</command:parameterValue> <command:parameterValue required="false" variableLength="false">CompleteIfOplocked</command:parameterValue> <command:parameterValue required="false" variableLength="false">NoEaKnowledge</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenRemoteInstance</command:parameterValue> <command:parameterValue required="false" variableLength="false">RandomAccess</command:parameterValue> <command:parameterValue required="false" variableLength="false">DeleteOnClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenByFileId</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenForBackupIntent</command:parameterValue> <command:parameterValue required="false" variableLength="false">NoCompression</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenRequiringOplock</command:parameterValue> <command:parameterValue required="false" variableLength="false">DisallowExclusive</command:parameterValue> <command:parameterValue required="false" variableLength="false">SessionAware</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReserveOpfilter</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenReparsePoint</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenNoRecall</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenForFreeSpaceQuery</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: ReplaceIfExists --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ReplaceIfExists</maml:name> <maml:description> <maml:para>Specify to replace the target if it already exists.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: Root --> <command:parameter required="false" globbing="false" pipelineInput="true (ByValue)" position="named"> <maml:name>Root</maml:name> <maml:description> <maml:para>An existing open NT object to use when Path is relative.</maml:para> </maml:description> <command:parameterValue required="true">NtObject</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtObject</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Sddl --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Sddl</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object in SDDL format.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SecurityDescriptor --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityDescriptor</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object.</maml:para> </maml:description> <command:parameterValue required="true">SecurityDescriptor</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityDescriptor</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SecurityQualityOfService --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityQualityOfService</maml:name> <maml:description> <maml:para>Set to provide an explicit security quality of service when opening files/namedpipes.</maml:para> </maml:description> <command:parameterValue required="true">SecurityQualityOfService</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityQualityOfService</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: ShareMode --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ShareMode</maml:name> <maml:description> <maml:para>The access share mode to open the file with.</maml:para> <maml:para>Possible values: None, Read, Write, Delete, All</maml:para> </maml:description> <command:parameterValue required="true">FileShareMode</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.FileShareMode</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">Read</command:parameterValue> <command:parameterValue required="false" variableLength="false">Write</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">All</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Transaction --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Transaction</maml:name> <maml:description> <maml:para>Specify a transaction to create the file under.</maml:para> </maml:description> <command:parameterValue required="true">NtTransaction</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtTransaction</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Win32Path --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Win32Path</maml:name> <maml:description> <maml:para>Use a Win32 path for lookups. For NT objects this means relative to BNO, for files means a DOS style path.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> </command:syntaxItem> </command:syntax> <command:parameters> <!-- Parameter: LinkPath --> <command:parameter required="true" globbing="false" pipelineInput="false" position="1"> <maml:name>LinkPath</maml:name> <maml:description> <maml:para>Specify the path to the new link.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: LinkRoot --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>LinkRoot</maml:name> <maml:description> <maml:para>Specify a root object if TargetPath is relative.</maml:para> </maml:description> <command:parameterValue required="true">NtObject</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtObject</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: ReplaceIfExists --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ReplaceIfExists</maml:name> <maml:description> <maml:para>Specify to replace the target if it already exists.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: Path --> <command:parameter required="true" globbing="false" pipelineInput="false" position="0"> <maml:name>Path</maml:name> <maml:description> <maml:para>The NT object manager path to the object to use.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: DeviceGuid --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>DeviceGuid</maml:name> <maml:description> <maml:para>Specify that the path is a device GUID not a full path.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: DirectoryAccess --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>DirectoryAccess</maml:name> <maml:description> <maml:para>Specify file access using directory access rights.</maml:para> <maml:para>Possible values: None, ListDirectory, AddFile, AddSubDirectory, ReadEa, WriteEa, Traverse, DeleteChild, ReadAttributes, WriteAttributes, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">FileDirectoryAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.FileDirectoryAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>MaximumAllowed</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ListDirectory</command:parameterValue> <command:parameterValue required="false" variableLength="false">AddFile</command:parameterValue> <command:parameterValue required="false" variableLength="false">AddSubDirectory</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadEa</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteEa</command:parameterValue> <command:parameterValue required="false" variableLength="false">Traverse</command:parameterValue> <command:parameterValue required="false" variableLength="false">DeleteChild</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadAttributes</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteAttributes</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: ShareMode --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ShareMode</maml:name> <maml:description> <maml:para>The access share mode to open the file with.</maml:para> <maml:para>Possible values: None, Read, Write, Delete, All</maml:para> </maml:description> <command:parameterValue required="true">FileShareMode</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.FileShareMode</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">Read</command:parameterValue> <command:parameterValue required="false" variableLength="false">Write</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">All</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Options --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Options</maml:name> <maml:description> <maml:para>The options to open the file with.</maml:para> <maml:para>Possible values: None, DirectoryFile, WriteThrough, SequentialOnly, NoIntermediateBuffering, SynchronousIoAlert, SynchronousIoNonAlert, NonDirectoryFile, CreateTreeConnection, CompleteIfOplocked, NoEaKnowledge, OpenRemoteInstance, RandomAccess, DeleteOnClose, OpenByFileId, OpenForBackupIntent, NoCompression, OpenRequiringOplock, DisallowExclusive, SessionAware, ReserveOpfilter, OpenReparsePoint, OpenNoRecall, OpenForFreeSpaceQuery</maml:para> </maml:description> <command:parameterValue required="true">FileOpenOptions</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.FileOpenOptions</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">DirectoryFile</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteThrough</command:parameterValue> <command:parameterValue required="false" variableLength="false">SequentialOnly</command:parameterValue> <command:parameterValue required="false" variableLength="false">NoIntermediateBuffering</command:parameterValue> <command:parameterValue required="false" variableLength="false">SynchronousIoAlert</command:parameterValue> <command:parameterValue required="false" variableLength="false">SynchronousIoNonAlert</command:parameterValue> <command:parameterValue required="false" variableLength="false">NonDirectoryFile</command:parameterValue> <command:parameterValue required="false" variableLength="false">CreateTreeConnection</command:parameterValue> <command:parameterValue required="false" variableLength="false">CompleteIfOplocked</command:parameterValue> <command:parameterValue required="false" variableLength="false">NoEaKnowledge</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenRemoteInstance</command:parameterValue> <command:parameterValue required="false" variableLength="false">RandomAccess</command:parameterValue> <command:parameterValue required="false" variableLength="false">DeleteOnClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenByFileId</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenForBackupIntent</command:parameterValue> <command:parameterValue required="false" variableLength="false">NoCompression</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenRequiringOplock</command:parameterValue> <command:parameterValue required="false" variableLength="false">DisallowExclusive</command:parameterValue> <command:parameterValue required="false" variableLength="false">SessionAware</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReserveOpfilter</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenReparsePoint</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenNoRecall</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenForFreeSpaceQuery</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Transaction --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Transaction</maml:name> <maml:description> <maml:para>Specify a transaction to create the file under.</maml:para> </maml:description> <command:parameterValue required="true">NtTransaction</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtTransaction</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Access --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Access</maml:name> <maml:description> <maml:para>Specify the access rights for a new handle when creating/opening an object.</maml:para> <maml:para>Possible values: None, ReadData, WriteData, AppendData, ReadEa, WriteEa, Execute, DeleteChild, ReadAttributes, WriteAttributes, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">FileAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.FileAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>MaximumAllowed</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadData</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteData</command:parameterValue> <command:parameterValue required="false" variableLength="false">AppendData</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadEa</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteEa</command:parameterValue> <command:parameterValue required="false" variableLength="false">Execute</command:parameterValue> <command:parameterValue required="false" variableLength="false">DeleteChild</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadAttributes</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteAttributes</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Root --> <command:parameter required="false" globbing="false" pipelineInput="true (ByValue)" position="named"> <maml:name>Root</maml:name> <maml:description> <maml:para>An existing open NT object to use when Path is relative.</maml:para> </maml:description> <command:parameterValue required="true">NtObject</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtObject</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Win32Path --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Win32Path</maml:name> <maml:description> <maml:para>Use a Win32 path for lookups. For NT objects this means relative to BNO, for files means a DOS style path.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: CloseRoot --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CloseRoot</maml:name> <maml:description> <maml:para>Automatically close the Root object when this cmdlet finishes processing. Useful for pipelines.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: CreateDirectories --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CreateDirectories</maml:name> <maml:description> <maml:para>Create any necessary NtDirectory objects to create the required object. Will return the created directories as well as the object in the output. The new object will be the first entry in the list. This doesn't work when opening an object or creating keys/files.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ObjectAttributes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ObjectAttributes</maml:name> <maml:description> <maml:para>Object Attribute flags used during Open/Create calls.</maml:para> <maml:para>Possible values: None, ProtectClose, Inherit, AuditObjectClose, Permanent, Exclusive, CaseInsensitive, OpenIf, OpenLink, KernelHandle, ForceAccessCheck, IgnoreImpersonatedDevicemap, DontReparse</maml:para> </maml:description> <command:parameterValue required="true">AttributeFlags</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.AttributeFlags</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>CaseInsensitive</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ProtectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Inherit</command:parameterValue> <command:parameterValue required="false" variableLength="false">AuditObjectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Permanent</command:parameterValue> <command:parameterValue required="false" variableLength="false">Exclusive</command:parameterValue> <command:parameterValue required="false" variableLength="false">CaseInsensitive</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenIf</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenLink</command:parameterValue> <command:parameterValue required="false" variableLength="false">KernelHandle</command:parameterValue> <command:parameterValue required="false" variableLength="false">ForceAccessCheck</command:parameterValue> <command:parameterValue required="false" variableLength="false">IgnoreImpersonatedDevicemap</command:parameterValue> <command:parameterValue required="false" variableLength="false">DontReparse</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: SecurityDescriptor --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityDescriptor</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object.</maml:para> </maml:description> <command:parameterValue required="true">SecurityDescriptor</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityDescriptor</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Inherit --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Inherit</maml:name> <maml:description> <maml:para>Set to mark the new handle as inheritable. Can be used with ObjectAttributes.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: Sddl --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Sddl</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object in SDDL format.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SecurityQualityOfService --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityQualityOfService</maml:name> <maml:description> <maml:para>Set to provide an explicit security quality of service when opening files/namedpipes.</maml:para> </maml:description> <command:parameterValue required="true">SecurityQualityOfService</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityQualityOfService</maml:name> <maml:uri /> </dev:type> </command:parameter> </command:parameters> <command:inputTypes> <command:inputType> <dev:type> <maml:name>NtApiDotNet.NtObject</maml:name> <maml:uri /> </dev:type> <maml:description> <maml:para>An existing open NT object to use when Path is relative.</maml:para> </maml:description> </command:inputType> </command:inputTypes> <command:returnValues> <!-- OutputType: NtFile --> <command:returnValue> <dev:type> <maml:name>NtApiDotNet.NtFile</maml:name> <maml:uri /> </dev:type> </command:returnValue> </command:returnValues> <command:examples> <command:example> <maml:title>---------- EXAMPLE 1 ----------</maml:title> <dev:code>Set-NtFileHardlink -Path \??\C:\ABC\XYZ.TXT -LinkPath \??\C:\TEMP\ABC.TXT</dev:code> <dev:remarks> <maml:para>Create a hardlink for file \??\C:\ABC\XYZ.TXT as \??\C:\XYZ.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 2 ----------</maml:title> <dev:code>Set-NtFileHardlink -Path C:\ABC\XYZ.TXT -LinkPath C:\TEMP\ABC.TXT -Win32Path</dev:code> <dev:remarks> <maml:para>Create a hardlink for file C:\ABC\XYZ.TXT as C:\TEMP\ABC.TXT.</maml:para> </dev:remarks> </command:example> </command:examples> </command:command> <!-- Cmdlet: Get-NtFileReparsePoint --> <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"> <command:details> <command:name>Get-NtFileReparsePoint</command:name> <command:verb>Get</command:verb> <command:noun>NtFileReparsePoint</command:noun> <maml:description> <maml:para>Open and reads the reparse point buffer for file.</maml:para> </maml:description> </command:details> <maml:description> <maml:para>This cmdlet opens a existing NT file object and reads out the reparse point buffer data. The absolute path to the object in the NT object manager name space can be specified. It's also possible to open the object relative to an existing object by specified the -Root parameter. To simplify calling it's also possible to specify the path in a Win32 format when using the -Win32Path parameter.</maml:para> </maml:description> <command:syntax> <!-- Parameter set: __AllParameterSets --> <command:syntaxItem> <maml:name>Get-NtFileReparsePoint</maml:name> <!-- Parameter: Path --> <command:parameter required="true" globbing="false" pipelineInput="false" position="0"> <maml:name>Path</maml:name> <maml:description> <maml:para>The NT object manager path to the object to use.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Access --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Access</maml:name> <maml:description> <maml:para>Specify the access rights for a new handle when creating/opening an object.</maml:para> <maml:para>Possible values: None, ReadData, WriteData, AppendData, ReadEa, WriteEa, Execute, DeleteChild, ReadAttributes, WriteAttributes, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">FileAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.FileAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>MaximumAllowed</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadData</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteData</command:parameterValue> <command:parameterValue required="false" variableLength="false">AppendData</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadEa</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteEa</command:parameterValue> <command:parameterValue required="false" variableLength="false">Execute</command:parameterValue> <command:parameterValue required="false" variableLength="false">DeleteChild</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadAttributes</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteAttributes</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Bytes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Bytes</maml:name> <maml:description> <maml:para>Specify reading the reparse point data as a raw byte array.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: CloseRoot --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CloseRoot</maml:name> <maml:description> <maml:para>Automatically close the Root object when this cmdlet finishes processing. Useful for pipelines.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: CreateDirectories --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CreateDirectories</maml:name> <maml:description> <maml:para>Create any necessary NtDirectory objects to create the required object. Will return the created directories as well as the object in the output. The new object will be the first entry in the list. This doesn't work when opening an object or creating keys/files.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: DeviceGuid --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>DeviceGuid</maml:name> <maml:description> <maml:para>Specify that the path is a device GUID not a full path.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: DirectoryAccess --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>DirectoryAccess</maml:name> <maml:description> <maml:para>Specify file access using directory access rights.</maml:para> <maml:para>Possible values: None, ListDirectory, AddFile, AddSubDirectory, ReadEa, WriteEa, Traverse, DeleteChild, ReadAttributes, WriteAttributes, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">FileDirectoryAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.FileDirectoryAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>MaximumAllowed</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ListDirectory</command:parameterValue> <command:parameterValue required="false" variableLength="false">AddFile</command:parameterValue> <command:parameterValue required="false" variableLength="false">AddSubDirectory</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadEa</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteEa</command:parameterValue> <command:parameterValue required="false" variableLength="false">Traverse</command:parameterValue> <command:parameterValue required="false" variableLength="false">DeleteChild</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadAttributes</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteAttributes</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Inherit --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Inherit</maml:name> <maml:description> <maml:para>Set to mark the new handle as inheritable. Can be used with ObjectAttributes.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ObjectAttributes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ObjectAttributes</maml:name> <maml:description> <maml:para>Object Attribute flags used during Open/Create calls.</maml:para> <maml:para>Possible values: None, ProtectClose, Inherit, AuditObjectClose, Permanent, Exclusive, CaseInsensitive, OpenIf, OpenLink, KernelHandle, ForceAccessCheck, IgnoreImpersonatedDevicemap, DontReparse</maml:para> </maml:description> <command:parameterValue required="true">AttributeFlags</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.AttributeFlags</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>CaseInsensitive</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ProtectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Inherit</command:parameterValue> <command:parameterValue required="false" variableLength="false">AuditObjectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Permanent</command:parameterValue> <command:parameterValue required="false" variableLength="false">Exclusive</command:parameterValue> <command:parameterValue required="false" variableLength="false">CaseInsensitive</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenIf</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenLink</command:parameterValue> <command:parameterValue required="false" variableLength="false">KernelHandle</command:parameterValue> <command:parameterValue required="false" variableLength="false">ForceAccessCheck</command:parameterValue> <command:parameterValue required="false" variableLength="false">IgnoreImpersonatedDevicemap</command:parameterValue> <command:parameterValue required="false" variableLength="false">DontReparse</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Options --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Options</maml:name> <maml:description> <maml:para>The options to open the file with.</maml:para> <maml:para>Possible values: None, DirectoryFile, WriteThrough, SequentialOnly, NoIntermediateBuffering, SynchronousIoAlert, SynchronousIoNonAlert, NonDirectoryFile, CreateTreeConnection, CompleteIfOplocked, NoEaKnowledge, OpenRemoteInstance, RandomAccess, DeleteOnClose, OpenByFileId, OpenForBackupIntent, NoCompression, OpenRequiringOplock, DisallowExclusive, SessionAware, ReserveOpfilter, OpenReparsePoint, OpenNoRecall, OpenForFreeSpaceQuery</maml:para> </maml:description> <command:parameterValue required="true">FileOpenOptions</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.FileOpenOptions</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>OpenReparsePoint</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">DirectoryFile</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteThrough</command:parameterValue> <command:parameterValue required="false" variableLength="false">SequentialOnly</command:parameterValue> <command:parameterValue required="false" variableLength="false">NoIntermediateBuffering</command:parameterValue> <command:parameterValue required="false" variableLength="false">SynchronousIoAlert</command:parameterValue> <command:parameterValue required="false" variableLength="false">SynchronousIoNonAlert</command:parameterValue> <command:parameterValue required="false" variableLength="false">NonDirectoryFile</command:parameterValue> <command:parameterValue required="false" variableLength="false">CreateTreeConnection</command:parameterValue> <command:parameterValue required="false" variableLength="false">CompleteIfOplocked</command:parameterValue> <command:parameterValue required="false" variableLength="false">NoEaKnowledge</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenRemoteInstance</command:parameterValue> <command:parameterValue required="false" variableLength="false">RandomAccess</command:parameterValue> <command:parameterValue required="false" variableLength="false">DeleteOnClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenByFileId</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenForBackupIntent</command:parameterValue> <command:parameterValue required="false" variableLength="false">NoCompression</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenRequiringOplock</command:parameterValue> <command:parameterValue required="false" variableLength="false">DisallowExclusive</command:parameterValue> <command:parameterValue required="false" variableLength="false">SessionAware</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReserveOpfilter</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenReparsePoint</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenNoRecall</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenForFreeSpaceQuery</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Root --> <command:parameter required="false" globbing="false" pipelineInput="true (ByValue)" position="named"> <maml:name>Root</maml:name> <maml:description> <maml:para>An existing open NT object to use when Path is relative.</maml:para> </maml:description> <command:parameterValue required="true">NtObject</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtObject</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Sddl --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Sddl</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object in SDDL format.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SecurityDescriptor --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityDescriptor</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object.</maml:para> </maml:description> <command:parameterValue required="true">SecurityDescriptor</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityDescriptor</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SecurityQualityOfService --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityQualityOfService</maml:name> <maml:description> <maml:para>Set to provide an explicit security quality of service when opening files/namedpipes.</maml:para> </maml:description> <command:parameterValue required="true">SecurityQualityOfService</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityQualityOfService</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: ShareMode --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ShareMode</maml:name> <maml:description> <maml:para>The access share mode to open the file with.</maml:para> <maml:para>Possible values: None, Read, Write, Delete, All</maml:para> </maml:description> <command:parameterValue required="true">FileShareMode</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.FileShareMode</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">Read</command:parameterValue> <command:parameterValue required="false" variableLength="false">Write</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">All</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Transaction --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Transaction</maml:name> <maml:description> <maml:para>Specify a transaction to create the file under.</maml:para> </maml:description> <command:parameterValue required="true">NtTransaction</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtTransaction</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Win32Path --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Win32Path</maml:name> <maml:description> <maml:para>Use a Win32 path for lookups. For NT objects this means relative to BNO, for files means a DOS style path.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> </command:syntaxItem> </command:syntax> <command:parameters> <!-- Parameter: Bytes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Bytes</maml:name> <maml:description> <maml:para>Specify reading the reparse point data as a raw byte array.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: Path --> <command:parameter required="true" globbing="false" pipelineInput="false" position="0"> <maml:name>Path</maml:name> <maml:description> <maml:para>The NT object manager path to the object to use.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: DeviceGuid --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>DeviceGuid</maml:name> <maml:description> <maml:para>Specify that the path is a device GUID not a full path.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: DirectoryAccess --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>DirectoryAccess</maml:name> <maml:description> <maml:para>Specify file access using directory access rights.</maml:para> <maml:para>Possible values: None, ListDirectory, AddFile, AddSubDirectory, ReadEa, WriteEa, Traverse, DeleteChild, ReadAttributes, WriteAttributes, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">FileDirectoryAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.FileDirectoryAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>MaximumAllowed</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ListDirectory</command:parameterValue> <command:parameterValue required="false" variableLength="false">AddFile</command:parameterValue> <command:parameterValue required="false" variableLength="false">AddSubDirectory</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadEa</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteEa</command:parameterValue> <command:parameterValue required="false" variableLength="false">Traverse</command:parameterValue> <command:parameterValue required="false" variableLength="false">DeleteChild</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadAttributes</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteAttributes</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: ShareMode --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ShareMode</maml:name> <maml:description> <maml:para>The access share mode to open the file with.</maml:para> <maml:para>Possible values: None, Read, Write, Delete, All</maml:para> </maml:description> <command:parameterValue required="true">FileShareMode</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.FileShareMode</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">Read</command:parameterValue> <command:parameterValue required="false" variableLength="false">Write</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">All</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Options --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Options</maml:name> <maml:description> <maml:para>The options to open the file with.</maml:para> <maml:para>Possible values: None, DirectoryFile, WriteThrough, SequentialOnly, NoIntermediateBuffering, SynchronousIoAlert, SynchronousIoNonAlert, NonDirectoryFile, CreateTreeConnection, CompleteIfOplocked, NoEaKnowledge, OpenRemoteInstance, RandomAccess, DeleteOnClose, OpenByFileId, OpenForBackupIntent, NoCompression, OpenRequiringOplock, DisallowExclusive, SessionAware, ReserveOpfilter, OpenReparsePoint, OpenNoRecall, OpenForFreeSpaceQuery</maml:para> </maml:description> <command:parameterValue required="true">FileOpenOptions</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.FileOpenOptions</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>OpenReparsePoint</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">DirectoryFile</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteThrough</command:parameterValue> <command:parameterValue required="false" variableLength="false">SequentialOnly</command:parameterValue> <command:parameterValue required="false" variableLength="false">NoIntermediateBuffering</command:parameterValue> <command:parameterValue required="false" variableLength="false">SynchronousIoAlert</command:parameterValue> <command:parameterValue required="false" variableLength="false">SynchronousIoNonAlert</command:parameterValue> <command:parameterValue required="false" variableLength="false">NonDirectoryFile</command:parameterValue> <command:parameterValue required="false" variableLength="false">CreateTreeConnection</command:parameterValue> <command:parameterValue required="false" variableLength="false">CompleteIfOplocked</command:parameterValue> <command:parameterValue required="false" variableLength="false">NoEaKnowledge</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenRemoteInstance</command:parameterValue> <command:parameterValue required="false" variableLength="false">RandomAccess</command:parameterValue> <command:parameterValue required="false" variableLength="false">DeleteOnClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenByFileId</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenForBackupIntent</command:parameterValue> <command:parameterValue required="false" variableLength="false">NoCompression</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenRequiringOplock</command:parameterValue> <command:parameterValue required="false" variableLength="false">DisallowExclusive</command:parameterValue> <command:parameterValue required="false" variableLength="false">SessionAware</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReserveOpfilter</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenReparsePoint</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenNoRecall</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenForFreeSpaceQuery</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Transaction --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Transaction</maml:name> <maml:description> <maml:para>Specify a transaction to create the file under.</maml:para> </maml:description> <command:parameterValue required="true">NtTransaction</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtTransaction</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Access --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Access</maml:name> <maml:description> <maml:para>Specify the access rights for a new handle when creating/opening an object.</maml:para> <maml:para>Possible values: None, ReadData, WriteData, AppendData, ReadEa, WriteEa, Execute, DeleteChild, ReadAttributes, WriteAttributes, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">FileAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.FileAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>MaximumAllowed</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadData</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteData</command:parameterValue> <command:parameterValue required="false" variableLength="false">AppendData</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadEa</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteEa</command:parameterValue> <command:parameterValue required="false" variableLength="false">Execute</command:parameterValue> <command:parameterValue required="false" variableLength="false">DeleteChild</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadAttributes</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteAttributes</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Root --> <command:parameter required="false" globbing="false" pipelineInput="true (ByValue)" position="named"> <maml:name>Root</maml:name> <maml:description> <maml:para>An existing open NT object to use when Path is relative.</maml:para> </maml:description> <command:parameterValue required="true">NtObject</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtObject</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Win32Path --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Win32Path</maml:name> <maml:description> <maml:para>Use a Win32 path for lookups. For NT objects this means relative to BNO, for files means a DOS style path.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: CloseRoot --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CloseRoot</maml:name> <maml:description> <maml:para>Automatically close the Root object when this cmdlet finishes processing. Useful for pipelines.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: CreateDirectories --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CreateDirectories</maml:name> <maml:description> <maml:para>Create any necessary NtDirectory objects to create the required object. Will return the created directories as well as the object in the output. The new object will be the first entry in the list. This doesn't work when opening an object or creating keys/files.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ObjectAttributes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ObjectAttributes</maml:name> <maml:description> <maml:para>Object Attribute flags used during Open/Create calls.</maml:para> <maml:para>Possible values: None, ProtectClose, Inherit, AuditObjectClose, Permanent, Exclusive, CaseInsensitive, OpenIf, OpenLink, KernelHandle, ForceAccessCheck, IgnoreImpersonatedDevicemap, DontReparse</maml:para> </maml:description> <command:parameterValue required="true">AttributeFlags</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.AttributeFlags</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>CaseInsensitive</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ProtectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Inherit</command:parameterValue> <command:parameterValue required="false" variableLength="false">AuditObjectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Permanent</command:parameterValue> <command:parameterValue required="false" variableLength="false">Exclusive</command:parameterValue> <command:parameterValue required="false" variableLength="false">CaseInsensitive</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenIf</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenLink</command:parameterValue> <command:parameterValue required="false" variableLength="false">KernelHandle</command:parameterValue> <command:parameterValue required="false" variableLength="false">ForceAccessCheck</command:parameterValue> <command:parameterValue required="false" variableLength="false">IgnoreImpersonatedDevicemap</command:parameterValue> <command:parameterValue required="false" variableLength="false">DontReparse</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: SecurityDescriptor --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityDescriptor</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object.</maml:para> </maml:description> <command:parameterValue required="true">SecurityDescriptor</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityDescriptor</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Inherit --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Inherit</maml:name> <maml:description> <maml:para>Set to mark the new handle as inheritable. Can be used with ObjectAttributes.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: Sddl --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Sddl</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object in SDDL format.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SecurityQualityOfService --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityQualityOfService</maml:name> <maml:description> <maml:para>Set to provide an explicit security quality of service when opening files/namedpipes.</maml:para> </maml:description> <command:parameterValue required="true">SecurityQualityOfService</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityQualityOfService</maml:name> <maml:uri /> </dev:type> </command:parameter> </command:parameters> <command:inputTypes> <command:inputType> <dev:type> <maml:name>NtApiDotNet.NtObject</maml:name> <maml:uri /> </dev:type> <maml:description> <maml:para>An existing open NT object to use when Path is relative.</maml:para> </maml:description> </command:inputType> </command:inputTypes> <command:returnValues> <!-- OutputType: NtFile --> <command:returnValue> <dev:type> <maml:name>NtApiDotNet.NtFile</maml:name> <maml:uri /> </dev:type> </command:returnValue> <!-- OutputType: ReparseBuffer --> <command:returnValue> <dev:type> <maml:name>NtApiDotNet.ReparseBuffer</maml:name> <maml:uri /> </dev:type> </command:returnValue> </command:returnValues> <command:examples> <command:example> <maml:title>---------- EXAMPLE 1 ----------</maml:title> <dev:code>$obj = Get-NtFileReparsePoint \??\C:\XYZ</dev:code> <dev:remarks> <maml:para>Reads the reparse point with an absolute path.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 2 ----------</maml:title> <dev:code>$root = Get-NtFile \??\C:\ $obj = Get-NtFileReparsePoint XYZ -Root $root</dev:code> <dev:remarks> <maml:para>Reads the reparse point with a relative path.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 3 ----------</maml:title> <dev:code>$obj = Get-NtFileReparsePoint C:\XYZ -Win32Path</dev:code> <dev:remarks> <maml:para>Reads the reparse point with an absolute win32 path.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 4 ----------</maml:title> <dev:code>$obj = Get-NtFileReparsePoint ..\..\..\XYZ -Win32Path</dev:code> <dev:remarks> <maml:para>Reads the reparse point with a relative win32 path.</maml:para> </dev:remarks> </command:example> </command:examples> </command:command> <!-- Cmdlet: Remove-NtFileReparsePoint --> <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"> <command:details> <command:name>Remove-NtFileReparsePoint</command:name> <command:verb>Remove</command:verb> <command:noun>NtFileReparsePoint</command:noun> <maml:description> <maml:para>Removes the reparse point buffer for file.</maml:para> </maml:description> </command:details> <maml:description> <maml:para>This cmdlet removes the reparse point buffer from an existing NT file object. The absolute path to the object in the NT object manager name space can be specified. It's also possible to open the object relative to an existing object by specified the -Root parameter. To simplify calling it's also possible to specify the path in a Win32 format when using the -Win32Path parameter. It will return the original reparse buffer that was removed.</maml:para> </maml:description> <command:syntax> <!-- Parameter set: __AllParameterSets --> <command:syntaxItem> <maml:name>Remove-NtFileReparsePoint</maml:name> <!-- Parameter: Path --> <command:parameter required="true" globbing="false" pipelineInput="false" position="0"> <maml:name>Path</maml:name> <maml:description> <maml:para>The NT object manager path to the object to use.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Access --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Access</maml:name> <maml:description> <maml:para>Specify the access rights for a new handle when creating/opening an object.</maml:para> <maml:para>Possible values: None, ReadData, WriteData, AppendData, ReadEa, WriteEa, Execute, DeleteChild, ReadAttributes, WriteAttributes, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">FileAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.FileAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>MaximumAllowed</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadData</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteData</command:parameterValue> <command:parameterValue required="false" variableLength="false">AppendData</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadEa</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteEa</command:parameterValue> <command:parameterValue required="false" variableLength="false">Execute</command:parameterValue> <command:parameterValue required="false" variableLength="false">DeleteChild</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadAttributes</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteAttributes</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: CloseRoot --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CloseRoot</maml:name> <maml:description> <maml:para>Automatically close the Root object when this cmdlet finishes processing. Useful for pipelines.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: CreateDirectories --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CreateDirectories</maml:name> <maml:description> <maml:para>Create any necessary NtDirectory objects to create the required object. Will return the created directories as well as the object in the output. The new object will be the first entry in the list. This doesn't work when opening an object or creating keys/files.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: DeviceGuid --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>DeviceGuid</maml:name> <maml:description> <maml:para>Specify that the path is a device GUID not a full path.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: DirectoryAccess --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>DirectoryAccess</maml:name> <maml:description> <maml:para>Specify file access using directory access rights.</maml:para> <maml:para>Possible values: None, ListDirectory, AddFile, AddSubDirectory, ReadEa, WriteEa, Traverse, DeleteChild, ReadAttributes, WriteAttributes, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">FileDirectoryAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.FileDirectoryAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>MaximumAllowed</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ListDirectory</command:parameterValue> <command:parameterValue required="false" variableLength="false">AddFile</command:parameterValue> <command:parameterValue required="false" variableLength="false">AddSubDirectory</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadEa</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteEa</command:parameterValue> <command:parameterValue required="false" variableLength="false">Traverse</command:parameterValue> <command:parameterValue required="false" variableLength="false">DeleteChild</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadAttributes</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteAttributes</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Inherit --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Inherit</maml:name> <maml:description> <maml:para>Set to mark the new handle as inheritable. Can be used with ObjectAttributes.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ObjectAttributes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ObjectAttributes</maml:name> <maml:description> <maml:para>Object Attribute flags used during Open/Create calls.</maml:para> <maml:para>Possible values: None, ProtectClose, Inherit, AuditObjectClose, Permanent, Exclusive, CaseInsensitive, OpenIf, OpenLink, KernelHandle, ForceAccessCheck, IgnoreImpersonatedDevicemap, DontReparse</maml:para> </maml:description> <command:parameterValue required="true">AttributeFlags</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.AttributeFlags</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>CaseInsensitive</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ProtectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Inherit</command:parameterValue> <command:parameterValue required="false" variableLength="false">AuditObjectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Permanent</command:parameterValue> <command:parameterValue required="false" variableLength="false">Exclusive</command:parameterValue> <command:parameterValue required="false" variableLength="false">CaseInsensitive</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenIf</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenLink</command:parameterValue> <command:parameterValue required="false" variableLength="false">KernelHandle</command:parameterValue> <command:parameterValue required="false" variableLength="false">ForceAccessCheck</command:parameterValue> <command:parameterValue required="false" variableLength="false">IgnoreImpersonatedDevicemap</command:parameterValue> <command:parameterValue required="false" variableLength="false">DontReparse</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Options --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Options</maml:name> <maml:description> <maml:para>The options to open the file with.</maml:para> <maml:para>Possible values: None, DirectoryFile, WriteThrough, SequentialOnly, NoIntermediateBuffering, SynchronousIoAlert, SynchronousIoNonAlert, NonDirectoryFile, CreateTreeConnection, CompleteIfOplocked, NoEaKnowledge, OpenRemoteInstance, RandomAccess, DeleteOnClose, OpenByFileId, OpenForBackupIntent, NoCompression, OpenRequiringOplock, DisallowExclusive, SessionAware, ReserveOpfilter, OpenReparsePoint, OpenNoRecall, OpenForFreeSpaceQuery</maml:para> </maml:description> <command:parameterValue required="true">FileOpenOptions</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.FileOpenOptions</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>OpenReparsePoint</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">DirectoryFile</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteThrough</command:parameterValue> <command:parameterValue required="false" variableLength="false">SequentialOnly</command:parameterValue> <command:parameterValue required="false" variableLength="false">NoIntermediateBuffering</command:parameterValue> <command:parameterValue required="false" variableLength="false">SynchronousIoAlert</command:parameterValue> <command:parameterValue required="false" variableLength="false">SynchronousIoNonAlert</command:parameterValue> <command:parameterValue required="false" variableLength="false">NonDirectoryFile</command:parameterValue> <command:parameterValue required="false" variableLength="false">CreateTreeConnection</command:parameterValue> <command:parameterValue required="false" variableLength="false">CompleteIfOplocked</command:parameterValue> <command:parameterValue required="false" variableLength="false">NoEaKnowledge</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenRemoteInstance</command:parameterValue> <command:parameterValue required="false" variableLength="false">RandomAccess</command:parameterValue> <command:parameterValue required="false" variableLength="false">DeleteOnClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenByFileId</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenForBackupIntent</command:parameterValue> <command:parameterValue required="false" variableLength="false">NoCompression</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenRequiringOplock</command:parameterValue> <command:parameterValue required="false" variableLength="false">DisallowExclusive</command:parameterValue> <command:parameterValue required="false" variableLength="false">SessionAware</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReserveOpfilter</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenReparsePoint</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenNoRecall</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenForFreeSpaceQuery</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Root --> <command:parameter required="false" globbing="false" pipelineInput="true (ByValue)" position="named"> <maml:name>Root</maml:name> <maml:description> <maml:para>An existing open NT object to use when Path is relative.</maml:para> </maml:description> <command:parameterValue required="true">NtObject</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtObject</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Sddl --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Sddl</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object in SDDL format.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SecurityDescriptor --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityDescriptor</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object.</maml:para> </maml:description> <command:parameterValue required="true">SecurityDescriptor</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityDescriptor</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SecurityQualityOfService --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityQualityOfService</maml:name> <maml:description> <maml:para>Set to provide an explicit security quality of service when opening files/namedpipes.</maml:para> </maml:description> <command:parameterValue required="true">SecurityQualityOfService</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityQualityOfService</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: ShareMode --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ShareMode</maml:name> <maml:description> <maml:para>The access share mode to open the file with.</maml:para> <maml:para>Possible values: None, Read, Write, Delete, All</maml:para> </maml:description> <command:parameterValue required="true">FileShareMode</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.FileShareMode</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">Read</command:parameterValue> <command:parameterValue required="false" variableLength="false">Write</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">All</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Transaction --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Transaction</maml:name> <maml:description> <maml:para>Specify a transaction to create the file under.</maml:para> </maml:description> <command:parameterValue required="true">NtTransaction</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtTransaction</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Win32Path --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Win32Path</maml:name> <maml:description> <maml:para>Use a Win32 path for lookups. For NT objects this means relative to BNO, for files means a DOS style path.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> </command:syntaxItem> </command:syntax> <command:parameters> <!-- Parameter: Path --> <command:parameter required="true" globbing="false" pipelineInput="false" position="0"> <maml:name>Path</maml:name> <maml:description> <maml:para>The NT object manager path to the object to use.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: DeviceGuid --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>DeviceGuid</maml:name> <maml:description> <maml:para>Specify that the path is a device GUID not a full path.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: DirectoryAccess --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>DirectoryAccess</maml:name> <maml:description> <maml:para>Specify file access using directory access rights.</maml:para> <maml:para>Possible values: None, ListDirectory, AddFile, AddSubDirectory, ReadEa, WriteEa, Traverse, DeleteChild, ReadAttributes, WriteAttributes, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">FileDirectoryAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.FileDirectoryAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>MaximumAllowed</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ListDirectory</command:parameterValue> <command:parameterValue required="false" variableLength="false">AddFile</command:parameterValue> <command:parameterValue required="false" variableLength="false">AddSubDirectory</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadEa</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteEa</command:parameterValue> <command:parameterValue required="false" variableLength="false">Traverse</command:parameterValue> <command:parameterValue required="false" variableLength="false">DeleteChild</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadAttributes</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteAttributes</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: ShareMode --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ShareMode</maml:name> <maml:description> <maml:para>The access share mode to open the file with.</maml:para> <maml:para>Possible values: None, Read, Write, Delete, All</maml:para> </maml:description> <command:parameterValue required="true">FileShareMode</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.FileShareMode</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">Read</command:parameterValue> <command:parameterValue required="false" variableLength="false">Write</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">All</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Options --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Options</maml:name> <maml:description> <maml:para>The options to open the file with.</maml:para> <maml:para>Possible values: None, DirectoryFile, WriteThrough, SequentialOnly, NoIntermediateBuffering, SynchronousIoAlert, SynchronousIoNonAlert, NonDirectoryFile, CreateTreeConnection, CompleteIfOplocked, NoEaKnowledge, OpenRemoteInstance, RandomAccess, DeleteOnClose, OpenByFileId, OpenForBackupIntent, NoCompression, OpenRequiringOplock, DisallowExclusive, SessionAware, ReserveOpfilter, OpenReparsePoint, OpenNoRecall, OpenForFreeSpaceQuery</maml:para> </maml:description> <command:parameterValue required="true">FileOpenOptions</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.FileOpenOptions</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>OpenReparsePoint</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">DirectoryFile</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteThrough</command:parameterValue> <command:parameterValue required="false" variableLength="false">SequentialOnly</command:parameterValue> <command:parameterValue required="false" variableLength="false">NoIntermediateBuffering</command:parameterValue> <command:parameterValue required="false" variableLength="false">SynchronousIoAlert</command:parameterValue> <command:parameterValue required="false" variableLength="false">SynchronousIoNonAlert</command:parameterValue> <command:parameterValue required="false" variableLength="false">NonDirectoryFile</command:parameterValue> <command:parameterValue required="false" variableLength="false">CreateTreeConnection</command:parameterValue> <command:parameterValue required="false" variableLength="false">CompleteIfOplocked</command:parameterValue> <command:parameterValue required="false" variableLength="false">NoEaKnowledge</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenRemoteInstance</command:parameterValue> <command:parameterValue required="false" variableLength="false">RandomAccess</command:parameterValue> <command:parameterValue required="false" variableLength="false">DeleteOnClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenByFileId</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenForBackupIntent</command:parameterValue> <command:parameterValue required="false" variableLength="false">NoCompression</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenRequiringOplock</command:parameterValue> <command:parameterValue required="false" variableLength="false">DisallowExclusive</command:parameterValue> <command:parameterValue required="false" variableLength="false">SessionAware</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReserveOpfilter</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenReparsePoint</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenNoRecall</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenForFreeSpaceQuery</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Transaction --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Transaction</maml:name> <maml:description> <maml:para>Specify a transaction to create the file under.</maml:para> </maml:description> <command:parameterValue required="true">NtTransaction</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtTransaction</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Access --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Access</maml:name> <maml:description> <maml:para>Specify the access rights for a new handle when creating/opening an object.</maml:para> <maml:para>Possible values: None, ReadData, WriteData, AppendData, ReadEa, WriteEa, Execute, DeleteChild, ReadAttributes, WriteAttributes, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">FileAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.FileAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>MaximumAllowed</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadData</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteData</command:parameterValue> <command:parameterValue required="false" variableLength="false">AppendData</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadEa</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteEa</command:parameterValue> <command:parameterValue required="false" variableLength="false">Execute</command:parameterValue> <command:parameterValue required="false" variableLength="false">DeleteChild</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadAttributes</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteAttributes</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Root --> <command:parameter required="false" globbing="false" pipelineInput="true (ByValue)" position="named"> <maml:name>Root</maml:name> <maml:description> <maml:para>An existing open NT object to use when Path is relative.</maml:para> </maml:description> <command:parameterValue required="true">NtObject</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtObject</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Win32Path --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Win32Path</maml:name> <maml:description> <maml:para>Use a Win32 path for lookups. For NT objects this means relative to BNO, for files means a DOS style path.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: CloseRoot --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CloseRoot</maml:name> <maml:description> <maml:para>Automatically close the Root object when this cmdlet finishes processing. Useful for pipelines.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: CreateDirectories --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CreateDirectories</maml:name> <maml:description> <maml:para>Create any necessary NtDirectory objects to create the required object. Will return the created directories as well as the object in the output. The new object will be the first entry in the list. This doesn't work when opening an object or creating keys/files.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ObjectAttributes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ObjectAttributes</maml:name> <maml:description> <maml:para>Object Attribute flags used during Open/Create calls.</maml:para> <maml:para>Possible values: None, ProtectClose, Inherit, AuditObjectClose, Permanent, Exclusive, CaseInsensitive, OpenIf, OpenLink, KernelHandle, ForceAccessCheck, IgnoreImpersonatedDevicemap, DontReparse</maml:para> </maml:description> <command:parameterValue required="true">AttributeFlags</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.AttributeFlags</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>CaseInsensitive</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ProtectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Inherit</command:parameterValue> <command:parameterValue required="false" variableLength="false">AuditObjectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Permanent</command:parameterValue> <command:parameterValue required="false" variableLength="false">Exclusive</command:parameterValue> <command:parameterValue required="false" variableLength="false">CaseInsensitive</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenIf</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenLink</command:parameterValue> <command:parameterValue required="false" variableLength="false">KernelHandle</command:parameterValue> <command:parameterValue required="false" variableLength="false">ForceAccessCheck</command:parameterValue> <command:parameterValue required="false" variableLength="false">IgnoreImpersonatedDevicemap</command:parameterValue> <command:parameterValue required="false" variableLength="false">DontReparse</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: SecurityDescriptor --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityDescriptor</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object.</maml:para> </maml:description> <command:parameterValue required="true">SecurityDescriptor</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityDescriptor</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Inherit --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Inherit</maml:name> <maml:description> <maml:para>Set to mark the new handle as inheritable. Can be used with ObjectAttributes.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: Sddl --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Sddl</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object in SDDL format.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SecurityQualityOfService --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityQualityOfService</maml:name> <maml:description> <maml:para>Set to provide an explicit security quality of service when opening files/namedpipes.</maml:para> </maml:description> <command:parameterValue required="true">SecurityQualityOfService</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityQualityOfService</maml:name> <maml:uri /> </dev:type> </command:parameter> </command:parameters> <command:inputTypes> <command:inputType> <dev:type> <maml:name>NtApiDotNet.NtObject</maml:name> <maml:uri /> </dev:type> <maml:description> <maml:para>An existing open NT object to use when Path is relative.</maml:para> </maml:description> </command:inputType> </command:inputTypes> <command:returnValues> <!-- OutputType: NtFile --> <command:returnValue> <dev:type> <maml:name>NtApiDotNet.NtFile</maml:name> <maml:uri /> </dev:type> </command:returnValue> <!-- OutputType: ReparseBuffer --> <command:returnValue> <dev:type> <maml:name>NtApiDotNet.ReparseBuffer</maml:name> <maml:uri /> </dev:type> </command:returnValue> </command:returnValues> <command:examples> <command:example> <maml:title>---------- EXAMPLE 1 ----------</maml:title> <dev:code>Remove-NtFileReparsePoint \??\C:\XYZ</dev:code> <dev:remarks> <maml:para>Remove the reparse point with an absolute path.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 2 ----------</maml:title> <dev:code>$root = Get-NtFile \??\C:\ Remove-NtFileReparsePoint XYZ -Root $root</dev:code> <dev:remarks> <maml:para>Remove the reparse point with a relative path.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 3 ----------</maml:title> <dev:code>Remove-NtFileReparsePoint C:\XYZ -Win32Path</dev:code> <dev:remarks> <maml:para>Remove the reparse point with an absolute win32 path.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 4 ----------</maml:title> <dev:code>Remove-NtFileReparsePoint ..\..\..\XYZ -Win32Path</dev:code> <dev:remarks> <maml:para>Remove the reparse point with a relative win32 path.</maml:para> </dev:remarks> </command:example> </command:examples> </command:command> <!-- Cmdlet: Set-NtFileReparsePoint --> <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"> <command:details> <command:name>Set-NtFileReparsePoint</command:name> <command:verb>Set</command:verb> <command:noun>NtFileReparsePoint</command:noun> <maml:description> <maml:para>Sets the reparse point buffer for file.</maml:para> </maml:description> </command:details> <maml:description> <maml:para>This cmdlet sets the reparse point buffer data for a file. The absolute path to the object in the NT object manager name space can be specified. To simplify calling it's also possible to specify the path in a Win32 format when using the -Win32Path parameter.</maml:para> </maml:description> <command:syntax> <!-- Parameter set: MountPoint --> <command:syntaxItem> <maml:name>Set-NtFileReparsePoint</maml:name> <!-- Parameter: Path --> <command:parameter required="true" globbing="false" pipelineInput="false" position="0"> <maml:name>Path</maml:name> <maml:description> <maml:para>The NT object manager path to the object to use.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: TargetPath --> <command:parameter required="true" globbing="false" pipelineInput="false" position="1"> <maml:name>TargetPath</maml:name> <maml:description> <maml:para>Specify the target path for reparse point.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: PrintName --> <command:parameter required="false" globbing="false" pipelineInput="false" position="2"> <maml:name>PrintName</maml:name> <maml:description> <maml:para>Specify a print name for the reparse point.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: MountPoint --> <command:parameter required="true" globbing="false" pipelineInput="false" position="named"> <maml:name>MountPoint</maml:name> <maml:description> <maml:para>Specify creating a mount point.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: Access --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Access</maml:name> <maml:description> <maml:para>Specify the access rights for a new handle when creating/opening an object.</maml:para> <maml:para>Possible values: None, ReadData, WriteData, AppendData, ReadEa, WriteEa, Execute, DeleteChild, ReadAttributes, WriteAttributes, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">FileAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.FileAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>GenericWrite</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadData</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteData</command:parameterValue> <command:parameterValue required="false" variableLength="false">AppendData</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadEa</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteEa</command:parameterValue> <command:parameterValue required="false" variableLength="false">Execute</command:parameterValue> <command:parameterValue required="false" variableLength="false">DeleteChild</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadAttributes</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteAttributes</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Attributes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Attributes</maml:name> <maml:description> <maml:para>Specify the file attributes for the new file.</maml:para> <maml:para>Possible values: None, ReadOnly, Hidden, System, Directory, Archive, Device, Normal, Temporary, SparseFile, ReparsePoint, Compressed, Offline, NotContentIndexed, Encrypted, IntegrityStream, Virtual, NoScrubData, Ea, Pinned, Unpinned, RecallOnDataAccess</maml:para> </maml:description> <command:parameterValue required="true">FileAttributes</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.FileAttributes</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>Normal</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadOnly</command:parameterValue> <command:parameterValue required="false" variableLength="false">Hidden</command:parameterValue> <command:parameterValue required="false" variableLength="false">System</command:parameterValue> <command:parameterValue required="false" variableLength="false">Directory</command:parameterValue> <command:parameterValue required="false" variableLength="false">Archive</command:parameterValue> <command:parameterValue required="false" variableLength="false">Device</command:parameterValue> <command:parameterValue required="false" variableLength="false">Normal</command:parameterValue> <command:parameterValue required="false" variableLength="false">Temporary</command:parameterValue> <command:parameterValue required="false" variableLength="false">SparseFile</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReparsePoint</command:parameterValue> <command:parameterValue required="false" variableLength="false">Compressed</command:parameterValue> <command:parameterValue required="false" variableLength="false">Offline</command:parameterValue> <command:parameterValue required="false" variableLength="false">NotContentIndexed</command:parameterValue> <command:parameterValue required="false" variableLength="false">Encrypted</command:parameterValue> <command:parameterValue required="false" variableLength="false">IntegrityStream</command:parameterValue> <command:parameterValue required="false" variableLength="false">Virtual</command:parameterValue> <command:parameterValue required="false" variableLength="false">NoScrubData</command:parameterValue> <command:parameterValue required="false" variableLength="false">Ea</command:parameterValue> <command:parameterValue required="false" variableLength="false">Pinned</command:parameterValue> <command:parameterValue required="false" variableLength="false">Unpinned</command:parameterValue> <command:parameterValue required="false" variableLength="false">RecallOnDataAccess</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: CloseRoot --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CloseRoot</maml:name> <maml:description> <maml:para>Automatically close the Root object when this cmdlet finishes processing. Useful for pipelines.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: CreateDirectories --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CreateDirectories</maml:name> <maml:description> <maml:para>Create any necessary NtDirectory objects to create the required object. Will return the created directories as well as the object in the output. The new object will be the first entry in the list. This doesn't work when opening an object or creating keys/files.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: DeviceGuid --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>DeviceGuid</maml:name> <maml:description> <maml:para>Specify that the path is a device GUID not a full path.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: Directory --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Directory</maml:name> <maml:description> <maml:para>Specify to create a directory instead of a file.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: DirectoryAccess --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>DirectoryAccess</maml:name> <maml:description> <maml:para>Specify file access using directory access rights.</maml:para> <maml:para>Possible values: None, ListDirectory, AddFile, AddSubDirectory, ReadEa, WriteEa, Traverse, DeleteChild, ReadAttributes, WriteAttributes, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">FileDirectoryAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.FileDirectoryAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>GenericWrite</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ListDirectory</command:parameterValue> <command:parameterValue required="false" variableLength="false">AddFile</command:parameterValue> <command:parameterValue required="false" variableLength="false">AddSubDirectory</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadEa</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteEa</command:parameterValue> <command:parameterValue required="false" variableLength="false">Traverse</command:parameterValue> <command:parameterValue required="false" variableLength="false">DeleteChild</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadAttributes</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteAttributes</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Disposition --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Disposition</maml:name> <maml:description> <maml:para>Specify the disposition for creating the file.</maml:para> <maml:para>Possible values: Supersede, Open, Create, OpenIf, Overwrite, OverwriteIf</maml:para> </maml:description> <command:parameterValue required="true">FileDisposition</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.FileDisposition</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>OpenIf</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">Supersede</command:parameterValue> <command:parameterValue required="false" variableLength="false">Open</command:parameterValue> <command:parameterValue required="false" variableLength="false">Create</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenIf</command:parameterValue> <command:parameterValue required="false" variableLength="false">Overwrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">OverwriteIf</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: EaBuffer --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>EaBuffer</maml:name> <maml:description> <maml:para>Specify an EA buffer to pass to the create file call.</maml:para> </maml:description> <command:parameterValue required="true">EaBuffer</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.EaBuffer</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: ExistingGuid --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ExistingGuid</maml:name> <maml:description> <maml:para>Specify an existing GUID to check when setting the reparse point (on RS1+).</maml:para> </maml:description> <command:parameterValue required="true">Guid</command:parameterValue> <dev:type> <maml:name>System.Guid</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>00000000-0000-0000-0000-000000000000</dev:defaultValue> </command:parameter> <!-- Parameter: ExistingTag --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ExistingTag</maml:name> <maml:description> <maml:para>Specify an existing reparse tag to check when setting the reparse point (on RS1+).</maml:para> <maml:para>Possible values: MOUNT_POINT, HSM, DRIVE_EXTENDER, HSM2, SIS, WIM, CSV, DFS, FILTER_MANAGER, SYMLINK, IIS_CACHE, DFSR, DEDUP, APPXSTRM, NFS, FILE_PLACEHOLDER, DFM, WOF, WCI, WCI_1, GLOBAL_REPARSE, CLOUD, CLOUD_1, CLOUD_2, CLOUD_3, CLOUD_4, CLOUD_5, CLOUD_6, CLOUD_7, CLOUD_8, CLOUD_9, CLOUD_A, CLOUD_B, CLOUD_C, CLOUD_D, CLOUD_E, CLOUD_F, CLOUD_MASK, APPEXECLINK, PROJFS, LX_SYMLINK, STORAGE_SYNC, WCI_TOMBSTONE, UNHANDLED, ONEDRIVE, PROJFS_TOMBSTONE, AF_UNIX, LX_FIFO, LX_CHR, LX_BLK</maml:para> </maml:description> <command:parameterValue required="true">ReparseTag</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.ReparseTag</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>0</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">MOUNT_POINT</command:parameterValue> <command:parameterValue required="false" variableLength="false">HSM</command:parameterValue> <command:parameterValue required="false" variableLength="false">DRIVE_EXTENDER</command:parameterValue> <command:parameterValue required="false" variableLength="false">HSM2</command:parameterValue> <command:parameterValue required="false" variableLength="false">SIS</command:parameterValue> <command:parameterValue required="false" variableLength="false">WIM</command:parameterValue> <command:parameterValue required="false" variableLength="false">CSV</command:parameterValue> <command:parameterValue required="false" variableLength="false">DFS</command:parameterValue> <command:parameterValue required="false" variableLength="false">FILTER_MANAGER</command:parameterValue> <command:parameterValue required="false" variableLength="false">SYMLINK</command:parameterValue> <command:parameterValue required="false" variableLength="false">IIS_CACHE</command:parameterValue> <command:parameterValue required="false" variableLength="false">DFSR</command:parameterValue> <command:parameterValue required="false" variableLength="false">DEDUP</command:parameterValue> <command:parameterValue required="false" variableLength="false">APPXSTRM</command:parameterValue> <command:parameterValue required="false" variableLength="false">NFS</command:parameterValue> <command:parameterValue required="false" variableLength="false">FILE_PLACEHOLDER</command:parameterValue> <command:parameterValue required="false" variableLength="false">DFM</command:parameterValue> <command:parameterValue required="false" variableLength="false">WOF</command:parameterValue> <command:parameterValue required="false" variableLength="false">WCI</command:parameterValue> <command:parameterValue required="false" variableLength="false">WCI_1</command:parameterValue> <command:parameterValue required="false" variableLength="false">GLOBAL_REPARSE</command:parameterValue> <command:parameterValue required="false" variableLength="false">CLOUD</command:parameterValue> <command:parameterValue required="false" variableLength="false">CLOUD_1</command:parameterValue> <command:parameterValue required="false" variableLength="false">CLOUD_2</command:parameterValue> <command:parameterValue required="false" variableLength="false">CLOUD_3</command:parameterValue> <command:parameterValue required="false" variableLength="false">CLOUD_4</command:parameterValue> <command:parameterValue required="false" variableLength="false">CLOUD_5</command:parameterValue> <command:parameterValue required="false" variableLength="false">CLOUD_6</command:parameterValue> <command:parameterValue required="false" variableLength="false">CLOUD_7</command:parameterValue> <command:parameterValue required="false" variableLength="false">CLOUD_8</command:parameterValue> <command:parameterValue required="false" variableLength="false">CLOUD_9</command:parameterValue> <command:parameterValue required="false" variableLength="false">CLOUD_A</command:parameterValue> <command:parameterValue required="false" variableLength="false">CLOUD_B</command:parameterValue> <command:parameterValue required="false" variableLength="false">CLOUD_C</command:parameterValue> <command:parameterValue required="false" variableLength="false">CLOUD_D</command:parameterValue> <command:parameterValue required="false" variableLength="false">CLOUD_E</command:parameterValue> <command:parameterValue required="false" variableLength="false">CLOUD_F</command:parameterValue> <command:parameterValue required="false" variableLength="false">CLOUD_MASK</command:parameterValue> <command:parameterValue required="false" variableLength="false">APPEXECLINK</command:parameterValue> <command:parameterValue required="false" variableLength="false">PROJFS</command:parameterValue> <command:parameterValue required="false" variableLength="false">LX_SYMLINK</command:parameterValue> <command:parameterValue required="false" variableLength="false">STORAGE_SYNC</command:parameterValue> <command:parameterValue required="false" variableLength="false">WCI_TOMBSTONE</command:parameterValue> <command:parameterValue required="false" variableLength="false">UNHANDLED</command:parameterValue> <command:parameterValue required="false" variableLength="false">ONEDRIVE</command:parameterValue> <command:parameterValue required="false" variableLength="false">PROJFS_TOMBSTONE</command:parameterValue> <command:parameterValue required="false" variableLength="false">AF_UNIX</command:parameterValue> <command:parameterValue required="false" variableLength="false">LX_FIFO</command:parameterValue> <command:parameterValue required="false" variableLength="false">LX_CHR</command:parameterValue> <command:parameterValue required="false" variableLength="false">LX_BLK</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Flags --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Flags</maml:name> <maml:description> <maml:para>Specify flags to use when setting the reparse point (on RS1+).</maml:para> <maml:para>Possible values: None, GivenTagOrNone</maml:para> </maml:description> <command:parameterValue required="true">ReparseBufferExFlags</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.ReparseBufferExFlags</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">GivenTagOrNone</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Inherit --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Inherit</maml:name> <maml:description> <maml:para>Set to mark the new handle as inheritable. Can be used with ObjectAttributes.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ObjectAttributes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ObjectAttributes</maml:name> <maml:description> <maml:para>Object Attribute flags used during Open/Create calls.</maml:para> <maml:para>Possible values: None, ProtectClose, Inherit, AuditObjectClose, Permanent, Exclusive, CaseInsensitive, OpenIf, OpenLink, KernelHandle, ForceAccessCheck, IgnoreImpersonatedDevicemap, DontReparse</maml:para> </maml:description> <command:parameterValue required="true">AttributeFlags</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.AttributeFlags</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>CaseInsensitive</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ProtectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Inherit</command:parameterValue> <command:parameterValue required="false" variableLength="false">AuditObjectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Permanent</command:parameterValue> <command:parameterValue required="false" variableLength="false">Exclusive</command:parameterValue> <command:parameterValue required="false" variableLength="false">CaseInsensitive</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenIf</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenLink</command:parameterValue> <command:parameterValue required="false" variableLength="false">KernelHandle</command:parameterValue> <command:parameterValue required="false" variableLength="false">ForceAccessCheck</command:parameterValue> <command:parameterValue required="false" variableLength="false">IgnoreImpersonatedDevicemap</command:parameterValue> <command:parameterValue required="false" variableLength="false">DontReparse</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Options --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Options</maml:name> <maml:description> <maml:para>The options to open the file with.</maml:para> <maml:para>Possible values: None, DirectoryFile, WriteThrough, SequentialOnly, NoIntermediateBuffering, SynchronousIoAlert, SynchronousIoNonAlert, NonDirectoryFile, CreateTreeConnection, CompleteIfOplocked, NoEaKnowledge, OpenRemoteInstance, RandomAccess, DeleteOnClose, OpenByFileId, OpenForBackupIntent, NoCompression, OpenRequiringOplock, DisallowExclusive, SessionAware, ReserveOpfilter, OpenReparsePoint, OpenNoRecall, OpenForFreeSpaceQuery</maml:para> </maml:description> <command:parameterValue required="true">FileOpenOptions</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.FileOpenOptions</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">DirectoryFile</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteThrough</command:parameterValue> <command:parameterValue required="false" variableLength="false">SequentialOnly</command:parameterValue> <command:parameterValue required="false" variableLength="false">NoIntermediateBuffering</command:parameterValue> <command:parameterValue required="false" variableLength="false">SynchronousIoAlert</command:parameterValue> <command:parameterValue required="false" variableLength="false">SynchronousIoNonAlert</command:parameterValue> <command:parameterValue required="false" variableLength="false">NonDirectoryFile</command:parameterValue> <command:parameterValue required="false" variableLength="false">CreateTreeConnection</command:parameterValue> <command:parameterValue required="false" variableLength="false">CompleteIfOplocked</command:parameterValue> <command:parameterValue required="false" variableLength="false">NoEaKnowledge</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenRemoteInstance</command:parameterValue> <command:parameterValue required="false" variableLength="false">RandomAccess</command:parameterValue> <command:parameterValue required="false" variableLength="false">DeleteOnClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenByFileId</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenForBackupIntent</command:parameterValue> <command:parameterValue required="false" variableLength="false">NoCompression</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenRequiringOplock</command:parameterValue> <command:parameterValue required="false" variableLength="false">DisallowExclusive</command:parameterValue> <command:parameterValue required="false" variableLength="false">SessionAware</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReserveOpfilter</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenReparsePoint</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenNoRecall</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenForFreeSpaceQuery</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Root --> <command:parameter required="false" globbing="false" pipelineInput="true (ByValue)" position="named"> <maml:name>Root</maml:name> <maml:description> <maml:para>An existing open NT object to use when Path is relative.</maml:para> </maml:description> <command:parameterValue required="true">NtObject</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtObject</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Sddl --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Sddl</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object in SDDL format.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SecurityDescriptor --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityDescriptor</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object.</maml:para> </maml:description> <command:parameterValue required="true">SecurityDescriptor</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityDescriptor</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SecurityQualityOfService --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityQualityOfService</maml:name> <maml:description> <maml:para>Set to provide an explicit security quality of service when opening files/namedpipes.</maml:para> </maml:description> <command:parameterValue required="true">SecurityQualityOfService</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityQualityOfService</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: ShareMode --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ShareMode</maml:name> <maml:description> <maml:para>The access share mode to open the file with.</maml:para> <maml:para>Possible values: None, Read, Write, Delete, All</maml:para> </maml:description> <command:parameterValue required="true">FileShareMode</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.FileShareMode</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">Read</command:parameterValue> <command:parameterValue required="false" variableLength="false">Write</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">All</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Transaction --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Transaction</maml:name> <maml:description> <maml:para>Specify a transaction to create the file under.</maml:para> </maml:description> <command:parameterValue required="true">NtTransaction</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtTransaction</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Win32Path --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Win32Path</maml:name> <maml:description> <maml:para>Use a Win32 path for lookups. For NT objects this means relative to BNO, for files means a DOS style path.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> </command:syntaxItem> <!-- Parameter set: Symlink --> <command:syntaxItem> <maml:name>Set-NtFileReparsePoint</maml:name> <!-- Parameter: Path --> <command:parameter required="true" globbing="false" pipelineInput="false" position="0"> <maml:name>Path</maml:name> <maml:description> <maml:para>The NT object manager path to the object to use.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: TargetPath --> <command:parameter required="true" globbing="false" pipelineInput="false" position="1"> <maml:name>TargetPath</maml:name> <maml:description> <maml:para>Specify the target path for reparse point.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: PrintName --> <command:parameter required="false" globbing="false" pipelineInput="false" position="2"> <maml:name>PrintName</maml:name> <maml:description> <maml:para>Specify a print name for the reparse point.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Access --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Access</maml:name> <maml:description> <maml:para>Specify the access rights for a new handle when creating/opening an object.</maml:para> <maml:para>Possible values: None, ReadData, WriteData, AppendData, ReadEa, WriteEa, Execute, DeleteChild, ReadAttributes, WriteAttributes, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">FileAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.FileAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>GenericWrite</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadData</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteData</command:parameterValue> <command:parameterValue required="false" variableLength="false">AppendData</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadEa</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteEa</command:parameterValue> <command:parameterValue required="false" variableLength="false">Execute</command:parameterValue> <command:parameterValue required="false" variableLength="false">DeleteChild</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadAttributes</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteAttributes</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Attributes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Attributes</maml:name> <maml:description> <maml:para>Specify the file attributes for the new file.</maml:para> <maml:para>Possible values: None, ReadOnly, Hidden, System, Directory, Archive, Device, Normal, Temporary, SparseFile, ReparsePoint, Compressed, Offline, NotContentIndexed, Encrypted, IntegrityStream, Virtual, NoScrubData, Ea, Pinned, Unpinned, RecallOnDataAccess</maml:para> </maml:description> <command:parameterValue required="true">FileAttributes</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.FileAttributes</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>Normal</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadOnly</command:parameterValue> <command:parameterValue required="false" variableLength="false">Hidden</command:parameterValue> <command:parameterValue required="false" variableLength="false">System</command:parameterValue> <command:parameterValue required="false" variableLength="false">Directory</command:parameterValue> <command:parameterValue required="false" variableLength="false">Archive</command:parameterValue> <command:parameterValue required="false" variableLength="false">Device</command:parameterValue> <command:parameterValue required="false" variableLength="false">Normal</command:parameterValue> <command:parameterValue required="false" variableLength="false">Temporary</command:parameterValue> <command:parameterValue required="false" variableLength="false">SparseFile</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReparsePoint</command:parameterValue> <command:parameterValue required="false" variableLength="false">Compressed</command:parameterValue> <command:parameterValue required="false" variableLength="false">Offline</command:parameterValue> <command:parameterValue required="false" variableLength="false">NotContentIndexed</command:parameterValue> <command:parameterValue required="false" variableLength="false">Encrypted</command:parameterValue> <command:parameterValue required="false" variableLength="false">IntegrityStream</command:parameterValue> <command:parameterValue required="false" variableLength="false">Virtual</command:parameterValue> <command:parameterValue required="false" variableLength="false">NoScrubData</command:parameterValue> <command:parameterValue required="false" variableLength="false">Ea</command:parameterValue> <command:parameterValue required="false" variableLength="false">Pinned</command:parameterValue> <command:parameterValue required="false" variableLength="false">Unpinned</command:parameterValue> <command:parameterValue required="false" variableLength="false">RecallOnDataAccess</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: CloseRoot --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CloseRoot</maml:name> <maml:description> <maml:para>Automatically close the Root object when this cmdlet finishes processing. Useful for pipelines.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: CreateDirectories --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CreateDirectories</maml:name> <maml:description> <maml:para>Create any necessary NtDirectory objects to create the required object. Will return the created directories as well as the object in the output. The new object will be the first entry in the list. This doesn't work when opening an object or creating keys/files.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: DeviceGuid --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>DeviceGuid</maml:name> <maml:description> <maml:para>Specify that the path is a device GUID not a full path.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: Directory --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Directory</maml:name> <maml:description> <maml:para>Specify to create a directory instead of a file.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: DirectoryAccess --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>DirectoryAccess</maml:name> <maml:description> <maml:para>Specify file access using directory access rights.</maml:para> <maml:para>Possible values: None, ListDirectory, AddFile, AddSubDirectory, ReadEa, WriteEa, Traverse, DeleteChild, ReadAttributes, WriteAttributes, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">FileDirectoryAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.FileDirectoryAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>GenericWrite</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ListDirectory</command:parameterValue> <command:parameterValue required="false" variableLength="false">AddFile</command:parameterValue> <command:parameterValue required="false" variableLength="false">AddSubDirectory</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadEa</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteEa</command:parameterValue> <command:parameterValue required="false" variableLength="false">Traverse</command:parameterValue> <command:parameterValue required="false" variableLength="false">DeleteChild</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadAttributes</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteAttributes</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Disposition --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Disposition</maml:name> <maml:description> <maml:para>Specify the disposition for creating the file.</maml:para> <maml:para>Possible values: Supersede, Open, Create, OpenIf, Overwrite, OverwriteIf</maml:para> </maml:description> <command:parameterValue required="true">FileDisposition</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.FileDisposition</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>OpenIf</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">Supersede</command:parameterValue> <command:parameterValue required="false" variableLength="false">Open</command:parameterValue> <command:parameterValue required="false" variableLength="false">Create</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenIf</command:parameterValue> <command:parameterValue required="false" variableLength="false">Overwrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">OverwriteIf</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: EaBuffer --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>EaBuffer</maml:name> <maml:description> <maml:para>Specify an EA buffer to pass to the create file call.</maml:para> </maml:description> <command:parameterValue required="true">EaBuffer</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.EaBuffer</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: ExistingGuid --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ExistingGuid</maml:name> <maml:description> <maml:para>Specify an existing GUID to check when setting the reparse point (on RS1+).</maml:para> </maml:description> <command:parameterValue required="true">Guid</command:parameterValue> <dev:type> <maml:name>System.Guid</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>00000000-0000-0000-0000-000000000000</dev:defaultValue> </command:parameter> <!-- Parameter: ExistingTag --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ExistingTag</maml:name> <maml:description> <maml:para>Specify an existing reparse tag to check when setting the reparse point (on RS1+).</maml:para> <maml:para>Possible values: MOUNT_POINT, HSM, DRIVE_EXTENDER, HSM2, SIS, WIM, CSV, DFS, FILTER_MANAGER, SYMLINK, IIS_CACHE, DFSR, DEDUP, APPXSTRM, NFS, FILE_PLACEHOLDER, DFM, WOF, WCI, WCI_1, GLOBAL_REPARSE, CLOUD, CLOUD_1, CLOUD_2, CLOUD_3, CLOUD_4, CLOUD_5, CLOUD_6, CLOUD_7, CLOUD_8, CLOUD_9, CLOUD_A, CLOUD_B, CLOUD_C, CLOUD_D, CLOUD_E, CLOUD_F, CLOUD_MASK, APPEXECLINK, PROJFS, LX_SYMLINK, STORAGE_SYNC, WCI_TOMBSTONE, UNHANDLED, ONEDRIVE, PROJFS_TOMBSTONE, AF_UNIX, LX_FIFO, LX_CHR, LX_BLK</maml:para> </maml:description> <command:parameterValue required="true">ReparseTag</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.ReparseTag</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>0</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">MOUNT_POINT</command:parameterValue> <command:parameterValue required="false" variableLength="false">HSM</command:parameterValue> <command:parameterValue required="false" variableLength="false">DRIVE_EXTENDER</command:parameterValue> <command:parameterValue required="false" variableLength="false">HSM2</command:parameterValue> <command:parameterValue required="false" variableLength="false">SIS</command:parameterValue> <command:parameterValue required="false" variableLength="false">WIM</command:parameterValue> <command:parameterValue required="false" variableLength="false">CSV</command:parameterValue> <command:parameterValue required="false" variableLength="false">DFS</command:parameterValue> <command:parameterValue required="false" variableLength="false">FILTER_MANAGER</command:parameterValue> <command:parameterValue required="false" variableLength="false">SYMLINK</command:parameterValue> <command:parameterValue required="false" variableLength="false">IIS_CACHE</command:parameterValue> <command:parameterValue required="false" variableLength="false">DFSR</command:parameterValue> <command:parameterValue required="false" variableLength="false">DEDUP</command:parameterValue> <command:parameterValue required="false" variableLength="false">APPXSTRM</command:parameterValue> <command:parameterValue required="false" variableLength="false">NFS</command:parameterValue> <command:parameterValue required="false" variableLength="false">FILE_PLACEHOLDER</command:parameterValue> <command:parameterValue required="false" variableLength="false">DFM</command:parameterValue> <command:parameterValue required="false" variableLength="false">WOF</command:parameterValue> <command:parameterValue required="false" variableLength="false">WCI</command:parameterValue> <command:parameterValue required="false" variableLength="false">WCI_1</command:parameterValue> <command:parameterValue required="false" variableLength="false">GLOBAL_REPARSE</command:parameterValue> <command:parameterValue required="false" variableLength="false">CLOUD</command:parameterValue> <command:parameterValue required="false" variableLength="false">CLOUD_1</command:parameterValue> <command:parameterValue required="false" variableLength="false">CLOUD_2</command:parameterValue> <command:parameterValue required="false" variableLength="false">CLOUD_3</command:parameterValue> <command:parameterValue required="false" variableLength="false">CLOUD_4</command:parameterValue> <command:parameterValue required="false" variableLength="false">CLOUD_5</command:parameterValue> <command:parameterValue required="false" variableLength="false">CLOUD_6</command:parameterValue> <command:parameterValue required="false" variableLength="false">CLOUD_7</command:parameterValue> <command:parameterValue required="false" variableLength="false">CLOUD_8</command:parameterValue> <command:parameterValue required="false" variableLength="false">CLOUD_9</command:parameterValue> <command:parameterValue required="false" variableLength="false">CLOUD_A</command:parameterValue> <command:parameterValue required="false" variableLength="false">CLOUD_B</command:parameterValue> <command:parameterValue required="false" variableLength="false">CLOUD_C</command:parameterValue> <command:parameterValue required="false" variableLength="false">CLOUD_D</command:parameterValue> <command:parameterValue required="false" variableLength="false">CLOUD_E</command:parameterValue> <command:parameterValue required="false" variableLength="false">CLOUD_F</command:parameterValue> <command:parameterValue required="false" variableLength="false">CLOUD_MASK</command:parameterValue> <command:parameterValue required="false" variableLength="false">APPEXECLINK</command:parameterValue> <command:parameterValue required="false" variableLength="false">PROJFS</command:parameterValue> <command:parameterValue required="false" variableLength="false">LX_SYMLINK</command:parameterValue> <command:parameterValue required="false" variableLength="false">STORAGE_SYNC</command:parameterValue> <command:parameterValue required="false" variableLength="false">WCI_TOMBSTONE</command:parameterValue> <command:parameterValue required="false" variableLength="false">UNHANDLED</command:parameterValue> <command:parameterValue required="false" variableLength="false">ONEDRIVE</command:parameterValue> <command:parameterValue required="false" variableLength="false">PROJFS_TOMBSTONE</command:parameterValue> <command:parameterValue required="false" variableLength="false">AF_UNIX</command:parameterValue> <command:parameterValue required="false" variableLength="false">LX_FIFO</command:parameterValue> <command:parameterValue required="false" variableLength="false">LX_CHR</command:parameterValue> <command:parameterValue required="false" variableLength="false">LX_BLK</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Flags --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Flags</maml:name> <maml:description> <maml:para>Specify flags to use when setting the reparse point (on RS1+).</maml:para> <maml:para>Possible values: None, GivenTagOrNone</maml:para> </maml:description> <command:parameterValue required="true">ReparseBufferExFlags</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.ReparseBufferExFlags</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">GivenTagOrNone</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Inherit --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Inherit</maml:name> <maml:description> <maml:para>Set to mark the new handle as inheritable. Can be used with ObjectAttributes.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ObjectAttributes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ObjectAttributes</maml:name> <maml:description> <maml:para>Object Attribute flags used during Open/Create calls.</maml:para> <maml:para>Possible values: None, ProtectClose, Inherit, AuditObjectClose, Permanent, Exclusive, CaseInsensitive, OpenIf, OpenLink, KernelHandle, ForceAccessCheck, IgnoreImpersonatedDevicemap, DontReparse</maml:para> </maml:description> <command:parameterValue required="true">AttributeFlags</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.AttributeFlags</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>CaseInsensitive</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ProtectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Inherit</command:parameterValue> <command:parameterValue required="false" variableLength="false">AuditObjectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Permanent</command:parameterValue> <command:parameterValue required="false" variableLength="false">Exclusive</command:parameterValue> <command:parameterValue required="false" variableLength="false">CaseInsensitive</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenIf</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenLink</command:parameterValue> <command:parameterValue required="false" variableLength="false">KernelHandle</command:parameterValue> <command:parameterValue required="false" variableLength="false">ForceAccessCheck</command:parameterValue> <command:parameterValue required="false" variableLength="false">IgnoreImpersonatedDevicemap</command:parameterValue> <command:parameterValue required="false" variableLength="false">DontReparse</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Options --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Options</maml:name> <maml:description> <maml:para>The options to open the file with.</maml:para> <maml:para>Possible values: None, DirectoryFile, WriteThrough, SequentialOnly, NoIntermediateBuffering, SynchronousIoAlert, SynchronousIoNonAlert, NonDirectoryFile, CreateTreeConnection, CompleteIfOplocked, NoEaKnowledge, OpenRemoteInstance, RandomAccess, DeleteOnClose, OpenByFileId, OpenForBackupIntent, NoCompression, OpenRequiringOplock, DisallowExclusive, SessionAware, ReserveOpfilter, OpenReparsePoint, OpenNoRecall, OpenForFreeSpaceQuery</maml:para> </maml:description> <command:parameterValue required="true">FileOpenOptions</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.FileOpenOptions</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">DirectoryFile</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteThrough</command:parameterValue> <command:parameterValue required="false" variableLength="false">SequentialOnly</command:parameterValue> <command:parameterValue required="false" variableLength="false">NoIntermediateBuffering</command:parameterValue> <command:parameterValue required="false" variableLength="false">SynchronousIoAlert</command:parameterValue> <command:parameterValue required="false" variableLength="false">SynchronousIoNonAlert</command:parameterValue> <command:parameterValue required="false" variableLength="false">NonDirectoryFile</command:parameterValue> <command:parameterValue required="false" variableLength="false">CreateTreeConnection</command:parameterValue> <command:parameterValue required="false" variableLength="false">CompleteIfOplocked</command:parameterValue> <command:parameterValue required="false" variableLength="false">NoEaKnowledge</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenRemoteInstance</command:parameterValue> <command:parameterValue required="false" variableLength="false">RandomAccess</command:parameterValue> <command:parameterValue required="false" variableLength="false">DeleteOnClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenByFileId</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenForBackupIntent</command:parameterValue> <command:parameterValue required="false" variableLength="false">NoCompression</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenRequiringOplock</command:parameterValue> <command:parameterValue required="false" variableLength="false">DisallowExclusive</command:parameterValue> <command:parameterValue required="false" variableLength="false">SessionAware</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReserveOpfilter</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenReparsePoint</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenNoRecall</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenForFreeSpaceQuery</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Relative --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Relative</maml:name> <maml:description> <maml:para>Specify the symlink target should be a relative path.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: Root --> <command:parameter required="false" globbing="false" pipelineInput="true (ByValue)" position="named"> <maml:name>Root</maml:name> <maml:description> <maml:para>An existing open NT object to use when Path is relative.</maml:para> </maml:description> <command:parameterValue required="true">NtObject</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtObject</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Sddl --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Sddl</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object in SDDL format.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SecurityDescriptor --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityDescriptor</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object.</maml:para> </maml:description> <command:parameterValue required="true">SecurityDescriptor</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityDescriptor</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SecurityQualityOfService --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityQualityOfService</maml:name> <maml:description> <maml:para>Set to provide an explicit security quality of service when opening files/namedpipes.</maml:para> </maml:description> <command:parameterValue required="true">SecurityQualityOfService</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityQualityOfService</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: ShareMode --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ShareMode</maml:name> <maml:description> <maml:para>The access share mode to open the file with.</maml:para> <maml:para>Possible values: None, Read, Write, Delete, All</maml:para> </maml:description> <command:parameterValue required="true">FileShareMode</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.FileShareMode</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">Read</command:parameterValue> <command:parameterValue required="false" variableLength="false">Write</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">All</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Transaction --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Transaction</maml:name> <maml:description> <maml:para>Specify a transaction to create the file under.</maml:para> </maml:description> <command:parameterValue required="true">NtTransaction</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtTransaction</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Win32Path --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Win32Path</maml:name> <maml:description> <maml:para>Use a Win32 path for lookups. For NT objects this means relative to BNO, for files means a DOS style path.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> </command:syntaxItem> <!-- Parameter set: ReparseBuffer --> <command:syntaxItem> <maml:name>Set-NtFileReparsePoint</maml:name> <!-- Parameter: Path --> <command:parameter required="true" globbing="false" pipelineInput="false" position="0"> <maml:name>Path</maml:name> <maml:description> <maml:para>The NT object manager path to the object to use.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: ReparseBuffer --> <command:parameter required="true" globbing="false" pipelineInput="false" position="1"> <maml:name>ReparseBuffer</maml:name> <maml:description> <maml:para>Specify the raw reparse point buffer.</maml:para> </maml:description> <command:parameterValue required="true">ReparseBuffer</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.ReparseBuffer</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Access --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Access</maml:name> <maml:description> <maml:para>Specify the access rights for a new handle when creating/opening an object.</maml:para> <maml:para>Possible values: None, ReadData, WriteData, AppendData, ReadEa, WriteEa, Execute, DeleteChild, ReadAttributes, WriteAttributes, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">FileAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.FileAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>GenericWrite</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadData</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteData</command:parameterValue> <command:parameterValue required="false" variableLength="false">AppendData</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadEa</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteEa</command:parameterValue> <command:parameterValue required="false" variableLength="false">Execute</command:parameterValue> <command:parameterValue required="false" variableLength="false">DeleteChild</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadAttributes</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteAttributes</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Attributes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Attributes</maml:name> <maml:description> <maml:para>Specify the file attributes for the new file.</maml:para> <maml:para>Possible values: None, ReadOnly, Hidden, System, Directory, Archive, Device, Normal, Temporary, SparseFile, ReparsePoint, Compressed, Offline, NotContentIndexed, Encrypted, IntegrityStream, Virtual, NoScrubData, Ea, Pinned, Unpinned, RecallOnDataAccess</maml:para> </maml:description> <command:parameterValue required="true">FileAttributes</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.FileAttributes</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>Normal</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadOnly</command:parameterValue> <command:parameterValue required="false" variableLength="false">Hidden</command:parameterValue> <command:parameterValue required="false" variableLength="false">System</command:parameterValue> <command:parameterValue required="false" variableLength="false">Directory</command:parameterValue> <command:parameterValue required="false" variableLength="false">Archive</command:parameterValue> <command:parameterValue required="false" variableLength="false">Device</command:parameterValue> <command:parameterValue required="false" variableLength="false">Normal</command:parameterValue> <command:parameterValue required="false" variableLength="false">Temporary</command:parameterValue> <command:parameterValue required="false" variableLength="false">SparseFile</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReparsePoint</command:parameterValue> <command:parameterValue required="false" variableLength="false">Compressed</command:parameterValue> <command:parameterValue required="false" variableLength="false">Offline</command:parameterValue> <command:parameterValue required="false" variableLength="false">NotContentIndexed</command:parameterValue> <command:parameterValue required="false" variableLength="false">Encrypted</command:parameterValue> <command:parameterValue required="false" variableLength="false">IntegrityStream</command:parameterValue> <command:parameterValue required="false" variableLength="false">Virtual</command:parameterValue> <command:parameterValue required="false" variableLength="false">NoScrubData</command:parameterValue> <command:parameterValue required="false" variableLength="false">Ea</command:parameterValue> <command:parameterValue required="false" variableLength="false">Pinned</command:parameterValue> <command:parameterValue required="false" variableLength="false">Unpinned</command:parameterValue> <command:parameterValue required="false" variableLength="false">RecallOnDataAccess</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: CloseRoot --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CloseRoot</maml:name> <maml:description> <maml:para>Automatically close the Root object when this cmdlet finishes processing. Useful for pipelines.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: CreateDirectories --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CreateDirectories</maml:name> <maml:description> <maml:para>Create any necessary NtDirectory objects to create the required object. Will return the created directories as well as the object in the output. The new object will be the first entry in the list. This doesn't work when opening an object or creating keys/files.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: DeviceGuid --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>DeviceGuid</maml:name> <maml:description> <maml:para>Specify that the path is a device GUID not a full path.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: Directory --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Directory</maml:name> <maml:description> <maml:para>Specify to create a directory instead of a file.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: DirectoryAccess --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>DirectoryAccess</maml:name> <maml:description> <maml:para>Specify file access using directory access rights.</maml:para> <maml:para>Possible values: None, ListDirectory, AddFile, AddSubDirectory, ReadEa, WriteEa, Traverse, DeleteChild, ReadAttributes, WriteAttributes, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">FileDirectoryAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.FileDirectoryAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>GenericWrite</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ListDirectory</command:parameterValue> <command:parameterValue required="false" variableLength="false">AddFile</command:parameterValue> <command:parameterValue required="false" variableLength="false">AddSubDirectory</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadEa</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteEa</command:parameterValue> <command:parameterValue required="false" variableLength="false">Traverse</command:parameterValue> <command:parameterValue required="false" variableLength="false">DeleteChild</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadAttributes</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteAttributes</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Disposition --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Disposition</maml:name> <maml:description> <maml:para>Specify the disposition for creating the file.</maml:para> <maml:para>Possible values: Supersede, Open, Create, OpenIf, Overwrite, OverwriteIf</maml:para> </maml:description> <command:parameterValue required="true">FileDisposition</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.FileDisposition</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>OpenIf</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">Supersede</command:parameterValue> <command:parameterValue required="false" variableLength="false">Open</command:parameterValue> <command:parameterValue required="false" variableLength="false">Create</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenIf</command:parameterValue> <command:parameterValue required="false" variableLength="false">Overwrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">OverwriteIf</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: EaBuffer --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>EaBuffer</maml:name> <maml:description> <maml:para>Specify an EA buffer to pass to the create file call.</maml:para> </maml:description> <command:parameterValue required="true">EaBuffer</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.EaBuffer</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: ExistingGuid --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ExistingGuid</maml:name> <maml:description> <maml:para>Specify an existing GUID to check when setting the reparse point (on RS1+).</maml:para> </maml:description> <command:parameterValue required="true">Guid</command:parameterValue> <dev:type> <maml:name>System.Guid</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>00000000-0000-0000-0000-000000000000</dev:defaultValue> </command:parameter> <!-- Parameter: ExistingTag --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ExistingTag</maml:name> <maml:description> <maml:para>Specify an existing reparse tag to check when setting the reparse point (on RS1+).</maml:para> <maml:para>Possible values: MOUNT_POINT, HSM, DRIVE_EXTENDER, HSM2, SIS, WIM, CSV, DFS, FILTER_MANAGER, SYMLINK, IIS_CACHE, DFSR, DEDUP, APPXSTRM, NFS, FILE_PLACEHOLDER, DFM, WOF, WCI, WCI_1, GLOBAL_REPARSE, CLOUD, CLOUD_1, CLOUD_2, CLOUD_3, CLOUD_4, CLOUD_5, CLOUD_6, CLOUD_7, CLOUD_8, CLOUD_9, CLOUD_A, CLOUD_B, CLOUD_C, CLOUD_D, CLOUD_E, CLOUD_F, CLOUD_MASK, APPEXECLINK, PROJFS, LX_SYMLINK, STORAGE_SYNC, WCI_TOMBSTONE, UNHANDLED, ONEDRIVE, PROJFS_TOMBSTONE, AF_UNIX, LX_FIFO, LX_CHR, LX_BLK</maml:para> </maml:description> <command:parameterValue required="true">ReparseTag</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.ReparseTag</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>0</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">MOUNT_POINT</command:parameterValue> <command:parameterValue required="false" variableLength="false">HSM</command:parameterValue> <command:parameterValue required="false" variableLength="false">DRIVE_EXTENDER</command:parameterValue> <command:parameterValue required="false" variableLength="false">HSM2</command:parameterValue> <command:parameterValue required="false" variableLength="false">SIS</command:parameterValue> <command:parameterValue required="false" variableLength="false">WIM</command:parameterValue> <command:parameterValue required="false" variableLength="false">CSV</command:parameterValue> <command:parameterValue required="false" variableLength="false">DFS</command:parameterValue> <command:parameterValue required="false" variableLength="false">FILTER_MANAGER</command:parameterValue> <command:parameterValue required="false" variableLength="false">SYMLINK</command:parameterValue> <command:parameterValue required="false" variableLength="false">IIS_CACHE</command:parameterValue> <command:parameterValue required="false" variableLength="false">DFSR</command:parameterValue> <command:parameterValue required="false" variableLength="false">DEDUP</command:parameterValue> <command:parameterValue required="false" variableLength="false">APPXSTRM</command:parameterValue> <command:parameterValue required="false" variableLength="false">NFS</command:parameterValue> <command:parameterValue required="false" variableLength="false">FILE_PLACEHOLDER</command:parameterValue> <command:parameterValue required="false" variableLength="false">DFM</command:parameterValue> <command:parameterValue required="false" variableLength="false">WOF</command:parameterValue> <command:parameterValue required="false" variableLength="false">WCI</command:parameterValue> <command:parameterValue required="false" variableLength="false">WCI_1</command:parameterValue> <command:parameterValue required="false" variableLength="false">GLOBAL_REPARSE</command:parameterValue> <command:parameterValue required="false" variableLength="false">CLOUD</command:parameterValue> <command:parameterValue required="false" variableLength="false">CLOUD_1</command:parameterValue> <command:parameterValue required="false" variableLength="false">CLOUD_2</command:parameterValue> <command:parameterValue required="false" variableLength="false">CLOUD_3</command:parameterValue> <command:parameterValue required="false" variableLength="false">CLOUD_4</command:parameterValue> <command:parameterValue required="false" variableLength="false">CLOUD_5</command:parameterValue> <command:parameterValue required="false" variableLength="false">CLOUD_6</command:parameterValue> <command:parameterValue required="false" variableLength="false">CLOUD_7</command:parameterValue> <command:parameterValue required="false" variableLength="false">CLOUD_8</command:parameterValue> <command:parameterValue required="false" variableLength="false">CLOUD_9</command:parameterValue> <command:parameterValue required="false" variableLength="false">CLOUD_A</command:parameterValue> <command:parameterValue required="false" variableLength="false">CLOUD_B</command:parameterValue> <command:parameterValue required="false" variableLength="false">CLOUD_C</command:parameterValue> <command:parameterValue required="false" variableLength="false">CLOUD_D</command:parameterValue> <command:parameterValue required="false" variableLength="false">CLOUD_E</command:parameterValue> <command:parameterValue required="false" variableLength="false">CLOUD_F</command:parameterValue> <command:parameterValue required="false" variableLength="false">CLOUD_MASK</command:parameterValue> <command:parameterValue required="false" variableLength="false">APPEXECLINK</command:parameterValue> <command:parameterValue required="false" variableLength="false">PROJFS</command:parameterValue> <command:parameterValue required="false" variableLength="false">LX_SYMLINK</command:parameterValue> <command:parameterValue required="false" variableLength="false">STORAGE_SYNC</command:parameterValue> <command:parameterValue required="false" variableLength="false">WCI_TOMBSTONE</command:parameterValue> <command:parameterValue required="false" variableLength="false">UNHANDLED</command:parameterValue> <command:parameterValue required="false" variableLength="false">ONEDRIVE</command:parameterValue> <command:parameterValue required="false" variableLength="false">PROJFS_TOMBSTONE</command:parameterValue> <command:parameterValue required="false" variableLength="false">AF_UNIX</command:parameterValue> <command:parameterValue required="false" variableLength="false">LX_FIFO</command:parameterValue> <command:parameterValue required="false" variableLength="false">LX_CHR</command:parameterValue> <command:parameterValue required="false" variableLength="false">LX_BLK</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Flags --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Flags</maml:name> <maml:description> <maml:para>Specify flags to use when setting the reparse point (on RS1+).</maml:para> <maml:para>Possible values: None, GivenTagOrNone</maml:para> </maml:description> <command:parameterValue required="true">ReparseBufferExFlags</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.ReparseBufferExFlags</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">GivenTagOrNone</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Inherit --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Inherit</maml:name> <maml:description> <maml:para>Set to mark the new handle as inheritable. Can be used with ObjectAttributes.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ObjectAttributes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ObjectAttributes</maml:name> <maml:description> <maml:para>Object Attribute flags used during Open/Create calls.</maml:para> <maml:para>Possible values: None, ProtectClose, Inherit, AuditObjectClose, Permanent, Exclusive, CaseInsensitive, OpenIf, OpenLink, KernelHandle, ForceAccessCheck, IgnoreImpersonatedDevicemap, DontReparse</maml:para> </maml:description> <command:parameterValue required="true">AttributeFlags</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.AttributeFlags</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>CaseInsensitive</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ProtectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Inherit</command:parameterValue> <command:parameterValue required="false" variableLength="false">AuditObjectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Permanent</command:parameterValue> <command:parameterValue required="false" variableLength="false">Exclusive</command:parameterValue> <command:parameterValue required="false" variableLength="false">CaseInsensitive</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenIf</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenLink</command:parameterValue> <command:parameterValue required="false" variableLength="false">KernelHandle</command:parameterValue> <command:parameterValue required="false" variableLength="false">ForceAccessCheck</command:parameterValue> <command:parameterValue required="false" variableLength="false">IgnoreImpersonatedDevicemap</command:parameterValue> <command:parameterValue required="false" variableLength="false">DontReparse</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Options --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Options</maml:name> <maml:description> <maml:para>The options to open the file with.</maml:para> <maml:para>Possible values: None, DirectoryFile, WriteThrough, SequentialOnly, NoIntermediateBuffering, SynchronousIoAlert, SynchronousIoNonAlert, NonDirectoryFile, CreateTreeConnection, CompleteIfOplocked, NoEaKnowledge, OpenRemoteInstance, RandomAccess, DeleteOnClose, OpenByFileId, OpenForBackupIntent, NoCompression, OpenRequiringOplock, DisallowExclusive, SessionAware, ReserveOpfilter, OpenReparsePoint, OpenNoRecall, OpenForFreeSpaceQuery</maml:para> </maml:description> <command:parameterValue required="true">FileOpenOptions</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.FileOpenOptions</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">DirectoryFile</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteThrough</command:parameterValue> <command:parameterValue required="false" variableLength="false">SequentialOnly</command:parameterValue> <command:parameterValue required="false" variableLength="false">NoIntermediateBuffering</command:parameterValue> <command:parameterValue required="false" variableLength="false">SynchronousIoAlert</command:parameterValue> <command:parameterValue required="false" variableLength="false">SynchronousIoNonAlert</command:parameterValue> <command:parameterValue required="false" variableLength="false">NonDirectoryFile</command:parameterValue> <command:parameterValue required="false" variableLength="false">CreateTreeConnection</command:parameterValue> <command:parameterValue required="false" variableLength="false">CompleteIfOplocked</command:parameterValue> <command:parameterValue required="false" variableLength="false">NoEaKnowledge</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenRemoteInstance</command:parameterValue> <command:parameterValue required="false" variableLength="false">RandomAccess</command:parameterValue> <command:parameterValue required="false" variableLength="false">DeleteOnClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenByFileId</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenForBackupIntent</command:parameterValue> <command:parameterValue required="false" variableLength="false">NoCompression</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenRequiringOplock</command:parameterValue> <command:parameterValue required="false" variableLength="false">DisallowExclusive</command:parameterValue> <command:parameterValue required="false" variableLength="false">SessionAware</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReserveOpfilter</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenReparsePoint</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenNoRecall</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenForFreeSpaceQuery</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Root --> <command:parameter required="false" globbing="false" pipelineInput="true (ByValue)" position="named"> <maml:name>Root</maml:name> <maml:description> <maml:para>An existing open NT object to use when Path is relative.</maml:para> </maml:description> <command:parameterValue required="true">NtObject</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtObject</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Sddl --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Sddl</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object in SDDL format.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SecurityDescriptor --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityDescriptor</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object.</maml:para> </maml:description> <command:parameterValue required="true">SecurityDescriptor</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityDescriptor</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SecurityQualityOfService --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityQualityOfService</maml:name> <maml:description> <maml:para>Set to provide an explicit security quality of service when opening files/namedpipes.</maml:para> </maml:description> <command:parameterValue required="true">SecurityQualityOfService</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityQualityOfService</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: ShareMode --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ShareMode</maml:name> <maml:description> <maml:para>The access share mode to open the file with.</maml:para> <maml:para>Possible values: None, Read, Write, Delete, All</maml:para> </maml:description> <command:parameterValue required="true">FileShareMode</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.FileShareMode</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">Read</command:parameterValue> <command:parameterValue required="false" variableLength="false">Write</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">All</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Transaction --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Transaction</maml:name> <maml:description> <maml:para>Specify a transaction to create the file under.</maml:para> </maml:description> <command:parameterValue required="true">NtTransaction</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtTransaction</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Win32Path --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Win32Path</maml:name> <maml:description> <maml:para>Use a Win32 path for lookups. For NT objects this means relative to BNO, for files means a DOS style path.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> </command:syntaxItem> <!-- Parameter set: Bytes --> <command:syntaxItem> <maml:name>Set-NtFileReparsePoint</maml:name> <!-- Parameter: Path --> <command:parameter required="true" globbing="false" pipelineInput="false" position="0"> <maml:name>Path</maml:name> <maml:description> <maml:para>The NT object manager path to the object to use.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Bytes --> <command:parameter required="true" globbing="false" pipelineInput="false" position="1"> <maml:name>Bytes</maml:name> <maml:description> <maml:para>Specify the raw reparse point buffer as bytes.</maml:para> </maml:description> <command:parameterValue required="true">byte[]</command:parameterValue> <dev:type> <maml:name>System.Byte[]</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Access --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Access</maml:name> <maml:description> <maml:para>Specify the access rights for a new handle when creating/opening an object.</maml:para> <maml:para>Possible values: None, ReadData, WriteData, AppendData, ReadEa, WriteEa, Execute, DeleteChild, ReadAttributes, WriteAttributes, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">FileAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.FileAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>GenericWrite</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadData</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteData</command:parameterValue> <command:parameterValue required="false" variableLength="false">AppendData</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadEa</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteEa</command:parameterValue> <command:parameterValue required="false" variableLength="false">Execute</command:parameterValue> <command:parameterValue required="false" variableLength="false">DeleteChild</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadAttributes</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteAttributes</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Attributes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Attributes</maml:name> <maml:description> <maml:para>Specify the file attributes for the new file.</maml:para> <maml:para>Possible values: None, ReadOnly, Hidden, System, Directory, Archive, Device, Normal, Temporary, SparseFile, ReparsePoint, Compressed, Offline, NotContentIndexed, Encrypted, IntegrityStream, Virtual, NoScrubData, Ea, Pinned, Unpinned, RecallOnDataAccess</maml:para> </maml:description> <command:parameterValue required="true">FileAttributes</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.FileAttributes</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>Normal</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadOnly</command:parameterValue> <command:parameterValue required="false" variableLength="false">Hidden</command:parameterValue> <command:parameterValue required="false" variableLength="false">System</command:parameterValue> <command:parameterValue required="false" variableLength="false">Directory</command:parameterValue> <command:parameterValue required="false" variableLength="false">Archive</command:parameterValue> <command:parameterValue required="false" variableLength="false">Device</command:parameterValue> <command:parameterValue required="false" variableLength="false">Normal</command:parameterValue> <command:parameterValue required="false" variableLength="false">Temporary</command:parameterValue> <command:parameterValue required="false" variableLength="false">SparseFile</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReparsePoint</command:parameterValue> <command:parameterValue required="false" variableLength="false">Compressed</command:parameterValue> <command:parameterValue required="false" variableLength="false">Offline</command:parameterValue> <command:parameterValue required="false" variableLength="false">NotContentIndexed</command:parameterValue> <command:parameterValue required="false" variableLength="false">Encrypted</command:parameterValue> <command:parameterValue required="false" variableLength="false">IntegrityStream</command:parameterValue> <command:parameterValue required="false" variableLength="false">Virtual</command:parameterValue> <command:parameterValue required="false" variableLength="false">NoScrubData</command:parameterValue> <command:parameterValue required="false" variableLength="false">Ea</command:parameterValue> <command:parameterValue required="false" variableLength="false">Pinned</command:parameterValue> <command:parameterValue required="false" variableLength="false">Unpinned</command:parameterValue> <command:parameterValue required="false" variableLength="false">RecallOnDataAccess</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: CloseRoot --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CloseRoot</maml:name> <maml:description> <maml:para>Automatically close the Root object when this cmdlet finishes processing. Useful for pipelines.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: CreateDirectories --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CreateDirectories</maml:name> <maml:description> <maml:para>Create any necessary NtDirectory objects to create the required object. Will return the created directories as well as the object in the output. The new object will be the first entry in the list. This doesn't work when opening an object or creating keys/files.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: DeviceGuid --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>DeviceGuid</maml:name> <maml:description> <maml:para>Specify that the path is a device GUID not a full path.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: Directory --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Directory</maml:name> <maml:description> <maml:para>Specify to create a directory instead of a file.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: DirectoryAccess --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>DirectoryAccess</maml:name> <maml:description> <maml:para>Specify file access using directory access rights.</maml:para> <maml:para>Possible values: None, ListDirectory, AddFile, AddSubDirectory, ReadEa, WriteEa, Traverse, DeleteChild, ReadAttributes, WriteAttributes, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">FileDirectoryAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.FileDirectoryAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>GenericWrite</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ListDirectory</command:parameterValue> <command:parameterValue required="false" variableLength="false">AddFile</command:parameterValue> <command:parameterValue required="false" variableLength="false">AddSubDirectory</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadEa</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteEa</command:parameterValue> <command:parameterValue required="false" variableLength="false">Traverse</command:parameterValue> <command:parameterValue required="false" variableLength="false">DeleteChild</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadAttributes</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteAttributes</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Disposition --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Disposition</maml:name> <maml:description> <maml:para>Specify the disposition for creating the file.</maml:para> <maml:para>Possible values: Supersede, Open, Create, OpenIf, Overwrite, OverwriteIf</maml:para> </maml:description> <command:parameterValue required="true">FileDisposition</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.FileDisposition</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>OpenIf</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">Supersede</command:parameterValue> <command:parameterValue required="false" variableLength="false">Open</command:parameterValue> <command:parameterValue required="false" variableLength="false">Create</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenIf</command:parameterValue> <command:parameterValue required="false" variableLength="false">Overwrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">OverwriteIf</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: EaBuffer --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>EaBuffer</maml:name> <maml:description> <maml:para>Specify an EA buffer to pass to the create file call.</maml:para> </maml:description> <command:parameterValue required="true">EaBuffer</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.EaBuffer</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: ExistingGuid --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ExistingGuid</maml:name> <maml:description> <maml:para>Specify an existing GUID to check when setting the reparse point (on RS1+).</maml:para> </maml:description> <command:parameterValue required="true">Guid</command:parameterValue> <dev:type> <maml:name>System.Guid</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>00000000-0000-0000-0000-000000000000</dev:defaultValue> </command:parameter> <!-- Parameter: ExistingTag --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ExistingTag</maml:name> <maml:description> <maml:para>Specify an existing reparse tag to check when setting the reparse point (on RS1+).</maml:para> <maml:para>Possible values: MOUNT_POINT, HSM, DRIVE_EXTENDER, HSM2, SIS, WIM, CSV, DFS, FILTER_MANAGER, SYMLINK, IIS_CACHE, DFSR, DEDUP, APPXSTRM, NFS, FILE_PLACEHOLDER, DFM, WOF, WCI, WCI_1, GLOBAL_REPARSE, CLOUD, CLOUD_1, CLOUD_2, CLOUD_3, CLOUD_4, CLOUD_5, CLOUD_6, CLOUD_7, CLOUD_8, CLOUD_9, CLOUD_A, CLOUD_B, CLOUD_C, CLOUD_D, CLOUD_E, CLOUD_F, CLOUD_MASK, APPEXECLINK, PROJFS, LX_SYMLINK, STORAGE_SYNC, WCI_TOMBSTONE, UNHANDLED, ONEDRIVE, PROJFS_TOMBSTONE, AF_UNIX, LX_FIFO, LX_CHR, LX_BLK</maml:para> </maml:description> <command:parameterValue required="true">ReparseTag</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.ReparseTag</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>0</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">MOUNT_POINT</command:parameterValue> <command:parameterValue required="false" variableLength="false">HSM</command:parameterValue> <command:parameterValue required="false" variableLength="false">DRIVE_EXTENDER</command:parameterValue> <command:parameterValue required="false" variableLength="false">HSM2</command:parameterValue> <command:parameterValue required="false" variableLength="false">SIS</command:parameterValue> <command:parameterValue required="false" variableLength="false">WIM</command:parameterValue> <command:parameterValue required="false" variableLength="false">CSV</command:parameterValue> <command:parameterValue required="false" variableLength="false">DFS</command:parameterValue> <command:parameterValue required="false" variableLength="false">FILTER_MANAGER</command:parameterValue> <command:parameterValue required="false" variableLength="false">SYMLINK</command:parameterValue> <command:parameterValue required="false" variableLength="false">IIS_CACHE</command:parameterValue> <command:parameterValue required="false" variableLength="false">DFSR</command:parameterValue> <command:parameterValue required="false" variableLength="false">DEDUP</command:parameterValue> <command:parameterValue required="false" variableLength="false">APPXSTRM</command:parameterValue> <command:parameterValue required="false" variableLength="false">NFS</command:parameterValue> <command:parameterValue required="false" variableLength="false">FILE_PLACEHOLDER</command:parameterValue> <command:parameterValue required="false" variableLength="false">DFM</command:parameterValue> <command:parameterValue required="false" variableLength="false">WOF</command:parameterValue> <command:parameterValue required="false" variableLength="false">WCI</command:parameterValue> <command:parameterValue required="false" variableLength="false">WCI_1</command:parameterValue> <command:parameterValue required="false" variableLength="false">GLOBAL_REPARSE</command:parameterValue> <command:parameterValue required="false" variableLength="false">CLOUD</command:parameterValue> <command:parameterValue required="false" variableLength="false">CLOUD_1</command:parameterValue> <command:parameterValue required="false" variableLength="false">CLOUD_2</command:parameterValue> <command:parameterValue required="false" variableLength="false">CLOUD_3</command:parameterValue> <command:parameterValue required="false" variableLength="false">CLOUD_4</command:parameterValue> <command:parameterValue required="false" variableLength="false">CLOUD_5</command:parameterValue> <command:parameterValue required="false" variableLength="false">CLOUD_6</command:parameterValue> <command:parameterValue required="false" variableLength="false">CLOUD_7</command:parameterValue> <command:parameterValue required="false" variableLength="false">CLOUD_8</command:parameterValue> <command:parameterValue required="false" variableLength="false">CLOUD_9</command:parameterValue> <command:parameterValue required="false" variableLength="false">CLOUD_A</command:parameterValue> <command:parameterValue required="false" variableLength="false">CLOUD_B</command:parameterValue> <command:parameterValue required="false" variableLength="false">CLOUD_C</command:parameterValue> <command:parameterValue required="false" variableLength="false">CLOUD_D</command:parameterValue> <command:parameterValue required="false" variableLength="false">CLOUD_E</command:parameterValue> <command:parameterValue required="false" variableLength="false">CLOUD_F</command:parameterValue> <command:parameterValue required="false" variableLength="false">CLOUD_MASK</command:parameterValue> <command:parameterValue required="false" variableLength="false">APPEXECLINK</command:parameterValue> <command:parameterValue required="false" variableLength="false">PROJFS</command:parameterValue> <command:parameterValue required="false" variableLength="false">LX_SYMLINK</command:parameterValue> <command:parameterValue required="false" variableLength="false">STORAGE_SYNC</command:parameterValue> <command:parameterValue required="false" variableLength="false">WCI_TOMBSTONE</command:parameterValue> <command:parameterValue required="false" variableLength="false">UNHANDLED</command:parameterValue> <command:parameterValue required="false" variableLength="false">ONEDRIVE</command:parameterValue> <command:parameterValue required="false" variableLength="false">PROJFS_TOMBSTONE</command:parameterValue> <command:parameterValue required="false" variableLength="false">AF_UNIX</command:parameterValue> <command:parameterValue required="false" variableLength="false">LX_FIFO</command:parameterValue> <command:parameterValue required="false" variableLength="false">LX_CHR</command:parameterValue> <command:parameterValue required="false" variableLength="false">LX_BLK</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Flags --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Flags</maml:name> <maml:description> <maml:para>Specify flags to use when setting the reparse point (on RS1+).</maml:para> <maml:para>Possible values: None, GivenTagOrNone</maml:para> </maml:description> <command:parameterValue required="true">ReparseBufferExFlags</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.ReparseBufferExFlags</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">GivenTagOrNone</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Inherit --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Inherit</maml:name> <maml:description> <maml:para>Set to mark the new handle as inheritable. Can be used with ObjectAttributes.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ObjectAttributes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ObjectAttributes</maml:name> <maml:description> <maml:para>Object Attribute flags used during Open/Create calls.</maml:para> <maml:para>Possible values: None, ProtectClose, Inherit, AuditObjectClose, Permanent, Exclusive, CaseInsensitive, OpenIf, OpenLink, KernelHandle, ForceAccessCheck, IgnoreImpersonatedDevicemap, DontReparse</maml:para> </maml:description> <command:parameterValue required="true">AttributeFlags</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.AttributeFlags</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>CaseInsensitive</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ProtectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Inherit</command:parameterValue> <command:parameterValue required="false" variableLength="false">AuditObjectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Permanent</command:parameterValue> <command:parameterValue required="false" variableLength="false">Exclusive</command:parameterValue> <command:parameterValue required="false" variableLength="false">CaseInsensitive</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenIf</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenLink</command:parameterValue> <command:parameterValue required="false" variableLength="false">KernelHandle</command:parameterValue> <command:parameterValue required="false" variableLength="false">ForceAccessCheck</command:parameterValue> <command:parameterValue required="false" variableLength="false">IgnoreImpersonatedDevicemap</command:parameterValue> <command:parameterValue required="false" variableLength="false">DontReparse</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Options --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Options</maml:name> <maml:description> <maml:para>The options to open the file with.</maml:para> <maml:para>Possible values: None, DirectoryFile, WriteThrough, SequentialOnly, NoIntermediateBuffering, SynchronousIoAlert, SynchronousIoNonAlert, NonDirectoryFile, CreateTreeConnection, CompleteIfOplocked, NoEaKnowledge, OpenRemoteInstance, RandomAccess, DeleteOnClose, OpenByFileId, OpenForBackupIntent, NoCompression, OpenRequiringOplock, DisallowExclusive, SessionAware, ReserveOpfilter, OpenReparsePoint, OpenNoRecall, OpenForFreeSpaceQuery</maml:para> </maml:description> <command:parameterValue required="true">FileOpenOptions</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.FileOpenOptions</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">DirectoryFile</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteThrough</command:parameterValue> <command:parameterValue required="false" variableLength="false">SequentialOnly</command:parameterValue> <command:parameterValue required="false" variableLength="false">NoIntermediateBuffering</command:parameterValue> <command:parameterValue required="false" variableLength="false">SynchronousIoAlert</command:parameterValue> <command:parameterValue required="false" variableLength="false">SynchronousIoNonAlert</command:parameterValue> <command:parameterValue required="false" variableLength="false">NonDirectoryFile</command:parameterValue> <command:parameterValue required="false" variableLength="false">CreateTreeConnection</command:parameterValue> <command:parameterValue required="false" variableLength="false">CompleteIfOplocked</command:parameterValue> <command:parameterValue required="false" variableLength="false">NoEaKnowledge</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenRemoteInstance</command:parameterValue> <command:parameterValue required="false" variableLength="false">RandomAccess</command:parameterValue> <command:parameterValue required="false" variableLength="false">DeleteOnClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenByFileId</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenForBackupIntent</command:parameterValue> <command:parameterValue required="false" variableLength="false">NoCompression</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenRequiringOplock</command:parameterValue> <command:parameterValue required="false" variableLength="false">DisallowExclusive</command:parameterValue> <command:parameterValue required="false" variableLength="false">SessionAware</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReserveOpfilter</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenReparsePoint</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenNoRecall</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenForFreeSpaceQuery</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Root --> <command:parameter required="false" globbing="false" pipelineInput="true (ByValue)" position="named"> <maml:name>Root</maml:name> <maml:description> <maml:para>An existing open NT object to use when Path is relative.</maml:para> </maml:description> <command:parameterValue required="true">NtObject</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtObject</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Sddl --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Sddl</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object in SDDL format.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SecurityDescriptor --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityDescriptor</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object.</maml:para> </maml:description> <command:parameterValue required="true">SecurityDescriptor</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityDescriptor</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SecurityQualityOfService --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityQualityOfService</maml:name> <maml:description> <maml:para>Set to provide an explicit security quality of service when opening files/namedpipes.</maml:para> </maml:description> <command:parameterValue required="true">SecurityQualityOfService</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityQualityOfService</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: ShareMode --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ShareMode</maml:name> <maml:description> <maml:para>The access share mode to open the file with.</maml:para> <maml:para>Possible values: None, Read, Write, Delete, All</maml:para> </maml:description> <command:parameterValue required="true">FileShareMode</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.FileShareMode</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">Read</command:parameterValue> <command:parameterValue required="false" variableLength="false">Write</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">All</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Transaction --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Transaction</maml:name> <maml:description> <maml:para>Specify a transaction to create the file under.</maml:para> </maml:description> <command:parameterValue required="true">NtTransaction</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtTransaction</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Win32Path --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Win32Path</maml:name> <maml:description> <maml:para>Use a Win32 path for lookups. For NT objects this means relative to BNO, for files means a DOS style path.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> </command:syntaxItem> </command:syntax> <command:parameters> <!-- Parameter: MountPoint --> <command:parameter required="true" globbing="false" pipelineInput="false" position="named"> <maml:name>MountPoint</maml:name> <maml:description> <maml:para>Specify creating a mount point.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: TargetPath --> <command:parameter required="true" globbing="false" pipelineInput="false" position="1"> <maml:name>TargetPath</maml:name> <maml:description> <maml:para>Specify the target path for reparse point.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: PrintName --> <command:parameter required="false" globbing="false" pipelineInput="false" position="2"> <maml:name>PrintName</maml:name> <maml:description> <maml:para>Specify a print name for the reparse point.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Relative --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Relative</maml:name> <maml:description> <maml:para>Specify the symlink target should be a relative path.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ReparseBuffer --> <command:parameter required="true" globbing="false" pipelineInput="false" position="1"> <maml:name>ReparseBuffer</maml:name> <maml:description> <maml:para>Specify the raw reparse point buffer.</maml:para> </maml:description> <command:parameterValue required="true">ReparseBuffer</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.ReparseBuffer</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Bytes --> <command:parameter required="true" globbing="false" pipelineInput="false" position="1"> <maml:name>Bytes</maml:name> <maml:description> <maml:para>Specify the raw reparse point buffer as bytes.</maml:para> </maml:description> <command:parameterValue required="true">byte[]</command:parameterValue> <dev:type> <maml:name>System.Byte[]</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: ExistingTag --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ExistingTag</maml:name> <maml:description> <maml:para>Specify an existing reparse tag to check when setting the reparse point (on RS1+).</maml:para> <maml:para>Possible values: MOUNT_POINT, HSM, DRIVE_EXTENDER, HSM2, SIS, WIM, CSV, DFS, FILTER_MANAGER, SYMLINK, IIS_CACHE, DFSR, DEDUP, APPXSTRM, NFS, FILE_PLACEHOLDER, DFM, WOF, WCI, WCI_1, GLOBAL_REPARSE, CLOUD, CLOUD_1, CLOUD_2, CLOUD_3, CLOUD_4, CLOUD_5, CLOUD_6, CLOUD_7, CLOUD_8, CLOUD_9, CLOUD_A, CLOUD_B, CLOUD_C, CLOUD_D, CLOUD_E, CLOUD_F, CLOUD_MASK, APPEXECLINK, PROJFS, LX_SYMLINK, STORAGE_SYNC, WCI_TOMBSTONE, UNHANDLED, ONEDRIVE, PROJFS_TOMBSTONE, AF_UNIX, LX_FIFO, LX_CHR, LX_BLK</maml:para> </maml:description> <command:parameterValue required="true">ReparseTag</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.ReparseTag</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>0</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">MOUNT_POINT</command:parameterValue> <command:parameterValue required="false" variableLength="false">HSM</command:parameterValue> <command:parameterValue required="false" variableLength="false">DRIVE_EXTENDER</command:parameterValue> <command:parameterValue required="false" variableLength="false">HSM2</command:parameterValue> <command:parameterValue required="false" variableLength="false">SIS</command:parameterValue> <command:parameterValue required="false" variableLength="false">WIM</command:parameterValue> <command:parameterValue required="false" variableLength="false">CSV</command:parameterValue> <command:parameterValue required="false" variableLength="false">DFS</command:parameterValue> <command:parameterValue required="false" variableLength="false">FILTER_MANAGER</command:parameterValue> <command:parameterValue required="false" variableLength="false">SYMLINK</command:parameterValue> <command:parameterValue required="false" variableLength="false">IIS_CACHE</command:parameterValue> <command:parameterValue required="false" variableLength="false">DFSR</command:parameterValue> <command:parameterValue required="false" variableLength="false">DEDUP</command:parameterValue> <command:parameterValue required="false" variableLength="false">APPXSTRM</command:parameterValue> <command:parameterValue required="false" variableLength="false">NFS</command:parameterValue> <command:parameterValue required="false" variableLength="false">FILE_PLACEHOLDER</command:parameterValue> <command:parameterValue required="false" variableLength="false">DFM</command:parameterValue> <command:parameterValue required="false" variableLength="false">WOF</command:parameterValue> <command:parameterValue required="false" variableLength="false">WCI</command:parameterValue> <command:parameterValue required="false" variableLength="false">WCI_1</command:parameterValue> <command:parameterValue required="false" variableLength="false">GLOBAL_REPARSE</command:parameterValue> <command:parameterValue required="false" variableLength="false">CLOUD</command:parameterValue> <command:parameterValue required="false" variableLength="false">CLOUD_1</command:parameterValue> <command:parameterValue required="false" variableLength="false">CLOUD_2</command:parameterValue> <command:parameterValue required="false" variableLength="false">CLOUD_3</command:parameterValue> <command:parameterValue required="false" variableLength="false">CLOUD_4</command:parameterValue> <command:parameterValue required="false" variableLength="false">CLOUD_5</command:parameterValue> <command:parameterValue required="false" variableLength="false">CLOUD_6</command:parameterValue> <command:parameterValue required="false" variableLength="false">CLOUD_7</command:parameterValue> <command:parameterValue required="false" variableLength="false">CLOUD_8</command:parameterValue> <command:parameterValue required="false" variableLength="false">CLOUD_9</command:parameterValue> <command:parameterValue required="false" variableLength="false">CLOUD_A</command:parameterValue> <command:parameterValue required="false" variableLength="false">CLOUD_B</command:parameterValue> <command:parameterValue required="false" variableLength="false">CLOUD_C</command:parameterValue> <command:parameterValue required="false" variableLength="false">CLOUD_D</command:parameterValue> <command:parameterValue required="false" variableLength="false">CLOUD_E</command:parameterValue> <command:parameterValue required="false" variableLength="false">CLOUD_F</command:parameterValue> <command:parameterValue required="false" variableLength="false">CLOUD_MASK</command:parameterValue> <command:parameterValue required="false" variableLength="false">APPEXECLINK</command:parameterValue> <command:parameterValue required="false" variableLength="false">PROJFS</command:parameterValue> <command:parameterValue required="false" variableLength="false">LX_SYMLINK</command:parameterValue> <command:parameterValue required="false" variableLength="false">STORAGE_SYNC</command:parameterValue> <command:parameterValue required="false" variableLength="false">WCI_TOMBSTONE</command:parameterValue> <command:parameterValue required="false" variableLength="false">UNHANDLED</command:parameterValue> <command:parameterValue required="false" variableLength="false">ONEDRIVE</command:parameterValue> <command:parameterValue required="false" variableLength="false">PROJFS_TOMBSTONE</command:parameterValue> <command:parameterValue required="false" variableLength="false">AF_UNIX</command:parameterValue> <command:parameterValue required="false" variableLength="false">LX_FIFO</command:parameterValue> <command:parameterValue required="false" variableLength="false">LX_CHR</command:parameterValue> <command:parameterValue required="false" variableLength="false">LX_BLK</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: ExistingGuid --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ExistingGuid</maml:name> <maml:description> <maml:para>Specify an existing GUID to check when setting the reparse point (on RS1+).</maml:para> </maml:description> <command:parameterValue required="true">Guid</command:parameterValue> <dev:type> <maml:name>System.Guid</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>00000000-0000-0000-0000-000000000000</dev:defaultValue> </command:parameter> <!-- Parameter: Flags --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Flags</maml:name> <maml:description> <maml:para>Specify flags to use when setting the reparse point (on RS1+).</maml:para> <maml:para>Possible values: None, GivenTagOrNone</maml:para> </maml:description> <command:parameterValue required="true">ReparseBufferExFlags</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.ReparseBufferExFlags</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">GivenTagOrNone</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Attributes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Attributes</maml:name> <maml:description> <maml:para>Specify the file attributes for the new file.</maml:para> <maml:para>Possible values: None, ReadOnly, Hidden, System, Directory, Archive, Device, Normal, Temporary, SparseFile, ReparsePoint, Compressed, Offline, NotContentIndexed, Encrypted, IntegrityStream, Virtual, NoScrubData, Ea, Pinned, Unpinned, RecallOnDataAccess</maml:para> </maml:description> <command:parameterValue required="true">FileAttributes</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.FileAttributes</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>Normal</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadOnly</command:parameterValue> <command:parameterValue required="false" variableLength="false">Hidden</command:parameterValue> <command:parameterValue required="false" variableLength="false">System</command:parameterValue> <command:parameterValue required="false" variableLength="false">Directory</command:parameterValue> <command:parameterValue required="false" variableLength="false">Archive</command:parameterValue> <command:parameterValue required="false" variableLength="false">Device</command:parameterValue> <command:parameterValue required="false" variableLength="false">Normal</command:parameterValue> <command:parameterValue required="false" variableLength="false">Temporary</command:parameterValue> <command:parameterValue required="false" variableLength="false">SparseFile</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReparsePoint</command:parameterValue> <command:parameterValue required="false" variableLength="false">Compressed</command:parameterValue> <command:parameterValue required="false" variableLength="false">Offline</command:parameterValue> <command:parameterValue required="false" variableLength="false">NotContentIndexed</command:parameterValue> <command:parameterValue required="false" variableLength="false">Encrypted</command:parameterValue> <command:parameterValue required="false" variableLength="false">IntegrityStream</command:parameterValue> <command:parameterValue required="false" variableLength="false">Virtual</command:parameterValue> <command:parameterValue required="false" variableLength="false">NoScrubData</command:parameterValue> <command:parameterValue required="false" variableLength="false">Ea</command:parameterValue> <command:parameterValue required="false" variableLength="false">Pinned</command:parameterValue> <command:parameterValue required="false" variableLength="false">Unpinned</command:parameterValue> <command:parameterValue required="false" variableLength="false">RecallOnDataAccess</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Disposition --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Disposition</maml:name> <maml:description> <maml:para>Specify the disposition for creating the file.</maml:para> <maml:para>Possible values: Supersede, Open, Create, OpenIf, Overwrite, OverwriteIf</maml:para> </maml:description> <command:parameterValue required="true">FileDisposition</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.FileDisposition</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>OpenIf</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">Supersede</command:parameterValue> <command:parameterValue required="false" variableLength="false">Open</command:parameterValue> <command:parameterValue required="false" variableLength="false">Create</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenIf</command:parameterValue> <command:parameterValue required="false" variableLength="false">Overwrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">OverwriteIf</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: EaBuffer --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>EaBuffer</maml:name> <maml:description> <maml:para>Specify an EA buffer to pass to the create file call.</maml:para> </maml:description> <command:parameterValue required="true">EaBuffer</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.EaBuffer</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Directory --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Directory</maml:name> <maml:description> <maml:para>Specify to create a directory instead of a file.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: Path --> <command:parameter required="true" globbing="false" pipelineInput="false" position="0"> <maml:name>Path</maml:name> <maml:description> <maml:para>The NT object manager path to the object to use.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: DeviceGuid --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>DeviceGuid</maml:name> <maml:description> <maml:para>Specify that the path is a device GUID not a full path.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: DirectoryAccess --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>DirectoryAccess</maml:name> <maml:description> <maml:para>Specify file access using directory access rights.</maml:para> <maml:para>Possible values: None, ListDirectory, AddFile, AddSubDirectory, ReadEa, WriteEa, Traverse, DeleteChild, ReadAttributes, WriteAttributes, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">FileDirectoryAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.FileDirectoryAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>GenericWrite</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ListDirectory</command:parameterValue> <command:parameterValue required="false" variableLength="false">AddFile</command:parameterValue> <command:parameterValue required="false" variableLength="false">AddSubDirectory</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadEa</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteEa</command:parameterValue> <command:parameterValue required="false" variableLength="false">Traverse</command:parameterValue> <command:parameterValue required="false" variableLength="false">DeleteChild</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadAttributes</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteAttributes</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: ShareMode --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ShareMode</maml:name> <maml:description> <maml:para>The access share mode to open the file with.</maml:para> <maml:para>Possible values: None, Read, Write, Delete, All</maml:para> </maml:description> <command:parameterValue required="true">FileShareMode</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.FileShareMode</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">Read</command:parameterValue> <command:parameterValue required="false" variableLength="false">Write</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">All</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Options --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Options</maml:name> <maml:description> <maml:para>The options to open the file with.</maml:para> <maml:para>Possible values: None, DirectoryFile, WriteThrough, SequentialOnly, NoIntermediateBuffering, SynchronousIoAlert, SynchronousIoNonAlert, NonDirectoryFile, CreateTreeConnection, CompleteIfOplocked, NoEaKnowledge, OpenRemoteInstance, RandomAccess, DeleteOnClose, OpenByFileId, OpenForBackupIntent, NoCompression, OpenRequiringOplock, DisallowExclusive, SessionAware, ReserveOpfilter, OpenReparsePoint, OpenNoRecall, OpenForFreeSpaceQuery</maml:para> </maml:description> <command:parameterValue required="true">FileOpenOptions</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.FileOpenOptions</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">DirectoryFile</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteThrough</command:parameterValue> <command:parameterValue required="false" variableLength="false">SequentialOnly</command:parameterValue> <command:parameterValue required="false" variableLength="false">NoIntermediateBuffering</command:parameterValue> <command:parameterValue required="false" variableLength="false">SynchronousIoAlert</command:parameterValue> <command:parameterValue required="false" variableLength="false">SynchronousIoNonAlert</command:parameterValue> <command:parameterValue required="false" variableLength="false">NonDirectoryFile</command:parameterValue> <command:parameterValue required="false" variableLength="false">CreateTreeConnection</command:parameterValue> <command:parameterValue required="false" variableLength="false">CompleteIfOplocked</command:parameterValue> <command:parameterValue required="false" variableLength="false">NoEaKnowledge</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenRemoteInstance</command:parameterValue> <command:parameterValue required="false" variableLength="false">RandomAccess</command:parameterValue> <command:parameterValue required="false" variableLength="false">DeleteOnClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenByFileId</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenForBackupIntent</command:parameterValue> <command:parameterValue required="false" variableLength="false">NoCompression</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenRequiringOplock</command:parameterValue> <command:parameterValue required="false" variableLength="false">DisallowExclusive</command:parameterValue> <command:parameterValue required="false" variableLength="false">SessionAware</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReserveOpfilter</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenReparsePoint</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenNoRecall</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenForFreeSpaceQuery</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Transaction --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Transaction</maml:name> <maml:description> <maml:para>Specify a transaction to create the file under.</maml:para> </maml:description> <command:parameterValue required="true">NtTransaction</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtTransaction</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Access --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Access</maml:name> <maml:description> <maml:para>Specify the access rights for a new handle when creating/opening an object.</maml:para> <maml:para>Possible values: None, ReadData, WriteData, AppendData, ReadEa, WriteEa, Execute, DeleteChild, ReadAttributes, WriteAttributes, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">FileAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.FileAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>GenericWrite</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadData</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteData</command:parameterValue> <command:parameterValue required="false" variableLength="false">AppendData</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadEa</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteEa</command:parameterValue> <command:parameterValue required="false" variableLength="false">Execute</command:parameterValue> <command:parameterValue required="false" variableLength="false">DeleteChild</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadAttributes</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteAttributes</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Root --> <command:parameter required="false" globbing="false" pipelineInput="true (ByValue)" position="named"> <maml:name>Root</maml:name> <maml:description> <maml:para>An existing open NT object to use when Path is relative.</maml:para> </maml:description> <command:parameterValue required="true">NtObject</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtObject</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Win32Path --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Win32Path</maml:name> <maml:description> <maml:para>Use a Win32 path for lookups. For NT objects this means relative to BNO, for files means a DOS style path.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: CloseRoot --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CloseRoot</maml:name> <maml:description> <maml:para>Automatically close the Root object when this cmdlet finishes processing. Useful for pipelines.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: CreateDirectories --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CreateDirectories</maml:name> <maml:description> <maml:para>Create any necessary NtDirectory objects to create the required object. Will return the created directories as well as the object in the output. The new object will be the first entry in the list. This doesn't work when opening an object or creating keys/files.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ObjectAttributes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ObjectAttributes</maml:name> <maml:description> <maml:para>Object Attribute flags used during Open/Create calls.</maml:para> <maml:para>Possible values: None, ProtectClose, Inherit, AuditObjectClose, Permanent, Exclusive, CaseInsensitive, OpenIf, OpenLink, KernelHandle, ForceAccessCheck, IgnoreImpersonatedDevicemap, DontReparse</maml:para> </maml:description> <command:parameterValue required="true">AttributeFlags</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.AttributeFlags</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>CaseInsensitive</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ProtectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Inherit</command:parameterValue> <command:parameterValue required="false" variableLength="false">AuditObjectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Permanent</command:parameterValue> <command:parameterValue required="false" variableLength="false">Exclusive</command:parameterValue> <command:parameterValue required="false" variableLength="false">CaseInsensitive</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenIf</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenLink</command:parameterValue> <command:parameterValue required="false" variableLength="false">KernelHandle</command:parameterValue> <command:parameterValue required="false" variableLength="false">ForceAccessCheck</command:parameterValue> <command:parameterValue required="false" variableLength="false">IgnoreImpersonatedDevicemap</command:parameterValue> <command:parameterValue required="false" variableLength="false">DontReparse</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: SecurityDescriptor --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityDescriptor</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object.</maml:para> </maml:description> <command:parameterValue required="true">SecurityDescriptor</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityDescriptor</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Inherit --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Inherit</maml:name> <maml:description> <maml:para>Set to mark the new handle as inheritable. Can be used with ObjectAttributes.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: Sddl --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Sddl</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object in SDDL format.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SecurityQualityOfService --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityQualityOfService</maml:name> <maml:description> <maml:para>Set to provide an explicit security quality of service when opening files/namedpipes.</maml:para> </maml:description> <command:parameterValue required="true">SecurityQualityOfService</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityQualityOfService</maml:name> <maml:uri /> </dev:type> </command:parameter> </command:parameters> <command:inputTypes> <command:inputType> <dev:type> <maml:name>NtApiDotNet.NtObject</maml:name> <maml:uri /> </dev:type> <maml:description> <maml:para>An existing open NT object to use when Path is relative.</maml:para> </maml:description> </command:inputType> </command:inputTypes> <command:returnValues> <!-- OutputType: NtFile --> <command:returnValue> <dev:type> <maml:name>NtApiDotNet.NtFile</maml:name> <maml:uri /> </dev:type> </command:returnValue> </command:returnValues> <command:examples> <command:example> <maml:title>---------- EXAMPLE 1 ----------</maml:title> <dev:code>Set-NtFileReparsePoint \??\C:\ABC \??\C:\XYZ</dev:code> <dev:remarks> <maml:para>Sets the symbolic link for file \??\C:\ABC to point to \??\C:\XYZ.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 2 ----------</maml:title> <dev:code>Set-NtFileReparsePoint \??\C:\ABC \??\C:\XYZ "BLAH BLAH"</dev:code> <dev:remarks> <maml:para>Sets the symbolic link for file \??\C:\ABC to point to \??\C:\XYZ with an explicit print name.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 3 ----------</maml:title> <dev:code>Set-NtFileReparsePoint \??\C:\ABC \??\C:\XYZ -Directory</dev:code> <dev:remarks> <maml:para>Sets the symbolic link for directory \??\C:\ABC to point to \??\C:\XYZ.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 4 ----------</maml:title> <dev:code>Set-NtFileReparsePoint C:\ABC ..\..\XYZ -Win32Path</dev:code> <dev:remarks> <maml:para>Sets the symbolic link for file C:\ABC to point to C:\XYZ using Win32 paths.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 5 ----------</maml:title> <dev:code>Set-NtFileReparsePoint \??\C:\ABC ..\..\XYZ -Relative</dev:code> <dev:remarks> <maml:para>Sets the symbolic link for file \??\C:\ABC to point to ..\..\XYZ using a relative path.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 6 ----------</maml:title> <dev:code>Set-NtFileReparsePoint \??\C:\ABC \??\C:\XYZ -MountPoint</dev:code> <dev:remarks> <maml:para>Sets the mount point for file \??\C:\ABC to point to \??\C:\XYZ.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 7 ----------</maml:title> <dev:code>Set-NtFileReparsePoint \??\C:\ABC -ReparseBuffer $rp</dev:code> <dev:remarks> <maml:para>Sets the reparse buffer for file \??\C:\ABC using a raw reparse buffer.</maml:para> </dev:remarks> </command:example> </command:examples> </command:command> <!-- Cmdlet: Get-NtGrantedAccess --> <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"> <command:details> <command:name>Get-NtGrantedAccess</command:name> <command:verb>Get</command:verb> <command:noun>NtGrantedAccess</command:noun> <maml:description> <maml:para>Gets the granted access to a security descriptor or object.</maml:para> </maml:description> </command:details> <maml:description> <maml:para>This cmdlet allows you to determine the granted access to a particular resource through a security descriptor or a reference to an object.</maml:para> </maml:description> <command:syntax> <!-- Parameter set: sd --> <command:syntaxItem> <maml:name>Get-NtGrantedAccess</maml:name> <!-- Parameter: SecurityDescriptor --> <command:parameter required="true" globbing="false" pipelineInput="false" position="0"> <maml:name>SecurityDescriptor</maml:name> <maml:description> <maml:para>Specify a security descriptor.</maml:para> </maml:description> <command:parameterValue required="true">SecurityDescriptor</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityDescriptor</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: AccessMask --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>AccessMask</maml:name> <maml:description> <maml:para>Specify an access mask to check against. If not specified will request maximum access.</maml:para> </maml:description> <command:parameterValue required="true">AccessMask</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.AccessMask</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>02000000</dev:defaultValue> </command:parameter> <!-- Parameter: ConvertToString --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ConvertToString</maml:name> <maml:description> <maml:para>Specify whether to return a string rather than an enumeration value.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: MapToGeneric --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>MapToGeneric</maml:name> <maml:description> <maml:para>Specify whether to map the access mask back to generic rights.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ObjectType --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ObjectType</maml:name> <maml:description> <maml:para>Specify object types for access check..</maml:para> </maml:description> <command:parameterValue required="true">ObjectTypeEntry[]</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.ObjectTypeEntry[]</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: PassResult --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>PassResult</maml:name> <maml:description> <maml:para>Specify to return the access check result rather than get the granted access.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: Principal --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Principal</maml:name> <maml:description> <maml:para>Specify a principal SID to user when checking security descriptors with SELF SID.</maml:para> </maml:description> <command:parameterValue required="true">Sid</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.Sid</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Token --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Token</maml:name> <maml:description> <maml:para>Specify a token object to do the access check against. If not specified then current effective token is used.</maml:para> </maml:description> <command:parameterValue required="true">NtToken</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtToken</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Type --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Type</maml:name> <maml:description> <maml:para>Specify the NT type for the access check.</maml:para> </maml:description> <command:parameterValue required="true">NtType</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtType</maml:name> <maml:uri /> </dev:type> </command:parameter> </command:syntaxItem> <!-- Parameter set: sddl --> <command:syntaxItem> <maml:name>Get-NtGrantedAccess</maml:name> <!-- Parameter: Sddl --> <command:parameter required="true" globbing="false" pipelineInput="false" position="named"> <maml:name>Sddl</maml:name> <maml:description> <maml:para>Specify a security descriptor in SDDL format.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Type --> <command:parameter required="true" globbing="false" pipelineInput="false" position="named"> <maml:name>Type</maml:name> <maml:description> <maml:para>Specify the NT type for the access check.</maml:para> </maml:description> <command:parameterValue required="true">NtType</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtType</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: AccessMask --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>AccessMask</maml:name> <maml:description> <maml:para>Specify an access mask to check against. If not specified will request maximum access.</maml:para> </maml:description> <command:parameterValue required="true">AccessMask</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.AccessMask</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>02000000</dev:defaultValue> </command:parameter> <!-- Parameter: ConvertToString --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ConvertToString</maml:name> <maml:description> <maml:para>Specify whether to return a string rather than an enumeration value.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: MapToGeneric --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>MapToGeneric</maml:name> <maml:description> <maml:para>Specify whether to map the access mask back to generic rights.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ObjectType --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ObjectType</maml:name> <maml:description> <maml:para>Specify object types for access check..</maml:para> </maml:description> <command:parameterValue required="true">ObjectTypeEntry[]</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.ObjectTypeEntry[]</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: PassResult --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>PassResult</maml:name> <maml:description> <maml:para>Specify to return the access check result rather than get the granted access.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: Principal --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Principal</maml:name> <maml:description> <maml:para>Specify a principal SID to user when checking security descriptors with SELF SID.</maml:para> </maml:description> <command:parameterValue required="true">Sid</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.Sid</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Token --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Token</maml:name> <maml:description> <maml:para>Specify a token object to do the access check against. If not specified then current effective token is used.</maml:para> </maml:description> <command:parameterValue required="true">NtToken</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtToken</maml:name> <maml:uri /> </dev:type> </command:parameter> </command:syntaxItem> <!-- Parameter set: obj --> <command:syntaxItem> <maml:name>Get-NtGrantedAccess</maml:name> <!-- Parameter: Object --> <command:parameter required="true" globbing="false" pipelineInput="false" position="named"> <maml:name>Object</maml:name> <maml:description> <maml:para>Specify a kernel object to get security descriptor from.</maml:para> </maml:description> <command:parameterValue required="true">NtObject</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtObject</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: AccessMask --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>AccessMask</maml:name> <maml:description> <maml:para>Specify an access mask to check against. If not specified will request maximum access.</maml:para> </maml:description> <command:parameterValue required="true">AccessMask</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.AccessMask</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>02000000</dev:defaultValue> </command:parameter> <!-- Parameter: ConvertToString --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ConvertToString</maml:name> <maml:description> <maml:para>Specify whether to return a string rather than an enumeration value.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: MapToGeneric --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>MapToGeneric</maml:name> <maml:description> <maml:para>Specify whether to map the access mask back to generic rights.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ObjectType --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ObjectType</maml:name> <maml:description> <maml:para>Specify object types for access check..</maml:para> </maml:description> <command:parameterValue required="true">ObjectTypeEntry[]</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.ObjectTypeEntry[]</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: PassResult --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>PassResult</maml:name> <maml:description> <maml:para>Specify to return the access check result rather than get the granted access.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: Principal --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Principal</maml:name> <maml:description> <maml:para>Specify a principal SID to user when checking security descriptors with SELF SID.</maml:para> </maml:description> <command:parameterValue required="true">Sid</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.Sid</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Token --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Token</maml:name> <maml:description> <maml:para>Specify a token object to do the access check against. If not specified then current effective token is used.</maml:para> </maml:description> <command:parameterValue required="true">NtToken</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtToken</maml:name> <maml:uri /> </dev:type> </command:parameter> </command:syntaxItem> </command:syntax> <command:parameters> <!-- Parameter: SecurityDescriptor --> <command:parameter required="true" globbing="false" pipelineInput="false" position="0"> <maml:name>SecurityDescriptor</maml:name> <maml:description> <maml:para>Specify a security descriptor.</maml:para> </maml:description> <command:parameterValue required="true">SecurityDescriptor</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityDescriptor</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Sddl --> <command:parameter required="true" globbing="false" pipelineInput="false" position="named"> <maml:name>Sddl</maml:name> <maml:description> <maml:para>Specify a security descriptor in SDDL format.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Type --> <command:parameter required="true" globbing="false" pipelineInput="false" position="named"> <maml:name>Type</maml:name> <maml:description> <maml:para>Specify the NT type for the access check.</maml:para> </maml:description> <command:parameterValue required="true">NtType</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtType</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: AccessMask --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>AccessMask</maml:name> <maml:description> <maml:para>Specify an access mask to check against. If not specified will request maximum access.</maml:para> </maml:description> <command:parameterValue required="true">AccessMask</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.AccessMask</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>02000000</dev:defaultValue> </command:parameter> <!-- Parameter: Object --> <command:parameter required="true" globbing="false" pipelineInput="false" position="named"> <maml:name>Object</maml:name> <maml:description> <maml:para>Specify a kernel object to get security descriptor from.</maml:para> </maml:description> <command:parameterValue required="true">NtObject</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtObject</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Token --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Token</maml:name> <maml:description> <maml:para>Specify a token object to do the access check against. If not specified then current effective token is used.</maml:para> </maml:description> <command:parameterValue required="true">NtToken</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtToken</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: MapToGeneric --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>MapToGeneric</maml:name> <maml:description> <maml:para>Specify whether to map the access mask back to generic rights.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ConvertToString --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ConvertToString</maml:name> <maml:description> <maml:para>Specify whether to return a string rather than an enumeration value.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: Principal --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Principal</maml:name> <maml:description> <maml:para>Specify a principal SID to user when checking security descriptors with SELF SID.</maml:para> </maml:description> <command:parameterValue required="true">Sid</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.Sid</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: PassResult --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>PassResult</maml:name> <maml:description> <maml:para>Specify to return the access check result rather than get the granted access.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ObjectType --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ObjectType</maml:name> <maml:description> <maml:para>Specify object types for access check..</maml:para> </maml:description> <command:parameterValue required="true">ObjectTypeEntry[]</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.ObjectTypeEntry[]</maml:name> <maml:uri /> </dev:type> </command:parameter> </command:parameters> <command:inputTypes /> <command:returnValues /> <command:examples> <command:example> <maml:title>---------- EXAMPLE 1 ----------</maml:title> <dev:code>Get-NtGrantedAccess $sd -Type $(Get-NtType File)</dev:code> <dev:remarks> <maml:para>Get the maximum access for a security descriptor for a file object.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 2 ----------</maml:title> <dev:code>Get-NtGrantedAccess -Sddl "O:BAG:BAD:(A;;GA;;;WD)" -Type $(Get-NtType Process)</dev:code> <dev:remarks> <maml:para>Get the maximum access for a security descriptor for a process object based on an SDDL string.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 3 ----------</maml:title> <dev:code>Get-NtGrantedAccess -Object $obj</dev:code> <dev:remarks> <maml:para>Get the maximum access for a security descriptor for an object.</maml:para> </dev:remarks> </command:example> </command:examples> </command:command> <!-- Cmdlet: Get-NtHandle --> <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"> <command:details> <command:name>Get-NtHandle</command:name> <command:verb>Get</command:verb> <command:noun>NtHandle</command:noun> <maml:description> <maml:para>Get NT handle information.</maml:para> </maml:description> </command:details> <maml:description> <maml:para>This cmdlet gets handle information for all process on the system. You can specify a specific process by setting the -ProcessId parameter.</maml:para> </maml:description> <command:syntax> <!-- Parameter set: __AllParameterSets --> <command:syntaxItem> <maml:name>Get-NtHandle</maml:name> <!-- Parameter: ProcessId --> <command:parameter required="false" globbing="false" pipelineInput="false" position="0" aliases="pid"> <maml:name>ProcessId</maml:name> <maml:description> <maml:para>Specify a process ID to filter handles on.</maml:para> </maml:description> <command:parameterValue required="true">int</command:parameterValue> <dev:type> <maml:name>System.Int32</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>-1</dev:defaultValue> </command:parameter> <!-- Parameter: NoQuery --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>NoQuery</maml:name> <maml:description> <maml:para>Specify that the returned handle entries should not be queried for additional information.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ObjectTypes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ObjectTypes</maml:name> <maml:description> <maml:para>Specify list of object types to filter handles.</maml:para> </maml:description> <command:parameterValue required="true">string[]</command:parameterValue> <dev:type> <maml:name>System.String[]</maml:name> <maml:uri /> </dev:type> </command:parameter> </command:syntaxItem> </command:syntax> <command:parameters> <!-- Parameter: ProcessId --> <command:parameter required="false" globbing="false" pipelineInput="false" position="0" aliases="pid"> <maml:name>ProcessId</maml:name> <maml:description> <maml:para>Specify a process ID to filter handles on.</maml:para> </maml:description> <command:parameterValue required="true">int</command:parameterValue> <dev:type> <maml:name>System.Int32</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>-1</dev:defaultValue> </command:parameter> <command:parameter required="false" globbing="false" pipelineInput="false" position="0" aliases="pid"> <maml:name>pid</maml:name> <maml:description> <maml:para>Specify a process ID to filter handles on.</maml:para> <maml:para>This is an alias of the ProcessId parameter.</maml:para> </maml:description> <command:parameterValue required="true">int</command:parameterValue> <dev:type> <maml:name>System.Int32</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>-1</dev:defaultValue> </command:parameter> <!-- Parameter: NoQuery --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>NoQuery</maml:name> <maml:description> <maml:para>Specify that the returned handle entries should not be queried for additional information.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ObjectTypes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ObjectTypes</maml:name> <maml:description> <maml:para>Specify list of object types to filter handles.</maml:para> </maml:description> <command:parameterValue required="true">string[]</command:parameterValue> <dev:type> <maml:name>System.String[]</maml:name> <maml:uri /> </dev:type> </command:parameter> </command:parameters> <command:inputTypes /> <command:returnValues> <!-- OutputType: NtHandle --> <command:returnValue> <dev:type> <maml:name>NtApiDotNet.NtHandle</maml:name> <maml:uri /> </dev:type> </command:returnValue> </command:returnValues> <command:examples> <command:example> <maml:title>---------- EXAMPLE 1 ----------</maml:title> <dev:code>Get-NtHandle</dev:code> <dev:remarks> <maml:para>Get all NT handles.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 2 ----------</maml:title> <dev:code>Get-NtHandle 1234</dev:code> <dev:remarks> <maml:para>Get all NT handles filtered to a specific Process ID</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 3 ----------</maml:title> <dev:code>Get-NtHandle $pid</dev:code> <dev:remarks> <maml:para>Get all NT handles for the current process.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 4 ----------</maml:title> <dev:code>Get-NtHandle 1234 -NoQuery</dev:code> <dev:remarks> <maml:para>Get all NT handles filtered to a specific Process ID but don't try and query information about the handle such as name.</maml:para> </dev:remarks> </command:example> </command:examples> </command:command> <!-- Cmdlet: Get-NtJob --> <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"> <command:details> <command:name>Get-NtJob</command:name> <command:verb>Get</command:verb> <command:noun>NtJob</command:noun> <maml:description> <maml:para>Open a NT job object by path.</maml:para> </maml:description> </command:details> <maml:description> <maml:para>This cmdlet opens an existing NT job object. The absolute path to the object in the NT object manager name space must be specified. It's also possible to create the object relative to an existing object by specified the -Root parameter.</maml:para> </maml:description> <command:syntax> <!-- Parameter set: __AllParameterSets --> <command:syntaxItem> <maml:name>Get-NtJob</maml:name> <!-- Parameter: Path --> <command:parameter required="true" globbing="false" pipelineInput="false" position="0"> <maml:name>Path</maml:name> <maml:description> <maml:para>The NT object manager path to the object to use.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Access --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Access</maml:name> <maml:description> <maml:para>Specify the access rights for a new handle when creating/opening an object.</maml:para> <maml:para>Possible values: None, AssignProcess, SetAttributes, Query, Terminate, SetSecurityAttributes, Impersonate, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">JobAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.JobAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>MaximumAllowed</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">AssignProcess</command:parameterValue> <command:parameterValue required="false" variableLength="false">SetAttributes</command:parameterValue> <command:parameterValue required="false" variableLength="false">Query</command:parameterValue> <command:parameterValue required="false" variableLength="false">Terminate</command:parameterValue> <command:parameterValue required="false" variableLength="false">SetSecurityAttributes</command:parameterValue> <command:parameterValue required="false" variableLength="false">Impersonate</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: CloseRoot --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CloseRoot</maml:name> <maml:description> <maml:para>Automatically close the Root object when this cmdlet finishes processing. Useful for pipelines.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: CreateDirectories --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CreateDirectories</maml:name> <maml:description> <maml:para>Create any necessary NtDirectory objects to create the required object. Will return the created directories as well as the object in the output. The new object will be the first entry in the list. This doesn't work when opening an object or creating keys/files.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: Inherit --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Inherit</maml:name> <maml:description> <maml:para>Set to mark the new handle as inheritable. Can be used with ObjectAttributes.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ObjectAttributes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ObjectAttributes</maml:name> <maml:description> <maml:para>Object Attribute flags used during Open/Create calls.</maml:para> <maml:para>Possible values: None, ProtectClose, Inherit, AuditObjectClose, Permanent, Exclusive, CaseInsensitive, OpenIf, OpenLink, KernelHandle, ForceAccessCheck, IgnoreImpersonatedDevicemap, DontReparse</maml:para> </maml:description> <command:parameterValue required="true">AttributeFlags</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.AttributeFlags</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>CaseInsensitive</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ProtectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Inherit</command:parameterValue> <command:parameterValue required="false" variableLength="false">AuditObjectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Permanent</command:parameterValue> <command:parameterValue required="false" variableLength="false">Exclusive</command:parameterValue> <command:parameterValue required="false" variableLength="false">CaseInsensitive</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenIf</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenLink</command:parameterValue> <command:parameterValue required="false" variableLength="false">KernelHandle</command:parameterValue> <command:parameterValue required="false" variableLength="false">ForceAccessCheck</command:parameterValue> <command:parameterValue required="false" variableLength="false">IgnoreImpersonatedDevicemap</command:parameterValue> <command:parameterValue required="false" variableLength="false">DontReparse</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Root --> <command:parameter required="false" globbing="false" pipelineInput="true (ByValue)" position="named"> <maml:name>Root</maml:name> <maml:description> <maml:para>An existing open NT object to use when Path is relative.</maml:para> </maml:description> <command:parameterValue required="true">NtObject</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtObject</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Sddl --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Sddl</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object in SDDL format.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SecurityDescriptor --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityDescriptor</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object.</maml:para> </maml:description> <command:parameterValue required="true">SecurityDescriptor</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityDescriptor</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SecurityQualityOfService --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityQualityOfService</maml:name> <maml:description> <maml:para>Set to provide an explicit security quality of service when opening files/namedpipes.</maml:para> </maml:description> <command:parameterValue required="true">SecurityQualityOfService</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityQualityOfService</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Win32Path --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Win32Path</maml:name> <maml:description> <maml:para>Use a Win32 path for lookups. For NT objects this means relative to BNO, for files means a DOS style path.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> </command:syntaxItem> </command:syntax> <command:parameters> <!-- Parameter: Path --> <command:parameter required="true" globbing="false" pipelineInput="false" position="0"> <maml:name>Path</maml:name> <maml:description> <maml:para>The NT object manager path to the object to use.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Access --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Access</maml:name> <maml:description> <maml:para>Specify the access rights for a new handle when creating/opening an object.</maml:para> <maml:para>Possible values: None, AssignProcess, SetAttributes, Query, Terminate, SetSecurityAttributes, Impersonate, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">JobAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.JobAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>MaximumAllowed</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">AssignProcess</command:parameterValue> <command:parameterValue required="false" variableLength="false">SetAttributes</command:parameterValue> <command:parameterValue required="false" variableLength="false">Query</command:parameterValue> <command:parameterValue required="false" variableLength="false">Terminate</command:parameterValue> <command:parameterValue required="false" variableLength="false">SetSecurityAttributes</command:parameterValue> <command:parameterValue required="false" variableLength="false">Impersonate</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Root --> <command:parameter required="false" globbing="false" pipelineInput="true (ByValue)" position="named"> <maml:name>Root</maml:name> <maml:description> <maml:para>An existing open NT object to use when Path is relative.</maml:para> </maml:description> <command:parameterValue required="true">NtObject</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtObject</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Win32Path --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Win32Path</maml:name> <maml:description> <maml:para>Use a Win32 path for lookups. For NT objects this means relative to BNO, for files means a DOS style path.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: CloseRoot --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CloseRoot</maml:name> <maml:description> <maml:para>Automatically close the Root object when this cmdlet finishes processing. Useful for pipelines.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: CreateDirectories --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CreateDirectories</maml:name> <maml:description> <maml:para>Create any necessary NtDirectory objects to create the required object. Will return the created directories as well as the object in the output. The new object will be the first entry in the list. This doesn't work when opening an object or creating keys/files.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ObjectAttributes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ObjectAttributes</maml:name> <maml:description> <maml:para>Object Attribute flags used during Open/Create calls.</maml:para> <maml:para>Possible values: None, ProtectClose, Inherit, AuditObjectClose, Permanent, Exclusive, CaseInsensitive, OpenIf, OpenLink, KernelHandle, ForceAccessCheck, IgnoreImpersonatedDevicemap, DontReparse</maml:para> </maml:description> <command:parameterValue required="true">AttributeFlags</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.AttributeFlags</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>CaseInsensitive</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ProtectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Inherit</command:parameterValue> <command:parameterValue required="false" variableLength="false">AuditObjectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Permanent</command:parameterValue> <command:parameterValue required="false" variableLength="false">Exclusive</command:parameterValue> <command:parameterValue required="false" variableLength="false">CaseInsensitive</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenIf</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenLink</command:parameterValue> <command:parameterValue required="false" variableLength="false">KernelHandle</command:parameterValue> <command:parameterValue required="false" variableLength="false">ForceAccessCheck</command:parameterValue> <command:parameterValue required="false" variableLength="false">IgnoreImpersonatedDevicemap</command:parameterValue> <command:parameterValue required="false" variableLength="false">DontReparse</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: SecurityDescriptor --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityDescriptor</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object.</maml:para> </maml:description> <command:parameterValue required="true">SecurityDescriptor</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityDescriptor</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Inherit --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Inherit</maml:name> <maml:description> <maml:para>Set to mark the new handle as inheritable. Can be used with ObjectAttributes.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: Sddl --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Sddl</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object in SDDL format.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SecurityQualityOfService --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityQualityOfService</maml:name> <maml:description> <maml:para>Set to provide an explicit security quality of service when opening files/namedpipes.</maml:para> </maml:description> <command:parameterValue required="true">SecurityQualityOfService</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityQualityOfService</maml:name> <maml:uri /> </dev:type> </command:parameter> </command:parameters> <command:inputTypes> <command:inputType> <dev:type> <maml:name>NtApiDotNet.NtObject</maml:name> <maml:uri /> </dev:type> <maml:description> <maml:para>An existing open NT object to use when Path is relative.</maml:para> </maml:description> </command:inputType> </command:inputTypes> <command:returnValues> <!-- OutputType: NtJob --> <command:returnValue> <dev:type> <maml:name>NtApiDotNet.NtJob</maml:name> <maml:uri /> </dev:type> </command:returnValue> </command:returnValues> <command:examples> <command:example> <maml:title>---------- EXAMPLE 1 ----------</maml:title> <dev:code>$obj = Get-NtJob \BaseNamedObjects\ABC</dev:code> <dev:remarks> <maml:para>Get an job object with an absolute path.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 2 ----------</maml:title> <dev:code>$root = Get-NtDirectory \BaseNamedObjects $obj = Get-NtJob ABC -Root $root</dev:code> <dev:remarks> <maml:para>Get an job object with a relative path.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 3 ----------</maml:title> <dev:code>cd NtObject:\BaseNamedObjects $obj = Get-NtJob ABC</dev:code> <dev:remarks> <maml:para>Get a job object with a relative path based on the current location.</maml:para> </dev:remarks> </command:example> </command:examples> <maml:relatedLinks> <maml:navigationLink> <maml:linkText>about_ManagingNtObjectLifetime</maml:linkText> </maml:navigationLink> </maml:relatedLinks> </command:command> <!-- Cmdlet: New-NtJob --> <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"> <command:details> <command:name>New-NtJob</command:name> <command:verb>New</command:verb> <command:noun>NtJob</command:noun> <maml:description> <maml:para>Create a new NT job object.</maml:para> </maml:description> </command:details> <maml:description> <maml:para>This cmdlet creates a new NT job object. The absolute path to the object in the NT object manager name space can be specified. It's also possible to create the object relative to an existing object by specified the -Root parameter. If no path is specified than an unnamed object will be created which can only be duplicated by handle.</maml:para> </maml:description> <command:syntax> <!-- Parameter set: __AllParameterSets --> <command:syntaxItem> <maml:name>New-NtJob</maml:name> <!-- Parameter: Path --> <command:parameter required="false" globbing="false" pipelineInput="false" position="0"> <maml:name>Path</maml:name> <maml:description> <maml:para>The NT object manager path to the object to use.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Access --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Access</maml:name> <maml:description> <maml:para>Specify the access rights for a new handle when creating/opening an object.</maml:para> <maml:para>Possible values: None, AssignProcess, SetAttributes, Query, Terminate, SetSecurityAttributes, Impersonate, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">JobAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.JobAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>MaximumAllowed</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">AssignProcess</command:parameterValue> <command:parameterValue required="false" variableLength="false">SetAttributes</command:parameterValue> <command:parameterValue required="false" variableLength="false">Query</command:parameterValue> <command:parameterValue required="false" variableLength="false">Terminate</command:parameterValue> <command:parameterValue required="false" variableLength="false">SetSecurityAttributes</command:parameterValue> <command:parameterValue required="false" variableLength="false">Impersonate</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: CloseRoot --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CloseRoot</maml:name> <maml:description> <maml:para>Automatically close the Root object when this cmdlet finishes processing. Useful for pipelines.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: CreateDirectories --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CreateDirectories</maml:name> <maml:description> <maml:para>Create any necessary NtDirectory objects to create the required object. Will return the created directories as well as the object in the output. The new object will be the first entry in the list. This doesn't work when opening an object or creating keys/files.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: Inherit --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Inherit</maml:name> <maml:description> <maml:para>Set to mark the new handle as inheritable. Can be used with ObjectAttributes.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ObjectAttributes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ObjectAttributes</maml:name> <maml:description> <maml:para>Object Attribute flags used during Open/Create calls.</maml:para> <maml:para>Possible values: None, ProtectClose, Inherit, AuditObjectClose, Permanent, Exclusive, CaseInsensitive, OpenIf, OpenLink, KernelHandle, ForceAccessCheck, IgnoreImpersonatedDevicemap, DontReparse</maml:para> </maml:description> <command:parameterValue required="true">AttributeFlags</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.AttributeFlags</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>CaseInsensitive</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ProtectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Inherit</command:parameterValue> <command:parameterValue required="false" variableLength="false">AuditObjectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Permanent</command:parameterValue> <command:parameterValue required="false" variableLength="false">Exclusive</command:parameterValue> <command:parameterValue required="false" variableLength="false">CaseInsensitive</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenIf</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenLink</command:parameterValue> <command:parameterValue required="false" variableLength="false">KernelHandle</command:parameterValue> <command:parameterValue required="false" variableLength="false">ForceAccessCheck</command:parameterValue> <command:parameterValue required="false" variableLength="false">IgnoreImpersonatedDevicemap</command:parameterValue> <command:parameterValue required="false" variableLength="false">DontReparse</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Root --> <command:parameter required="false" globbing="false" pipelineInput="true (ByValue)" position="named"> <maml:name>Root</maml:name> <maml:description> <maml:para>An existing open NT object to use when Path is relative.</maml:para> </maml:description> <command:parameterValue required="true">NtObject</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtObject</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Sddl --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Sddl</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object in SDDL format.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SecurityDescriptor --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityDescriptor</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object.</maml:para> </maml:description> <command:parameterValue required="true">SecurityDescriptor</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityDescriptor</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SecurityQualityOfService --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityQualityOfService</maml:name> <maml:description> <maml:para>Set to provide an explicit security quality of service when opening files/namedpipes.</maml:para> </maml:description> <command:parameterValue required="true">SecurityQualityOfService</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityQualityOfService</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Win32Path --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Win32Path</maml:name> <maml:description> <maml:para>Use a Win32 path for lookups. For NT objects this means relative to BNO, for files means a DOS style path.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> </command:syntaxItem> </command:syntax> <command:parameters> <!-- Parameter: Access --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Access</maml:name> <maml:description> <maml:para>Specify the access rights for a new handle when creating/opening an object.</maml:para> <maml:para>Possible values: None, AssignProcess, SetAttributes, Query, Terminate, SetSecurityAttributes, Impersonate, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">JobAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.JobAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>MaximumAllowed</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">AssignProcess</command:parameterValue> <command:parameterValue required="false" variableLength="false">SetAttributes</command:parameterValue> <command:parameterValue required="false" variableLength="false">Query</command:parameterValue> <command:parameterValue required="false" variableLength="false">Terminate</command:parameterValue> <command:parameterValue required="false" variableLength="false">SetSecurityAttributes</command:parameterValue> <command:parameterValue required="false" variableLength="false">Impersonate</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Path --> <command:parameter required="false" globbing="false" pipelineInput="false" position="0"> <maml:name>Path</maml:name> <maml:description> <maml:para>The NT object manager path to the object to use.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Root --> <command:parameter required="false" globbing="false" pipelineInput="true (ByValue)" position="named"> <maml:name>Root</maml:name> <maml:description> <maml:para>An existing open NT object to use when Path is relative.</maml:para> </maml:description> <command:parameterValue required="true">NtObject</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtObject</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Win32Path --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Win32Path</maml:name> <maml:description> <maml:para>Use a Win32 path for lookups. For NT objects this means relative to BNO, for files means a DOS style path.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: CloseRoot --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CloseRoot</maml:name> <maml:description> <maml:para>Automatically close the Root object when this cmdlet finishes processing. Useful for pipelines.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: CreateDirectories --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CreateDirectories</maml:name> <maml:description> <maml:para>Create any necessary NtDirectory objects to create the required object. Will return the created directories as well as the object in the output. The new object will be the first entry in the list. This doesn't work when opening an object or creating keys/files.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ObjectAttributes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ObjectAttributes</maml:name> <maml:description> <maml:para>Object Attribute flags used during Open/Create calls.</maml:para> <maml:para>Possible values: None, ProtectClose, Inherit, AuditObjectClose, Permanent, Exclusive, CaseInsensitive, OpenIf, OpenLink, KernelHandle, ForceAccessCheck, IgnoreImpersonatedDevicemap, DontReparse</maml:para> </maml:description> <command:parameterValue required="true">AttributeFlags</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.AttributeFlags</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>CaseInsensitive</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ProtectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Inherit</command:parameterValue> <command:parameterValue required="false" variableLength="false">AuditObjectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Permanent</command:parameterValue> <command:parameterValue required="false" variableLength="false">Exclusive</command:parameterValue> <command:parameterValue required="false" variableLength="false">CaseInsensitive</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenIf</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenLink</command:parameterValue> <command:parameterValue required="false" variableLength="false">KernelHandle</command:parameterValue> <command:parameterValue required="false" variableLength="false">ForceAccessCheck</command:parameterValue> <command:parameterValue required="false" variableLength="false">IgnoreImpersonatedDevicemap</command:parameterValue> <command:parameterValue required="false" variableLength="false">DontReparse</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: SecurityDescriptor --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityDescriptor</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object.</maml:para> </maml:description> <command:parameterValue required="true">SecurityDescriptor</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityDescriptor</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Inherit --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Inherit</maml:name> <maml:description> <maml:para>Set to mark the new handle as inheritable. Can be used with ObjectAttributes.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: Sddl --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Sddl</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object in SDDL format.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SecurityQualityOfService --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityQualityOfService</maml:name> <maml:description> <maml:para>Set to provide an explicit security quality of service when opening files/namedpipes.</maml:para> </maml:description> <command:parameterValue required="true">SecurityQualityOfService</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityQualityOfService</maml:name> <maml:uri /> </dev:type> </command:parameter> </command:parameters> <command:inputTypes> <command:inputType> <dev:type> <maml:name>NtApiDotNet.NtObject</maml:name> <maml:uri /> </dev:type> <maml:description> <maml:para>An existing open NT object to use when Path is relative.</maml:para> </maml:description> </command:inputType> </command:inputTypes> <command:returnValues> <!-- OutputType: NtJob --> <command:returnValue> <dev:type> <maml:name>NtApiDotNet.NtJob</maml:name> <maml:uri /> </dev:type> </command:returnValue> </command:returnValues> <command:examples> <command:example> <maml:title>---------- EXAMPLE 1 ----------</maml:title> <dev:code>$obj = New-NtJob</dev:code> <dev:remarks> <maml:para>Create a new anonymous job object.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 2 ----------</maml:title> <dev:code>$obj = New-NtJob \BaseNamedObjects\ABC</dev:code> <dev:remarks> <maml:para>Create a new job object with an absolute path.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 3 ----------</maml:title> <dev:code>$root = Get-NtDirectory \BaseNamedObjects $obj = New-NtJob ABC -Root $root</dev:code> <dev:remarks> <maml:para>Create a new job object with a relative path.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 4 ----------</maml:title> <dev:code>cd NtObject:\BaseNamedObjects $obj = New-NtJob ABC</dev:code> <dev:remarks> <maml:para>Create a new job object with a relative path based on the current location.</maml:para> </dev:remarks> </command:example> </command:examples> <maml:relatedLinks> <maml:navigationLink> <maml:linkText>about_ManagingNtObjectLifetime</maml:linkText> </maml:navigationLink> </maml:relatedLinks> </command:command> <!-- Cmdlet: Add-NtKey --> <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"> <command:details> <command:name>Add-NtKey</command:name> <command:verb>Add</command:verb> <command:noun>NtKey</command:noun> <maml:description> <maml:para>Loads a new registry hive.</maml:para> </maml:description> </command:details> <maml:description> <maml:para>This cmdlet loads a registry hive to somewhere in the registry namespace. If the hive file doesn't exist it will be created.</maml:para> </maml:description> <command:syntax> <!-- Parameter set: __AllParameterSets --> <command:syntaxItem> <maml:name>Add-NtKey</maml:name> <!-- Parameter: Path --> <command:parameter required="true" globbing="false" pipelineInput="false" position="0"> <maml:name>Path</maml:name> <maml:description> <maml:para>The path to the hive file to add.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: KeyPath --> <command:parameter required="true" globbing="false" pipelineInput="false" position="1"> <maml:name>KeyPath</maml:name> <maml:description> <maml:para>Specifes the native path to where the hive should be loaded.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Access --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Access</maml:name> <maml:description> <maml:para>Specify the access rights for a new handle when creating/opening an object.</maml:para> <maml:para>Possible values: QueryValue, SetValue, CreateSubKey, EnumerateSubKeys, Notify, CreateLink, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">KeyAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.KeyAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>MaximumAllowed</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">QueryValue</command:parameterValue> <command:parameterValue required="false" variableLength="false">SetValue</command:parameterValue> <command:parameterValue required="false" variableLength="false">CreateSubKey</command:parameterValue> <command:parameterValue required="false" variableLength="false">EnumerateSubKeys</command:parameterValue> <command:parameterValue required="false" variableLength="false">Notify</command:parameterValue> <command:parameterValue required="false" variableLength="false">CreateLink</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: CloseRoot --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CloseRoot</maml:name> <maml:description> <maml:para>Automatically close the Root object when this cmdlet finishes processing. Useful for pipelines.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: CreateDirectories --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CreateDirectories</maml:name> <maml:description> <maml:para>Create any necessary NtDirectory objects to create the required object. Will return the created directories as well as the object in the output. The new object will be the first entry in the list. This doesn't work when opening an object or creating keys/files.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: Inherit --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Inherit</maml:name> <maml:description> <maml:para>Set to mark the new handle as inheritable. Can be used with ObjectAttributes.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: LoadFlags --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>LoadFlags</maml:name> <maml:description> <maml:para>Specifes the flags for loading the hive.</maml:para> <maml:para>Possible values: None, AppKey, Exclusive, Unknown800, ReadOnly</maml:para> </maml:description> <command:parameterValue required="true">LoadKeyFlags</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.LoadKeyFlags</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">AppKey</command:parameterValue> <command:parameterValue required="false" variableLength="false">Exclusive</command:parameterValue> <command:parameterValue required="false" variableLength="false">Unknown800</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadOnly</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: ObjectAttributes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ObjectAttributes</maml:name> <maml:description> <maml:para>Object Attribute flags used during Open/Create calls.</maml:para> <maml:para>Possible values: None, ProtectClose, Inherit, AuditObjectClose, Permanent, Exclusive, CaseInsensitive, OpenIf, OpenLink, KernelHandle, ForceAccessCheck, IgnoreImpersonatedDevicemap, DontReparse</maml:para> </maml:description> <command:parameterValue required="true">AttributeFlags</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.AttributeFlags</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>CaseInsensitive</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ProtectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Inherit</command:parameterValue> <command:parameterValue required="false" variableLength="false">AuditObjectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Permanent</command:parameterValue> <command:parameterValue required="false" variableLength="false">Exclusive</command:parameterValue> <command:parameterValue required="false" variableLength="false">CaseInsensitive</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenIf</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenLink</command:parameterValue> <command:parameterValue required="false" variableLength="false">KernelHandle</command:parameterValue> <command:parameterValue required="false" variableLength="false">ForceAccessCheck</command:parameterValue> <command:parameterValue required="false" variableLength="false">IgnoreImpersonatedDevicemap</command:parameterValue> <command:parameterValue required="false" variableLength="false">DontReparse</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Root --> <command:parameter required="false" globbing="false" pipelineInput="true (ByValue)" position="named"> <maml:name>Root</maml:name> <maml:description> <maml:para>An existing open NT object to use when Path is relative.</maml:para> </maml:description> <command:parameterValue required="true">NtObject</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtObject</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Sddl --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Sddl</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object in SDDL format.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SecurityDescriptor --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityDescriptor</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object.</maml:para> </maml:description> <command:parameterValue required="true">SecurityDescriptor</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityDescriptor</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SecurityQualityOfService --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityQualityOfService</maml:name> <maml:description> <maml:para>Set to provide an explicit security quality of service when opening files/namedpipes.</maml:para> </maml:description> <command:parameterValue required="true">SecurityQualityOfService</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityQualityOfService</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Win32Path --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Win32Path</maml:name> <maml:description> <maml:para>Use a Win32 path for lookups. For NT objects this means relative to BNO, for files means a DOS style path.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> </command:syntaxItem> </command:syntax> <command:parameters> <!-- Parameter: Path --> <command:parameter required="true" globbing="false" pipelineInput="false" position="0"> <maml:name>Path</maml:name> <maml:description> <maml:para>The path to the hive file to add.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: KeyPath --> <command:parameter required="true" globbing="false" pipelineInput="false" position="1"> <maml:name>KeyPath</maml:name> <maml:description> <maml:para>Specifes the native path to where the hive should be loaded.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: LoadFlags --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>LoadFlags</maml:name> <maml:description> <maml:para>Specifes the flags for loading the hive.</maml:para> <maml:para>Possible values: None, AppKey, Exclusive, Unknown800, ReadOnly</maml:para> </maml:description> <command:parameterValue required="true">LoadKeyFlags</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.LoadKeyFlags</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">AppKey</command:parameterValue> <command:parameterValue required="false" variableLength="false">Exclusive</command:parameterValue> <command:parameterValue required="false" variableLength="false">Unknown800</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadOnly</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Access --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Access</maml:name> <maml:description> <maml:para>Specify the access rights for a new handle when creating/opening an object.</maml:para> <maml:para>Possible values: QueryValue, SetValue, CreateSubKey, EnumerateSubKeys, Notify, CreateLink, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">KeyAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.KeyAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>MaximumAllowed</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">QueryValue</command:parameterValue> <command:parameterValue required="false" variableLength="false">SetValue</command:parameterValue> <command:parameterValue required="false" variableLength="false">CreateSubKey</command:parameterValue> <command:parameterValue required="false" variableLength="false">EnumerateSubKeys</command:parameterValue> <command:parameterValue required="false" variableLength="false">Notify</command:parameterValue> <command:parameterValue required="false" variableLength="false">CreateLink</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Root --> <command:parameter required="false" globbing="false" pipelineInput="true (ByValue)" position="named"> <maml:name>Root</maml:name> <maml:description> <maml:para>An existing open NT object to use when Path is relative.</maml:para> </maml:description> <command:parameterValue required="true">NtObject</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtObject</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Win32Path --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Win32Path</maml:name> <maml:description> <maml:para>Use a Win32 path for lookups. For NT objects this means relative to BNO, for files means a DOS style path.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: CloseRoot --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CloseRoot</maml:name> <maml:description> <maml:para>Automatically close the Root object when this cmdlet finishes processing. Useful for pipelines.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: CreateDirectories --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CreateDirectories</maml:name> <maml:description> <maml:para>Create any necessary NtDirectory objects to create the required object. Will return the created directories as well as the object in the output. The new object will be the first entry in the list. This doesn't work when opening an object or creating keys/files.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ObjectAttributes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ObjectAttributes</maml:name> <maml:description> <maml:para>Object Attribute flags used during Open/Create calls.</maml:para> <maml:para>Possible values: None, ProtectClose, Inherit, AuditObjectClose, Permanent, Exclusive, CaseInsensitive, OpenIf, OpenLink, KernelHandle, ForceAccessCheck, IgnoreImpersonatedDevicemap, DontReparse</maml:para> </maml:description> <command:parameterValue required="true">AttributeFlags</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.AttributeFlags</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>CaseInsensitive</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ProtectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Inherit</command:parameterValue> <command:parameterValue required="false" variableLength="false">AuditObjectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Permanent</command:parameterValue> <command:parameterValue required="false" variableLength="false">Exclusive</command:parameterValue> <command:parameterValue required="false" variableLength="false">CaseInsensitive</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenIf</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenLink</command:parameterValue> <command:parameterValue required="false" variableLength="false">KernelHandle</command:parameterValue> <command:parameterValue required="false" variableLength="false">ForceAccessCheck</command:parameterValue> <command:parameterValue required="false" variableLength="false">IgnoreImpersonatedDevicemap</command:parameterValue> <command:parameterValue required="false" variableLength="false">DontReparse</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: SecurityDescriptor --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityDescriptor</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object.</maml:para> </maml:description> <command:parameterValue required="true">SecurityDescriptor</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityDescriptor</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Inherit --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Inherit</maml:name> <maml:description> <maml:para>Set to mark the new handle as inheritable. Can be used with ObjectAttributes.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: Sddl --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Sddl</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object in SDDL format.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SecurityQualityOfService --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityQualityOfService</maml:name> <maml:description> <maml:para>Set to provide an explicit security quality of service when opening files/namedpipes.</maml:para> </maml:description> <command:parameterValue required="true">SecurityQualityOfService</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityQualityOfService</maml:name> <maml:uri /> </dev:type> </command:parameter> </command:parameters> <command:inputTypes> <command:inputType> <dev:type> <maml:name>NtApiDotNet.NtObject</maml:name> <maml:uri /> </dev:type> <maml:description> <maml:para>An existing open NT object to use when Path is relative.</maml:para> </maml:description> </command:inputType> </command:inputTypes> <command:returnValues> <!-- OutputType: NtKey --> <command:returnValue> <dev:type> <maml:name>NtApiDotNet.NtKey</maml:name> <maml:uri /> </dev:type> </command:returnValue> </command:returnValues> <command:examples> <command:example> <maml:title>---------- EXAMPLE 1 ----------</maml:title> <dev:code>$token = Get-NtTokenPrimary $token.SetPrivilege("SeRestorePrivilege", $true) $obj = Add-NtKey \??\C:\Windows\Temp\test.hiv \Registry\Machine\ABC</dev:code> <dev:remarks> <maml:para>Load a hive to a new attachment point.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 2 ----------</maml:title> <dev:code>$obj = Add-NtKey \??\C:\Windows\Temp\test.hiv \Registry\A\ABC -LoadFlags AppKey</dev:code> <dev:remarks> <maml:para>Load a app hive to a new attachment point (can be done without privileges).</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 3 ----------</maml:title> <dev:code>$obj = Add-NtKey \??\C:\Windows\Temp\test.hiv \Registry\A\ABC -LoadFlags AppKey,ReadOnly</dev:code> <dev:remarks> <maml:para>Load a app hive to a new attachment point read-only.</maml:para> </dev:remarks> </command:example> </command:examples> <maml:relatedLinks> <maml:navigationLink> <maml:linkText>about_ManagingNtObjectLifetime</maml:linkText> </maml:navigationLink> </maml:relatedLinks> </command:command> <!-- Cmdlet: Get-NtKey --> <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"> <command:details> <command:name>Get-NtKey</command:name> <command:verb>Get</command:verb> <command:noun>NtKey</command:noun> <maml:description> <maml:para>Open a NT key object by path.</maml:para> </maml:description> </command:details> <maml:description> <maml:para>This cmdlet opens an existing NT key object. The absolute path to the object in the NT object manager name space must be specified. It's also possible to create the object relative to an existing object by specified the -Root parameter.</maml:para> </maml:description> <command:syntax> <!-- Parameter set: __AllParameterSets --> <command:syntaxItem> <maml:name>Get-NtKey</maml:name> <!-- Parameter: Path --> <command:parameter required="true" globbing="false" pipelineInput="false" position="0"> <maml:name>Path</maml:name> <maml:description> <maml:para>The NT object manager path to the object to use.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Access --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Access</maml:name> <maml:description> <maml:para>Specify the access rights for a new handle when creating/opening an object.</maml:para> <maml:para>Possible values: QueryValue, SetValue, CreateSubKey, EnumerateSubKeys, Notify, CreateLink, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">KeyAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.KeyAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>MaximumAllowed</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">QueryValue</command:parameterValue> <command:parameterValue required="false" variableLength="false">SetValue</command:parameterValue> <command:parameterValue required="false" variableLength="false">CreateSubKey</command:parameterValue> <command:parameterValue required="false" variableLength="false">EnumerateSubKeys</command:parameterValue> <command:parameterValue required="false" variableLength="false">Notify</command:parameterValue> <command:parameterValue required="false" variableLength="false">CreateLink</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: CloseRoot --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CloseRoot</maml:name> <maml:description> <maml:para>Automatically close the Root object when this cmdlet finishes processing. Useful for pipelines.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: CreateDirectories --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CreateDirectories</maml:name> <maml:description> <maml:para>Create any necessary NtDirectory objects to create the required object. Will return the created directories as well as the object in the output. The new object will be the first entry in the list. This doesn't work when opening an object or creating keys/files.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: Inherit --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Inherit</maml:name> <maml:description> <maml:para>Set to mark the new handle as inheritable. Can be used with ObjectAttributes.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ObjectAttributes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ObjectAttributes</maml:name> <maml:description> <maml:para>Object Attribute flags used during Open/Create calls.</maml:para> <maml:para>Possible values: None, ProtectClose, Inherit, AuditObjectClose, Permanent, Exclusive, CaseInsensitive, OpenIf, OpenLink, KernelHandle, ForceAccessCheck, IgnoreImpersonatedDevicemap, DontReparse</maml:para> </maml:description> <command:parameterValue required="true">AttributeFlags</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.AttributeFlags</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>CaseInsensitive</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ProtectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Inherit</command:parameterValue> <command:parameterValue required="false" variableLength="false">AuditObjectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Permanent</command:parameterValue> <command:parameterValue required="false" variableLength="false">Exclusive</command:parameterValue> <command:parameterValue required="false" variableLength="false">CaseInsensitive</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenIf</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenLink</command:parameterValue> <command:parameterValue required="false" variableLength="false">KernelHandle</command:parameterValue> <command:parameterValue required="false" variableLength="false">ForceAccessCheck</command:parameterValue> <command:parameterValue required="false" variableLength="false">IgnoreImpersonatedDevicemap</command:parameterValue> <command:parameterValue required="false" variableLength="false">DontReparse</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Options --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Options</maml:name> <maml:description> <maml:para>Options to use when opening/creating the key.</maml:para> <maml:para>Possible values: NonVolatile, Volatile, CreateLink, BackupRestore, OpenLink</maml:para> </maml:description> <command:parameterValue required="true">KeyCreateOptions</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.KeyCreateOptions</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>NonVolatile</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">NonVolatile</command:parameterValue> <command:parameterValue required="false" variableLength="false">Volatile</command:parameterValue> <command:parameterValue required="false" variableLength="false">CreateLink</command:parameterValue> <command:parameterValue required="false" variableLength="false">BackupRestore</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenLink</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Root --> <command:parameter required="false" globbing="false" pipelineInput="true (ByValue)" position="named"> <maml:name>Root</maml:name> <maml:description> <maml:para>An existing open NT object to use when Path is relative.</maml:para> </maml:description> <command:parameterValue required="true">NtObject</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtObject</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Sddl --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Sddl</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object in SDDL format.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SecurityDescriptor --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityDescriptor</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object.</maml:para> </maml:description> <command:parameterValue required="true">SecurityDescriptor</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityDescriptor</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SecurityQualityOfService --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityQualityOfService</maml:name> <maml:description> <maml:para>Set to provide an explicit security quality of service when opening files/namedpipes.</maml:para> </maml:description> <command:parameterValue required="true">SecurityQualityOfService</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityQualityOfService</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Transaction --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Transaction</maml:name> <maml:description> <maml:para>Specify a transaction to create the key under.</maml:para> </maml:description> <command:parameterValue required="true">INtTransaction</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.INtTransaction</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Win32Path --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Win32Path</maml:name> <maml:description> <maml:para>Use a Win32 path for lookups. For NT objects this means relative to BNO, for files means a DOS style path.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> </command:syntaxItem> </command:syntax> <command:parameters> <!-- Parameter: Options --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Options</maml:name> <maml:description> <maml:para>Options to use when opening/creating the key.</maml:para> <maml:para>Possible values: NonVolatile, Volatile, CreateLink, BackupRestore, OpenLink</maml:para> </maml:description> <command:parameterValue required="true">KeyCreateOptions</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.KeyCreateOptions</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>NonVolatile</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">NonVolatile</command:parameterValue> <command:parameterValue required="false" variableLength="false">Volatile</command:parameterValue> <command:parameterValue required="false" variableLength="false">CreateLink</command:parameterValue> <command:parameterValue required="false" variableLength="false">BackupRestore</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenLink</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Path --> <command:parameter required="true" globbing="false" pipelineInput="false" position="0"> <maml:name>Path</maml:name> <maml:description> <maml:para>The NT object manager path to the object to use.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Transaction --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Transaction</maml:name> <maml:description> <maml:para>Specify a transaction to create the key under.</maml:para> </maml:description> <command:parameterValue required="true">INtTransaction</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.INtTransaction</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Access --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Access</maml:name> <maml:description> <maml:para>Specify the access rights for a new handle when creating/opening an object.</maml:para> <maml:para>Possible values: QueryValue, SetValue, CreateSubKey, EnumerateSubKeys, Notify, CreateLink, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">KeyAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.KeyAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>MaximumAllowed</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">QueryValue</command:parameterValue> <command:parameterValue required="false" variableLength="false">SetValue</command:parameterValue> <command:parameterValue required="false" variableLength="false">CreateSubKey</command:parameterValue> <command:parameterValue required="false" variableLength="false">EnumerateSubKeys</command:parameterValue> <command:parameterValue required="false" variableLength="false">Notify</command:parameterValue> <command:parameterValue required="false" variableLength="false">CreateLink</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Root --> <command:parameter required="false" globbing="false" pipelineInput="true (ByValue)" position="named"> <maml:name>Root</maml:name> <maml:description> <maml:para>An existing open NT object to use when Path is relative.</maml:para> </maml:description> <command:parameterValue required="true">NtObject</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtObject</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Win32Path --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Win32Path</maml:name> <maml:description> <maml:para>Use a Win32 path for lookups. For NT objects this means relative to BNO, for files means a DOS style path.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: CloseRoot --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CloseRoot</maml:name> <maml:description> <maml:para>Automatically close the Root object when this cmdlet finishes processing. Useful for pipelines.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: CreateDirectories --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CreateDirectories</maml:name> <maml:description> <maml:para>Create any necessary NtDirectory objects to create the required object. Will return the created directories as well as the object in the output. The new object will be the first entry in the list. This doesn't work when opening an object or creating keys/files.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ObjectAttributes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ObjectAttributes</maml:name> <maml:description> <maml:para>Object Attribute flags used during Open/Create calls.</maml:para> <maml:para>Possible values: None, ProtectClose, Inherit, AuditObjectClose, Permanent, Exclusive, CaseInsensitive, OpenIf, OpenLink, KernelHandle, ForceAccessCheck, IgnoreImpersonatedDevicemap, DontReparse</maml:para> </maml:description> <command:parameterValue required="true">AttributeFlags</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.AttributeFlags</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>CaseInsensitive</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ProtectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Inherit</command:parameterValue> <command:parameterValue required="false" variableLength="false">AuditObjectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Permanent</command:parameterValue> <command:parameterValue required="false" variableLength="false">Exclusive</command:parameterValue> <command:parameterValue required="false" variableLength="false">CaseInsensitive</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenIf</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenLink</command:parameterValue> <command:parameterValue required="false" variableLength="false">KernelHandle</command:parameterValue> <command:parameterValue required="false" variableLength="false">ForceAccessCheck</command:parameterValue> <command:parameterValue required="false" variableLength="false">IgnoreImpersonatedDevicemap</command:parameterValue> <command:parameterValue required="false" variableLength="false">DontReparse</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: SecurityDescriptor --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityDescriptor</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object.</maml:para> </maml:description> <command:parameterValue required="true">SecurityDescriptor</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityDescriptor</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Inherit --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Inherit</maml:name> <maml:description> <maml:para>Set to mark the new handle as inheritable. Can be used with ObjectAttributes.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: Sddl --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Sddl</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object in SDDL format.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SecurityQualityOfService --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityQualityOfService</maml:name> <maml:description> <maml:para>Set to provide an explicit security quality of service when opening files/namedpipes.</maml:para> </maml:description> <command:parameterValue required="true">SecurityQualityOfService</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityQualityOfService</maml:name> <maml:uri /> </dev:type> </command:parameter> </command:parameters> <command:inputTypes> <command:inputType> <dev:type> <maml:name>NtApiDotNet.NtObject</maml:name> <maml:uri /> </dev:type> <maml:description> <maml:para>An existing open NT object to use when Path is relative.</maml:para> </maml:description> </command:inputType> </command:inputTypes> <command:returnValues> <!-- OutputType: NtKey --> <command:returnValue> <dev:type> <maml:name>NtApiDotNet.NtKey</maml:name> <maml:uri /> </dev:type> </command:returnValue> </command:returnValues> <command:examples> <command:example> <maml:title>---------- EXAMPLE 1 ----------</maml:title> <dev:code>$obj = Get-NtKey \Registry\Machine\Software</dev:code> <dev:remarks> <maml:para>Get a key object with an absolute path.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 2 ----------</maml:title> <dev:code>$root = Get-NtKey \Registry\Machine $obj = Get-NtKey Software -Root $root</dev:code> <dev:remarks> <maml:para>Get a key object with a relative path.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 3 ----------</maml:title> <dev:code>$obj = Get-NtKey \Registry\Machine\Software $obj.QueryKeys()</dev:code> <dev:remarks> <maml:para>Get a key object, and enumerate its subkeys</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 4 ----------</maml:title> <dev:code>$obj = Get-NtKey \Registry\Machine\Software $obj.QueryValues()</dev:code> <dev:remarks> <maml:para>Get a key object, and enumerate its values</maml:para> </dev:remarks> </command:example> </command:examples> <maml:relatedLinks> <maml:navigationLink> <maml:linkText>about_ManagingNtObjectLifetime</maml:linkText> </maml:navigationLink> </maml:relatedLinks> </command:command> <!-- Cmdlet: New-NtKey --> <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"> <command:details> <command:name>New-NtKey</command:name> <command:verb>New</command:verb> <command:noun>NtKey</command:noun> <maml:description> <maml:para>Create a new NT key object.</maml:para> </maml:description> </command:details> <maml:description> <maml:para>This cmdlet creates a new NT key object. The absolute path to the object in the NT object manager name space must be specified. It's also possible to create the object relative to an existing object by specified the -Root parameter.</maml:para> </maml:description> <command:syntax> <!-- Parameter set: __AllParameterSets --> <command:syntaxItem> <maml:name>New-NtKey</maml:name> <!-- Parameter: Path --> <command:parameter required="true" globbing="false" pipelineInput="false" position="0"> <maml:name>Path</maml:name> <maml:description> <maml:para>The NT object manager path to the object to use.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Access --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Access</maml:name> <maml:description> <maml:para>Specify the access rights for a new handle when creating/opening an object.</maml:para> <maml:para>Possible values: QueryValue, SetValue, CreateSubKey, EnumerateSubKeys, Notify, CreateLink, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">KeyAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.KeyAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>MaximumAllowed</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">QueryValue</command:parameterValue> <command:parameterValue required="false" variableLength="false">SetValue</command:parameterValue> <command:parameterValue required="false" variableLength="false">CreateSubKey</command:parameterValue> <command:parameterValue required="false" variableLength="false">EnumerateSubKeys</command:parameterValue> <command:parameterValue required="false" variableLength="false">Notify</command:parameterValue> <command:parameterValue required="false" variableLength="false">CreateLink</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: CloseRoot --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CloseRoot</maml:name> <maml:description> <maml:para>Automatically close the Root object when this cmdlet finishes processing. Useful for pipelines.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: CreateDirectories --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CreateDirectories</maml:name> <maml:description> <maml:para>Create any necessary NtDirectory objects to create the required object. Will return the created directories as well as the object in the output. The new object will be the first entry in the list. This doesn't work when opening an object or creating keys/files.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: Inherit --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Inherit</maml:name> <maml:description> <maml:para>Set to mark the new handle as inheritable. Can be used with ObjectAttributes.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ObjectAttributes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ObjectAttributes</maml:name> <maml:description> <maml:para>Object Attribute flags used during Open/Create calls.</maml:para> <maml:para>Possible values: None, ProtectClose, Inherit, AuditObjectClose, Permanent, Exclusive, CaseInsensitive, OpenIf, OpenLink, KernelHandle, ForceAccessCheck, IgnoreImpersonatedDevicemap, DontReparse</maml:para> </maml:description> <command:parameterValue required="true">AttributeFlags</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.AttributeFlags</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>CaseInsensitive</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ProtectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Inherit</command:parameterValue> <command:parameterValue required="false" variableLength="false">AuditObjectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Permanent</command:parameterValue> <command:parameterValue required="false" variableLength="false">Exclusive</command:parameterValue> <command:parameterValue required="false" variableLength="false">CaseInsensitive</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenIf</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenLink</command:parameterValue> <command:parameterValue required="false" variableLength="false">KernelHandle</command:parameterValue> <command:parameterValue required="false" variableLength="false">ForceAccessCheck</command:parameterValue> <command:parameterValue required="false" variableLength="false">IgnoreImpersonatedDevicemap</command:parameterValue> <command:parameterValue required="false" variableLength="false">DontReparse</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Options --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Options</maml:name> <maml:description> <maml:para>Options to use when opening/creating the key.</maml:para> <maml:para>Possible values: NonVolatile, Volatile, CreateLink, BackupRestore, OpenLink</maml:para> </maml:description> <command:parameterValue required="true">KeyCreateOptions</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.KeyCreateOptions</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>NonVolatile</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">NonVolatile</command:parameterValue> <command:parameterValue required="false" variableLength="false">Volatile</command:parameterValue> <command:parameterValue required="false" variableLength="false">CreateLink</command:parameterValue> <command:parameterValue required="false" variableLength="false">BackupRestore</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenLink</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Root --> <command:parameter required="false" globbing="false" pipelineInput="true (ByValue)" position="named"> <maml:name>Root</maml:name> <maml:description> <maml:para>An existing open NT object to use when Path is relative.</maml:para> </maml:description> <command:parameterValue required="true">NtObject</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtObject</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Sddl --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Sddl</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object in SDDL format.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SecurityDescriptor --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityDescriptor</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object.</maml:para> </maml:description> <command:parameterValue required="true">SecurityDescriptor</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityDescriptor</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SecurityQualityOfService --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityQualityOfService</maml:name> <maml:description> <maml:para>Set to provide an explicit security quality of service when opening files/namedpipes.</maml:para> </maml:description> <command:parameterValue required="true">SecurityQualityOfService</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityQualityOfService</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Transaction --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Transaction</maml:name> <maml:description> <maml:para>Specify a transaction to create the key under.</maml:para> </maml:description> <command:parameterValue required="true">INtTransaction</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.INtTransaction</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Win32Path --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Win32Path</maml:name> <maml:description> <maml:para>Use a Win32 path for lookups. For NT objects this means relative to BNO, for files means a DOS style path.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> </command:syntaxItem> </command:syntax> <command:parameters> <!-- Parameter: Options --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Options</maml:name> <maml:description> <maml:para>Options to use when opening/creating the key.</maml:para> <maml:para>Possible values: NonVolatile, Volatile, CreateLink, BackupRestore, OpenLink</maml:para> </maml:description> <command:parameterValue required="true">KeyCreateOptions</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.KeyCreateOptions</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>NonVolatile</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">NonVolatile</command:parameterValue> <command:parameterValue required="false" variableLength="false">Volatile</command:parameterValue> <command:parameterValue required="false" variableLength="false">CreateLink</command:parameterValue> <command:parameterValue required="false" variableLength="false">BackupRestore</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenLink</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Path --> <command:parameter required="true" globbing="false" pipelineInput="false" position="0"> <maml:name>Path</maml:name> <maml:description> <maml:para>The NT object manager path to the object to use.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Transaction --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Transaction</maml:name> <maml:description> <maml:para>Specify a transaction to create the key under.</maml:para> </maml:description> <command:parameterValue required="true">INtTransaction</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.INtTransaction</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Access --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Access</maml:name> <maml:description> <maml:para>Specify the access rights for a new handle when creating/opening an object.</maml:para> <maml:para>Possible values: QueryValue, SetValue, CreateSubKey, EnumerateSubKeys, Notify, CreateLink, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">KeyAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.KeyAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>MaximumAllowed</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">QueryValue</command:parameterValue> <command:parameterValue required="false" variableLength="false">SetValue</command:parameterValue> <command:parameterValue required="false" variableLength="false">CreateSubKey</command:parameterValue> <command:parameterValue required="false" variableLength="false">EnumerateSubKeys</command:parameterValue> <command:parameterValue required="false" variableLength="false">Notify</command:parameterValue> <command:parameterValue required="false" variableLength="false">CreateLink</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Root --> <command:parameter required="false" globbing="false" pipelineInput="true (ByValue)" position="named"> <maml:name>Root</maml:name> <maml:description> <maml:para>An existing open NT object to use when Path is relative.</maml:para> </maml:description> <command:parameterValue required="true">NtObject</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtObject</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Win32Path --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Win32Path</maml:name> <maml:description> <maml:para>Use a Win32 path for lookups. For NT objects this means relative to BNO, for files means a DOS style path.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: CloseRoot --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CloseRoot</maml:name> <maml:description> <maml:para>Automatically close the Root object when this cmdlet finishes processing. Useful for pipelines.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: CreateDirectories --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CreateDirectories</maml:name> <maml:description> <maml:para>Create any necessary NtDirectory objects to create the required object. Will return the created directories as well as the object in the output. The new object will be the first entry in the list. This doesn't work when opening an object or creating keys/files.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ObjectAttributes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ObjectAttributes</maml:name> <maml:description> <maml:para>Object Attribute flags used during Open/Create calls.</maml:para> <maml:para>Possible values: None, ProtectClose, Inherit, AuditObjectClose, Permanent, Exclusive, CaseInsensitive, OpenIf, OpenLink, KernelHandle, ForceAccessCheck, IgnoreImpersonatedDevicemap, DontReparse</maml:para> </maml:description> <command:parameterValue required="true">AttributeFlags</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.AttributeFlags</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>CaseInsensitive</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ProtectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Inherit</command:parameterValue> <command:parameterValue required="false" variableLength="false">AuditObjectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Permanent</command:parameterValue> <command:parameterValue required="false" variableLength="false">Exclusive</command:parameterValue> <command:parameterValue required="false" variableLength="false">CaseInsensitive</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenIf</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenLink</command:parameterValue> <command:parameterValue required="false" variableLength="false">KernelHandle</command:parameterValue> <command:parameterValue required="false" variableLength="false">ForceAccessCheck</command:parameterValue> <command:parameterValue required="false" variableLength="false">IgnoreImpersonatedDevicemap</command:parameterValue> <command:parameterValue required="false" variableLength="false">DontReparse</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: SecurityDescriptor --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityDescriptor</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object.</maml:para> </maml:description> <command:parameterValue required="true">SecurityDescriptor</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityDescriptor</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Inherit --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Inherit</maml:name> <maml:description> <maml:para>Set to mark the new handle as inheritable. Can be used with ObjectAttributes.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: Sddl --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Sddl</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object in SDDL format.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SecurityQualityOfService --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityQualityOfService</maml:name> <maml:description> <maml:para>Set to provide an explicit security quality of service when opening files/namedpipes.</maml:para> </maml:description> <command:parameterValue required="true">SecurityQualityOfService</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityQualityOfService</maml:name> <maml:uri /> </dev:type> </command:parameter> </command:parameters> <command:inputTypes> <command:inputType> <dev:type> <maml:name>NtApiDotNet.NtObject</maml:name> <maml:uri /> </dev:type> <maml:description> <maml:para>An existing open NT object to use when Path is relative.</maml:para> </maml:description> </command:inputType> </command:inputTypes> <command:returnValues> <!-- OutputType: NtKey --> <command:returnValue> <dev:type> <maml:name>NtApiDotNet.NtKey</maml:name> <maml:uri /> </dev:type> </command:returnValue> </command:returnValues> <command:examples> <command:example> <maml:title>---------- EXAMPLE 1 ----------</maml:title> <dev:code>$obj = New-NtKey \Registry\Machine\Software\ABC</dev:code> <dev:remarks> <maml:para>Create a new key object with an absolute path.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 2 ----------</maml:title> <dev:code>$obj = New-NtKey -Path \Registry\Machine\Software\ABC $obj.SetValue("ValueName", String, "DataValue")</dev:code> <dev:remarks> <maml:para>Create a new event object and set a string value.</maml:para> </dev:remarks> </command:example> </command:examples> <maml:relatedLinks> <maml:navigationLink> <maml:linkText>about_ManagingNtObjectLifetime</maml:linkText> </maml:navigationLink> </maml:relatedLinks> </command:command> <!-- Cmdlet: Remove-NtKey --> <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"> <command:details> <command:name>Remove-NtKey</command:name> <command:verb>Remove</command:verb> <command:noun>NtKey</command:noun> <maml:description> <maml:para>Unloads a registry hive.</maml:para> </maml:description> </command:details> <maml:description> <maml:para>This cmdlet unloads a registry hive in the registry namespace.</maml:para> </maml:description> <command:syntax> <!-- Parameter set: __AllParameterSets --> <command:syntaxItem> <maml:name>Remove-NtKey</maml:name> <!-- Parameter: Path --> <command:parameter required="true" globbing="false" pipelineInput="false" position="0"> <maml:name>Path</maml:name> <maml:description> <maml:para>The NT object manager path to the object to use.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: CloseRoot --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CloseRoot</maml:name> <maml:description> <maml:para>Automatically close the Root object when this cmdlet finishes processing. Useful for pipelines.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: CreateDirectories --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CreateDirectories</maml:name> <maml:description> <maml:para>Create any necessary NtDirectory objects to create the required object. Will return the created directories as well as the object in the output. The new object will be the first entry in the list. This doesn't work when opening an object or creating keys/files.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: Flags --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Flags</maml:name> <maml:description> <maml:para>Specifes the flags for unloading the hive.</maml:para> <maml:para>Possible values: None, ForceUnload</maml:para> </maml:description> <command:parameterValue required="true">UnloadKeyFlags</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.UnloadKeyFlags</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ForceUnload</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Inherit --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Inherit</maml:name> <maml:description> <maml:para>Set to mark the new handle as inheritable. Can be used with ObjectAttributes.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ObjectAttributes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ObjectAttributes</maml:name> <maml:description> <maml:para>Object Attribute flags used during Open/Create calls.</maml:para> <maml:para>Possible values: None, ProtectClose, Inherit, AuditObjectClose, Permanent, Exclusive, CaseInsensitive, OpenIf, OpenLink, KernelHandle, ForceAccessCheck, IgnoreImpersonatedDevicemap, DontReparse</maml:para> </maml:description> <command:parameterValue required="true">AttributeFlags</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.AttributeFlags</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>CaseInsensitive</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ProtectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Inherit</command:parameterValue> <command:parameterValue required="false" variableLength="false">AuditObjectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Permanent</command:parameterValue> <command:parameterValue required="false" variableLength="false">Exclusive</command:parameterValue> <command:parameterValue required="false" variableLength="false">CaseInsensitive</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenIf</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenLink</command:parameterValue> <command:parameterValue required="false" variableLength="false">KernelHandle</command:parameterValue> <command:parameterValue required="false" variableLength="false">ForceAccessCheck</command:parameterValue> <command:parameterValue required="false" variableLength="false">IgnoreImpersonatedDevicemap</command:parameterValue> <command:parameterValue required="false" variableLength="false">DontReparse</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Root --> <command:parameter required="false" globbing="false" pipelineInput="true (ByValue)" position="named"> <maml:name>Root</maml:name> <maml:description> <maml:para>An existing open NT object to use when Path is relative.</maml:para> </maml:description> <command:parameterValue required="true">NtObject</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtObject</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Sddl --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Sddl</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object in SDDL format.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SecurityDescriptor --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityDescriptor</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object.</maml:para> </maml:description> <command:parameterValue required="true">SecurityDescriptor</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityDescriptor</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SecurityQualityOfService --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityQualityOfService</maml:name> <maml:description> <maml:para>Set to provide an explicit security quality of service when opening files/namedpipes.</maml:para> </maml:description> <command:parameterValue required="true">SecurityQualityOfService</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityQualityOfService</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Win32Path --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Win32Path</maml:name> <maml:description> <maml:para>Use a Win32 path for lookups. For NT objects this means relative to BNO, for files means a DOS style path.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> </command:syntaxItem> </command:syntax> <command:parameters> <!-- Parameter: Path --> <command:parameter required="true" globbing="false" pipelineInput="false" position="0"> <maml:name>Path</maml:name> <maml:description> <maml:para>The NT object manager path to the object to use.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Flags --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Flags</maml:name> <maml:description> <maml:para>Specifes the flags for unloading the hive.</maml:para> <maml:para>Possible values: None, ForceUnload</maml:para> </maml:description> <command:parameterValue required="true">UnloadKeyFlags</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.UnloadKeyFlags</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ForceUnload</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Root --> <command:parameter required="false" globbing="false" pipelineInput="true (ByValue)" position="named"> <maml:name>Root</maml:name> <maml:description> <maml:para>An existing open NT object to use when Path is relative.</maml:para> </maml:description> <command:parameterValue required="true">NtObject</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtObject</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Win32Path --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Win32Path</maml:name> <maml:description> <maml:para>Use a Win32 path for lookups. For NT objects this means relative to BNO, for files means a DOS style path.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: CloseRoot --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CloseRoot</maml:name> <maml:description> <maml:para>Automatically close the Root object when this cmdlet finishes processing. Useful for pipelines.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: CreateDirectories --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CreateDirectories</maml:name> <maml:description> <maml:para>Create any necessary NtDirectory objects to create the required object. Will return the created directories as well as the object in the output. The new object will be the first entry in the list. This doesn't work when opening an object or creating keys/files.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ObjectAttributes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ObjectAttributes</maml:name> <maml:description> <maml:para>Object Attribute flags used during Open/Create calls.</maml:para> <maml:para>Possible values: None, ProtectClose, Inherit, AuditObjectClose, Permanent, Exclusive, CaseInsensitive, OpenIf, OpenLink, KernelHandle, ForceAccessCheck, IgnoreImpersonatedDevicemap, DontReparse</maml:para> </maml:description> <command:parameterValue required="true">AttributeFlags</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.AttributeFlags</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>CaseInsensitive</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ProtectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Inherit</command:parameterValue> <command:parameterValue required="false" variableLength="false">AuditObjectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Permanent</command:parameterValue> <command:parameterValue required="false" variableLength="false">Exclusive</command:parameterValue> <command:parameterValue required="false" variableLength="false">CaseInsensitive</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenIf</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenLink</command:parameterValue> <command:parameterValue required="false" variableLength="false">KernelHandle</command:parameterValue> <command:parameterValue required="false" variableLength="false">ForceAccessCheck</command:parameterValue> <command:parameterValue required="false" variableLength="false">IgnoreImpersonatedDevicemap</command:parameterValue> <command:parameterValue required="false" variableLength="false">DontReparse</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: SecurityDescriptor --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityDescriptor</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object.</maml:para> </maml:description> <command:parameterValue required="true">SecurityDescriptor</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityDescriptor</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Inherit --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Inherit</maml:name> <maml:description> <maml:para>Set to mark the new handle as inheritable. Can be used with ObjectAttributes.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: Sddl --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Sddl</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object in SDDL format.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SecurityQualityOfService --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityQualityOfService</maml:name> <maml:description> <maml:para>Set to provide an explicit security quality of service when opening files/namedpipes.</maml:para> </maml:description> <command:parameterValue required="true">SecurityQualityOfService</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityQualityOfService</maml:name> <maml:uri /> </dev:type> </command:parameter> </command:parameters> <command:inputTypes> <command:inputType> <dev:type> <maml:name>NtApiDotNet.NtObject</maml:name> <maml:uri /> </dev:type> <maml:description> <maml:para>An existing open NT object to use when Path is relative.</maml:para> </maml:description> </command:inputType> </command:inputTypes> <command:returnValues /> <command:examples> <command:example> <maml:title>---------- EXAMPLE 1 ----------</maml:title> <dev:code>Remove-NtKey \Registry\Machine\ABC</dev:code> <dev:remarks> <maml:para>Unload the \Registry\Machine\ABC hive.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 2 ----------</maml:title> <dev:code>Remove-NtKey \Registry\Machine\ABC -Flags ForceUnload</dev:code> <dev:remarks> <maml:para>Unload the \Registry\Machine\ABC hive, forcing the unload if necessary.</maml:para> </dev:remarks> </command:example> </command:examples> </command:command> <!-- Cmdlet: Get-NtKeyChild --> <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"> <command:details> <command:name>Get-NtKeyChild</command:name> <command:verb>Get</command:verb> <command:noun>NtKeyChild</command:noun> <maml:description> <maml:para>Get the accessible children of a key.</maml:para> </maml:description> </command:details> <maml:description> <maml:para>This cmdlet gets the children of a key object. It allows the children to be extracted recursively. You can choose to get the children through the pipeline or specify a vistor script.</maml:para> </maml:description> <command:syntax> <!-- Parameter set: __AllParameterSets --> <command:syntaxItem> <maml:name>Get-NtKeyChild</maml:name> <!-- Parameter: Object --> <command:parameter required="true" globbing="false" pipelineInput="false" position="0"> <maml:name>Object</maml:name> <maml:description> <maml:para>Specify an object to get children from, should be a directory.</maml:para> </maml:description> <command:parameterValue required="true">NtKey</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtKey</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Access --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Access</maml:name> <maml:description> <maml:para>Specify the access when opening a child.</maml:para> <maml:para>Possible values: QueryValue, SetValue, CreateSubKey, EnumerateSubKeys, Notify, CreateLink, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">KeyAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.KeyAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>MaximumAllowed</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">QueryValue</command:parameterValue> <command:parameterValue required="false" variableLength="false">SetValue</command:parameterValue> <command:parameterValue required="false" variableLength="false">CreateSubKey</command:parameterValue> <command:parameterValue required="false" variableLength="false">EnumerateSubKeys</command:parameterValue> <command:parameterValue required="false" variableLength="false">Notify</command:parameterValue> <command:parameterValue required="false" variableLength="false">CreateLink</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Filter --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Filter</maml:name> <maml:description> <maml:para>Specify a script block to filter child objects. Return $true to keep the object.</maml:para> </maml:description> <command:parameterValue required="true">ScriptBlock</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.ScriptBlock</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: MaxDepth --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>MaxDepth</maml:name> <maml:description> <maml:para>When recursing specify the maximum depth of recursion. -1 indicates no limit.</maml:para> </maml:description> <command:parameterValue required="true">int</command:parameterValue> <dev:type> <maml:name>System.Int32</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>-1</dev:defaultValue> </command:parameter> <!-- Parameter: OpenForBackup --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>OpenForBackup</maml:name> <maml:description> <maml:para>Open keys for backup. Needs SeBackupPrivilege enabled.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: Recurse --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Recurse</maml:name> <maml:description> <maml:para>Get children recursively.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: Visitor --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Visitor</maml:name> <maml:description> <maml:para>Specify a script block to run for every child. The file object will automatically be disposed once the vistor has executed. If you want to cancel enumeration return $false.</maml:para> </maml:description> <command:parameterValue required="true">ScriptBlock</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.ScriptBlock</maml:name> <maml:uri /> </dev:type> </command:parameter> </command:syntaxItem> </command:syntax> <command:parameters> <!-- Parameter: OpenForBackup --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>OpenForBackup</maml:name> <maml:description> <maml:para>Open keys for backup. Needs SeBackupPrivilege enabled.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: Object --> <command:parameter required="true" globbing="false" pipelineInput="false" position="0"> <maml:name>Object</maml:name> <maml:description> <maml:para>Specify an object to get children from, should be a directory.</maml:para> </maml:description> <command:parameterValue required="true">NtKey</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtKey</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Access --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Access</maml:name> <maml:description> <maml:para>Specify the access when opening a child.</maml:para> <maml:para>Possible values: QueryValue, SetValue, CreateSubKey, EnumerateSubKeys, Notify, CreateLink, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">KeyAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.KeyAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>MaximumAllowed</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">QueryValue</command:parameterValue> <command:parameterValue required="false" variableLength="false">SetValue</command:parameterValue> <command:parameterValue required="false" variableLength="false">CreateSubKey</command:parameterValue> <command:parameterValue required="false" variableLength="false">EnumerateSubKeys</command:parameterValue> <command:parameterValue required="false" variableLength="false">Notify</command:parameterValue> <command:parameterValue required="false" variableLength="false">CreateLink</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Recurse --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Recurse</maml:name> <maml:description> <maml:para>Get children recursively.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: MaxDepth --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>MaxDepth</maml:name> <maml:description> <maml:para>When recursing specify the maximum depth of recursion. -1 indicates no limit.</maml:para> </maml:description> <command:parameterValue required="true">int</command:parameterValue> <dev:type> <maml:name>System.Int32</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>-1</dev:defaultValue> </command:parameter> <!-- Parameter: Visitor --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Visitor</maml:name> <maml:description> <maml:para>Specify a script block to run for every child. The file object will automatically be disposed once the vistor has executed. If you want to cancel enumeration return $false.</maml:para> </maml:description> <command:parameterValue required="true">ScriptBlock</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.ScriptBlock</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Filter --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Filter</maml:name> <maml:description> <maml:para>Specify a script block to filter child objects. Return $true to keep the object.</maml:para> </maml:description> <command:parameterValue required="true">ScriptBlock</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.ScriptBlock</maml:name> <maml:uri /> </dev:type> </command:parameter> </command:parameters> <command:inputTypes /> <command:returnValues /> <command:examples> <command:example> <maml:title>---------- EXAMPLE 1 ----------</maml:title> <dev:code>$keys = Get-NtKeyChild $key</dev:code> <dev:remarks> <maml:para>Get immediate children of a key.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 2 ----------</maml:title> <dev:code>$keys = Get-NtKeyChild $key -Recurse</dev:code> <dev:remarks> <maml:para>Get children of a key recursively.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 3 ----------</maml:title> <dev:code>$keys = Get-NtKeyChild $key -Recurse -OpenForBackup</dev:code> <dev:remarks> <maml:para>Get children of a key recursively.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 4 ----------</maml:title> <dev:code>$keys = Get-NtKeyChild $key -Recurse -MaxDepth 2</dev:code> <dev:remarks> <maml:para>Get children of a key recursively up to a maximum depth of 2.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 5 ----------</maml:title> <dev:code>$keys = Get-NtKeyChild $key Access ReadControl</dev:code> <dev:remarks> <maml:para>Get children of a key which can be opened for ReadControl access.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 6 ----------</maml:title> <dev:code>Get-NtKeyChild $key -Visitor { $path = $_.FullPath; Write-Host $path }</dev:code> <dev:remarks> <maml:para>Get children of a key via the visitor pattern.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 7 ----------</maml:title> <dev:code>Get-NtKeyChild $key -Recurse -Visitor { $path = $_.FullPath; Write-Host $path; $path -notmatch "BLAH" }</dev:code> <dev:remarks> <maml:para>Get children of a key via the visitor pattern, exiting the recursion if the object path contains the string BLAH.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 8 ----------</maml:title> <dev:code>$keys = Get-NtKeyChild $key -Recurse -Filter { $_.FullPath -match "BLAH" }</dev:code> <dev:remarks> <maml:para>Get children of a key filtering out any objects which don't have BLAH in the name.</maml:para> </dev:remarks> </command:example> </command:examples> <maml:relatedLinks> <maml:navigationLink> <maml:linkText>about_ManagingNtObjectLifetime</maml:linkText> </maml:navigationLink> </maml:relatedLinks> </command:command> <!-- Cmdlet: New-NtMailslotFile --> <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"> <command:details> <command:name>New-NtMailslotFile</command:name> <command:verb>New</command:verb> <command:noun>NtMailslotFile</command:noun> <maml:description> <maml:para>Create a new NT mailslot file object.</maml:para> </maml:description> </command:details> <maml:description> <maml:para>This cmdlet creates a new NT mailslot file object. The absolute path to the object in the NT object manager name space can be specified. It's also possible to open the object relative to an existing object by specified the -Root parameter.</maml:para> </maml:description> <command:syntax> <!-- Parameter set: __AllParameterSets --> <command:syntaxItem> <maml:name>New-NtMailslotFile</maml:name> <!-- Parameter: Path --> <command:parameter required="true" globbing="false" pipelineInput="false" position="0"> <maml:name>Path</maml:name> <maml:description> <maml:para>The NT object manager path to the object to use.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Access --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Access</maml:name> <maml:description> <maml:para>Specify the access rights for a new handle when creating/opening an object.</maml:para> <maml:para>Possible values: None, ReadData, WriteData, AppendData, ReadEa, WriteEa, Execute, DeleteChild, ReadAttributes, WriteAttributes, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">FileAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.FileAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>ReadAttributes, WriteDac, GenericRead</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadData</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteData</command:parameterValue> <command:parameterValue required="false" variableLength="false">AppendData</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadEa</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteEa</command:parameterValue> <command:parameterValue required="false" variableLength="false">Execute</command:parameterValue> <command:parameterValue required="false" variableLength="false">DeleteChild</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadAttributes</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteAttributes</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: CloseRoot --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CloseRoot</maml:name> <maml:description> <maml:para>Automatically close the Root object when this cmdlet finishes processing. Useful for pipelines.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: CreateDirectories --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CreateDirectories</maml:name> <maml:description> <maml:para>Create any necessary NtDirectory objects to create the required object. Will return the created directories as well as the object in the output. The new object will be the first entry in the list. This doesn't work when opening an object or creating keys/files.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: DefaultTimeoutMs --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>DefaultTimeoutMs</maml:name> <maml:description> <maml:para>Specify the default timeout for the mailslot in MS (-1 for no timeout)</maml:para> </maml:description> <command:parameterValue required="true">int</command:parameterValue> <dev:type> <maml:name>System.Int32</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>-1</dev:defaultValue> </command:parameter> <!-- Parameter: DeviceGuid --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>DeviceGuid</maml:name> <maml:description> <maml:para>Specify that the path is a device GUID not a full path.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: DirectoryAccess --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>DirectoryAccess</maml:name> <maml:description> <maml:para>Specify file access using directory access rights.</maml:para> <maml:para>Possible values: None, ListDirectory, AddFile, AddSubDirectory, ReadEa, WriteEa, Traverse, DeleteChild, ReadAttributes, WriteAttributes, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">FileDirectoryAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.FileDirectoryAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>ReadAttributes, WriteDac, GenericRead</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ListDirectory</command:parameterValue> <command:parameterValue required="false" variableLength="false">AddFile</command:parameterValue> <command:parameterValue required="false" variableLength="false">AddSubDirectory</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadEa</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteEa</command:parameterValue> <command:parameterValue required="false" variableLength="false">Traverse</command:parameterValue> <command:parameterValue required="false" variableLength="false">DeleteChild</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadAttributes</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteAttributes</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Inherit --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Inherit</maml:name> <maml:description> <maml:para>Set to mark the new handle as inheritable. Can be used with ObjectAttributes.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: MailslotQuota --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>MailslotQuota</maml:name> <maml:description> <maml:para>Specify the mailslot quota.</maml:para> </maml:description> <command:parameterValue required="true">int</command:parameterValue> <dev:type> <maml:name>System.Int32</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>0</dev:defaultValue> </command:parameter> <!-- Parameter: MaximumMessageSize --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>MaximumMessageSize</maml:name> <maml:description> <maml:para>Specify the maximum message size (0 means any size)</maml:para> </maml:description> <command:parameterValue required="true">int</command:parameterValue> <dev:type> <maml:name>System.Int32</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>0</dev:defaultValue> </command:parameter> <!-- Parameter: ObjectAttributes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ObjectAttributes</maml:name> <maml:description> <maml:para>Object Attribute flags used during Open/Create calls.</maml:para> <maml:para>Possible values: None, ProtectClose, Inherit, AuditObjectClose, Permanent, Exclusive, CaseInsensitive, OpenIf, OpenLink, KernelHandle, ForceAccessCheck, IgnoreImpersonatedDevicemap, DontReparse</maml:para> </maml:description> <command:parameterValue required="true">AttributeFlags</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.AttributeFlags</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>CaseInsensitive</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ProtectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Inherit</command:parameterValue> <command:parameterValue required="false" variableLength="false">AuditObjectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Permanent</command:parameterValue> <command:parameterValue required="false" variableLength="false">Exclusive</command:parameterValue> <command:parameterValue required="false" variableLength="false">CaseInsensitive</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenIf</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenLink</command:parameterValue> <command:parameterValue required="false" variableLength="false">KernelHandle</command:parameterValue> <command:parameterValue required="false" variableLength="false">ForceAccessCheck</command:parameterValue> <command:parameterValue required="false" variableLength="false">IgnoreImpersonatedDevicemap</command:parameterValue> <command:parameterValue required="false" variableLength="false">DontReparse</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Options --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Options</maml:name> <maml:description> <maml:para>The options to open the file with.</maml:para> <maml:para>Possible values: None, DirectoryFile, WriteThrough, SequentialOnly, NoIntermediateBuffering, SynchronousIoAlert, SynchronousIoNonAlert, NonDirectoryFile, CreateTreeConnection, CompleteIfOplocked, NoEaKnowledge, OpenRemoteInstance, RandomAccess, DeleteOnClose, OpenByFileId, OpenForBackupIntent, NoCompression, OpenRequiringOplock, DisallowExclusive, SessionAware, ReserveOpfilter, OpenReparsePoint, OpenNoRecall, OpenForFreeSpaceQuery</maml:para> </maml:description> <command:parameterValue required="true">FileOpenOptions</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.FileOpenOptions</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">DirectoryFile</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteThrough</command:parameterValue> <command:parameterValue required="false" variableLength="false">SequentialOnly</command:parameterValue> <command:parameterValue required="false" variableLength="false">NoIntermediateBuffering</command:parameterValue> <command:parameterValue required="false" variableLength="false">SynchronousIoAlert</command:parameterValue> <command:parameterValue required="false" variableLength="false">SynchronousIoNonAlert</command:parameterValue> <command:parameterValue required="false" variableLength="false">NonDirectoryFile</command:parameterValue> <command:parameterValue required="false" variableLength="false">CreateTreeConnection</command:parameterValue> <command:parameterValue required="false" variableLength="false">CompleteIfOplocked</command:parameterValue> <command:parameterValue required="false" variableLength="false">NoEaKnowledge</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenRemoteInstance</command:parameterValue> <command:parameterValue required="false" variableLength="false">RandomAccess</command:parameterValue> <command:parameterValue required="false" variableLength="false">DeleteOnClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenByFileId</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenForBackupIntent</command:parameterValue> <command:parameterValue required="false" variableLength="false">NoCompression</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenRequiringOplock</command:parameterValue> <command:parameterValue required="false" variableLength="false">DisallowExclusive</command:parameterValue> <command:parameterValue required="false" variableLength="false">SessionAware</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReserveOpfilter</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenReparsePoint</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenNoRecall</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenForFreeSpaceQuery</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Root --> <command:parameter required="false" globbing="false" pipelineInput="true (ByValue)" position="named"> <maml:name>Root</maml:name> <maml:description> <maml:para>An existing open NT object to use when Path is relative.</maml:para> </maml:description> <command:parameterValue required="true">NtObject</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtObject</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Sddl --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Sddl</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object in SDDL format.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SecurityDescriptor --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityDescriptor</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object.</maml:para> </maml:description> <command:parameterValue required="true">SecurityDescriptor</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityDescriptor</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SecurityQualityOfService --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityQualityOfService</maml:name> <maml:description> <maml:para>Set to provide an explicit security quality of service when opening files/namedpipes.</maml:para> </maml:description> <command:parameterValue required="true">SecurityQualityOfService</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityQualityOfService</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: ShareMode --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ShareMode</maml:name> <maml:description> <maml:para>The access share mode to open the file with.</maml:para> <maml:para>Possible values: None, Read, Write, Delete, All</maml:para> </maml:description> <command:parameterValue required="true">FileShareMode</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.FileShareMode</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">Read</command:parameterValue> <command:parameterValue required="false" variableLength="false">Write</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">All</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Transaction --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Transaction</maml:name> <maml:description> <maml:para>Specify a transaction to create the file under.</maml:para> </maml:description> <command:parameterValue required="true">NtTransaction</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtTransaction</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Win32Path --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Win32Path</maml:name> <maml:description> <maml:para>Use a Win32 path for lookups. For NT objects this means relative to BNO, for files means a DOS style path.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> </command:syntaxItem> </command:syntax> <command:parameters> <!-- Parameter: DefaultTimeoutMs --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>DefaultTimeoutMs</maml:name> <maml:description> <maml:para>Specify the default timeout for the mailslot in MS (-1 for no timeout)</maml:para> </maml:description> <command:parameterValue required="true">int</command:parameterValue> <dev:type> <maml:name>System.Int32</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>-1</dev:defaultValue> </command:parameter> <!-- Parameter: MaximumMessageSize --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>MaximumMessageSize</maml:name> <maml:description> <maml:para>Specify the maximum message size (0 means any size)</maml:para> </maml:description> <command:parameterValue required="true">int</command:parameterValue> <dev:type> <maml:name>System.Int32</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>0</dev:defaultValue> </command:parameter> <!-- Parameter: MailslotQuota --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>MailslotQuota</maml:name> <maml:description> <maml:para>Specify the mailslot quota.</maml:para> </maml:description> <command:parameterValue required="true">int</command:parameterValue> <dev:type> <maml:name>System.Int32</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>0</dev:defaultValue> </command:parameter> <!-- Parameter: Path --> <command:parameter required="true" globbing="false" pipelineInput="false" position="0"> <maml:name>Path</maml:name> <maml:description> <maml:para>The NT object manager path to the object to use.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: DeviceGuid --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>DeviceGuid</maml:name> <maml:description> <maml:para>Specify that the path is a device GUID not a full path.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: DirectoryAccess --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>DirectoryAccess</maml:name> <maml:description> <maml:para>Specify file access using directory access rights.</maml:para> <maml:para>Possible values: None, ListDirectory, AddFile, AddSubDirectory, ReadEa, WriteEa, Traverse, DeleteChild, ReadAttributes, WriteAttributes, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">FileDirectoryAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.FileDirectoryAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>ReadAttributes, WriteDac, GenericRead</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ListDirectory</command:parameterValue> <command:parameterValue required="false" variableLength="false">AddFile</command:parameterValue> <command:parameterValue required="false" variableLength="false">AddSubDirectory</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadEa</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteEa</command:parameterValue> <command:parameterValue required="false" variableLength="false">Traverse</command:parameterValue> <command:parameterValue required="false" variableLength="false">DeleteChild</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadAttributes</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteAttributes</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: ShareMode --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ShareMode</maml:name> <maml:description> <maml:para>The access share mode to open the file with.</maml:para> <maml:para>Possible values: None, Read, Write, Delete, All</maml:para> </maml:description> <command:parameterValue required="true">FileShareMode</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.FileShareMode</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">Read</command:parameterValue> <command:parameterValue required="false" variableLength="false">Write</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">All</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Options --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Options</maml:name> <maml:description> <maml:para>The options to open the file with.</maml:para> <maml:para>Possible values: None, DirectoryFile, WriteThrough, SequentialOnly, NoIntermediateBuffering, SynchronousIoAlert, SynchronousIoNonAlert, NonDirectoryFile, CreateTreeConnection, CompleteIfOplocked, NoEaKnowledge, OpenRemoteInstance, RandomAccess, DeleteOnClose, OpenByFileId, OpenForBackupIntent, NoCompression, OpenRequiringOplock, DisallowExclusive, SessionAware, ReserveOpfilter, OpenReparsePoint, OpenNoRecall, OpenForFreeSpaceQuery</maml:para> </maml:description> <command:parameterValue required="true">FileOpenOptions</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.FileOpenOptions</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">DirectoryFile</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteThrough</command:parameterValue> <command:parameterValue required="false" variableLength="false">SequentialOnly</command:parameterValue> <command:parameterValue required="false" variableLength="false">NoIntermediateBuffering</command:parameterValue> <command:parameterValue required="false" variableLength="false">SynchronousIoAlert</command:parameterValue> <command:parameterValue required="false" variableLength="false">SynchronousIoNonAlert</command:parameterValue> <command:parameterValue required="false" variableLength="false">NonDirectoryFile</command:parameterValue> <command:parameterValue required="false" variableLength="false">CreateTreeConnection</command:parameterValue> <command:parameterValue required="false" variableLength="false">CompleteIfOplocked</command:parameterValue> <command:parameterValue required="false" variableLength="false">NoEaKnowledge</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenRemoteInstance</command:parameterValue> <command:parameterValue required="false" variableLength="false">RandomAccess</command:parameterValue> <command:parameterValue required="false" variableLength="false">DeleteOnClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenByFileId</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenForBackupIntent</command:parameterValue> <command:parameterValue required="false" variableLength="false">NoCompression</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenRequiringOplock</command:parameterValue> <command:parameterValue required="false" variableLength="false">DisallowExclusive</command:parameterValue> <command:parameterValue required="false" variableLength="false">SessionAware</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReserveOpfilter</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenReparsePoint</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenNoRecall</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenForFreeSpaceQuery</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Transaction --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Transaction</maml:name> <maml:description> <maml:para>Specify a transaction to create the file under.</maml:para> </maml:description> <command:parameterValue required="true">NtTransaction</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtTransaction</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Access --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Access</maml:name> <maml:description> <maml:para>Specify the access rights for a new handle when creating/opening an object.</maml:para> <maml:para>Possible values: None, ReadData, WriteData, AppendData, ReadEa, WriteEa, Execute, DeleteChild, ReadAttributes, WriteAttributes, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">FileAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.FileAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>ReadAttributes, WriteDac, GenericRead</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadData</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteData</command:parameterValue> <command:parameterValue required="false" variableLength="false">AppendData</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadEa</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteEa</command:parameterValue> <command:parameterValue required="false" variableLength="false">Execute</command:parameterValue> <command:parameterValue required="false" variableLength="false">DeleteChild</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadAttributes</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteAttributes</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Root --> <command:parameter required="false" globbing="false" pipelineInput="true (ByValue)" position="named"> <maml:name>Root</maml:name> <maml:description> <maml:para>An existing open NT object to use when Path is relative.</maml:para> </maml:description> <command:parameterValue required="true">NtObject</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtObject</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Win32Path --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Win32Path</maml:name> <maml:description> <maml:para>Use a Win32 path for lookups. For NT objects this means relative to BNO, for files means a DOS style path.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: CloseRoot --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CloseRoot</maml:name> <maml:description> <maml:para>Automatically close the Root object when this cmdlet finishes processing. Useful for pipelines.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: CreateDirectories --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CreateDirectories</maml:name> <maml:description> <maml:para>Create any necessary NtDirectory objects to create the required object. Will return the created directories as well as the object in the output. The new object will be the first entry in the list. This doesn't work when opening an object or creating keys/files.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ObjectAttributes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ObjectAttributes</maml:name> <maml:description> <maml:para>Object Attribute flags used during Open/Create calls.</maml:para> <maml:para>Possible values: None, ProtectClose, Inherit, AuditObjectClose, Permanent, Exclusive, CaseInsensitive, OpenIf, OpenLink, KernelHandle, ForceAccessCheck, IgnoreImpersonatedDevicemap, DontReparse</maml:para> </maml:description> <command:parameterValue required="true">AttributeFlags</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.AttributeFlags</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>CaseInsensitive</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ProtectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Inherit</command:parameterValue> <command:parameterValue required="false" variableLength="false">AuditObjectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Permanent</command:parameterValue> <command:parameterValue required="false" variableLength="false">Exclusive</command:parameterValue> <command:parameterValue required="false" variableLength="false">CaseInsensitive</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenIf</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenLink</command:parameterValue> <command:parameterValue required="false" variableLength="false">KernelHandle</command:parameterValue> <command:parameterValue required="false" variableLength="false">ForceAccessCheck</command:parameterValue> <command:parameterValue required="false" variableLength="false">IgnoreImpersonatedDevicemap</command:parameterValue> <command:parameterValue required="false" variableLength="false">DontReparse</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: SecurityDescriptor --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityDescriptor</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object.</maml:para> </maml:description> <command:parameterValue required="true">SecurityDescriptor</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityDescriptor</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Inherit --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Inherit</maml:name> <maml:description> <maml:para>Set to mark the new handle as inheritable. Can be used with ObjectAttributes.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: Sddl --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Sddl</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object in SDDL format.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SecurityQualityOfService --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityQualityOfService</maml:name> <maml:description> <maml:para>Set to provide an explicit security quality of service when opening files/namedpipes.</maml:para> </maml:description> <command:parameterValue required="true">SecurityQualityOfService</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityQualityOfService</maml:name> <maml:uri /> </dev:type> </command:parameter> </command:parameters> <command:inputTypes> <command:inputType> <dev:type> <maml:name>NtApiDotNet.NtObject</maml:name> <maml:uri /> </dev:type> <maml:description> <maml:para>An existing open NT object to use when Path is relative.</maml:para> </maml:description> </command:inputType> </command:inputTypes> <command:returnValues> <!-- OutputType: NtFile --> <command:returnValue> <dev:type> <maml:name>NtApiDotNet.NtFile</maml:name> <maml:uri /> </dev:type> </command:returnValue> </command:returnValues> <command:examples> <command:example> <maml:title>---------- EXAMPLE 1 ----------</maml:title> <dev:code>$obj = New-NtMailslotFile \??\mailslot\abc</dev:code> <dev:remarks> <maml:para>Creates a new file mailslot object with an absolute path.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 2 ----------</maml:title> <dev:code>$obj = New-NtMailslotFile \\.\mailslot\abc -Win32Path</dev:code> <dev:remarks> <maml:para>Creates a new file mailslot object with an absolute win32 path.</maml:para> </dev:remarks> </command:example> </command:examples> <maml:relatedLinks> <maml:navigationLink> <maml:linkText>about_ManagingNtObjectLifetime</maml:linkText> </maml:navigationLink> </maml:relatedLinks> </command:command> <!-- Cmdlet: Get-NtMutant --> <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"> <command:details> <command:name>Get-NtMutant</command:name> <command:verb>Get</command:verb> <command:noun>NtMutant</command:noun> <maml:description> <maml:para>Open a NT mutant object by path.</maml:para> </maml:description> </command:details> <maml:description> <maml:para>This cmdlet opens an existing NT mutant object (also known as a mutex). The absolute path to the object in the NT object manager name space must be specified. It's also possible to create the object relative to an existing object by specified the -Root parameter.</maml:para> </maml:description> <command:syntax> <!-- Parameter set: __AllParameterSets --> <command:syntaxItem> <maml:name>Get-NtMutant</maml:name> <!-- Parameter: Path --> <command:parameter required="true" globbing="false" pipelineInput="false" position="0"> <maml:name>Path</maml:name> <maml:description> <maml:para>The NT object manager path to the object to use.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Access --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Access</maml:name> <maml:description> <maml:para>Specify the access rights for a new handle when creating/opening an object.</maml:para> <maml:para>Possible values: None, QueryState, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">MutantAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.MutantAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>MaximumAllowed</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">QueryState</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: CloseRoot --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CloseRoot</maml:name> <maml:description> <maml:para>Automatically close the Root object when this cmdlet finishes processing. Useful for pipelines.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: CreateDirectories --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CreateDirectories</maml:name> <maml:description> <maml:para>Create any necessary NtDirectory objects to create the required object. Will return the created directories as well as the object in the output. The new object will be the first entry in the list. This doesn't work when opening an object or creating keys/files.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: Inherit --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Inherit</maml:name> <maml:description> <maml:para>Set to mark the new handle as inheritable. Can be used with ObjectAttributes.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ObjectAttributes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ObjectAttributes</maml:name> <maml:description> <maml:para>Object Attribute flags used during Open/Create calls.</maml:para> <maml:para>Possible values: None, ProtectClose, Inherit, AuditObjectClose, Permanent, Exclusive, CaseInsensitive, OpenIf, OpenLink, KernelHandle, ForceAccessCheck, IgnoreImpersonatedDevicemap, DontReparse</maml:para> </maml:description> <command:parameterValue required="true">AttributeFlags</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.AttributeFlags</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>CaseInsensitive</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ProtectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Inherit</command:parameterValue> <command:parameterValue required="false" variableLength="false">AuditObjectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Permanent</command:parameterValue> <command:parameterValue required="false" variableLength="false">Exclusive</command:parameterValue> <command:parameterValue required="false" variableLength="false">CaseInsensitive</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenIf</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenLink</command:parameterValue> <command:parameterValue required="false" variableLength="false">KernelHandle</command:parameterValue> <command:parameterValue required="false" variableLength="false">ForceAccessCheck</command:parameterValue> <command:parameterValue required="false" variableLength="false">IgnoreImpersonatedDevicemap</command:parameterValue> <command:parameterValue required="false" variableLength="false">DontReparse</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Root --> <command:parameter required="false" globbing="false" pipelineInput="true (ByValue)" position="named"> <maml:name>Root</maml:name> <maml:description> <maml:para>An existing open NT object to use when Path is relative.</maml:para> </maml:description> <command:parameterValue required="true">NtObject</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtObject</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Sddl --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Sddl</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object in SDDL format.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SecurityDescriptor --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityDescriptor</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object.</maml:para> </maml:description> <command:parameterValue required="true">SecurityDescriptor</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityDescriptor</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SecurityQualityOfService --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityQualityOfService</maml:name> <maml:description> <maml:para>Set to provide an explicit security quality of service when opening files/namedpipes.</maml:para> </maml:description> <command:parameterValue required="true">SecurityQualityOfService</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityQualityOfService</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Win32Path --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Win32Path</maml:name> <maml:description> <maml:para>Use a Win32 path for lookups. For NT objects this means relative to BNO, for files means a DOS style path.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> </command:syntaxItem> </command:syntax> <command:parameters> <!-- Parameter: Path --> <command:parameter required="true" globbing="false" pipelineInput="false" position="0"> <maml:name>Path</maml:name> <maml:description> <maml:para>The NT object manager path to the object to use.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Access --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Access</maml:name> <maml:description> <maml:para>Specify the access rights for a new handle when creating/opening an object.</maml:para> <maml:para>Possible values: None, QueryState, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">MutantAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.MutantAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>MaximumAllowed</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">QueryState</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Root --> <command:parameter required="false" globbing="false" pipelineInput="true (ByValue)" position="named"> <maml:name>Root</maml:name> <maml:description> <maml:para>An existing open NT object to use when Path is relative.</maml:para> </maml:description> <command:parameterValue required="true">NtObject</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtObject</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Win32Path --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Win32Path</maml:name> <maml:description> <maml:para>Use a Win32 path for lookups. For NT objects this means relative to BNO, for files means a DOS style path.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: CloseRoot --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CloseRoot</maml:name> <maml:description> <maml:para>Automatically close the Root object when this cmdlet finishes processing. Useful for pipelines.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: CreateDirectories --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CreateDirectories</maml:name> <maml:description> <maml:para>Create any necessary NtDirectory objects to create the required object. Will return the created directories as well as the object in the output. The new object will be the first entry in the list. This doesn't work when opening an object or creating keys/files.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ObjectAttributes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ObjectAttributes</maml:name> <maml:description> <maml:para>Object Attribute flags used during Open/Create calls.</maml:para> <maml:para>Possible values: None, ProtectClose, Inherit, AuditObjectClose, Permanent, Exclusive, CaseInsensitive, OpenIf, OpenLink, KernelHandle, ForceAccessCheck, IgnoreImpersonatedDevicemap, DontReparse</maml:para> </maml:description> <command:parameterValue required="true">AttributeFlags</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.AttributeFlags</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>CaseInsensitive</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ProtectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Inherit</command:parameterValue> <command:parameterValue required="false" variableLength="false">AuditObjectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Permanent</command:parameterValue> <command:parameterValue required="false" variableLength="false">Exclusive</command:parameterValue> <command:parameterValue required="false" variableLength="false">CaseInsensitive</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenIf</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenLink</command:parameterValue> <command:parameterValue required="false" variableLength="false">KernelHandle</command:parameterValue> <command:parameterValue required="false" variableLength="false">ForceAccessCheck</command:parameterValue> <command:parameterValue required="false" variableLength="false">IgnoreImpersonatedDevicemap</command:parameterValue> <command:parameterValue required="false" variableLength="false">DontReparse</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: SecurityDescriptor --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityDescriptor</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object.</maml:para> </maml:description> <command:parameterValue required="true">SecurityDescriptor</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityDescriptor</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Inherit --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Inherit</maml:name> <maml:description> <maml:para>Set to mark the new handle as inheritable. Can be used with ObjectAttributes.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: Sddl --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Sddl</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object in SDDL format.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SecurityQualityOfService --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityQualityOfService</maml:name> <maml:description> <maml:para>Set to provide an explicit security quality of service when opening files/namedpipes.</maml:para> </maml:description> <command:parameterValue required="true">SecurityQualityOfService</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityQualityOfService</maml:name> <maml:uri /> </dev:type> </command:parameter> </command:parameters> <command:inputTypes> <command:inputType> <dev:type> <maml:name>NtApiDotNet.NtObject</maml:name> <maml:uri /> </dev:type> <maml:description> <maml:para>An existing open NT object to use when Path is relative.</maml:para> </maml:description> </command:inputType> </command:inputTypes> <command:returnValues> <!-- OutputType: NtMutant --> <command:returnValue> <dev:type> <maml:name>NtApiDotNet.NtMutant</maml:name> <maml:uri /> </dev:type> </command:returnValue> </command:returnValues> <command:examples> <command:example> <maml:title>---------- EXAMPLE 1 ----------</maml:title> <dev:code>$obj = Get-NtMutant \BaseNamedObjects\ABC</dev:code> <dev:remarks> <maml:para>Get a mutant object with an absolute path.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 2 ----------</maml:title> <dev:code>$root = Get-NtDirectory \BaseNamedObjects $obj = Get-NtMutant ABC -Root $root</dev:code> <dev:remarks> <maml:para>Get a mutant object with a relative path.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 3 ----------</maml:title> <dev:code>cd NtObject:\BaseNamedObjects $obj = Get-NtMutant ABC</dev:code> <dev:remarks> <maml:para>Get a mutant object with a relative path based on the current location.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 4 ----------</maml:title> <dev:code>$obj = Get-NtMutant -Path \BaseNamedObjects\ABC $obj.Wait() # Do something in lock... $obj.Release()</dev:code> <dev:remarks> <maml:para>Get a mutant object, acquire the lock via Wait and Release it.</maml:para> </dev:remarks> </command:example> </command:examples> <maml:relatedLinks> <maml:navigationLink> <maml:linkText>about_ManagingNtObjectLifetime</maml:linkText> </maml:navigationLink> </maml:relatedLinks> </command:command> <!-- Cmdlet: New-NtMutant --> <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"> <command:details> <command:name>New-NtMutant</command:name> <command:verb>New</command:verb> <command:noun>NtMutant</command:noun> <maml:description> <maml:para>Create a new NT mutant object.</maml:para> </maml:description> </command:details> <maml:description> <maml:para>This cmdlet creates a new NT mutant object (also known as a mutex). The absolute path to the object in the NT object manager name space can be specified. It's also possible to create the object relative to an existing object by specified the -Root parameter. If no path is specified than an unnamed object will be created which can only be duplicated by handle.</maml:para> </maml:description> <command:syntax> <!-- Parameter set: __AllParameterSets --> <command:syntaxItem> <maml:name>New-NtMutant</maml:name> <!-- Parameter: Path --> <command:parameter required="false" globbing="false" pipelineInput="false" position="0"> <maml:name>Path</maml:name> <maml:description> <maml:para>The NT object manager path to the object to use.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Access --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Access</maml:name> <maml:description> <maml:para>Specify the access rights for a new handle when creating/opening an object.</maml:para> <maml:para>Possible values: None, QueryState, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">MutantAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.MutantAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>MaximumAllowed</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">QueryState</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: CloseRoot --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CloseRoot</maml:name> <maml:description> <maml:para>Automatically close the Root object when this cmdlet finishes processing. Useful for pipelines.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: CreateDirectories --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CreateDirectories</maml:name> <maml:description> <maml:para>Create any necessary NtDirectory objects to create the required object. Will return the created directories as well as the object in the output. The new object will be the first entry in the list. This doesn't work when opening an object or creating keys/files.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: Inherit --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Inherit</maml:name> <maml:description> <maml:para>Set to mark the new handle as inheritable. Can be used with ObjectAttributes.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: InitialOwner --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>InitialOwner</maml:name> <maml:description> <maml:para>Specify to indicate the caller is the initial owner of the mutant.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ObjectAttributes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ObjectAttributes</maml:name> <maml:description> <maml:para>Object Attribute flags used during Open/Create calls.</maml:para> <maml:para>Possible values: None, ProtectClose, Inherit, AuditObjectClose, Permanent, Exclusive, CaseInsensitive, OpenIf, OpenLink, KernelHandle, ForceAccessCheck, IgnoreImpersonatedDevicemap, DontReparse</maml:para> </maml:description> <command:parameterValue required="true">AttributeFlags</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.AttributeFlags</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>CaseInsensitive</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ProtectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Inherit</command:parameterValue> <command:parameterValue required="false" variableLength="false">AuditObjectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Permanent</command:parameterValue> <command:parameterValue required="false" variableLength="false">Exclusive</command:parameterValue> <command:parameterValue required="false" variableLength="false">CaseInsensitive</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenIf</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenLink</command:parameterValue> <command:parameterValue required="false" variableLength="false">KernelHandle</command:parameterValue> <command:parameterValue required="false" variableLength="false">ForceAccessCheck</command:parameterValue> <command:parameterValue required="false" variableLength="false">IgnoreImpersonatedDevicemap</command:parameterValue> <command:parameterValue required="false" variableLength="false">DontReparse</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Root --> <command:parameter required="false" globbing="false" pipelineInput="true (ByValue)" position="named"> <maml:name>Root</maml:name> <maml:description> <maml:para>An existing open NT object to use when Path is relative.</maml:para> </maml:description> <command:parameterValue required="true">NtObject</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtObject</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Sddl --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Sddl</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object in SDDL format.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SecurityDescriptor --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityDescriptor</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object.</maml:para> </maml:description> <command:parameterValue required="true">SecurityDescriptor</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityDescriptor</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SecurityQualityOfService --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityQualityOfService</maml:name> <maml:description> <maml:para>Set to provide an explicit security quality of service when opening files/namedpipes.</maml:para> </maml:description> <command:parameterValue required="true">SecurityQualityOfService</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityQualityOfService</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Win32Path --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Win32Path</maml:name> <maml:description> <maml:para>Use a Win32 path for lookups. For NT objects this means relative to BNO, for files means a DOS style path.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> </command:syntaxItem> </command:syntax> <command:parameters> <!-- Parameter: InitialOwner --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>InitialOwner</maml:name> <maml:description> <maml:para>Specify to indicate the caller is the initial owner of the mutant.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: Access --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Access</maml:name> <maml:description> <maml:para>Specify the access rights for a new handle when creating/opening an object.</maml:para> <maml:para>Possible values: None, QueryState, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">MutantAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.MutantAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>MaximumAllowed</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">QueryState</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Path --> <command:parameter required="false" globbing="false" pipelineInput="false" position="0"> <maml:name>Path</maml:name> <maml:description> <maml:para>The NT object manager path to the object to use.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Root --> <command:parameter required="false" globbing="false" pipelineInput="true (ByValue)" position="named"> <maml:name>Root</maml:name> <maml:description> <maml:para>An existing open NT object to use when Path is relative.</maml:para> </maml:description> <command:parameterValue required="true">NtObject</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtObject</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Win32Path --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Win32Path</maml:name> <maml:description> <maml:para>Use a Win32 path for lookups. For NT objects this means relative to BNO, for files means a DOS style path.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: CloseRoot --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CloseRoot</maml:name> <maml:description> <maml:para>Automatically close the Root object when this cmdlet finishes processing. Useful for pipelines.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: CreateDirectories --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CreateDirectories</maml:name> <maml:description> <maml:para>Create any necessary NtDirectory objects to create the required object. Will return the created directories as well as the object in the output. The new object will be the first entry in the list. This doesn't work when opening an object or creating keys/files.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ObjectAttributes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ObjectAttributes</maml:name> <maml:description> <maml:para>Object Attribute flags used during Open/Create calls.</maml:para> <maml:para>Possible values: None, ProtectClose, Inherit, AuditObjectClose, Permanent, Exclusive, CaseInsensitive, OpenIf, OpenLink, KernelHandle, ForceAccessCheck, IgnoreImpersonatedDevicemap, DontReparse</maml:para> </maml:description> <command:parameterValue required="true">AttributeFlags</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.AttributeFlags</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>CaseInsensitive</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ProtectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Inherit</command:parameterValue> <command:parameterValue required="false" variableLength="false">AuditObjectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Permanent</command:parameterValue> <command:parameterValue required="false" variableLength="false">Exclusive</command:parameterValue> <command:parameterValue required="false" variableLength="false">CaseInsensitive</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenIf</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenLink</command:parameterValue> <command:parameterValue required="false" variableLength="false">KernelHandle</command:parameterValue> <command:parameterValue required="false" variableLength="false">ForceAccessCheck</command:parameterValue> <command:parameterValue required="false" variableLength="false">IgnoreImpersonatedDevicemap</command:parameterValue> <command:parameterValue required="false" variableLength="false">DontReparse</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: SecurityDescriptor --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityDescriptor</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object.</maml:para> </maml:description> <command:parameterValue required="true">SecurityDescriptor</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityDescriptor</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Inherit --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Inherit</maml:name> <maml:description> <maml:para>Set to mark the new handle as inheritable. Can be used with ObjectAttributes.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: Sddl --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Sddl</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object in SDDL format.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SecurityQualityOfService --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityQualityOfService</maml:name> <maml:description> <maml:para>Set to provide an explicit security quality of service when opening files/namedpipes.</maml:para> </maml:description> <command:parameterValue required="true">SecurityQualityOfService</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityQualityOfService</maml:name> <maml:uri /> </dev:type> </command:parameter> </command:parameters> <command:inputTypes> <command:inputType> <dev:type> <maml:name>NtApiDotNet.NtObject</maml:name> <maml:uri /> </dev:type> <maml:description> <maml:para>An existing open NT object to use when Path is relative.</maml:para> </maml:description> </command:inputType> </command:inputTypes> <command:returnValues> <!-- OutputType: NtMutant --> <command:returnValue> <dev:type> <maml:name>NtApiDotNet.NtMutant</maml:name> <maml:uri /> </dev:type> </command:returnValue> </command:returnValues> <command:examples> <command:example> <maml:title>---------- EXAMPLE 1 ----------</maml:title> <dev:code>$obj = New-NtMutant</dev:code> <dev:remarks> <maml:para>Create a new anonymous mutant object.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 2 ----------</maml:title> <dev:code>$obj = New-NtMutant \BaseNamedObjects\ABC</dev:code> <dev:remarks> <maml:para>Create a new mutant object with an absolute path.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 3 ----------</maml:title> <dev:code>$root = Get-NtDirectory \BaseNamedObjects $obj = New-NtMutant ABC -Root $root</dev:code> <dev:remarks> <maml:para>Create a new mutant object with a relative path.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 4 ----------</maml:title> <dev:code>cd NtObject:\BaseNamedObjects $obj = New-NtMutant ABC</dev:code> <dev:remarks> <maml:para>Create a new mutant object with a relative path based on the current location.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 5 ----------</maml:title> <dev:code>$mutant = New-NtMutant -InitialOwner</dev:code> <dev:remarks> <maml:para>Create a new anonymous mutant object with the caller as the initial owner.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 6 ----------</maml:title> <dev:code>$obj = New-NtMutant $mutant.Wait() # Do something in lock... $obj.Release()</dev:code> <dev:remarks> <maml:para>Create a new anonymous mutant object, acquire the lock via Wait and Release it.</maml:para> </dev:remarks> </command:example> </command:examples> <maml:relatedLinks> <maml:navigationLink> <maml:linkText>about_ManagingNtObjectLifetime</maml:linkText> </maml:navigationLink> </maml:relatedLinks> </command:command> <!-- Cmdlet: Get-NtNamedPipeFile --> <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"> <command:details> <command:name>Get-NtNamedPipeFile</command:name> <command:verb>Get</command:verb> <command:noun>NtNamedPipeFile</command:noun> <maml:description> <maml:para>Opens an existing NT named pipe file object.</maml:para> </maml:description> </command:details> <maml:description> <maml:para>This cmdlet opens an existing NT named pipe file object. The absolute path to the object in the NT object manager name space can be specified. It's also possible to open the object relative to an existing object by specified the -Root parameter. This only works if the caller has permission to access the pipe server object and the maximum number of instances is not exceeded.</maml:para> </maml:description> <command:syntax> <!-- Parameter set: __AllParameterSets --> <command:syntaxItem> <maml:name>Get-NtNamedPipeFile</maml:name> <!-- Parameter: Path --> <command:parameter required="true" globbing="false" pipelineInput="false" position="0"> <maml:name>Path</maml:name> <maml:description> <maml:para>The NT object manager path to the object to use.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Access --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Access</maml:name> <maml:description> <maml:para>Specify the access rights for a new handle when creating/opening an object.</maml:para> <maml:para>Possible values: None, ReadData, WriteData, AppendData, ReadEa, WriteEa, Execute, DeleteChild, ReadAttributes, WriteAttributes, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">FileAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.FileAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>Synchronize, GenericWrite, GenericRead</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadData</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteData</command:parameterValue> <command:parameterValue required="false" variableLength="false">AppendData</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadEa</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteEa</command:parameterValue> <command:parameterValue required="false" variableLength="false">Execute</command:parameterValue> <command:parameterValue required="false" variableLength="false">DeleteChild</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadAttributes</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteAttributes</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: CloseRoot --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CloseRoot</maml:name> <maml:description> <maml:para>Automatically close the Root object when this cmdlet finishes processing. Useful for pipelines.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: CreateDirectories --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CreateDirectories</maml:name> <maml:description> <maml:para>Create any necessary NtDirectory objects to create the required object. Will return the created directories as well as the object in the output. The new object will be the first entry in the list. This doesn't work when opening an object or creating keys/files.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: DeviceGuid --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>DeviceGuid</maml:name> <maml:description> <maml:para>Specify that the path is a device GUID not a full path.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: DirectoryAccess --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>DirectoryAccess</maml:name> <maml:description> <maml:para>Specify file access using directory access rights.</maml:para> <maml:para>Possible values: None, ListDirectory, AddFile, AddSubDirectory, ReadEa, WriteEa, Traverse, DeleteChild, ReadAttributes, WriteAttributes, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">FileDirectoryAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.FileDirectoryAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>Synchronize, GenericWrite, GenericRead</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ListDirectory</command:parameterValue> <command:parameterValue required="false" variableLength="false">AddFile</command:parameterValue> <command:parameterValue required="false" variableLength="false">AddSubDirectory</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadEa</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteEa</command:parameterValue> <command:parameterValue required="false" variableLength="false">Traverse</command:parameterValue> <command:parameterValue required="false" variableLength="false">DeleteChild</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadAttributes</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteAttributes</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Inherit --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Inherit</maml:name> <maml:description> <maml:para>Set to mark the new handle as inheritable. Can be used with ObjectAttributes.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ObjectAttributes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ObjectAttributes</maml:name> <maml:description> <maml:para>Object Attribute flags used during Open/Create calls.</maml:para> <maml:para>Possible values: None, ProtectClose, Inherit, AuditObjectClose, Permanent, Exclusive, CaseInsensitive, OpenIf, OpenLink, KernelHandle, ForceAccessCheck, IgnoreImpersonatedDevicemap, DontReparse</maml:para> </maml:description> <command:parameterValue required="true">AttributeFlags</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.AttributeFlags</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>CaseInsensitive</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ProtectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Inherit</command:parameterValue> <command:parameterValue required="false" variableLength="false">AuditObjectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Permanent</command:parameterValue> <command:parameterValue required="false" variableLength="false">Exclusive</command:parameterValue> <command:parameterValue required="false" variableLength="false">CaseInsensitive</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenIf</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenLink</command:parameterValue> <command:parameterValue required="false" variableLength="false">KernelHandle</command:parameterValue> <command:parameterValue required="false" variableLength="false">ForceAccessCheck</command:parameterValue> <command:parameterValue required="false" variableLength="false">IgnoreImpersonatedDevicemap</command:parameterValue> <command:parameterValue required="false" variableLength="false">DontReparse</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Options --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Options</maml:name> <maml:description> <maml:para>The options to open the file with.</maml:para> <maml:para>Possible values: None, DirectoryFile, WriteThrough, SequentialOnly, NoIntermediateBuffering, SynchronousIoAlert, SynchronousIoNonAlert, NonDirectoryFile, CreateTreeConnection, CompleteIfOplocked, NoEaKnowledge, OpenRemoteInstance, RandomAccess, DeleteOnClose, OpenByFileId, OpenForBackupIntent, NoCompression, OpenRequiringOplock, DisallowExclusive, SessionAware, ReserveOpfilter, OpenReparsePoint, OpenNoRecall, OpenForFreeSpaceQuery</maml:para> </maml:description> <command:parameterValue required="true">FileOpenOptions</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.FileOpenOptions</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>SynchronousIoNonAlert</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">DirectoryFile</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteThrough</command:parameterValue> <command:parameterValue required="false" variableLength="false">SequentialOnly</command:parameterValue> <command:parameterValue required="false" variableLength="false">NoIntermediateBuffering</command:parameterValue> <command:parameterValue required="false" variableLength="false">SynchronousIoAlert</command:parameterValue> <command:parameterValue required="false" variableLength="false">SynchronousIoNonAlert</command:parameterValue> <command:parameterValue required="false" variableLength="false">NonDirectoryFile</command:parameterValue> <command:parameterValue required="false" variableLength="false">CreateTreeConnection</command:parameterValue> <command:parameterValue required="false" variableLength="false">CompleteIfOplocked</command:parameterValue> <command:parameterValue required="false" variableLength="false">NoEaKnowledge</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenRemoteInstance</command:parameterValue> <command:parameterValue required="false" variableLength="false">RandomAccess</command:parameterValue> <command:parameterValue required="false" variableLength="false">DeleteOnClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenByFileId</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenForBackupIntent</command:parameterValue> <command:parameterValue required="false" variableLength="false">NoCompression</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenRequiringOplock</command:parameterValue> <command:parameterValue required="false" variableLength="false">DisallowExclusive</command:parameterValue> <command:parameterValue required="false" variableLength="false">SessionAware</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReserveOpfilter</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenReparsePoint</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenNoRecall</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenForFreeSpaceQuery</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Root --> <command:parameter required="false" globbing="false" pipelineInput="true (ByValue)" position="named"> <maml:name>Root</maml:name> <maml:description> <maml:para>An existing open NT object to use when Path is relative.</maml:para> </maml:description> <command:parameterValue required="true">NtObject</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtObject</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Sddl --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Sddl</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object in SDDL format.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SecurityDescriptor --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityDescriptor</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object.</maml:para> </maml:description> <command:parameterValue required="true">SecurityDescriptor</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityDescriptor</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SecurityQualityOfService --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityQualityOfService</maml:name> <maml:description> <maml:para>Set to provide an explicit security quality of service when opening files/namedpipes.</maml:para> </maml:description> <command:parameterValue required="true">SecurityQualityOfService</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityQualityOfService</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: ShareMode --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ShareMode</maml:name> <maml:description> <maml:para>The access share mode to open the file with.</maml:para> <maml:para>Possible values: None, Read, Write, Delete, All</maml:para> </maml:description> <command:parameterValue required="true">FileShareMode</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.FileShareMode</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>Read, Write</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">Read</command:parameterValue> <command:parameterValue required="false" variableLength="false">Write</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">All</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Transaction --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Transaction</maml:name> <maml:description> <maml:para>Specify a transaction to create the file under.</maml:para> </maml:description> <command:parameterValue required="true">NtTransaction</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtTransaction</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Win32Path --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Win32Path</maml:name> <maml:description> <maml:para>Use a Win32 path for lookups. For NT objects this means relative to BNO, for files means a DOS style path.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> </command:syntaxItem> </command:syntax> <command:parameters> <!-- Parameter: Path --> <command:parameter required="true" globbing="false" pipelineInput="false" position="0"> <maml:name>Path</maml:name> <maml:description> <maml:para>The NT object manager path to the object to use.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: DeviceGuid --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>DeviceGuid</maml:name> <maml:description> <maml:para>Specify that the path is a device GUID not a full path.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: DirectoryAccess --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>DirectoryAccess</maml:name> <maml:description> <maml:para>Specify file access using directory access rights.</maml:para> <maml:para>Possible values: None, ListDirectory, AddFile, AddSubDirectory, ReadEa, WriteEa, Traverse, DeleteChild, ReadAttributes, WriteAttributes, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">FileDirectoryAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.FileDirectoryAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>Synchronize, GenericWrite, GenericRead</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ListDirectory</command:parameterValue> <command:parameterValue required="false" variableLength="false">AddFile</command:parameterValue> <command:parameterValue required="false" variableLength="false">AddSubDirectory</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadEa</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteEa</command:parameterValue> <command:parameterValue required="false" variableLength="false">Traverse</command:parameterValue> <command:parameterValue required="false" variableLength="false">DeleteChild</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadAttributes</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteAttributes</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: ShareMode --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ShareMode</maml:name> <maml:description> <maml:para>The access share mode to open the file with.</maml:para> <maml:para>Possible values: None, Read, Write, Delete, All</maml:para> </maml:description> <command:parameterValue required="true">FileShareMode</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.FileShareMode</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>Read, Write</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">Read</command:parameterValue> <command:parameterValue required="false" variableLength="false">Write</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">All</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Options --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Options</maml:name> <maml:description> <maml:para>The options to open the file with.</maml:para> <maml:para>Possible values: None, DirectoryFile, WriteThrough, SequentialOnly, NoIntermediateBuffering, SynchronousIoAlert, SynchronousIoNonAlert, NonDirectoryFile, CreateTreeConnection, CompleteIfOplocked, NoEaKnowledge, OpenRemoteInstance, RandomAccess, DeleteOnClose, OpenByFileId, OpenForBackupIntent, NoCompression, OpenRequiringOplock, DisallowExclusive, SessionAware, ReserveOpfilter, OpenReparsePoint, OpenNoRecall, OpenForFreeSpaceQuery</maml:para> </maml:description> <command:parameterValue required="true">FileOpenOptions</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.FileOpenOptions</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>SynchronousIoNonAlert</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">DirectoryFile</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteThrough</command:parameterValue> <command:parameterValue required="false" variableLength="false">SequentialOnly</command:parameterValue> <command:parameterValue required="false" variableLength="false">NoIntermediateBuffering</command:parameterValue> <command:parameterValue required="false" variableLength="false">SynchronousIoAlert</command:parameterValue> <command:parameterValue required="false" variableLength="false">SynchronousIoNonAlert</command:parameterValue> <command:parameterValue required="false" variableLength="false">NonDirectoryFile</command:parameterValue> <command:parameterValue required="false" variableLength="false">CreateTreeConnection</command:parameterValue> <command:parameterValue required="false" variableLength="false">CompleteIfOplocked</command:parameterValue> <command:parameterValue required="false" variableLength="false">NoEaKnowledge</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenRemoteInstance</command:parameterValue> <command:parameterValue required="false" variableLength="false">RandomAccess</command:parameterValue> <command:parameterValue required="false" variableLength="false">DeleteOnClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenByFileId</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenForBackupIntent</command:parameterValue> <command:parameterValue required="false" variableLength="false">NoCompression</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenRequiringOplock</command:parameterValue> <command:parameterValue required="false" variableLength="false">DisallowExclusive</command:parameterValue> <command:parameterValue required="false" variableLength="false">SessionAware</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReserveOpfilter</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenReparsePoint</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenNoRecall</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenForFreeSpaceQuery</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Transaction --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Transaction</maml:name> <maml:description> <maml:para>Specify a transaction to create the file under.</maml:para> </maml:description> <command:parameterValue required="true">NtTransaction</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtTransaction</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Access --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Access</maml:name> <maml:description> <maml:para>Specify the access rights for a new handle when creating/opening an object.</maml:para> <maml:para>Possible values: None, ReadData, WriteData, AppendData, ReadEa, WriteEa, Execute, DeleteChild, ReadAttributes, WriteAttributes, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">FileAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.FileAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>Synchronize, GenericWrite, GenericRead</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadData</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteData</command:parameterValue> <command:parameterValue required="false" variableLength="false">AppendData</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadEa</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteEa</command:parameterValue> <command:parameterValue required="false" variableLength="false">Execute</command:parameterValue> <command:parameterValue required="false" variableLength="false">DeleteChild</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadAttributes</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteAttributes</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Root --> <command:parameter required="false" globbing="false" pipelineInput="true (ByValue)" position="named"> <maml:name>Root</maml:name> <maml:description> <maml:para>An existing open NT object to use when Path is relative.</maml:para> </maml:description> <command:parameterValue required="true">NtObject</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtObject</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Win32Path --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Win32Path</maml:name> <maml:description> <maml:para>Use a Win32 path for lookups. For NT objects this means relative to BNO, for files means a DOS style path.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: CloseRoot --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CloseRoot</maml:name> <maml:description> <maml:para>Automatically close the Root object when this cmdlet finishes processing. Useful for pipelines.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: CreateDirectories --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CreateDirectories</maml:name> <maml:description> <maml:para>Create any necessary NtDirectory objects to create the required object. Will return the created directories as well as the object in the output. The new object will be the first entry in the list. This doesn't work when opening an object or creating keys/files.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ObjectAttributes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ObjectAttributes</maml:name> <maml:description> <maml:para>Object Attribute flags used during Open/Create calls.</maml:para> <maml:para>Possible values: None, ProtectClose, Inherit, AuditObjectClose, Permanent, Exclusive, CaseInsensitive, OpenIf, OpenLink, KernelHandle, ForceAccessCheck, IgnoreImpersonatedDevicemap, DontReparse</maml:para> </maml:description> <command:parameterValue required="true">AttributeFlags</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.AttributeFlags</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>CaseInsensitive</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ProtectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Inherit</command:parameterValue> <command:parameterValue required="false" variableLength="false">AuditObjectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Permanent</command:parameterValue> <command:parameterValue required="false" variableLength="false">Exclusive</command:parameterValue> <command:parameterValue required="false" variableLength="false">CaseInsensitive</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenIf</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenLink</command:parameterValue> <command:parameterValue required="false" variableLength="false">KernelHandle</command:parameterValue> <command:parameterValue required="false" variableLength="false">ForceAccessCheck</command:parameterValue> <command:parameterValue required="false" variableLength="false">IgnoreImpersonatedDevicemap</command:parameterValue> <command:parameterValue required="false" variableLength="false">DontReparse</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: SecurityDescriptor --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityDescriptor</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object.</maml:para> </maml:description> <command:parameterValue required="true">SecurityDescriptor</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityDescriptor</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Inherit --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Inherit</maml:name> <maml:description> <maml:para>Set to mark the new handle as inheritable. Can be used with ObjectAttributes.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: Sddl --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Sddl</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object in SDDL format.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SecurityQualityOfService --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityQualityOfService</maml:name> <maml:description> <maml:para>Set to provide an explicit security quality of service when opening files/namedpipes.</maml:para> </maml:description> <command:parameterValue required="true">SecurityQualityOfService</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityQualityOfService</maml:name> <maml:uri /> </dev:type> </command:parameter> </command:parameters> <command:inputTypes> <command:inputType> <dev:type> <maml:name>NtApiDotNet.NtObject</maml:name> <maml:uri /> </dev:type> <maml:description> <maml:para>An existing open NT object to use when Path is relative.</maml:para> </maml:description> </command:inputType> </command:inputTypes> <command:returnValues> <!-- OutputType: NtFile --> <command:returnValue> <dev:type> <maml:name>NtApiDotNet.NtFile</maml:name> <maml:uri /> </dev:type> </command:returnValue> </command:returnValues> <command:examples> <command:example> <maml:title>---------- EXAMPLE 1 ----------</maml:title> <dev:code>$obj = Get-NtNamedPipeFile \??\pipe\abc</dev:code> <dev:remarks> <maml:para>Opens an existing file named pipe object with an absolute path.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 2 ----------</maml:title> <dev:code>$obj = Get-NtNamedPipeFile \\.\pipe\abc -Win32Path</dev:code> <dev:remarks> <maml:para>Opens an existing file named pipe object with an absolute win32 path.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 3 ----------</maml:title> <dev:code>$obj = Get-NtNamedPipeFile \??\pipe\abc -Disposition OpenIf</dev:code> <dev:remarks> <maml:para>Opens an existing file named pipe object with an absolute path. If the file already exists then open it rather than failing.</maml:para> </dev:remarks> </command:example> </command:examples> <maml:relatedLinks> <maml:navigationLink> <maml:linkText>about_ManagingNtObjectLifetime</maml:linkText> </maml:navigationLink> </maml:relatedLinks> </command:command> <!-- Cmdlet: New-NtNamedPipeFile --> <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"> <command:details> <command:name>New-NtNamedPipeFile</command:name> <command:verb>New</command:verb> <command:noun>NtNamedPipeFile</command:noun> <maml:description> <maml:para>Create a new NT named pipe file object.</maml:para> </maml:description> </command:details> <maml:description> <maml:para>This cmdlet creates a new NT named pipe file object. The absolute path to the object in the NT object manager name space can be specified. It's also possible to open the object relative to an existing object by specified the -Root parameter. The ShareMode is used to determine data direction, specify Write to make an inbound pipe (client->server), Read to make an outbound pipe (server->client) and Read, Write to make full duplex.</maml:para> </maml:description> <command:syntax> <!-- Parameter set: __AllParameterSets --> <command:syntaxItem> <maml:name>New-NtNamedPipeFile</maml:name> <!-- Parameter: Path --> <command:parameter required="true" globbing="false" pipelineInput="false" position="0"> <maml:name>Path</maml:name> <maml:description> <maml:para>The NT object manager path to the object to use.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Access --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Access</maml:name> <maml:description> <maml:para>Specify the access rights for a new handle when creating/opening an object.</maml:para> <maml:para>Possible values: None, ReadData, WriteData, AppendData, ReadEa, WriteEa, Execute, DeleteChild, ReadAttributes, WriteAttributes, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">FileAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.FileAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>Synchronize, GenericWrite, GenericRead</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadData</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteData</command:parameterValue> <command:parameterValue required="false" variableLength="false">AppendData</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadEa</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteEa</command:parameterValue> <command:parameterValue required="false" variableLength="false">Execute</command:parameterValue> <command:parameterValue required="false" variableLength="false">DeleteChild</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadAttributes</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteAttributes</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: CloseRoot --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CloseRoot</maml:name> <maml:description> <maml:para>Automatically close the Root object when this cmdlet finishes processing. Useful for pipelines.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: CompletionMode --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CompletionMode</maml:name> <maml:description> <maml:para>Specify the pipe completion mode.</maml:para> <maml:para>Possible values: QueueOperation, CompleteOperation</maml:para> </maml:description> <command:parameterValue required="true">NamedPipeCompletionMode</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NamedPipeCompletionMode</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>QueueOperation</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">QueueOperation</command:parameterValue> <command:parameterValue required="false" variableLength="false">CompleteOperation</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: CreateDirectories --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CreateDirectories</maml:name> <maml:description> <maml:para>Create any necessary NtDirectory objects to create the required object. Will return the created directories as well as the object in the output. The new object will be the first entry in the list. This doesn't work when opening an object or creating keys/files.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: DefaultTimeoutMs --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>DefaultTimeoutMs</maml:name> <maml:description> <maml:para>Specify the default timeout for the pipe in MS</maml:para> </maml:description> <command:parameterValue required="true">int</command:parameterValue> <dev:type> <maml:name>System.Int32</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>50</dev:defaultValue> </command:parameter> <!-- Parameter: DeviceGuid --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>DeviceGuid</maml:name> <maml:description> <maml:para>Specify that the path is a device GUID not a full path.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: DirectoryAccess --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>DirectoryAccess</maml:name> <maml:description> <maml:para>Specify file access using directory access rights.</maml:para> <maml:para>Possible values: None, ListDirectory, AddFile, AddSubDirectory, ReadEa, WriteEa, Traverse, DeleteChild, ReadAttributes, WriteAttributes, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">FileDirectoryAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.FileDirectoryAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>Synchronize, GenericWrite, GenericRead</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ListDirectory</command:parameterValue> <command:parameterValue required="false" variableLength="false">AddFile</command:parameterValue> <command:parameterValue required="false" variableLength="false">AddSubDirectory</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadEa</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteEa</command:parameterValue> <command:parameterValue required="false" variableLength="false">Traverse</command:parameterValue> <command:parameterValue required="false" variableLength="false">DeleteChild</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadAttributes</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteAttributes</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Disposition --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Disposition</maml:name> <maml:description> <maml:para>Specify the disposition for creating the file.</maml:para> <maml:para>Possible values: Supersede, Open, Create, OpenIf, Overwrite, OverwriteIf</maml:para> </maml:description> <command:parameterValue required="true">FileDisposition</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.FileDisposition</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>OpenIf</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">Supersede</command:parameterValue> <command:parameterValue required="false" variableLength="false">Open</command:parameterValue> <command:parameterValue required="false" variableLength="false">Create</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenIf</command:parameterValue> <command:parameterValue required="false" variableLength="false">Overwrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">OverwriteIf</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Inherit --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Inherit</maml:name> <maml:description> <maml:para>Set to mark the new handle as inheritable. Can be used with ObjectAttributes.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: InputQuota --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>InputQuota</maml:name> <maml:description> <maml:para>Specify the pipe input quota (0 is default).</maml:para> </maml:description> <command:parameterValue required="true">int</command:parameterValue> <dev:type> <maml:name>System.Int32</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>0</dev:defaultValue> </command:parameter> <!-- Parameter: MaximumInstances --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>MaximumInstances</maml:name> <maml:description> <maml:para>Specify the maximum number of pipe instances (-1 is infinite).</maml:para> </maml:description> <command:parameterValue required="true">int</command:parameterValue> <dev:type> <maml:name>System.Int32</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>1</dev:defaultValue> </command:parameter> <!-- Parameter: ObjectAttributes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ObjectAttributes</maml:name> <maml:description> <maml:para>Object Attribute flags used during Open/Create calls.</maml:para> <maml:para>Possible values: None, ProtectClose, Inherit, AuditObjectClose, Permanent, Exclusive, CaseInsensitive, OpenIf, OpenLink, KernelHandle, ForceAccessCheck, IgnoreImpersonatedDevicemap, DontReparse</maml:para> </maml:description> <command:parameterValue required="true">AttributeFlags</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.AttributeFlags</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>CaseInsensitive</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ProtectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Inherit</command:parameterValue> <command:parameterValue required="false" variableLength="false">AuditObjectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Permanent</command:parameterValue> <command:parameterValue required="false" variableLength="false">Exclusive</command:parameterValue> <command:parameterValue required="false" variableLength="false">CaseInsensitive</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenIf</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenLink</command:parameterValue> <command:parameterValue required="false" variableLength="false">KernelHandle</command:parameterValue> <command:parameterValue required="false" variableLength="false">ForceAccessCheck</command:parameterValue> <command:parameterValue required="false" variableLength="false">IgnoreImpersonatedDevicemap</command:parameterValue> <command:parameterValue required="false" variableLength="false">DontReparse</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Options --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Options</maml:name> <maml:description> <maml:para>The options to open the file with.</maml:para> <maml:para>Possible values: None, DirectoryFile, WriteThrough, SequentialOnly, NoIntermediateBuffering, SynchronousIoAlert, SynchronousIoNonAlert, NonDirectoryFile, CreateTreeConnection, CompleteIfOplocked, NoEaKnowledge, OpenRemoteInstance, RandomAccess, DeleteOnClose, OpenByFileId, OpenForBackupIntent, NoCompression, OpenRequiringOplock, DisallowExclusive, SessionAware, ReserveOpfilter, OpenReparsePoint, OpenNoRecall, OpenForFreeSpaceQuery</maml:para> </maml:description> <command:parameterValue required="true">FileOpenOptions</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.FileOpenOptions</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>SynchronousIoNonAlert</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">DirectoryFile</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteThrough</command:parameterValue> <command:parameterValue required="false" variableLength="false">SequentialOnly</command:parameterValue> <command:parameterValue required="false" variableLength="false">NoIntermediateBuffering</command:parameterValue> <command:parameterValue required="false" variableLength="false">SynchronousIoAlert</command:parameterValue> <command:parameterValue required="false" variableLength="false">SynchronousIoNonAlert</command:parameterValue> <command:parameterValue required="false" variableLength="false">NonDirectoryFile</command:parameterValue> <command:parameterValue required="false" variableLength="false">CreateTreeConnection</command:parameterValue> <command:parameterValue required="false" variableLength="false">CompleteIfOplocked</command:parameterValue> <command:parameterValue required="false" variableLength="false">NoEaKnowledge</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenRemoteInstance</command:parameterValue> <command:parameterValue required="false" variableLength="false">RandomAccess</command:parameterValue> <command:parameterValue required="false" variableLength="false">DeleteOnClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenByFileId</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenForBackupIntent</command:parameterValue> <command:parameterValue required="false" variableLength="false">NoCompression</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenRequiringOplock</command:parameterValue> <command:parameterValue required="false" variableLength="false">DisallowExclusive</command:parameterValue> <command:parameterValue required="false" variableLength="false">SessionAware</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReserveOpfilter</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenReparsePoint</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenNoRecall</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenForFreeSpaceQuery</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: OutputQuota --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>OutputQuota</maml:name> <maml:description> <maml:para>Specify the pipe output quota (0 is default).</maml:para> </maml:description> <command:parameterValue required="true">int</command:parameterValue> <dev:type> <maml:name>System.Int32</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>0</dev:defaultValue> </command:parameter> <!-- Parameter: PipeType --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>PipeType</maml:name> <maml:description> <maml:para>Specify the pipe type.</maml:para> <maml:para>Possible values: Bytestream, Message, RejectRemoteClients</maml:para> </maml:description> <command:parameterValue required="true">NamedPipeType</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NamedPipeType</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>Bytestream</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">Bytestream</command:parameterValue> <command:parameterValue required="false" variableLength="false">Message</command:parameterValue> <command:parameterValue required="false" variableLength="false">RejectRemoteClients</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: ReadMode --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ReadMode</maml:name> <maml:description> <maml:para>Specify the pipe read mode.</maml:para> <maml:para>Possible values: ByteStream, Message</maml:para> </maml:description> <command:parameterValue required="true">NamedPipeReadMode</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NamedPipeReadMode</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>ByteStream</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">ByteStream</command:parameterValue> <command:parameterValue required="false" variableLength="false">Message</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Root --> <command:parameter required="false" globbing="false" pipelineInput="true (ByValue)" position="named"> <maml:name>Root</maml:name> <maml:description> <maml:para>An existing open NT object to use when Path is relative.</maml:para> </maml:description> <command:parameterValue required="true">NtObject</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtObject</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Sddl --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Sddl</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object in SDDL format.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SecurityDescriptor --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityDescriptor</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object.</maml:para> </maml:description> <command:parameterValue required="true">SecurityDescriptor</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityDescriptor</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SecurityQualityOfService --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityQualityOfService</maml:name> <maml:description> <maml:para>Set to provide an explicit security quality of service when opening files/namedpipes.</maml:para> </maml:description> <command:parameterValue required="true">SecurityQualityOfService</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityQualityOfService</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: ShareMode --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ShareMode</maml:name> <maml:description> <maml:para>The access share mode to open the file with.</maml:para> <maml:para>Possible values: None, Read, Write, Delete, All</maml:para> </maml:description> <command:parameterValue required="true">FileShareMode</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.FileShareMode</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>Read, Write</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">Read</command:parameterValue> <command:parameterValue required="false" variableLength="false">Write</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">All</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Transaction --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Transaction</maml:name> <maml:description> <maml:para>Specify a transaction to create the file under.</maml:para> </maml:description> <command:parameterValue required="true">NtTransaction</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtTransaction</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: UnlimitedInstances --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>UnlimitedInstances</maml:name> <maml:description> <maml:para>If specified an unlimited number of instances of this pipe can be created.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: Win32Path --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Win32Path</maml:name> <maml:description> <maml:para>Use a Win32 path for lookups. For NT objects this means relative to BNO, for files means a DOS style path.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> </command:syntaxItem> </command:syntax> <command:parameters> <!-- Parameter: Disposition --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Disposition</maml:name> <maml:description> <maml:para>Specify the disposition for creating the file.</maml:para> <maml:para>Possible values: Supersede, Open, Create, OpenIf, Overwrite, OverwriteIf</maml:para> </maml:description> <command:parameterValue required="true">FileDisposition</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.FileDisposition</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>OpenIf</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">Supersede</command:parameterValue> <command:parameterValue required="false" variableLength="false">Open</command:parameterValue> <command:parameterValue required="false" variableLength="false">Create</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenIf</command:parameterValue> <command:parameterValue required="false" variableLength="false">Overwrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">OverwriteIf</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: DefaultTimeoutMs --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>DefaultTimeoutMs</maml:name> <maml:description> <maml:para>Specify the default timeout for the pipe in MS</maml:para> </maml:description> <command:parameterValue required="true">int</command:parameterValue> <dev:type> <maml:name>System.Int32</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>50</dev:defaultValue> </command:parameter> <!-- Parameter: PipeType --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>PipeType</maml:name> <maml:description> <maml:para>Specify the pipe type.</maml:para> <maml:para>Possible values: Bytestream, Message, RejectRemoteClients</maml:para> </maml:description> <command:parameterValue required="true">NamedPipeType</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NamedPipeType</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>Bytestream</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">Bytestream</command:parameterValue> <command:parameterValue required="false" variableLength="false">Message</command:parameterValue> <command:parameterValue required="false" variableLength="false">RejectRemoteClients</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: ReadMode --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ReadMode</maml:name> <maml:description> <maml:para>Specify the pipe read mode.</maml:para> <maml:para>Possible values: ByteStream, Message</maml:para> </maml:description> <command:parameterValue required="true">NamedPipeReadMode</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NamedPipeReadMode</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>ByteStream</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">ByteStream</command:parameterValue> <command:parameterValue required="false" variableLength="false">Message</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: CompletionMode --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CompletionMode</maml:name> <maml:description> <maml:para>Specify the pipe completion mode.</maml:para> <maml:para>Possible values: QueueOperation, CompleteOperation</maml:para> </maml:description> <command:parameterValue required="true">NamedPipeCompletionMode</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NamedPipeCompletionMode</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>QueueOperation</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">QueueOperation</command:parameterValue> <command:parameterValue required="false" variableLength="false">CompleteOperation</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: MaximumInstances --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>MaximumInstances</maml:name> <maml:description> <maml:para>Specify the maximum number of pipe instances (-1 is infinite).</maml:para> </maml:description> <command:parameterValue required="true">int</command:parameterValue> <dev:type> <maml:name>System.Int32</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>1</dev:defaultValue> </command:parameter> <!-- Parameter: UnlimitedInstances --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>UnlimitedInstances</maml:name> <maml:description> <maml:para>If specified an unlimited number of instances of this pipe can be created.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: InputQuota --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>InputQuota</maml:name> <maml:description> <maml:para>Specify the pipe input quota (0 is default).</maml:para> </maml:description> <command:parameterValue required="true">int</command:parameterValue> <dev:type> <maml:name>System.Int32</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>0</dev:defaultValue> </command:parameter> <!-- Parameter: OutputQuota --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>OutputQuota</maml:name> <maml:description> <maml:para>Specify the pipe output quota (0 is default).</maml:para> </maml:description> <command:parameterValue required="true">int</command:parameterValue> <dev:type> <maml:name>System.Int32</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>0</dev:defaultValue> </command:parameter> <!-- Parameter: Path --> <command:parameter required="true" globbing="false" pipelineInput="false" position="0"> <maml:name>Path</maml:name> <maml:description> <maml:para>The NT object manager path to the object to use.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: DeviceGuid --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>DeviceGuid</maml:name> <maml:description> <maml:para>Specify that the path is a device GUID not a full path.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: DirectoryAccess --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>DirectoryAccess</maml:name> <maml:description> <maml:para>Specify file access using directory access rights.</maml:para> <maml:para>Possible values: None, ListDirectory, AddFile, AddSubDirectory, ReadEa, WriteEa, Traverse, DeleteChild, ReadAttributes, WriteAttributes, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">FileDirectoryAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.FileDirectoryAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>Synchronize, GenericWrite, GenericRead</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ListDirectory</command:parameterValue> <command:parameterValue required="false" variableLength="false">AddFile</command:parameterValue> <command:parameterValue required="false" variableLength="false">AddSubDirectory</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadEa</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteEa</command:parameterValue> <command:parameterValue required="false" variableLength="false">Traverse</command:parameterValue> <command:parameterValue required="false" variableLength="false">DeleteChild</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadAttributes</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteAttributes</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: ShareMode --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ShareMode</maml:name> <maml:description> <maml:para>The access share mode to open the file with.</maml:para> <maml:para>Possible values: None, Read, Write, Delete, All</maml:para> </maml:description> <command:parameterValue required="true">FileShareMode</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.FileShareMode</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>Read, Write</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">Read</command:parameterValue> <command:parameterValue required="false" variableLength="false">Write</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">All</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Options --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Options</maml:name> <maml:description> <maml:para>The options to open the file with.</maml:para> <maml:para>Possible values: None, DirectoryFile, WriteThrough, SequentialOnly, NoIntermediateBuffering, SynchronousIoAlert, SynchronousIoNonAlert, NonDirectoryFile, CreateTreeConnection, CompleteIfOplocked, NoEaKnowledge, OpenRemoteInstance, RandomAccess, DeleteOnClose, OpenByFileId, OpenForBackupIntent, NoCompression, OpenRequiringOplock, DisallowExclusive, SessionAware, ReserveOpfilter, OpenReparsePoint, OpenNoRecall, OpenForFreeSpaceQuery</maml:para> </maml:description> <command:parameterValue required="true">FileOpenOptions</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.FileOpenOptions</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>SynchronousIoNonAlert</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">DirectoryFile</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteThrough</command:parameterValue> <command:parameterValue required="false" variableLength="false">SequentialOnly</command:parameterValue> <command:parameterValue required="false" variableLength="false">NoIntermediateBuffering</command:parameterValue> <command:parameterValue required="false" variableLength="false">SynchronousIoAlert</command:parameterValue> <command:parameterValue required="false" variableLength="false">SynchronousIoNonAlert</command:parameterValue> <command:parameterValue required="false" variableLength="false">NonDirectoryFile</command:parameterValue> <command:parameterValue required="false" variableLength="false">CreateTreeConnection</command:parameterValue> <command:parameterValue required="false" variableLength="false">CompleteIfOplocked</command:parameterValue> <command:parameterValue required="false" variableLength="false">NoEaKnowledge</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenRemoteInstance</command:parameterValue> <command:parameterValue required="false" variableLength="false">RandomAccess</command:parameterValue> <command:parameterValue required="false" variableLength="false">DeleteOnClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenByFileId</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenForBackupIntent</command:parameterValue> <command:parameterValue required="false" variableLength="false">NoCompression</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenRequiringOplock</command:parameterValue> <command:parameterValue required="false" variableLength="false">DisallowExclusive</command:parameterValue> <command:parameterValue required="false" variableLength="false">SessionAware</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReserveOpfilter</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenReparsePoint</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenNoRecall</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenForFreeSpaceQuery</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Transaction --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Transaction</maml:name> <maml:description> <maml:para>Specify a transaction to create the file under.</maml:para> </maml:description> <command:parameterValue required="true">NtTransaction</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtTransaction</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Access --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Access</maml:name> <maml:description> <maml:para>Specify the access rights for a new handle when creating/opening an object.</maml:para> <maml:para>Possible values: None, ReadData, WriteData, AppendData, ReadEa, WriteEa, Execute, DeleteChild, ReadAttributes, WriteAttributes, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">FileAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.FileAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>Synchronize, GenericWrite, GenericRead</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadData</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteData</command:parameterValue> <command:parameterValue required="false" variableLength="false">AppendData</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadEa</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteEa</command:parameterValue> <command:parameterValue required="false" variableLength="false">Execute</command:parameterValue> <command:parameterValue required="false" variableLength="false">DeleteChild</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadAttributes</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteAttributes</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Root --> <command:parameter required="false" globbing="false" pipelineInput="true (ByValue)" position="named"> <maml:name>Root</maml:name> <maml:description> <maml:para>An existing open NT object to use when Path is relative.</maml:para> </maml:description> <command:parameterValue required="true">NtObject</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtObject</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Win32Path --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Win32Path</maml:name> <maml:description> <maml:para>Use a Win32 path for lookups. For NT objects this means relative to BNO, for files means a DOS style path.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: CloseRoot --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CloseRoot</maml:name> <maml:description> <maml:para>Automatically close the Root object when this cmdlet finishes processing. Useful for pipelines.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: CreateDirectories --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CreateDirectories</maml:name> <maml:description> <maml:para>Create any necessary NtDirectory objects to create the required object. Will return the created directories as well as the object in the output. The new object will be the first entry in the list. This doesn't work when opening an object or creating keys/files.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ObjectAttributes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ObjectAttributes</maml:name> <maml:description> <maml:para>Object Attribute flags used during Open/Create calls.</maml:para> <maml:para>Possible values: None, ProtectClose, Inherit, AuditObjectClose, Permanent, Exclusive, CaseInsensitive, OpenIf, OpenLink, KernelHandle, ForceAccessCheck, IgnoreImpersonatedDevicemap, DontReparse</maml:para> </maml:description> <command:parameterValue required="true">AttributeFlags</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.AttributeFlags</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>CaseInsensitive</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ProtectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Inherit</command:parameterValue> <command:parameterValue required="false" variableLength="false">AuditObjectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Permanent</command:parameterValue> <command:parameterValue required="false" variableLength="false">Exclusive</command:parameterValue> <command:parameterValue required="false" variableLength="false">CaseInsensitive</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenIf</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenLink</command:parameterValue> <command:parameterValue required="false" variableLength="false">KernelHandle</command:parameterValue> <command:parameterValue required="false" variableLength="false">ForceAccessCheck</command:parameterValue> <command:parameterValue required="false" variableLength="false">IgnoreImpersonatedDevicemap</command:parameterValue> <command:parameterValue required="false" variableLength="false">DontReparse</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: SecurityDescriptor --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityDescriptor</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object.</maml:para> </maml:description> <command:parameterValue required="true">SecurityDescriptor</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityDescriptor</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Inherit --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Inherit</maml:name> <maml:description> <maml:para>Set to mark the new handle as inheritable. Can be used with ObjectAttributes.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: Sddl --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Sddl</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object in SDDL format.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SecurityQualityOfService --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityQualityOfService</maml:name> <maml:description> <maml:para>Set to provide an explicit security quality of service when opening files/namedpipes.</maml:para> </maml:description> <command:parameterValue required="true">SecurityQualityOfService</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityQualityOfService</maml:name> <maml:uri /> </dev:type> </command:parameter> </command:parameters> <command:inputTypes> <command:inputType> <dev:type> <maml:name>NtApiDotNet.NtObject</maml:name> <maml:uri /> </dev:type> <maml:description> <maml:para>An existing open NT object to use when Path is relative.</maml:para> </maml:description> </command:inputType> </command:inputTypes> <command:returnValues> <!-- OutputType: NtFile --> <command:returnValue> <dev:type> <maml:name>NtApiDotNet.NtFile</maml:name> <maml:uri /> </dev:type> </command:returnValue> </command:returnValues> <command:examples> <command:example> <maml:title>---------- EXAMPLE 1 ----------</maml:title> <dev:code>$obj = New-NtNamedPipeFile \??\pipe\abc</dev:code> <dev:remarks> <maml:para>Creates a new, full duplex file named pipe object with an absolute path.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 2 ----------</maml:title> <dev:code>$obj = New-NtNamedPipeFile \??\pipe\abc -ShareMode Read</dev:code> <dev:remarks> <maml:para>Creates a new outbound file named pipe object with an absolute path.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 3 ----------</maml:title> <dev:code>$obj = New-NtNamedPipeFile \??\pipe\abc -ShareMode Write</dev:code> <dev:remarks> <maml:para>Creates a new inbound file named pipe object with an absolute path.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 4 ----------</maml:title> <dev:code>$obj = New-NtNamedPipeFile \??\pipe\abc -MaximumInstances 100</dev:code> <dev:remarks> <maml:para>Creates a new file named pipe object with an absolute path and with a maximum of 100 instances.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 5 ----------</maml:title> <dev:code>$obj = New-NtNamedPipeFile \??\pipe\abc -UnlimitedInstances</dev:code> <dev:remarks> <maml:para>Creates a new file named pipe object with an absolute path and with a unlimited maximum number of instances.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 6 ----------</maml:title> <dev:code>$obj = New-NtNamedPipeFile \\.\pipe\abc -Win32Path</dev:code> <dev:remarks> <maml:para>Creates a new file named pipe object with an absolute win32 path.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 7 ----------</maml:title> <dev:code>$obj = New-NtNamedPipeFile \??\pipe\abc -Disposition OpenIf</dev:code> <dev:remarks> <maml:para>Creates a new file named pipe object with an absolute path. If the file already exists then open it rather than failing.</maml:para> </dev:remarks> </command:example> </command:examples> <maml:relatedLinks> <maml:navigationLink> <maml:linkText>about_ManagingNtObjectLifetime</maml:linkText> </maml:navigationLink> </maml:relatedLinks> </command:command> <!-- Cmdlet: Copy-NtObject --> <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"> <command:details> <command:name>Copy-NtObject</command:name> <command:verb>Copy</command:verb> <command:noun>NtObject</command:noun> <maml:description> <maml:para>Duplicate an object to a new handle. Optionally specify processes to duplicate to.</maml:para> </maml:description> </command:details> <maml:description> <maml:para>This cmdlet duplicates an object either in the same process or between processes. If you duplicate to another process the cmdlet will return a handle value rather than an object.</maml:para> </maml:description> <command:syntax> <!-- Parameter set: FromObject --> <command:syntaxItem> <maml:name>Copy-NtObject</maml:name> <!-- Parameter: Object --> <command:parameter required="true" globbing="false" pipelineInput="false" position="0"> <maml:name>Object</maml:name> <maml:description> <maml:para>Specify the object to duplicate in the current process.</maml:para> </maml:description> <command:parameterValue required="true">NtObject</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtObject</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: DesiredAccess --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>DesiredAccess</maml:name> <maml:description> <maml:para>The desired access for the duplication.</maml:para> <maml:para>Possible values: None, Access0, Access1, Access2, Access3, Access4, Access5, Access6, Access7, Access8, Access9, Access10, Access11, Access12, Access13, Access14, Access15, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, AccessSystemSecurity, MaximumAllowed, GenericAll, GenericExecute, GenericWrite, GenericRead</maml:para> </maml:description> <command:parameterValue required="true">GenericAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.GenericAccessRights</maml:name> <maml:uri /> </dev:type> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">Access0</command:parameterValue> <command:parameterValue required="false" variableLength="false">Access1</command:parameterValue> <command:parameterValue required="false" variableLength="false">Access2</command:parameterValue> <command:parameterValue required="false" variableLength="false">Access3</command:parameterValue> <command:parameterValue required="false" variableLength="false">Access4</command:parameterValue> <command:parameterValue required="false" variableLength="false">Access5</command:parameterValue> <command:parameterValue required="false" variableLength="false">Access6</command:parameterValue> <command:parameterValue required="false" variableLength="false">Access7</command:parameterValue> <command:parameterValue required="false" variableLength="false">Access8</command:parameterValue> <command:parameterValue required="false" variableLength="false">Access9</command:parameterValue> <command:parameterValue required="false" variableLength="false">Access10</command:parameterValue> <command:parameterValue required="false" variableLength="false">Access11</command:parameterValue> <command:parameterValue required="false" variableLength="false">Access12</command:parameterValue> <command:parameterValue required="false" variableLength="false">Access13</command:parameterValue> <command:parameterValue required="false" variableLength="false">Access14</command:parameterValue> <command:parameterValue required="false" variableLength="false">Access15</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: DestinationProcess --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>DestinationProcess</maml:name> <maml:description> <maml:para>Specify the process to duplicate to. Defaults to current process.</maml:para> </maml:description> <command:parameterValue required="true">NtProcess</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtProcess</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>XmlDoc2CmdletDoc.exe</dev:defaultValue> </command:parameter> <!-- Parameter: NoRightsUpgrade --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>NoRightsUpgrade</maml:name> <maml:description> <maml:para>Specify the no rights upgrade flags.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ObjectAttributes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ObjectAttributes</maml:name> <maml:description> <maml:para>The desired object attribute flags for the duplication.</maml:para> <maml:para>Possible values: None, ProtectClose, Inherit, AuditObjectClose, Permanent, Exclusive, CaseInsensitive, OpenIf, OpenLink, KernelHandle, ForceAccessCheck, IgnoreImpersonatedDevicemap, DontReparse</maml:para> </maml:description> <command:parameterValue required="true">AttributeFlags</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.AttributeFlags</maml:name> <maml:uri /> </dev:type> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ProtectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Inherit</command:parameterValue> <command:parameterValue required="false" variableLength="false">AuditObjectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Permanent</command:parameterValue> <command:parameterValue required="false" variableLength="false">Exclusive</command:parameterValue> <command:parameterValue required="false" variableLength="false">CaseInsensitive</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenIf</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenLink</command:parameterValue> <command:parameterValue required="false" variableLength="false">KernelHandle</command:parameterValue> <command:parameterValue required="false" variableLength="false">ForceAccessCheck</command:parameterValue> <command:parameterValue required="false" variableLength="false">IgnoreImpersonatedDevicemap</command:parameterValue> <command:parameterValue required="false" variableLength="false">DontReparse</command:parameterValue> </command:parameterValueGroup> </command:parameter> </command:syntaxItem> <!-- Parameter set: FromHandle --> <command:syntaxItem> <maml:name>Copy-NtObject</maml:name> <!-- Parameter: SourceHandle --> <command:parameter required="true" globbing="false" pipelineInput="false" position="0"> <maml:name>SourceHandle</maml:name> <maml:description> <maml:para>Specify the object to duplicate as a handle.</maml:para> </maml:description> <command:parameterValue required="true">IntPtr</command:parameterValue> <dev:type> <maml:name>System.IntPtr</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>0</dev:defaultValue> </command:parameter> <!-- Parameter: CloseSource --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CloseSource</maml:name> <maml:description> <maml:para>Close the source handle.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: DesiredAccess --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>DesiredAccess</maml:name> <maml:description> <maml:para>The desired access for the duplication.</maml:para> <maml:para>Possible values: None, Access0, Access1, Access2, Access3, Access4, Access5, Access6, Access7, Access8, Access9, Access10, Access11, Access12, Access13, Access14, Access15, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, AccessSystemSecurity, MaximumAllowed, GenericAll, GenericExecute, GenericWrite, GenericRead</maml:para> </maml:description> <command:parameterValue required="true">GenericAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.GenericAccessRights</maml:name> <maml:uri /> </dev:type> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">Access0</command:parameterValue> <command:parameterValue required="false" variableLength="false">Access1</command:parameterValue> <command:parameterValue required="false" variableLength="false">Access2</command:parameterValue> <command:parameterValue required="false" variableLength="false">Access3</command:parameterValue> <command:parameterValue required="false" variableLength="false">Access4</command:parameterValue> <command:parameterValue required="false" variableLength="false">Access5</command:parameterValue> <command:parameterValue required="false" variableLength="false">Access6</command:parameterValue> <command:parameterValue required="false" variableLength="false">Access7</command:parameterValue> <command:parameterValue required="false" variableLength="false">Access8</command:parameterValue> <command:parameterValue required="false" variableLength="false">Access9</command:parameterValue> <command:parameterValue required="false" variableLength="false">Access10</command:parameterValue> <command:parameterValue required="false" variableLength="false">Access11</command:parameterValue> <command:parameterValue required="false" variableLength="false">Access12</command:parameterValue> <command:parameterValue required="false" variableLength="false">Access13</command:parameterValue> <command:parameterValue required="false" variableLength="false">Access14</command:parameterValue> <command:parameterValue required="false" variableLength="false">Access15</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: DestinationProcess --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>DestinationProcess</maml:name> <maml:description> <maml:para>Specify the process to duplicate to. Defaults to current process.</maml:para> </maml:description> <command:parameterValue required="true">NtProcess</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtProcess</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>XmlDoc2CmdletDoc.exe</dev:defaultValue> </command:parameter> <!-- Parameter: NoRightsUpgrade --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>NoRightsUpgrade</maml:name> <maml:description> <maml:para>Specify the no rights upgrade flags.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ObjectAttributes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ObjectAttributes</maml:name> <maml:description> <maml:para>The desired object attribute flags for the duplication.</maml:para> <maml:para>Possible values: None, ProtectClose, Inherit, AuditObjectClose, Permanent, Exclusive, CaseInsensitive, OpenIf, OpenLink, KernelHandle, ForceAccessCheck, IgnoreImpersonatedDevicemap, DontReparse</maml:para> </maml:description> <command:parameterValue required="true">AttributeFlags</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.AttributeFlags</maml:name> <maml:uri /> </dev:type> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ProtectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Inherit</command:parameterValue> <command:parameterValue required="false" variableLength="false">AuditObjectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Permanent</command:parameterValue> <command:parameterValue required="false" variableLength="false">Exclusive</command:parameterValue> <command:parameterValue required="false" variableLength="false">CaseInsensitive</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenIf</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenLink</command:parameterValue> <command:parameterValue required="false" variableLength="false">KernelHandle</command:parameterValue> <command:parameterValue required="false" variableLength="false">ForceAccessCheck</command:parameterValue> <command:parameterValue required="false" variableLength="false">IgnoreImpersonatedDevicemap</command:parameterValue> <command:parameterValue required="false" variableLength="false">DontReparse</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: SourceProcess --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SourceProcess</maml:name> <maml:description> <maml:para>Specify the process to duplicate from.</maml:para> </maml:description> <command:parameterValue required="true">NtProcess</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtProcess</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>XmlDoc2CmdletDoc.exe</dev:defaultValue> </command:parameter> </command:syntaxItem> </command:syntax> <command:parameters> <!-- Parameter: Object --> <command:parameter required="true" globbing="false" pipelineInput="false" position="0"> <maml:name>Object</maml:name> <maml:description> <maml:para>Specify the object to duplicate in the current process.</maml:para> </maml:description> <command:parameterValue required="true">NtObject</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtObject</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SourceHandle --> <command:parameter required="true" globbing="false" pipelineInput="false" position="0"> <maml:name>SourceHandle</maml:name> <maml:description> <maml:para>Specify the object to duplicate as a handle.</maml:para> </maml:description> <command:parameterValue required="true">IntPtr</command:parameterValue> <dev:type> <maml:name>System.IntPtr</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>0</dev:defaultValue> </command:parameter> <!-- Parameter: SourceProcess --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SourceProcess</maml:name> <maml:description> <maml:para>Specify the process to duplicate from.</maml:para> </maml:description> <command:parameterValue required="true">NtProcess</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtProcess</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>XmlDoc2CmdletDoc.exe</dev:defaultValue> </command:parameter> <!-- Parameter: DestinationProcess --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>DestinationProcess</maml:name> <maml:description> <maml:para>Specify the process to duplicate to. Defaults to current process.</maml:para> </maml:description> <command:parameterValue required="true">NtProcess</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtProcess</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>XmlDoc2CmdletDoc.exe</dev:defaultValue> </command:parameter> <!-- Parameter: DesiredAccess --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>DesiredAccess</maml:name> <maml:description> <maml:para>The desired access for the duplication.</maml:para> <maml:para>Possible values: None, Access0, Access1, Access2, Access3, Access4, Access5, Access6, Access7, Access8, Access9, Access10, Access11, Access12, Access13, Access14, Access15, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, AccessSystemSecurity, MaximumAllowed, GenericAll, GenericExecute, GenericWrite, GenericRead</maml:para> </maml:description> <command:parameterValue required="true">GenericAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.GenericAccessRights</maml:name> <maml:uri /> </dev:type> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">Access0</command:parameterValue> <command:parameterValue required="false" variableLength="false">Access1</command:parameterValue> <command:parameterValue required="false" variableLength="false">Access2</command:parameterValue> <command:parameterValue required="false" variableLength="false">Access3</command:parameterValue> <command:parameterValue required="false" variableLength="false">Access4</command:parameterValue> <command:parameterValue required="false" variableLength="false">Access5</command:parameterValue> <command:parameterValue required="false" variableLength="false">Access6</command:parameterValue> <command:parameterValue required="false" variableLength="false">Access7</command:parameterValue> <command:parameterValue required="false" variableLength="false">Access8</command:parameterValue> <command:parameterValue required="false" variableLength="false">Access9</command:parameterValue> <command:parameterValue required="false" variableLength="false">Access10</command:parameterValue> <command:parameterValue required="false" variableLength="false">Access11</command:parameterValue> <command:parameterValue required="false" variableLength="false">Access12</command:parameterValue> <command:parameterValue required="false" variableLength="false">Access13</command:parameterValue> <command:parameterValue required="false" variableLength="false">Access14</command:parameterValue> <command:parameterValue required="false" variableLength="false">Access15</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: NoRightsUpgrade --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>NoRightsUpgrade</maml:name> <maml:description> <maml:para>Specify the no rights upgrade flags.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ObjectAttributes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ObjectAttributes</maml:name> <maml:description> <maml:para>The desired object attribute flags for the duplication.</maml:para> <maml:para>Possible values: None, ProtectClose, Inherit, AuditObjectClose, Permanent, Exclusive, CaseInsensitive, OpenIf, OpenLink, KernelHandle, ForceAccessCheck, IgnoreImpersonatedDevicemap, DontReparse</maml:para> </maml:description> <command:parameterValue required="true">AttributeFlags</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.AttributeFlags</maml:name> <maml:uri /> </dev:type> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ProtectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Inherit</command:parameterValue> <command:parameterValue required="false" variableLength="false">AuditObjectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Permanent</command:parameterValue> <command:parameterValue required="false" variableLength="false">Exclusive</command:parameterValue> <command:parameterValue required="false" variableLength="false">CaseInsensitive</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenIf</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenLink</command:parameterValue> <command:parameterValue required="false" variableLength="false">KernelHandle</command:parameterValue> <command:parameterValue required="false" variableLength="false">ForceAccessCheck</command:parameterValue> <command:parameterValue required="false" variableLength="false">IgnoreImpersonatedDevicemap</command:parameterValue> <command:parameterValue required="false" variableLength="false">DontReparse</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: CloseSource --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CloseSource</maml:name> <maml:description> <maml:para>Close the source handle.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> </command:parameters> <command:inputTypes /> <command:returnValues> <!-- OutputType: NtObject --> <command:returnValue> <dev:type> <maml:name>NtApiDotNet.NtObject</maml:name> <maml:uri /> </dev:type> </command:returnValue> </command:returnValues> <command:examples> <command:example> <maml:title>---------- EXAMPLE 1 ----------</maml:title> <dev:code>Copy-NtObject -Object $obj</dev:code> <dev:remarks> <maml:para>Duplicate an object to another in the current process with same access rights.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 2 ----------</maml:title> <dev:code>Copy-NtObject -Object $obj -DestinationProcess $proc</dev:code> <dev:remarks> <maml:para>Duplicate an object to another process. If the desintation process is the current process an object is returned, otherwise a handle is returned.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 3 ----------</maml:title> <dev:code>Copy-NtObject -Handle 1234 -SourceProcess $proc</dev:code> <dev:remarks> <maml:para>Duplicate an object from another process to the current process.</maml:para> </dev:remarks> </command:example> </command:examples> </command:command> <!-- Cmdlet: Get-NtObject --> <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"> <command:details> <command:name>Get-NtObject</command:name> <command:verb>Get</command:verb> <command:noun>NtObject</command:noun> <maml:description> <maml:para>Open an NT object by path.</maml:para> </maml:description> </command:details> <maml:description> <maml:para>This cmdlet opens an NT object by its path. The returned object will be a type specific to the actual underlying NT type.</maml:para> </maml:description> <command:syntax> <!-- Parameter set: __AllParameterSets --> <command:syntaxItem> <maml:name>Get-NtObject</maml:name> <!-- Parameter: Path --> <command:parameter required="true" globbing="false" pipelineInput="false" position="0"> <maml:name>Path</maml:name> <maml:description> <maml:para>The NT object manager path to the object to use.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Access --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Access</maml:name> <maml:description> <maml:para>Specify the access rights for a new handle when creating/opening an object.</maml:para> <maml:para>Possible values: None, Access0, Access1, Access2, Access3, Access4, Access5, Access6, Access7, Access8, Access9, Access10, Access11, Access12, Access13, Access14, Access15, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, AccessSystemSecurity, MaximumAllowed, GenericAll, GenericExecute, GenericWrite, GenericRead</maml:para> </maml:description> <command:parameterValue required="true">GenericAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.GenericAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>MaximumAllowed</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">Access0</command:parameterValue> <command:parameterValue required="false" variableLength="false">Access1</command:parameterValue> <command:parameterValue required="false" variableLength="false">Access2</command:parameterValue> <command:parameterValue required="false" variableLength="false">Access3</command:parameterValue> <command:parameterValue required="false" variableLength="false">Access4</command:parameterValue> <command:parameterValue required="false" variableLength="false">Access5</command:parameterValue> <command:parameterValue required="false" variableLength="false">Access6</command:parameterValue> <command:parameterValue required="false" variableLength="false">Access7</command:parameterValue> <command:parameterValue required="false" variableLength="false">Access8</command:parameterValue> <command:parameterValue required="false" variableLength="false">Access9</command:parameterValue> <command:parameterValue required="false" variableLength="false">Access10</command:parameterValue> <command:parameterValue required="false" variableLength="false">Access11</command:parameterValue> <command:parameterValue required="false" variableLength="false">Access12</command:parameterValue> <command:parameterValue required="false" variableLength="false">Access13</command:parameterValue> <command:parameterValue required="false" variableLength="false">Access14</command:parameterValue> <command:parameterValue required="false" variableLength="false">Access15</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: CloseRoot --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CloseRoot</maml:name> <maml:description> <maml:para>Automatically close the Root object when this cmdlet finishes processing. Useful for pipelines.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: CreateDirectories --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CreateDirectories</maml:name> <maml:description> <maml:para>Create any necessary NtDirectory objects to create the required object. Will return the created directories as well as the object in the output. The new object will be the first entry in the list. This doesn't work when opening an object or creating keys/files.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: Inherit --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Inherit</maml:name> <maml:description> <maml:para>Set to mark the new handle as inheritable. Can be used with ObjectAttributes.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ObjectAttributes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ObjectAttributes</maml:name> <maml:description> <maml:para>Object Attribute flags used during Open/Create calls.</maml:para> <maml:para>Possible values: None, ProtectClose, Inherit, AuditObjectClose, Permanent, Exclusive, CaseInsensitive, OpenIf, OpenLink, KernelHandle, ForceAccessCheck, IgnoreImpersonatedDevicemap, DontReparse</maml:para> </maml:description> <command:parameterValue required="true">AttributeFlags</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.AttributeFlags</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>CaseInsensitive</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ProtectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Inherit</command:parameterValue> <command:parameterValue required="false" variableLength="false">AuditObjectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Permanent</command:parameterValue> <command:parameterValue required="false" variableLength="false">Exclusive</command:parameterValue> <command:parameterValue required="false" variableLength="false">CaseInsensitive</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenIf</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenLink</command:parameterValue> <command:parameterValue required="false" variableLength="false">KernelHandle</command:parameterValue> <command:parameterValue required="false" variableLength="false">ForceAccessCheck</command:parameterValue> <command:parameterValue required="false" variableLength="false">IgnoreImpersonatedDevicemap</command:parameterValue> <command:parameterValue required="false" variableLength="false">DontReparse</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Root --> <command:parameter required="false" globbing="false" pipelineInput="true (ByValue)" position="named"> <maml:name>Root</maml:name> <maml:description> <maml:para>An existing open NT object to use when Path is relative.</maml:para> </maml:description> <command:parameterValue required="true">NtObject</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtObject</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Sddl --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Sddl</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object in SDDL format.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SecurityDescriptor --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityDescriptor</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object.</maml:para> </maml:description> <command:parameterValue required="true">SecurityDescriptor</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityDescriptor</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SecurityQualityOfService --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityQualityOfService</maml:name> <maml:description> <maml:para>Set to provide an explicit security quality of service when opening files/namedpipes.</maml:para> </maml:description> <command:parameterValue required="true">SecurityQualityOfService</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityQualityOfService</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: TypeName --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>TypeName</maml:name> <maml:description> <maml:para>The type of object will try and be determined automatically, however in cases where this isn't possible the NT type name can be specified here. This needs to be a value such as Directory, SymbolicLink, Mutant etc.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Win32Path --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Win32Path</maml:name> <maml:description> <maml:para>Use a Win32 path for lookups. For NT objects this means relative to BNO, for files means a DOS style path.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> </command:syntaxItem> </command:syntax> <command:parameters> <!-- Parameter: TypeName --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>TypeName</maml:name> <maml:description> <maml:para>The type of object will try and be determined automatically, however in cases where this isn't possible the NT type name can be specified here. This needs to be a value such as Directory, SymbolicLink, Mutant etc.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Path --> <command:parameter required="true" globbing="false" pipelineInput="false" position="0"> <maml:name>Path</maml:name> <maml:description> <maml:para>The NT object manager path to the object to use.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Access --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Access</maml:name> <maml:description> <maml:para>Specify the access rights for a new handle when creating/opening an object.</maml:para> <maml:para>Possible values: None, Access0, Access1, Access2, Access3, Access4, Access5, Access6, Access7, Access8, Access9, Access10, Access11, Access12, Access13, Access14, Access15, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, AccessSystemSecurity, MaximumAllowed, GenericAll, GenericExecute, GenericWrite, GenericRead</maml:para> </maml:description> <command:parameterValue required="true">GenericAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.GenericAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>MaximumAllowed</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">Access0</command:parameterValue> <command:parameterValue required="false" variableLength="false">Access1</command:parameterValue> <command:parameterValue required="false" variableLength="false">Access2</command:parameterValue> <command:parameterValue required="false" variableLength="false">Access3</command:parameterValue> <command:parameterValue required="false" variableLength="false">Access4</command:parameterValue> <command:parameterValue required="false" variableLength="false">Access5</command:parameterValue> <command:parameterValue required="false" variableLength="false">Access6</command:parameterValue> <command:parameterValue required="false" variableLength="false">Access7</command:parameterValue> <command:parameterValue required="false" variableLength="false">Access8</command:parameterValue> <command:parameterValue required="false" variableLength="false">Access9</command:parameterValue> <command:parameterValue required="false" variableLength="false">Access10</command:parameterValue> <command:parameterValue required="false" variableLength="false">Access11</command:parameterValue> <command:parameterValue required="false" variableLength="false">Access12</command:parameterValue> <command:parameterValue required="false" variableLength="false">Access13</command:parameterValue> <command:parameterValue required="false" variableLength="false">Access14</command:parameterValue> <command:parameterValue required="false" variableLength="false">Access15</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Root --> <command:parameter required="false" globbing="false" pipelineInput="true (ByValue)" position="named"> <maml:name>Root</maml:name> <maml:description> <maml:para>An existing open NT object to use when Path is relative.</maml:para> </maml:description> <command:parameterValue required="true">NtObject</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtObject</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Win32Path --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Win32Path</maml:name> <maml:description> <maml:para>Use a Win32 path for lookups. For NT objects this means relative to BNO, for files means a DOS style path.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: CloseRoot --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CloseRoot</maml:name> <maml:description> <maml:para>Automatically close the Root object when this cmdlet finishes processing. Useful for pipelines.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: CreateDirectories --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CreateDirectories</maml:name> <maml:description> <maml:para>Create any necessary NtDirectory objects to create the required object. Will return the created directories as well as the object in the output. The new object will be the first entry in the list. This doesn't work when opening an object or creating keys/files.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ObjectAttributes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ObjectAttributes</maml:name> <maml:description> <maml:para>Object Attribute flags used during Open/Create calls.</maml:para> <maml:para>Possible values: None, ProtectClose, Inherit, AuditObjectClose, Permanent, Exclusive, CaseInsensitive, OpenIf, OpenLink, KernelHandle, ForceAccessCheck, IgnoreImpersonatedDevicemap, DontReparse</maml:para> </maml:description> <command:parameterValue required="true">AttributeFlags</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.AttributeFlags</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>CaseInsensitive</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ProtectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Inherit</command:parameterValue> <command:parameterValue required="false" variableLength="false">AuditObjectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Permanent</command:parameterValue> <command:parameterValue required="false" variableLength="false">Exclusive</command:parameterValue> <command:parameterValue required="false" variableLength="false">CaseInsensitive</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenIf</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenLink</command:parameterValue> <command:parameterValue required="false" variableLength="false">KernelHandle</command:parameterValue> <command:parameterValue required="false" variableLength="false">ForceAccessCheck</command:parameterValue> <command:parameterValue required="false" variableLength="false">IgnoreImpersonatedDevicemap</command:parameterValue> <command:parameterValue required="false" variableLength="false">DontReparse</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: SecurityDescriptor --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityDescriptor</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object.</maml:para> </maml:description> <command:parameterValue required="true">SecurityDescriptor</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityDescriptor</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Inherit --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Inherit</maml:name> <maml:description> <maml:para>Set to mark the new handle as inheritable. Can be used with ObjectAttributes.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: Sddl --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Sddl</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object in SDDL format.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SecurityQualityOfService --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityQualityOfService</maml:name> <maml:description> <maml:para>Set to provide an explicit security quality of service when opening files/namedpipes.</maml:para> </maml:description> <command:parameterValue required="true">SecurityQualityOfService</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityQualityOfService</maml:name> <maml:uri /> </dev:type> </command:parameter> </command:parameters> <command:inputTypes> <command:inputType> <dev:type> <maml:name>NtApiDotNet.NtObject</maml:name> <maml:uri /> </dev:type> <maml:description> <maml:para>An existing open NT object to use when Path is relative.</maml:para> </maml:description> </command:inputType> </command:inputTypes> <command:returnValues> <!-- OutputType: NtObject --> <command:returnValue> <dev:type> <maml:name>NtApiDotNet.NtObject</maml:name> <maml:uri /> </dev:type> </command:returnValue> </command:returnValues> <command:examples> <command:example> <maml:title>---------- EXAMPLE 1 ----------</maml:title> <dev:code>$obj = Get-NtObject \BaseNamedObjects\ABC</dev:code> <dev:remarks> <maml:para>Get a existing object with an absolute path.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 2 ----------</maml:title> <dev:code>$obj = Get-NtObject \BaseNamedObjects -TypeName Directory</dev:code> <dev:remarks> <maml:para>Get a existing object with an explicit type.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 3 ----------</maml:title> <dev:code>$obj = Get-NtObject \BaseNamedObjects $obj = Get-NtObject ABC -Root $root</dev:code> <dev:remarks> <maml:para>Get an existing object with a relative path.</maml:para> </dev:remarks> </command:example> </command:examples> <maml:relatedLinks> <maml:navigationLink> <maml:linkText>about_ManagingNtObjectLifetime</maml:linkText> </maml:navigationLink> </maml:relatedLinks> </command:command> <!-- Cmdlet: Use-NtObject --> <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"> <command:details> <command:name>Use-NtObject</command:name> <command:verb>Use</command:verb> <command:noun>NtObject</command:noun> <maml:description> <maml:para>Use an NtObject (or list of NtObject) and automatically close the objects after use.</maml:para> </maml:description> </command:details> <maml:description> <maml:para>This cmdlet allows you to scope the use of NtObject, similar to the using statement in C#. When the script block passed to this cmdlet goes out of scope the input object is automatically disposed of, ensuring any native resources are closed to prevent leaks.</maml:para> </maml:description> <command:syntax> <!-- Parameter set: __AllParameterSets --> <command:syntaxItem> <maml:name>Use-NtObject</maml:name> <!-- Parameter: InputObject --> <command:parameter required="true" globbing="false" pipelineInput="true (ByValue)" position="0"> <maml:name>InputObject</maml:name> <maml:description> <maml:para>Specify the input object to be disposed.</maml:para> </maml:description> <command:parameterValue required="true">object</command:parameterValue> <dev:type> <maml:name>System.Object</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: ScriptBlock --> <command:parameter required="true" globbing="false" pipelineInput="false" position="1"> <maml:name>ScriptBlock</maml:name> <maml:description> <maml:para>Specify the script block to execute.</maml:para> </maml:description> <command:parameterValue required="true">ScriptBlock</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.ScriptBlock</maml:name> <maml:uri /> </dev:type> </command:parameter> </command:syntaxItem> </command:syntax> <command:parameters> <!-- Parameter: InputObject --> <command:parameter required="true" globbing="false" pipelineInput="true (ByValue)" position="0"> <maml:name>InputObject</maml:name> <maml:description> <maml:para>Specify the input object to be disposed.</maml:para> </maml:description> <command:parameterValue required="true">object</command:parameterValue> <dev:type> <maml:name>System.Object</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: ScriptBlock --> <command:parameter required="true" globbing="false" pipelineInput="false" position="1"> <maml:name>ScriptBlock</maml:name> <maml:description> <maml:para>Specify the script block to execute.</maml:para> </maml:description> <command:parameterValue required="true">ScriptBlock</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.ScriptBlock</maml:name> <maml:uri /> </dev:type> </command:parameter> </command:parameters> <command:inputTypes> <command:inputType> <dev:type> <maml:name>System.Object</maml:name> <maml:uri /> </dev:type> <maml:description> <maml:para>Specify the input object to be disposed.</maml:para> </maml:description> </command:inputType> </command:inputTypes> <command:returnValues /> <command:examples> <command:example> <maml:title>---------- EXAMPLE 1 ----------</maml:title> <dev:code>$ps = Use-NtObject (Get-NtProcess) { param ($ps); $ps | Select-Object Name, CommandLine }</dev:code> <dev:remarks> <maml:para>Select Name and CommandLine from a list of processes and dispose of the list afterwards.</maml:para> </dev:remarks> </command:example> </command:examples> <maml:relatedLinks> <maml:navigationLink> <maml:linkText>about_ManagingNtObjectLifetime</maml:linkText> </maml:navigationLink> </maml:relatedLinks> </command:command> <!-- Cmdlet: Get-NtPartition --> <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"> <command:details> <command:name>Get-NtPartition</command:name> <command:verb>Get</command:verb> <command:noun>NtPartition</command:noun> <maml:description> <maml:para>Open a NT partition object.</maml:para> </maml:description> </command:details> <maml:description> <maml:para>This cmdlet opens an existing NT partition object.</maml:para> </maml:description> <command:syntax> <!-- Parameter set: __AllParameterSets --> <command:syntaxItem> <maml:name>Get-NtPartition</maml:name> <!-- Parameter: Path --> <command:parameter required="true" globbing="false" pipelineInput="false" position="0"> <maml:name>Path</maml:name> <maml:description> <maml:para>The NT object manager path to the object to use.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Access --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Access</maml:name> <maml:description> <maml:para>Specify the access rights for a new handle when creating/opening an object.</maml:para> <maml:para>Possible values: None, Query, Modify, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">MemoryPartitionAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.MemoryPartitionAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>MaximumAllowed</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">Query</command:parameterValue> <command:parameterValue required="false" variableLength="false">Modify</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: CloseRoot --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CloseRoot</maml:name> <maml:description> <maml:para>Automatically close the Root object when this cmdlet finishes processing. Useful for pipelines.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: CreateDirectories --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CreateDirectories</maml:name> <maml:description> <maml:para>Create any necessary NtDirectory objects to create the required object. Will return the created directories as well as the object in the output. The new object will be the first entry in the list. This doesn't work when opening an object or creating keys/files.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: Inherit --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Inherit</maml:name> <maml:description> <maml:para>Set to mark the new handle as inheritable. Can be used with ObjectAttributes.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ObjectAttributes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ObjectAttributes</maml:name> <maml:description> <maml:para>Object Attribute flags used during Open/Create calls.</maml:para> <maml:para>Possible values: None, ProtectClose, Inherit, AuditObjectClose, Permanent, Exclusive, CaseInsensitive, OpenIf, OpenLink, KernelHandle, ForceAccessCheck, IgnoreImpersonatedDevicemap, DontReparse</maml:para> </maml:description> <command:parameterValue required="true">AttributeFlags</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.AttributeFlags</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>CaseInsensitive</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ProtectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Inherit</command:parameterValue> <command:parameterValue required="false" variableLength="false">AuditObjectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Permanent</command:parameterValue> <command:parameterValue required="false" variableLength="false">Exclusive</command:parameterValue> <command:parameterValue required="false" variableLength="false">CaseInsensitive</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenIf</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenLink</command:parameterValue> <command:parameterValue required="false" variableLength="false">KernelHandle</command:parameterValue> <command:parameterValue required="false" variableLength="false">ForceAccessCheck</command:parameterValue> <command:parameterValue required="false" variableLength="false">IgnoreImpersonatedDevicemap</command:parameterValue> <command:parameterValue required="false" variableLength="false">DontReparse</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Root --> <command:parameter required="false" globbing="false" pipelineInput="true (ByValue)" position="named"> <maml:name>Root</maml:name> <maml:description> <maml:para>An existing open NT object to use when Path is relative.</maml:para> </maml:description> <command:parameterValue required="true">NtObject</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtObject</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Sddl --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Sddl</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object in SDDL format.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SecurityDescriptor --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityDescriptor</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object.</maml:para> </maml:description> <command:parameterValue required="true">SecurityDescriptor</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityDescriptor</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SecurityQualityOfService --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityQualityOfService</maml:name> <maml:description> <maml:para>Set to provide an explicit security quality of service when opening files/namedpipes.</maml:para> </maml:description> <command:parameterValue required="true">SecurityQualityOfService</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityQualityOfService</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Win32Path --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Win32Path</maml:name> <maml:description> <maml:para>Use a Win32 path for lookups. For NT objects this means relative to BNO, for files means a DOS style path.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> </command:syntaxItem> </command:syntax> <command:parameters> <!-- Parameter: Path --> <command:parameter required="true" globbing="false" pipelineInput="false" position="0"> <maml:name>Path</maml:name> <maml:description> <maml:para>The NT object manager path to the object to use.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Access --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Access</maml:name> <maml:description> <maml:para>Specify the access rights for a new handle when creating/opening an object.</maml:para> <maml:para>Possible values: None, Query, Modify, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">MemoryPartitionAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.MemoryPartitionAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>MaximumAllowed</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">Query</command:parameterValue> <command:parameterValue required="false" variableLength="false">Modify</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Root --> <command:parameter required="false" globbing="false" pipelineInput="true (ByValue)" position="named"> <maml:name>Root</maml:name> <maml:description> <maml:para>An existing open NT object to use when Path is relative.</maml:para> </maml:description> <command:parameterValue required="true">NtObject</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtObject</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Win32Path --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Win32Path</maml:name> <maml:description> <maml:para>Use a Win32 path for lookups. For NT objects this means relative to BNO, for files means a DOS style path.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: CloseRoot --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CloseRoot</maml:name> <maml:description> <maml:para>Automatically close the Root object when this cmdlet finishes processing. Useful for pipelines.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: CreateDirectories --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CreateDirectories</maml:name> <maml:description> <maml:para>Create any necessary NtDirectory objects to create the required object. Will return the created directories as well as the object in the output. The new object will be the first entry in the list. This doesn't work when opening an object or creating keys/files.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ObjectAttributes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ObjectAttributes</maml:name> <maml:description> <maml:para>Object Attribute flags used during Open/Create calls.</maml:para> <maml:para>Possible values: None, ProtectClose, Inherit, AuditObjectClose, Permanent, Exclusive, CaseInsensitive, OpenIf, OpenLink, KernelHandle, ForceAccessCheck, IgnoreImpersonatedDevicemap, DontReparse</maml:para> </maml:description> <command:parameterValue required="true">AttributeFlags</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.AttributeFlags</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>CaseInsensitive</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ProtectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Inherit</command:parameterValue> <command:parameterValue required="false" variableLength="false">AuditObjectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Permanent</command:parameterValue> <command:parameterValue required="false" variableLength="false">Exclusive</command:parameterValue> <command:parameterValue required="false" variableLength="false">CaseInsensitive</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenIf</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenLink</command:parameterValue> <command:parameterValue required="false" variableLength="false">KernelHandle</command:parameterValue> <command:parameterValue required="false" variableLength="false">ForceAccessCheck</command:parameterValue> <command:parameterValue required="false" variableLength="false">IgnoreImpersonatedDevicemap</command:parameterValue> <command:parameterValue required="false" variableLength="false">DontReparse</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: SecurityDescriptor --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityDescriptor</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object.</maml:para> </maml:description> <command:parameterValue required="true">SecurityDescriptor</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityDescriptor</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Inherit --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Inherit</maml:name> <maml:description> <maml:para>Set to mark the new handle as inheritable. Can be used with ObjectAttributes.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: Sddl --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Sddl</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object in SDDL format.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SecurityQualityOfService --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityQualityOfService</maml:name> <maml:description> <maml:para>Set to provide an explicit security quality of service when opening files/namedpipes.</maml:para> </maml:description> <command:parameterValue required="true">SecurityQualityOfService</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityQualityOfService</maml:name> <maml:uri /> </dev:type> </command:parameter> </command:parameters> <command:inputTypes> <command:inputType> <dev:type> <maml:name>NtApiDotNet.NtObject</maml:name> <maml:uri /> </dev:type> <maml:description> <maml:para>An existing open NT object to use when Path is relative.</maml:para> </maml:description> </command:inputType> </command:inputTypes> <command:returnValues> <!-- OutputType: NtPartition --> <command:returnValue> <dev:type> <maml:name>NtApiDotNet.NtPartition</maml:name> <maml:uri /> </dev:type> </command:returnValue> </command:returnValues> <command:examples> <command:example> <maml:title>---------- EXAMPLE 1 ----------</maml:title> <dev:code>$obj = Get-NtPartition \BaseNamedObjects\ABC</dev:code> <dev:remarks> <maml:para>Get a partition object with an absolute path.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 2 ----------</maml:title> <dev:code>$root = Get-NtDirectory \BaseNamedObjects $obj = Get-NtPartition ABC -Root $root</dev:code> <dev:remarks> <maml:para>Get a partition object with a relative path.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 3 ----------</maml:title> <dev:code>cd NtObject:\BaseNamedObjects $obj = Get-NtPartition ABC</dev:code> <dev:remarks> <maml:para>Get a partition object with a relative path based on the current location.</maml:para> </dev:remarks> </command:example> </command:examples> <maml:relatedLinks> <maml:navigationLink> <maml:linkText>about_ManagingNtObjectLifetime</maml:linkText> </maml:navigationLink> </maml:relatedLinks> </command:command> <!-- Cmdlet: New-NtPartition --> <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"> <command:details> <command:name>New-NtPartition</command:name> <command:verb>New</command:verb> <command:noun>NtPartition</command:noun> <maml:description> <maml:para>Creates a new NT partition object.</maml:para> </maml:description> </command:details> <maml:description> <maml:para>This cmdlet creates a new NT partition object.</maml:para> </maml:description> <command:syntax> <!-- Parameter set: __AllParameterSets --> <command:syntaxItem> <maml:name>New-NtPartition</maml:name> <!-- Parameter: Path --> <command:parameter required="false" globbing="false" pipelineInput="false" position="0"> <maml:name>Path</maml:name> <maml:description> <maml:para>The NT object manager path to the object to use.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Access --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Access</maml:name> <maml:description> <maml:para>Specify the access rights for a new handle when creating/opening an object.</maml:para> <maml:para>Possible values: None, Query, Modify, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">MemoryPartitionAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.MemoryPartitionAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>MaximumAllowed</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">Query</command:parameterValue> <command:parameterValue required="false" variableLength="false">Modify</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: CloseRoot --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CloseRoot</maml:name> <maml:description> <maml:para>Automatically close the Root object when this cmdlet finishes processing. Useful for pipelines.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: CreateDirectories --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CreateDirectories</maml:name> <maml:description> <maml:para>Create any necessary NtDirectory objects to create the required object. Will return the created directories as well as the object in the output. The new object will be the first entry in the list. This doesn't work when opening an object or creating keys/files.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: Inherit --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Inherit</maml:name> <maml:description> <maml:para>Set to mark the new handle as inheritable. Can be used with ObjectAttributes.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ObjectAttributes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ObjectAttributes</maml:name> <maml:description> <maml:para>Object Attribute flags used during Open/Create calls.</maml:para> <maml:para>Possible values: None, ProtectClose, Inherit, AuditObjectClose, Permanent, Exclusive, CaseInsensitive, OpenIf, OpenLink, KernelHandle, ForceAccessCheck, IgnoreImpersonatedDevicemap, DontReparse</maml:para> </maml:description> <command:parameterValue required="true">AttributeFlags</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.AttributeFlags</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>CaseInsensitive</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ProtectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Inherit</command:parameterValue> <command:parameterValue required="false" variableLength="false">AuditObjectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Permanent</command:parameterValue> <command:parameterValue required="false" variableLength="false">Exclusive</command:parameterValue> <command:parameterValue required="false" variableLength="false">CaseInsensitive</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenIf</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenLink</command:parameterValue> <command:parameterValue required="false" variableLength="false">KernelHandle</command:parameterValue> <command:parameterValue required="false" variableLength="false">ForceAccessCheck</command:parameterValue> <command:parameterValue required="false" variableLength="false">IgnoreImpersonatedDevicemap</command:parameterValue> <command:parameterValue required="false" variableLength="false">DontReparse</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: ParentPartition --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ParentPartition</maml:name> <maml:description> <maml:para>Specifies the parent partition. Not specifying means use the system partition.</maml:para> </maml:description> <command:parameterValue required="true">NtPartition</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtPartition</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: PreferredNode --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>PreferredNode</maml:name> <maml:description> <maml:para>Specifies the preferred NUMA node, -1 means ideal node.</maml:para> </maml:description> <command:parameterValue required="true">int</command:parameterValue> <dev:type> <maml:name>System.Int32</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>-1</dev:defaultValue> </command:parameter> <!-- Parameter: Root --> <command:parameter required="false" globbing="false" pipelineInput="true (ByValue)" position="named"> <maml:name>Root</maml:name> <maml:description> <maml:para>An existing open NT object to use when Path is relative.</maml:para> </maml:description> <command:parameterValue required="true">NtObject</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtObject</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Sddl --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Sddl</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object in SDDL format.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SecurityDescriptor --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityDescriptor</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object.</maml:para> </maml:description> <command:parameterValue required="true">SecurityDescriptor</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityDescriptor</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SecurityQualityOfService --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityQualityOfService</maml:name> <maml:description> <maml:para>Set to provide an explicit security quality of service when opening files/namedpipes.</maml:para> </maml:description> <command:parameterValue required="true">SecurityQualityOfService</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityQualityOfService</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Win32Path --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Win32Path</maml:name> <maml:description> <maml:para>Use a Win32 path for lookups. For NT objects this means relative to BNO, for files means a DOS style path.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> </command:syntaxItem> </command:syntax> <command:parameters> <!-- Parameter: PreferredNode --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>PreferredNode</maml:name> <maml:description> <maml:para>Specifies the preferred NUMA node, -1 means ideal node.</maml:para> </maml:description> <command:parameterValue required="true">int</command:parameterValue> <dev:type> <maml:name>System.Int32</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>-1</dev:defaultValue> </command:parameter> <!-- Parameter: ParentPartition --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ParentPartition</maml:name> <maml:description> <maml:para>Specifies the parent partition. Not specifying means use the system partition.</maml:para> </maml:description> <command:parameterValue required="true">NtPartition</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtPartition</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Access --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Access</maml:name> <maml:description> <maml:para>Specify the access rights for a new handle when creating/opening an object.</maml:para> <maml:para>Possible values: None, Query, Modify, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">MemoryPartitionAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.MemoryPartitionAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>MaximumAllowed</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">Query</command:parameterValue> <command:parameterValue required="false" variableLength="false">Modify</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Path --> <command:parameter required="false" globbing="false" pipelineInput="false" position="0"> <maml:name>Path</maml:name> <maml:description> <maml:para>The NT object manager path to the object to use.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Root --> <command:parameter required="false" globbing="false" pipelineInput="true (ByValue)" position="named"> <maml:name>Root</maml:name> <maml:description> <maml:para>An existing open NT object to use when Path is relative.</maml:para> </maml:description> <command:parameterValue required="true">NtObject</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtObject</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Win32Path --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Win32Path</maml:name> <maml:description> <maml:para>Use a Win32 path for lookups. For NT objects this means relative to BNO, for files means a DOS style path.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: CloseRoot --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CloseRoot</maml:name> <maml:description> <maml:para>Automatically close the Root object when this cmdlet finishes processing. Useful for pipelines.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: CreateDirectories --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CreateDirectories</maml:name> <maml:description> <maml:para>Create any necessary NtDirectory objects to create the required object. Will return the created directories as well as the object in the output. The new object will be the first entry in the list. This doesn't work when opening an object or creating keys/files.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ObjectAttributes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ObjectAttributes</maml:name> <maml:description> <maml:para>Object Attribute flags used during Open/Create calls.</maml:para> <maml:para>Possible values: None, ProtectClose, Inherit, AuditObjectClose, Permanent, Exclusive, CaseInsensitive, OpenIf, OpenLink, KernelHandle, ForceAccessCheck, IgnoreImpersonatedDevicemap, DontReparse</maml:para> </maml:description> <command:parameterValue required="true">AttributeFlags</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.AttributeFlags</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>CaseInsensitive</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ProtectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Inherit</command:parameterValue> <command:parameterValue required="false" variableLength="false">AuditObjectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Permanent</command:parameterValue> <command:parameterValue required="false" variableLength="false">Exclusive</command:parameterValue> <command:parameterValue required="false" variableLength="false">CaseInsensitive</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenIf</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenLink</command:parameterValue> <command:parameterValue required="false" variableLength="false">KernelHandle</command:parameterValue> <command:parameterValue required="false" variableLength="false">ForceAccessCheck</command:parameterValue> <command:parameterValue required="false" variableLength="false">IgnoreImpersonatedDevicemap</command:parameterValue> <command:parameterValue required="false" variableLength="false">DontReparse</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: SecurityDescriptor --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityDescriptor</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object.</maml:para> </maml:description> <command:parameterValue required="true">SecurityDescriptor</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityDescriptor</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Inherit --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Inherit</maml:name> <maml:description> <maml:para>Set to mark the new handle as inheritable. Can be used with ObjectAttributes.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: Sddl --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Sddl</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object in SDDL format.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SecurityQualityOfService --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityQualityOfService</maml:name> <maml:description> <maml:para>Set to provide an explicit security quality of service when opening files/namedpipes.</maml:para> </maml:description> <command:parameterValue required="true">SecurityQualityOfService</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityQualityOfService</maml:name> <maml:uri /> </dev:type> </command:parameter> </command:parameters> <command:inputTypes> <command:inputType> <dev:type> <maml:name>NtApiDotNet.NtObject</maml:name> <maml:uri /> </dev:type> <maml:description> <maml:para>An existing open NT object to use when Path is relative.</maml:para> </maml:description> </command:inputType> </command:inputTypes> <command:returnValues> <!-- OutputType: NtPartition --> <command:returnValue> <dev:type> <maml:name>NtApiDotNet.NtPartition</maml:name> <maml:uri /> </dev:type> </command:returnValue> </command:returnValues> <command:examples> <command:example> <maml:title>---------- EXAMPLE 1 ----------</maml:title> <dev:code>$obj = New-NtPartition \BaseNamedObjects\ABC</dev:code> <dev:remarks> <maml:para>Create a partition object with an absolute path.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 2 ----------</maml:title> <dev:code>$obj = New-NtPartition \BaseNamedObjects\ABC -PreferredNode 2</dev:code> <dev:remarks> <maml:para>Create a partition object with an absolute path and preferred node 2.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 3 ----------</maml:title> <dev:code>$root = Get-NtDirectory \BaseNamedObjects $obj = New-NtPartition ABC -Root $root</dev:code> <dev:remarks> <maml:para>Create a partition object with a relative path.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 4 ----------</maml:title> <dev:code>cd NtObject:\BaseNamedObjects $obj = New-NtPartition ABC</dev:code> <dev:remarks> <maml:para>Create a partition object with a relative path based on the current location.</maml:para> </dev:remarks> </command:example> </command:examples> <maml:relatedLinks> <maml:navigationLink> <maml:linkText>about_ManagingNtObjectLifetime</maml:linkText> </maml:navigationLink> </maml:relatedLinks> </command:command> <!-- Cmdlet: Get-NtProcess --> <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"> <command:details> <command:name>Get-NtProcess</command:name> <command:verb>Get</command:verb> <command:noun>NtProcess</command:noun> <maml:description> <maml:para>Get NT processes.</maml:para> </maml:description> </command:details> <maml:description> <maml:para>This cmdlet gets all accessible processes on the system. You can specify a specific process by setting the -ProcessId or -Current parameters.</maml:para> </maml:description> <command:syntax> <!-- Parameter set: pid --> <command:syntaxItem> <maml:name>Get-NtProcess</maml:name> <!-- Parameter: ProcessId --> <command:parameter required="true" globbing="false" pipelineInput="false" position="0" aliases="pid"> <maml:name>ProcessId</maml:name> <maml:description> <maml:para>Specify a process ID to open.</maml:para> </maml:description> <command:parameterValue required="true">int</command:parameterValue> <dev:type> <maml:name>System.Int32</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>-1</dev:defaultValue> </command:parameter> <!-- Parameter: Access --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Access</maml:name> <maml:description> <maml:para>Specify access rights for each process opened.</maml:para> <maml:para>Possible values: None, Terminate, CreateThread, SetSessionId, VmOperation, VmRead, VmWrite, DupHandle, CreateProcess, SetQuota, SetInformation, QueryInformation, SuspendResume, QueryLimitedInformation, SetLimitedInformation, AllAccess, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">ProcessAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.ProcessAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>MaximumAllowed</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">Terminate</command:parameterValue> <command:parameterValue required="false" variableLength="false">CreateThread</command:parameterValue> <command:parameterValue required="false" variableLength="false">SetSessionId</command:parameterValue> <command:parameterValue required="false" variableLength="false">VmOperation</command:parameterValue> <command:parameterValue required="false" variableLength="false">VmRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">VmWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">DupHandle</command:parameterValue> <command:parameterValue required="false" variableLength="false">CreateProcess</command:parameterValue> <command:parameterValue required="false" variableLength="false">SetQuota</command:parameterValue> <command:parameterValue required="false" variableLength="false">SetInformation</command:parameterValue> <command:parameterValue required="false" variableLength="false">QueryInformation</command:parameterValue> <command:parameterValue required="false" variableLength="false">SuspendResume</command:parameterValue> <command:parameterValue required="false" variableLength="false">QueryLimitedInformation</command:parameterValue> <command:parameterValue required="false" variableLength="false">SetLimitedInformation</command:parameterValue> <command:parameterValue required="false" variableLength="false">AllAccess</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: OpenOwner --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>OpenOwner</maml:name> <maml:description> <maml:para>When opening a specific process choose whether to open its owner process (which is typically a console host) instead.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: OpenParent --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>OpenParent</maml:name> <maml:description> <maml:para>When opening a specific process choose whether to open its parent instead.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> </command:syntaxItem> <!-- Parameter set: pidinfo --> <command:syntaxItem> <maml:name>Get-NtProcess</maml:name> <!-- Parameter: InfoOnly --> <command:parameter required="true" globbing="false" pipelineInput="false" position="named"> <maml:name>InfoOnly</maml:name> <maml:description> <maml:para>Only get process information, do not open the objects.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ProcessId --> <command:parameter required="true" globbing="false" pipelineInput="false" position="named" aliases="pid"> <maml:name>ProcessId</maml:name> <maml:description> <maml:para>Specify a process ID to open.</maml:para> </maml:description> <command:parameterValue required="true">int</command:parameterValue> <dev:type> <maml:name>System.Int32</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>-1</dev:defaultValue> </command:parameter> </command:syntaxItem> <!-- Parameter set: current --> <command:syntaxItem> <maml:name>Get-NtProcess</maml:name> <!-- Parameter: Current --> <command:parameter required="true" globbing="false" pipelineInput="false" position="named"> <maml:name>Current</maml:name> <maml:description> <maml:para>Open current process.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: Access --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Access</maml:name> <maml:description> <maml:para>Specify access rights for each process opened.</maml:para> <maml:para>Possible values: None, Terminate, CreateThread, SetSessionId, VmOperation, VmRead, VmWrite, DupHandle, CreateProcess, SetQuota, SetInformation, QueryInformation, SuspendResume, QueryLimitedInformation, SetLimitedInformation, AllAccess, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">ProcessAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.ProcessAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>MaximumAllowed</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">Terminate</command:parameterValue> <command:parameterValue required="false" variableLength="false">CreateThread</command:parameterValue> <command:parameterValue required="false" variableLength="false">SetSessionId</command:parameterValue> <command:parameterValue required="false" variableLength="false">VmOperation</command:parameterValue> <command:parameterValue required="false" variableLength="false">VmRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">VmWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">DupHandle</command:parameterValue> <command:parameterValue required="false" variableLength="false">CreateProcess</command:parameterValue> <command:parameterValue required="false" variableLength="false">SetQuota</command:parameterValue> <command:parameterValue required="false" variableLength="false">SetInformation</command:parameterValue> <command:parameterValue required="false" variableLength="false">QueryInformation</command:parameterValue> <command:parameterValue required="false" variableLength="false">SuspendResume</command:parameterValue> <command:parameterValue required="false" variableLength="false">QueryLimitedInformation</command:parameterValue> <command:parameterValue required="false" variableLength="false">SetLimitedInformation</command:parameterValue> <command:parameterValue required="false" variableLength="false">AllAccess</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: OpenOwner --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>OpenOwner</maml:name> <maml:description> <maml:para>When opening a specific process choose whether to open its owner process (which is typically a console host) instead.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: OpenParent --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>OpenParent</maml:name> <maml:description> <maml:para>When opening a specific process choose whether to open its parent instead.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> </command:syntaxItem> <!-- Parameter set: all --> <command:syntaxItem> <maml:name>Get-NtProcess</maml:name> <!-- Parameter: Access --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Access</maml:name> <maml:description> <maml:para>Specify access rights for each process opened.</maml:para> <maml:para>Possible values: None, Terminate, CreateThread, SetSessionId, VmOperation, VmRead, VmWrite, DupHandle, CreateProcess, SetQuota, SetInformation, QueryInformation, SuspendResume, QueryLimitedInformation, SetLimitedInformation, AllAccess, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">ProcessAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.ProcessAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>MaximumAllowed</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">Terminate</command:parameterValue> <command:parameterValue required="false" variableLength="false">CreateThread</command:parameterValue> <command:parameterValue required="false" variableLength="false">SetSessionId</command:parameterValue> <command:parameterValue required="false" variableLength="false">VmOperation</command:parameterValue> <command:parameterValue required="false" variableLength="false">VmRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">VmWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">DupHandle</command:parameterValue> <command:parameterValue required="false" variableLength="false">CreateProcess</command:parameterValue> <command:parameterValue required="false" variableLength="false">SetQuota</command:parameterValue> <command:parameterValue required="false" variableLength="false">SetInformation</command:parameterValue> <command:parameterValue required="false" variableLength="false">QueryInformation</command:parameterValue> <command:parameterValue required="false" variableLength="false">SuspendResume</command:parameterValue> <command:parameterValue required="false" variableLength="false">QueryLimitedInformation</command:parameterValue> <command:parameterValue required="false" variableLength="false">SetLimitedInformation</command:parameterValue> <command:parameterValue required="false" variableLength="false">AllAccess</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: CommandLine --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CommandLine</maml:name> <maml:description> <maml:para>Specify sub-string in the command line to filter the list on. If Name is also specified this will just select processes with that name with this sub-string.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: FilterScript --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>FilterScript</maml:name> <maml:description> <maml:para>Specify an arbitrary filter script.</maml:para> </maml:description> <command:parameterValue required="true">ScriptBlock</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.ScriptBlock</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: FromSystem --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>FromSystem</maml:name> <maml:description> <maml:para>When getting all processes only get the system information process list.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: Name --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Name</maml:name> <maml:description> <maml:para>Specify a executable name to filter the list on.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> </command:syntaxItem> <!-- Parameter set: service --> <command:syntaxItem> <maml:name>Get-NtProcess</maml:name> <!-- Parameter: ServiceName --> <command:parameter required="true" globbing="false" pipelineInput="false" position="named"> <maml:name>ServiceName</maml:name> <maml:description> <maml:para>Get the process for the specified service name.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Access --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Access</maml:name> <maml:description> <maml:para>Specify access rights for each process opened.</maml:para> <maml:para>Possible values: None, Terminate, CreateThread, SetSessionId, VmOperation, VmRead, VmWrite, DupHandle, CreateProcess, SetQuota, SetInformation, QueryInformation, SuspendResume, QueryLimitedInformation, SetLimitedInformation, AllAccess, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">ProcessAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.ProcessAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>MaximumAllowed</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">Terminate</command:parameterValue> <command:parameterValue required="false" variableLength="false">CreateThread</command:parameterValue> <command:parameterValue required="false" variableLength="false">SetSessionId</command:parameterValue> <command:parameterValue required="false" variableLength="false">VmOperation</command:parameterValue> <command:parameterValue required="false" variableLength="false">VmRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">VmWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">DupHandle</command:parameterValue> <command:parameterValue required="false" variableLength="false">CreateProcess</command:parameterValue> <command:parameterValue required="false" variableLength="false">SetQuota</command:parameterValue> <command:parameterValue required="false" variableLength="false">SetInformation</command:parameterValue> <command:parameterValue required="false" variableLength="false">QueryInformation</command:parameterValue> <command:parameterValue required="false" variableLength="false">SuspendResume</command:parameterValue> <command:parameterValue required="false" variableLength="false">QueryLimitedInformation</command:parameterValue> <command:parameterValue required="false" variableLength="false">SetLimitedInformation</command:parameterValue> <command:parameterValue required="false" variableLength="false">AllAccess</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> </command:syntaxItem> <!-- Parameter set: infoonly --> <command:syntaxItem> <maml:name>Get-NtProcess</maml:name> <!-- Parameter: InfoOnly --> <command:parameter required="true" globbing="false" pipelineInput="false" position="named"> <maml:name>InfoOnly</maml:name> <maml:description> <maml:para>Only get process information, do not open the objects.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> </command:syntaxItem> </command:syntax> <command:parameters> <!-- Parameter: ProcessId --> <command:parameter required="true" globbing="false" pipelineInput="false" position="0" aliases="pid"> <maml:name>ProcessId</maml:name> <maml:description> <maml:para>Specify a process ID to open.</maml:para> </maml:description> <command:parameterValue required="true">int</command:parameterValue> <dev:type> <maml:name>System.Int32</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>-1</dev:defaultValue> </command:parameter> <command:parameter required="true" globbing="false" pipelineInput="false" position="0" aliases="pid"> <maml:name>pid</maml:name> <maml:description> <maml:para>Specify a process ID to open.</maml:para> <maml:para>This is an alias of the ProcessId parameter.</maml:para> </maml:description> <command:parameterValue required="true">int</command:parameterValue> <dev:type> <maml:name>System.Int32</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>-1</dev:defaultValue> </command:parameter> <!-- Parameter: OpenParent --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>OpenParent</maml:name> <maml:description> <maml:para>When opening a specific process choose whether to open its parent instead.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: OpenOwner --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>OpenOwner</maml:name> <maml:description> <maml:para>When opening a specific process choose whether to open its owner process (which is typically a console host) instead.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: Name --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Name</maml:name> <maml:description> <maml:para>Specify a executable name to filter the list on.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: CommandLine --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CommandLine</maml:name> <maml:description> <maml:para>Specify sub-string in the command line to filter the list on. If Name is also specified this will just select processes with that name with this sub-string.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: ServiceName --> <command:parameter required="true" globbing="false" pipelineInput="false" position="named"> <maml:name>ServiceName</maml:name> <maml:description> <maml:para>Get the process for the specified service name.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: FilterScript --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>FilterScript</maml:name> <maml:description> <maml:para>Specify an arbitrary filter script.</maml:para> </maml:description> <command:parameterValue required="true">ScriptBlock</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.ScriptBlock</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Access --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Access</maml:name> <maml:description> <maml:para>Specify access rights for each process opened.</maml:para> <maml:para>Possible values: None, Terminate, CreateThread, SetSessionId, VmOperation, VmRead, VmWrite, DupHandle, CreateProcess, SetQuota, SetInformation, QueryInformation, SuspendResume, QueryLimitedInformation, SetLimitedInformation, AllAccess, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">ProcessAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.ProcessAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>MaximumAllowed</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">Terminate</command:parameterValue> <command:parameterValue required="false" variableLength="false">CreateThread</command:parameterValue> <command:parameterValue required="false" variableLength="false">SetSessionId</command:parameterValue> <command:parameterValue required="false" variableLength="false">VmOperation</command:parameterValue> <command:parameterValue required="false" variableLength="false">VmRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">VmWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">DupHandle</command:parameterValue> <command:parameterValue required="false" variableLength="false">CreateProcess</command:parameterValue> <command:parameterValue required="false" variableLength="false">SetQuota</command:parameterValue> <command:parameterValue required="false" variableLength="false">SetInformation</command:parameterValue> <command:parameterValue required="false" variableLength="false">QueryInformation</command:parameterValue> <command:parameterValue required="false" variableLength="false">SuspendResume</command:parameterValue> <command:parameterValue required="false" variableLength="false">QueryLimitedInformation</command:parameterValue> <command:parameterValue required="false" variableLength="false">SetLimitedInformation</command:parameterValue> <command:parameterValue required="false" variableLength="false">AllAccess</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Current --> <command:parameter required="true" globbing="false" pipelineInput="false" position="named"> <maml:name>Current</maml:name> <maml:description> <maml:para>Open current process.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: FromSystem --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>FromSystem</maml:name> <maml:description> <maml:para>When getting all processes only get the system information process list.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: InfoOnly --> <command:parameter required="true" globbing="false" pipelineInput="false" position="named"> <maml:name>InfoOnly</maml:name> <maml:description> <maml:para>Only get process information, do not open the objects.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> </command:parameters> <command:inputTypes /> <command:returnValues> <!-- OutputType: NtProcess --> <command:returnValue> <dev:type> <maml:name>NtApiDotNet.NtProcess</maml:name> <maml:uri /> </dev:type> </command:returnValue> </command:returnValues> <command:examples> <command:example> <maml:title>---------- EXAMPLE 1 ----------</maml:title> <dev:code>$ps = Get-NtProcess</dev:code> <dev:remarks> <maml:para>Get all NT processes accessible by the current user.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 2 ----------</maml:title> <dev:code>$p = Get-NtProcess -Current</dev:code> <dev:remarks> <maml:para>Get reference to current process.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 3 ----------</maml:title> <dev:code>$ps = Get-NtProcess -Access DupHandle</dev:code> <dev:remarks> <maml:para>Get all NT processes accessible by the current user for duplicate handle access.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 4 ----------</maml:title> <dev:code>$p = Get-NtProcess 1234</dev:code> <dev:remarks> <maml:para>Get a specific process</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 5 ----------</maml:title> <dev:code>$p = Get-NtProcess 1234 -Access QueryInformation $p.CommandLine</dev:code> <dev:remarks> <maml:para>Get a command line of a specific process.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 6 ----------</maml:title> <dev:code>$p = Get-NtProcess 1234 -Access QueryInformation $p.FullPath</dev:code> <dev:remarks> <maml:para>Get a native image path of a specific process.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 7 ----------</maml:title> <dev:code>$p = Get-NtProcess $pid</dev:code> <dev:remarks> <maml:para>Get the current process by process ID.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 8 ----------</maml:title> <dev:code>$p = Get-NtProcess 1234 -OpenParent</dev:code> <dev:remarks> <maml:para>Get the parent of a specific process.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 9 ----------</maml:title> <dev:code>$ps = Get-NtProcess -Name notepad.exe</dev:code> <dev:remarks> <maml:para>Get all processes with the name notepad.exe.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 10 ----------</maml:title> <dev:code>$ps = Get-NtProcess -CommandLine hello</dev:code> <dev:remarks> <maml:para>Get all processes with where the command line contains the string "hello".</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 11 ----------</maml:title> <dev:code>$ps = Get-NtProcess -Name notepad.exe -CommandLine hello</dev:code> <dev:remarks> <maml:para>Get all processes with the name notepad.exe where the command line contains the string "hello".</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 12 ----------</maml:title> <dev:code>$ps = Get-NtProcess -FilterScript { $_.SessionId -eq 1 }</dev:code> <dev:remarks> <maml:para>Get all processes in session 1.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 13 ----------</maml:title> <dev:code>$ps = Get-NtProcess -FilterScript { $_.Mitigations.DisallowWin32kSystemCalls -eq $true }</dev:code> <dev:remarks> <maml:para>Get all processes with the Disallow Win32k System Calls mitigation policy.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 14 ----------</maml:title> <dev:code>$p = Get-NtProcess -ServiceName WebClient</dev:code> <dev:remarks> <maml:para>Open the process which hosts the WebClient service, if it's running.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 15 ----------</maml:title> <dev:code>Get-NtProcess -InfoOnly</dev:code> <dev:remarks> <maml:para>Get all process information, don't open the process objects.</maml:para> </dev:remarks> </command:example> </command:examples> <maml:relatedLinks> <maml:navigationLink> <maml:linkText>about_ManagingNtObjectLifetime</maml:linkText> </maml:navigationLink> </maml:relatedLinks> </command:command> <!-- Cmdlet: Get-NtResourceManager --> <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"> <command:details> <command:name>Get-NtResourceManager</command:name> <command:verb>Get</command:verb> <command:noun>NtResourceManager</command:noun> <maml:description> <maml:para>Open a NT Resource Manager object or all from a Transaction Manager..</maml:para> </maml:description> </command:details> <maml:description> <maml:para>This cmdlet opens an existing NT Resource Manager object.</maml:para> </maml:description> <command:syntax> <!-- Parameter set: FromId --> <command:syntaxItem> <maml:name>Get-NtResourceManager</maml:name> <!-- Parameter: ResourceManagerGuid --> <command:parameter required="true" globbing="false" pipelineInput="false" position="0" aliases="rmguid"> <maml:name>ResourceManagerGuid</maml:name> <maml:description> <maml:para>Specify the Resource Manager GUID to open.</maml:para> </maml:description> <command:parameterValue required="true">Guid</command:parameterValue> <dev:type> <maml:name>System.Guid</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>00000000-0000-0000-0000-000000000000</dev:defaultValue> </command:parameter> <!-- Parameter: TransactionManager --> <command:parameter required="true" globbing="false" pipelineInput="false" position="1"> <maml:name>TransactionManager</maml:name> <maml:description> <maml:para>Specify the Transaction Manager containing the Resource Manager.</maml:para> </maml:description> <command:parameterValue required="true">NtTransactionManager</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtTransactionManager</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Access --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Access</maml:name> <maml:description> <maml:para>Specify the access rights for a new handle when creating/opening an object.</maml:para> <maml:para>Possible values: QueryInformation, SetInformation, Recover, Enlist, GetNotification, RegisterProtocol, CompletePropagation, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">ResourceManagerAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.ResourceManagerAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>MaximumAllowed</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">QueryInformation</command:parameterValue> <command:parameterValue required="false" variableLength="false">SetInformation</command:parameterValue> <command:parameterValue required="false" variableLength="false">Recover</command:parameterValue> <command:parameterValue required="false" variableLength="false">Enlist</command:parameterValue> <command:parameterValue required="false" variableLength="false">GetNotification</command:parameterValue> <command:parameterValue required="false" variableLength="false">RegisterProtocol</command:parameterValue> <command:parameterValue required="false" variableLength="false">CompletePropagation</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Inherit --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Inherit</maml:name> <maml:description> <maml:para>Set to mark the new handle as inheritable. Can be used with ObjectAttributes.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ObjectAttributes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ObjectAttributes</maml:name> <maml:description> <maml:para>Object Attribute flags used during Open/Create calls.</maml:para> <maml:para>Possible values: None, ProtectClose, Inherit, AuditObjectClose, Permanent, Exclusive, CaseInsensitive, OpenIf, OpenLink, KernelHandle, ForceAccessCheck, IgnoreImpersonatedDevicemap, DontReparse</maml:para> </maml:description> <command:parameterValue required="true">AttributeFlags</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.AttributeFlags</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>CaseInsensitive</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ProtectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Inherit</command:parameterValue> <command:parameterValue required="false" variableLength="false">AuditObjectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Permanent</command:parameterValue> <command:parameterValue required="false" variableLength="false">Exclusive</command:parameterValue> <command:parameterValue required="false" variableLength="false">CaseInsensitive</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenIf</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenLink</command:parameterValue> <command:parameterValue required="false" variableLength="false">KernelHandle</command:parameterValue> <command:parameterValue required="false" variableLength="false">ForceAccessCheck</command:parameterValue> <command:parameterValue required="false" variableLength="false">IgnoreImpersonatedDevicemap</command:parameterValue> <command:parameterValue required="false" variableLength="false">DontReparse</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Sddl --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Sddl</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object in SDDL format.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SecurityDescriptor --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityDescriptor</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object.</maml:para> </maml:description> <command:parameterValue required="true">SecurityDescriptor</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityDescriptor</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SecurityQualityOfService --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityQualityOfService</maml:name> <maml:description> <maml:para>Set to provide an explicit security quality of service when opening files/namedpipes.</maml:para> </maml:description> <command:parameterValue required="true">SecurityQualityOfService</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityQualityOfService</maml:name> <maml:uri /> </dev:type> </command:parameter> </command:syntaxItem> <!-- Parameter set: All --> <command:syntaxItem> <maml:name>Get-NtResourceManager</maml:name> <!-- Parameter: TransactionManager --> <command:parameter required="true" globbing="false" pipelineInput="false" position="0"> <maml:name>TransactionManager</maml:name> <maml:description> <maml:para>Specify the Transaction Manager containing the Resource Manager.</maml:para> </maml:description> <command:parameterValue required="true">NtTransactionManager</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtTransactionManager</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Access --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Access</maml:name> <maml:description> <maml:para>Specify the access rights for a new handle when creating/opening an object.</maml:para> <maml:para>Possible values: QueryInformation, SetInformation, Recover, Enlist, GetNotification, RegisterProtocol, CompletePropagation, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">ResourceManagerAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.ResourceManagerAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>MaximumAllowed</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">QueryInformation</command:parameterValue> <command:parameterValue required="false" variableLength="false">SetInformation</command:parameterValue> <command:parameterValue required="false" variableLength="false">Recover</command:parameterValue> <command:parameterValue required="false" variableLength="false">Enlist</command:parameterValue> <command:parameterValue required="false" variableLength="false">GetNotification</command:parameterValue> <command:parameterValue required="false" variableLength="false">RegisterProtocol</command:parameterValue> <command:parameterValue required="false" variableLength="false">CompletePropagation</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Inherit --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Inherit</maml:name> <maml:description> <maml:para>Set to mark the new handle as inheritable. Can be used with ObjectAttributes.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ObjectAttributes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ObjectAttributes</maml:name> <maml:description> <maml:para>Object Attribute flags used during Open/Create calls.</maml:para> <maml:para>Possible values: None, ProtectClose, Inherit, AuditObjectClose, Permanent, Exclusive, CaseInsensitive, OpenIf, OpenLink, KernelHandle, ForceAccessCheck, IgnoreImpersonatedDevicemap, DontReparse</maml:para> </maml:description> <command:parameterValue required="true">AttributeFlags</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.AttributeFlags</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>CaseInsensitive</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ProtectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Inherit</command:parameterValue> <command:parameterValue required="false" variableLength="false">AuditObjectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Permanent</command:parameterValue> <command:parameterValue required="false" variableLength="false">Exclusive</command:parameterValue> <command:parameterValue required="false" variableLength="false">CaseInsensitive</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenIf</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenLink</command:parameterValue> <command:parameterValue required="false" variableLength="false">KernelHandle</command:parameterValue> <command:parameterValue required="false" variableLength="false">ForceAccessCheck</command:parameterValue> <command:parameterValue required="false" variableLength="false">IgnoreImpersonatedDevicemap</command:parameterValue> <command:parameterValue required="false" variableLength="false">DontReparse</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Sddl --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Sddl</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object in SDDL format.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SecurityDescriptor --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityDescriptor</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object.</maml:para> </maml:description> <command:parameterValue required="true">SecurityDescriptor</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityDescriptor</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SecurityQualityOfService --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityQualityOfService</maml:name> <maml:description> <maml:para>Set to provide an explicit security quality of service when opening files/namedpipes.</maml:para> </maml:description> <command:parameterValue required="true">SecurityQualityOfService</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityQualityOfService</maml:name> <maml:uri /> </dev:type> </command:parameter> </command:syntaxItem> </command:syntax> <command:parameters> <!-- Parameter: ResourceManagerGuid --> <command:parameter required="true" globbing="false" pipelineInput="false" position="0" aliases="rmguid"> <maml:name>ResourceManagerGuid</maml:name> <maml:description> <maml:para>Specify the Resource Manager GUID to open.</maml:para> </maml:description> <command:parameterValue required="true">Guid</command:parameterValue> <dev:type> <maml:name>System.Guid</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>00000000-0000-0000-0000-000000000000</dev:defaultValue> </command:parameter> <command:parameter required="true" globbing="false" pipelineInput="false" position="0" aliases="rmguid"> <maml:name>rmguid</maml:name> <maml:description> <maml:para>Specify the Resource Manager GUID to open.</maml:para> <maml:para>This is an alias of the ResourceManagerGuid parameter.</maml:para> </maml:description> <command:parameterValue required="true">Guid</command:parameterValue> <dev:type> <maml:name>System.Guid</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>00000000-0000-0000-0000-000000000000</dev:defaultValue> </command:parameter> <!-- Parameter: TransactionManager --> <command:parameter required="true" globbing="false" pipelineInput="false" position="1"> <maml:name>TransactionManager</maml:name> <maml:description> <maml:para>Specify the Transaction Manager containing the Resource Manager.</maml:para> </maml:description> <command:parameterValue required="true">NtTransactionManager</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtTransactionManager</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Access --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Access</maml:name> <maml:description> <maml:para>Specify the access rights for a new handle when creating/opening an object.</maml:para> <maml:para>Possible values: QueryInformation, SetInformation, Recover, Enlist, GetNotification, RegisterProtocol, CompletePropagation, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">ResourceManagerAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.ResourceManagerAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>MaximumAllowed</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">QueryInformation</command:parameterValue> <command:parameterValue required="false" variableLength="false">SetInformation</command:parameterValue> <command:parameterValue required="false" variableLength="false">Recover</command:parameterValue> <command:parameterValue required="false" variableLength="false">Enlist</command:parameterValue> <command:parameterValue required="false" variableLength="false">GetNotification</command:parameterValue> <command:parameterValue required="false" variableLength="false">RegisterProtocol</command:parameterValue> <command:parameterValue required="false" variableLength="false">CompletePropagation</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: ObjectAttributes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ObjectAttributes</maml:name> <maml:description> <maml:para>Object Attribute flags used during Open/Create calls.</maml:para> <maml:para>Possible values: None, ProtectClose, Inherit, AuditObjectClose, Permanent, Exclusive, CaseInsensitive, OpenIf, OpenLink, KernelHandle, ForceAccessCheck, IgnoreImpersonatedDevicemap, DontReparse</maml:para> </maml:description> <command:parameterValue required="true">AttributeFlags</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.AttributeFlags</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>CaseInsensitive</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ProtectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Inherit</command:parameterValue> <command:parameterValue required="false" variableLength="false">AuditObjectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Permanent</command:parameterValue> <command:parameterValue required="false" variableLength="false">Exclusive</command:parameterValue> <command:parameterValue required="false" variableLength="false">CaseInsensitive</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenIf</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenLink</command:parameterValue> <command:parameterValue required="false" variableLength="false">KernelHandle</command:parameterValue> <command:parameterValue required="false" variableLength="false">ForceAccessCheck</command:parameterValue> <command:parameterValue required="false" variableLength="false">IgnoreImpersonatedDevicemap</command:parameterValue> <command:parameterValue required="false" variableLength="false">DontReparse</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: SecurityDescriptor --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityDescriptor</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object.</maml:para> </maml:description> <command:parameterValue required="true">SecurityDescriptor</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityDescriptor</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Inherit --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Inherit</maml:name> <maml:description> <maml:para>Set to mark the new handle as inheritable. Can be used with ObjectAttributes.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: Sddl --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Sddl</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object in SDDL format.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SecurityQualityOfService --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityQualityOfService</maml:name> <maml:description> <maml:para>Set to provide an explicit security quality of service when opening files/namedpipes.</maml:para> </maml:description> <command:parameterValue required="true">SecurityQualityOfService</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityQualityOfService</maml:name> <maml:uri /> </dev:type> </command:parameter> </command:parameters> <command:inputTypes /> <command:returnValues> <!-- OutputType: NtResourceManager --> <command:returnValue> <dev:type> <maml:name>NtApiDotNet.NtResourceManager</maml:name> <maml:uri /> </dev:type> </command:returnValue> </command:returnValues> <command:examples> <command:example> <maml:title>---------- EXAMPLE 1 ----------</maml:title> <dev:code>$obj = Get-NtTransaction -TransactionManager $tm</dev:code> <dev:remarks> <maml:para>Get all Resource Manager objects from a Transaction Manager.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 2 ----------</maml:title> <dev:code>$obj = Get-NtTransaction -ResourceManagerGuid '04422e91-63c2-4025-944d-d66fae133274' -TransactionManager $tm</dev:code> <dev:remarks> <maml:para>Get a Resource Manager object from its GUID and Transaction Manager.</maml:para> </dev:remarks> </command:example> </command:examples> <maml:relatedLinks> <maml:navigationLink> <maml:linkText>about_ManagingNtObjectLifetime</maml:linkText> </maml:navigationLink> </maml:relatedLinks> </command:command> <!-- Cmdlet: New-NtResourceManager --> <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"> <command:details> <command:name>New-NtResourceManager</command:name> <command:verb>New</command:verb> <command:noun>NtResourceManager</command:noun> <maml:description> <maml:para>Creates a new NT Resource Manager object.</maml:para> </maml:description> </command:details> <maml:description> <maml:para>This cmdlet creates a new NT Resource Manager object.</maml:para> </maml:description> <command:syntax> <!-- Parameter set: __AllParameterSets --> <command:syntaxItem> <maml:name>New-NtResourceManager</maml:name> <!-- Parameter: TransactionManager --> <command:parameter required="true" globbing="false" pipelineInput="false" position="0"> <maml:name>TransactionManager</maml:name> <maml:description> <maml:para>Specify the Transaction Manager to contain the Resource Manager.</maml:para> </maml:description> <command:parameterValue required="true">NtTransactionManager</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtTransactionManager</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Path --> <command:parameter required="false" globbing="false" pipelineInput="false" position="0"> <maml:name>Path</maml:name> <maml:description> <maml:para>The NT object manager path to the object to use.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Access --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Access</maml:name> <maml:description> <maml:para>Specify the access rights for a new handle when creating/opening an object.</maml:para> <maml:para>Possible values: QueryInformation, SetInformation, Recover, Enlist, GetNotification, RegisterProtocol, CompletePropagation, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">ResourceManagerAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.ResourceManagerAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>MaximumAllowed</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">QueryInformation</command:parameterValue> <command:parameterValue required="false" variableLength="false">SetInformation</command:parameterValue> <command:parameterValue required="false" variableLength="false">Recover</command:parameterValue> <command:parameterValue required="false" variableLength="false">Enlist</command:parameterValue> <command:parameterValue required="false" variableLength="false">GetNotification</command:parameterValue> <command:parameterValue required="false" variableLength="false">RegisterProtocol</command:parameterValue> <command:parameterValue required="false" variableLength="false">CompletePropagation</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: CloseRoot --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CloseRoot</maml:name> <maml:description> <maml:para>Automatically close the Root object when this cmdlet finishes processing. Useful for pipelines.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: CreateDirectories --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CreateDirectories</maml:name> <maml:description> <maml:para>Create any necessary NtDirectory objects to create the required object. Will return the created directories as well as the object in the output. The new object will be the first entry in the list. This doesn't work when opening an object or creating keys/files.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: CreateFlags --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CreateFlags</maml:name> <maml:description> <maml:para>Specify flags for resource manager creation.</maml:para> <maml:para>Possible values: None, Volatile, Communication</maml:para> </maml:description> <command:parameterValue required="true">ResourceManagerCreateOptions</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.ResourceManagerCreateOptions</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">Volatile</command:parameterValue> <command:parameterValue required="false" variableLength="false">Communication</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Description --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Description</maml:name> <maml:description> <maml:para>Specify an optional description.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Inherit --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Inherit</maml:name> <maml:description> <maml:para>Set to mark the new handle as inheritable. Can be used with ObjectAttributes.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ObjectAttributes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ObjectAttributes</maml:name> <maml:description> <maml:para>Object Attribute flags used during Open/Create calls.</maml:para> <maml:para>Possible values: None, ProtectClose, Inherit, AuditObjectClose, Permanent, Exclusive, CaseInsensitive, OpenIf, OpenLink, KernelHandle, ForceAccessCheck, IgnoreImpersonatedDevicemap, DontReparse</maml:para> </maml:description> <command:parameterValue required="true">AttributeFlags</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.AttributeFlags</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>CaseInsensitive</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ProtectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Inherit</command:parameterValue> <command:parameterValue required="false" variableLength="false">AuditObjectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Permanent</command:parameterValue> <command:parameterValue required="false" variableLength="false">Exclusive</command:parameterValue> <command:parameterValue required="false" variableLength="false">CaseInsensitive</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenIf</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenLink</command:parameterValue> <command:parameterValue required="false" variableLength="false">KernelHandle</command:parameterValue> <command:parameterValue required="false" variableLength="false">ForceAccessCheck</command:parameterValue> <command:parameterValue required="false" variableLength="false">IgnoreImpersonatedDevicemap</command:parameterValue> <command:parameterValue required="false" variableLength="false">DontReparse</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: ResourceManagerGuid --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named" aliases="rmguid"> <maml:name>ResourceManagerGuid</maml:name> <maml:description> <maml:para>Specify the Resource Manager GUID to create.</maml:para> </maml:description> <command:parameterValue required="true">Guid</command:parameterValue> <dev:type> <maml:name>System.Guid</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>0a5b0d42-acda-4f12-a3e2-11111c660fd8</dev:defaultValue> </command:parameter> <!-- Parameter: Root --> <command:parameter required="false" globbing="false" pipelineInput="true (ByValue)" position="named"> <maml:name>Root</maml:name> <maml:description> <maml:para>An existing open NT object to use when Path is relative.</maml:para> </maml:description> <command:parameterValue required="true">NtObject</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtObject</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Sddl --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Sddl</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object in SDDL format.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SecurityDescriptor --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityDescriptor</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object.</maml:para> </maml:description> <command:parameterValue required="true">SecurityDescriptor</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityDescriptor</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SecurityQualityOfService --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityQualityOfService</maml:name> <maml:description> <maml:para>Set to provide an explicit security quality of service when opening files/namedpipes.</maml:para> </maml:description> <command:parameterValue required="true">SecurityQualityOfService</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityQualityOfService</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Win32Path --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Win32Path</maml:name> <maml:description> <maml:para>Use a Win32 path for lookups. For NT objects this means relative to BNO, for files means a DOS style path.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> </command:syntaxItem> </command:syntax> <command:parameters> <!-- Parameter: ResourceManagerGuid --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named" aliases="rmguid"> <maml:name>ResourceManagerGuid</maml:name> <maml:description> <maml:para>Specify the Resource Manager GUID to create.</maml:para> </maml:description> <command:parameterValue required="true">Guid</command:parameterValue> <dev:type> <maml:name>System.Guid</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>0d838e22-890c-46bb-be5d-435f04bd4f07</dev:defaultValue> </command:parameter> <command:parameter required="false" globbing="false" pipelineInput="false" position="named" aliases="rmguid"> <maml:name>rmguid</maml:name> <maml:description> <maml:para>Specify the Resource Manager GUID to create.</maml:para> <maml:para>This is an alias of the ResourceManagerGuid parameter.</maml:para> </maml:description> <command:parameterValue required="true">Guid</command:parameterValue> <dev:type> <maml:name>System.Guid</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>499c0e1f-ec75-4f4e-a192-6f7d4038e64e</dev:defaultValue> </command:parameter> <!-- Parameter: TransactionManager --> <command:parameter required="true" globbing="false" pipelineInput="false" position="0"> <maml:name>TransactionManager</maml:name> <maml:description> <maml:para>Specify the Transaction Manager to contain the Resource Manager.</maml:para> </maml:description> <command:parameterValue required="true">NtTransactionManager</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtTransactionManager</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: CreateFlags --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CreateFlags</maml:name> <maml:description> <maml:para>Specify flags for resource manager creation.</maml:para> <maml:para>Possible values: None, Volatile, Communication</maml:para> </maml:description> <command:parameterValue required="true">ResourceManagerCreateOptions</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.ResourceManagerCreateOptions</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">Volatile</command:parameterValue> <command:parameterValue required="false" variableLength="false">Communication</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Description --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Description</maml:name> <maml:description> <maml:para>Specify an optional description.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Access --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Access</maml:name> <maml:description> <maml:para>Specify the access rights for a new handle when creating/opening an object.</maml:para> <maml:para>Possible values: QueryInformation, SetInformation, Recover, Enlist, GetNotification, RegisterProtocol, CompletePropagation, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">ResourceManagerAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.ResourceManagerAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>MaximumAllowed</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">QueryInformation</command:parameterValue> <command:parameterValue required="false" variableLength="false">SetInformation</command:parameterValue> <command:parameterValue required="false" variableLength="false">Recover</command:parameterValue> <command:parameterValue required="false" variableLength="false">Enlist</command:parameterValue> <command:parameterValue required="false" variableLength="false">GetNotification</command:parameterValue> <command:parameterValue required="false" variableLength="false">RegisterProtocol</command:parameterValue> <command:parameterValue required="false" variableLength="false">CompletePropagation</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Path --> <command:parameter required="false" globbing="false" pipelineInput="false" position="0"> <maml:name>Path</maml:name> <maml:description> <maml:para>The NT object manager path to the object to use.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Root --> <command:parameter required="false" globbing="false" pipelineInput="true (ByValue)" position="named"> <maml:name>Root</maml:name> <maml:description> <maml:para>An existing open NT object to use when Path is relative.</maml:para> </maml:description> <command:parameterValue required="true">NtObject</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtObject</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Win32Path --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Win32Path</maml:name> <maml:description> <maml:para>Use a Win32 path for lookups. For NT objects this means relative to BNO, for files means a DOS style path.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: CloseRoot --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CloseRoot</maml:name> <maml:description> <maml:para>Automatically close the Root object when this cmdlet finishes processing. Useful for pipelines.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: CreateDirectories --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CreateDirectories</maml:name> <maml:description> <maml:para>Create any necessary NtDirectory objects to create the required object. Will return the created directories as well as the object in the output. The new object will be the first entry in the list. This doesn't work when opening an object or creating keys/files.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ObjectAttributes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ObjectAttributes</maml:name> <maml:description> <maml:para>Object Attribute flags used during Open/Create calls.</maml:para> <maml:para>Possible values: None, ProtectClose, Inherit, AuditObjectClose, Permanent, Exclusive, CaseInsensitive, OpenIf, OpenLink, KernelHandle, ForceAccessCheck, IgnoreImpersonatedDevicemap, DontReparse</maml:para> </maml:description> <command:parameterValue required="true">AttributeFlags</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.AttributeFlags</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>CaseInsensitive</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ProtectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Inherit</command:parameterValue> <command:parameterValue required="false" variableLength="false">AuditObjectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Permanent</command:parameterValue> <command:parameterValue required="false" variableLength="false">Exclusive</command:parameterValue> <command:parameterValue required="false" variableLength="false">CaseInsensitive</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenIf</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenLink</command:parameterValue> <command:parameterValue required="false" variableLength="false">KernelHandle</command:parameterValue> <command:parameterValue required="false" variableLength="false">ForceAccessCheck</command:parameterValue> <command:parameterValue required="false" variableLength="false">IgnoreImpersonatedDevicemap</command:parameterValue> <command:parameterValue required="false" variableLength="false">DontReparse</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: SecurityDescriptor --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityDescriptor</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object.</maml:para> </maml:description> <command:parameterValue required="true">SecurityDescriptor</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityDescriptor</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Inherit --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Inherit</maml:name> <maml:description> <maml:para>Set to mark the new handle as inheritable. Can be used with ObjectAttributes.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: Sddl --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Sddl</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object in SDDL format.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SecurityQualityOfService --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityQualityOfService</maml:name> <maml:description> <maml:para>Set to provide an explicit security quality of service when opening files/namedpipes.</maml:para> </maml:description> <command:parameterValue required="true">SecurityQualityOfService</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityQualityOfService</maml:name> <maml:uri /> </dev:type> </command:parameter> </command:parameters> <command:inputTypes> <command:inputType> <dev:type> <maml:name>NtApiDotNet.NtObject</maml:name> <maml:uri /> </dev:type> <maml:description> <maml:para>An existing open NT object to use when Path is relative.</maml:para> </maml:description> </command:inputType> </command:inputTypes> <command:returnValues> <!-- OutputType: NtResourceManager --> <command:returnValue> <dev:type> <maml:name>NtApiDotNet.NtResourceManager</maml:name> <maml:uri /> </dev:type> </command:returnValue> </command:returnValues> <command:examples> <command:example> <maml:title>---------- EXAMPLE 1 ----------</maml:title> <dev:code>$obj = New-NtResourceManager -TransactionManager $tm </dev:code> <dev:remarks> <maml:para>Create a Resource Manager object with an auto-generated GUID.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 2 ----------</maml:title> <dev:code>$obj = New-NtResourceManager -ResourceManagerGuid '04422e91-63c2-4025-944d-d66fae133274' -TransactionManager $tm </dev:code> <dev:remarks> <maml:para>Create a Resource Manager object with a specified GUID.</maml:para> </dev:remarks> </command:example> </command:examples> <maml:relatedLinks> <maml:navigationLink> <maml:linkText>about_ManagingNtObjectLifetime</maml:linkText> </maml:navigationLink> </maml:relatedLinks> </command:command> <!-- Cmdlet: Get-NtSection --> <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"> <command:details> <command:name>Get-NtSection</command:name> <command:verb>Get</command:verb> <command:noun>NtSection</command:noun> <maml:description> <maml:para>Open a NT section object by path.</maml:para> </maml:description> </command:details> <maml:description> <maml:para>This cmdlet opens an existing NT section object. The absolute path to the object in the NT object manager name space must be specified. It's also possible to create the object relative to an existing object by specified the -Root parameter.</maml:para> </maml:description> <command:syntax> <!-- Parameter set: __AllParameterSets --> <command:syntaxItem> <maml:name>Get-NtSection</maml:name> <!-- Parameter: Path --> <command:parameter required="true" globbing="false" pipelineInput="false" position="0"> <maml:name>Path</maml:name> <maml:description> <maml:para>The NT object manager path to the object to use.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Access --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Access</maml:name> <maml:description> <maml:para>Specify the access rights for a new handle when creating/opening an object.</maml:para> <maml:para>Possible values: Query, MapWrite, MapRead, MapExecute, ExtendSize, MapExecuteExplicit, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">SectionAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SectionAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>MaximumAllowed</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">Query</command:parameterValue> <command:parameterValue required="false" variableLength="false">MapWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">MapRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">MapExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">ExtendSize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MapExecuteExplicit</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: CloseRoot --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CloseRoot</maml:name> <maml:description> <maml:para>Automatically close the Root object when this cmdlet finishes processing. Useful for pipelines.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: CreateDirectories --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CreateDirectories</maml:name> <maml:description> <maml:para>Create any necessary NtDirectory objects to create the required object. Will return the created directories as well as the object in the output. The new object will be the first entry in the list. This doesn't work when opening an object or creating keys/files.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: Inherit --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Inherit</maml:name> <maml:description> <maml:para>Set to mark the new handle as inheritable. Can be used with ObjectAttributes.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ObjectAttributes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ObjectAttributes</maml:name> <maml:description> <maml:para>Object Attribute flags used during Open/Create calls.</maml:para> <maml:para>Possible values: None, ProtectClose, Inherit, AuditObjectClose, Permanent, Exclusive, CaseInsensitive, OpenIf, OpenLink, KernelHandle, ForceAccessCheck, IgnoreImpersonatedDevicemap, DontReparse</maml:para> </maml:description> <command:parameterValue required="true">AttributeFlags</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.AttributeFlags</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>CaseInsensitive</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ProtectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Inherit</command:parameterValue> <command:parameterValue required="false" variableLength="false">AuditObjectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Permanent</command:parameterValue> <command:parameterValue required="false" variableLength="false">Exclusive</command:parameterValue> <command:parameterValue required="false" variableLength="false">CaseInsensitive</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenIf</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenLink</command:parameterValue> <command:parameterValue required="false" variableLength="false">KernelHandle</command:parameterValue> <command:parameterValue required="false" variableLength="false">ForceAccessCheck</command:parameterValue> <command:parameterValue required="false" variableLength="false">IgnoreImpersonatedDevicemap</command:parameterValue> <command:parameterValue required="false" variableLength="false">DontReparse</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Root --> <command:parameter required="false" globbing="false" pipelineInput="true (ByValue)" position="named"> <maml:name>Root</maml:name> <maml:description> <maml:para>An existing open NT object to use when Path is relative.</maml:para> </maml:description> <command:parameterValue required="true">NtObject</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtObject</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Sddl --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Sddl</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object in SDDL format.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SecurityDescriptor --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityDescriptor</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object.</maml:para> </maml:description> <command:parameterValue required="true">SecurityDescriptor</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityDescriptor</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SecurityQualityOfService --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityQualityOfService</maml:name> <maml:description> <maml:para>Set to provide an explicit security quality of service when opening files/namedpipes.</maml:para> </maml:description> <command:parameterValue required="true">SecurityQualityOfService</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityQualityOfService</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Win32Path --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Win32Path</maml:name> <maml:description> <maml:para>Use a Win32 path for lookups. For NT objects this means relative to BNO, for files means a DOS style path.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> </command:syntaxItem> </command:syntax> <command:parameters> <!-- Parameter: Path --> <command:parameter required="true" globbing="false" pipelineInput="false" position="0"> <maml:name>Path</maml:name> <maml:description> <maml:para>The NT object manager path to the object to use.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Access --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Access</maml:name> <maml:description> <maml:para>Specify the access rights for a new handle when creating/opening an object.</maml:para> <maml:para>Possible values: Query, MapWrite, MapRead, MapExecute, ExtendSize, MapExecuteExplicit, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">SectionAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SectionAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>MaximumAllowed</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">Query</command:parameterValue> <command:parameterValue required="false" variableLength="false">MapWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">MapRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">MapExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">ExtendSize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MapExecuteExplicit</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Root --> <command:parameter required="false" globbing="false" pipelineInput="true (ByValue)" position="named"> <maml:name>Root</maml:name> <maml:description> <maml:para>An existing open NT object to use when Path is relative.</maml:para> </maml:description> <command:parameterValue required="true">NtObject</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtObject</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Win32Path --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Win32Path</maml:name> <maml:description> <maml:para>Use a Win32 path for lookups. For NT objects this means relative to BNO, for files means a DOS style path.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: CloseRoot --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CloseRoot</maml:name> <maml:description> <maml:para>Automatically close the Root object when this cmdlet finishes processing. Useful for pipelines.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: CreateDirectories --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CreateDirectories</maml:name> <maml:description> <maml:para>Create any necessary NtDirectory objects to create the required object. Will return the created directories as well as the object in the output. The new object will be the first entry in the list. This doesn't work when opening an object or creating keys/files.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ObjectAttributes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ObjectAttributes</maml:name> <maml:description> <maml:para>Object Attribute flags used during Open/Create calls.</maml:para> <maml:para>Possible values: None, ProtectClose, Inherit, AuditObjectClose, Permanent, Exclusive, CaseInsensitive, OpenIf, OpenLink, KernelHandle, ForceAccessCheck, IgnoreImpersonatedDevicemap, DontReparse</maml:para> </maml:description> <command:parameterValue required="true">AttributeFlags</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.AttributeFlags</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>CaseInsensitive</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ProtectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Inherit</command:parameterValue> <command:parameterValue required="false" variableLength="false">AuditObjectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Permanent</command:parameterValue> <command:parameterValue required="false" variableLength="false">Exclusive</command:parameterValue> <command:parameterValue required="false" variableLength="false">CaseInsensitive</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenIf</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenLink</command:parameterValue> <command:parameterValue required="false" variableLength="false">KernelHandle</command:parameterValue> <command:parameterValue required="false" variableLength="false">ForceAccessCheck</command:parameterValue> <command:parameterValue required="false" variableLength="false">IgnoreImpersonatedDevicemap</command:parameterValue> <command:parameterValue required="false" variableLength="false">DontReparse</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: SecurityDescriptor --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityDescriptor</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object.</maml:para> </maml:description> <command:parameterValue required="true">SecurityDescriptor</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityDescriptor</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Inherit --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Inherit</maml:name> <maml:description> <maml:para>Set to mark the new handle as inheritable. Can be used with ObjectAttributes.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: Sddl --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Sddl</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object in SDDL format.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SecurityQualityOfService --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityQualityOfService</maml:name> <maml:description> <maml:para>Set to provide an explicit security quality of service when opening files/namedpipes.</maml:para> </maml:description> <command:parameterValue required="true">SecurityQualityOfService</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityQualityOfService</maml:name> <maml:uri /> </dev:type> </command:parameter> </command:parameters> <command:inputTypes> <command:inputType> <dev:type> <maml:name>NtApiDotNet.NtObject</maml:name> <maml:uri /> </dev:type> <maml:description> <maml:para>An existing open NT object to use when Path is relative.</maml:para> </maml:description> </command:inputType> </command:inputTypes> <command:returnValues> <!-- OutputType: NtSection --> <command:returnValue> <dev:type> <maml:name>NtApiDotNet.NtSection</maml:name> <maml:uri /> </dev:type> </command:returnValue> </command:returnValues> <command:examples> <command:example> <maml:title>---------- EXAMPLE 1 ----------</maml:title> <dev:code>$obj = Get-NtSection \BaseNamedObjects\ABC</dev:code> <dev:remarks> <maml:para>Get a section object with an absolute path.</maml:para> </dev:remarks> </command:example> </command:examples> <maml:relatedLinks> <maml:navigationLink> <maml:linkText>about_ManagingNtObjectLifetime</maml:linkText> </maml:navigationLink> </maml:relatedLinks> </command:command> <!-- Cmdlet: New-NtSection --> <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"> <command:details> <command:name>New-NtSection</command:name> <command:verb>New</command:verb> <command:noun>NtSection</command:noun> <maml:description> <maml:para>Create a new NT section object.</maml:para> </maml:description> </command:details> <maml:description> <maml:para>This cmdlet creates a new NT section object. The absolute path to the object in the NT object manager name space can be specified. It's also possible to create the object relative to an existing object by specified the -Root parameter. If no path is specified than an unnamed object will be created which can only be duplicated by handle.</maml:para> </maml:description> <command:syntax> <!-- Parameter set: __AllParameterSets --> <command:syntaxItem> <maml:name>New-NtSection</maml:name> <!-- Parameter: Path --> <command:parameter required="false" globbing="false" pipelineInput="false" position="0"> <maml:name>Path</maml:name> <maml:description> <maml:para>The NT object manager path to the object to use.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Access --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Access</maml:name> <maml:description> <maml:para>Specify the access rights for a new handle when creating/opening an object.</maml:para> <maml:para>Possible values: Query, MapWrite, MapRead, MapExecute, ExtendSize, MapExecuteExplicit, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">SectionAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SectionAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>MaximumAllowed</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">Query</command:parameterValue> <command:parameterValue required="false" variableLength="false">MapWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">MapRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">MapExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">ExtendSize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MapExecuteExplicit</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: CloseRoot --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CloseRoot</maml:name> <maml:description> <maml:para>Automatically close the Root object when this cmdlet finishes processing. Useful for pipelines.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: CreateDirectories --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CreateDirectories</maml:name> <maml:description> <maml:para>Create any necessary NtDirectory objects to create the required object. Will return the created directories as well as the object in the output. The new object will be the first entry in the list. This doesn't work when opening an object or creating keys/files.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: File --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>File</maml:name> <maml:description> <maml:para>An existing file to use as backing for the section.</maml:para> </maml:description> <command:parameterValue required="true">NtFile</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtFile</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Inherit --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Inherit</maml:name> <maml:description> <maml:para>Set to mark the new handle as inheritable. Can be used with ObjectAttributes.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ObjectAttributes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ObjectAttributes</maml:name> <maml:description> <maml:para>Object Attribute flags used during Open/Create calls.</maml:para> <maml:para>Possible values: None, ProtectClose, Inherit, AuditObjectClose, Permanent, Exclusive, CaseInsensitive, OpenIf, OpenLink, KernelHandle, ForceAccessCheck, IgnoreImpersonatedDevicemap, DontReparse</maml:para> </maml:description> <command:parameterValue required="true">AttributeFlags</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.AttributeFlags</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>CaseInsensitive</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ProtectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Inherit</command:parameterValue> <command:parameterValue required="false" variableLength="false">AuditObjectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Permanent</command:parameterValue> <command:parameterValue required="false" variableLength="false">Exclusive</command:parameterValue> <command:parameterValue required="false" variableLength="false">CaseInsensitive</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenIf</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenLink</command:parameterValue> <command:parameterValue required="false" variableLength="false">KernelHandle</command:parameterValue> <command:parameterValue required="false" variableLength="false">ForceAccessCheck</command:parameterValue> <command:parameterValue required="false" variableLength="false">IgnoreImpersonatedDevicemap</command:parameterValue> <command:parameterValue required="false" variableLength="false">DontReparse</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Protection --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Protection</maml:name> <maml:description> <maml:para>Memory allocation protection flags.</maml:para> <maml:para>Possible values: None, NoAccess, ReadOnly, ReadWrite, WriteCopy, Execute, ExecuteRead, ExecuteReadWrite, ExecuteWriteCopy, Guard, NoCache, WriteCombine</maml:para> </maml:description> <command:parameterValue required="true">MemoryAllocationProtect</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.MemoryAllocationProtect</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>ReadWrite</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">NoAccess</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadOnly</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteCopy</command:parameterValue> <command:parameterValue required="false" variableLength="false">Execute</command:parameterValue> <command:parameterValue required="false" variableLength="false">ExecuteRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">ExecuteReadWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">ExecuteWriteCopy</command:parameterValue> <command:parameterValue required="false" variableLength="false">Guard</command:parameterValue> <command:parameterValue required="false" variableLength="false">NoCache</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteCombine</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Root --> <command:parameter required="false" globbing="false" pipelineInput="true (ByValue)" position="named"> <maml:name>Root</maml:name> <maml:description> <maml:para>An existing open NT object to use when Path is relative.</maml:para> </maml:description> <command:parameterValue required="true">NtObject</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtObject</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Sddl --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Sddl</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object in SDDL format.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SectionAttributes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SectionAttributes</maml:name> <maml:description> <maml:para>Section attribute flags.</maml:para> <maml:para>Possible values: None, PartitionOwnerHandle, Pages64k, Unknown100000, Based, NoChange, File, Image, ProtectedImage, Reserve, Commit, NoCache, WriteCombine, LargePages, ImageNoExecute</maml:para> </maml:description> <command:parameterValue required="true">SectionAttributes</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SectionAttributes</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>Commit</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">PartitionOwnerHandle</command:parameterValue> <command:parameterValue required="false" variableLength="false">Pages64k</command:parameterValue> <command:parameterValue required="false" variableLength="false">Unknown100000</command:parameterValue> <command:parameterValue required="false" variableLength="false">Based</command:parameterValue> <command:parameterValue required="false" variableLength="false">NoChange</command:parameterValue> <command:parameterValue required="false" variableLength="false">File</command:parameterValue> <command:parameterValue required="false" variableLength="false">Image</command:parameterValue> <command:parameterValue required="false" variableLength="false">ProtectedImage</command:parameterValue> <command:parameterValue required="false" variableLength="false">Reserve</command:parameterValue> <command:parameterValue required="false" variableLength="false">Commit</command:parameterValue> <command:parameterValue required="false" variableLength="false">NoCache</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteCombine</command:parameterValue> <command:parameterValue required="false" variableLength="false">LargePages</command:parameterValue> <command:parameterValue required="false" variableLength="false">ImageNoExecute</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: SecurityDescriptor --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityDescriptor</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object.</maml:para> </maml:description> <command:parameterValue required="true">SecurityDescriptor</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityDescriptor</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SecurityQualityOfService --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityQualityOfService</maml:name> <maml:description> <maml:para>Set to provide an explicit security quality of service when opening files/namedpipes.</maml:para> </maml:description> <command:parameterValue required="true">SecurityQualityOfService</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityQualityOfService</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Size --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Size</maml:name> <maml:description> <maml:para>An optional size for the section.</maml:para> </maml:description> <command:parameterValue required="true">LargeInteger</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.LargeInteger</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Win32Path --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Win32Path</maml:name> <maml:description> <maml:para>Use a Win32 path for lookups. For NT objects this means relative to BNO, for files means a DOS style path.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> </command:syntaxItem> </command:syntax> <command:parameters> <!-- Parameter: File --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>File</maml:name> <maml:description> <maml:para>An existing file to use as backing for the section.</maml:para> </maml:description> <command:parameterValue required="true">NtFile</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtFile</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Size --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Size</maml:name> <maml:description> <maml:para>An optional size for the section.</maml:para> </maml:description> <command:parameterValue required="true">LargeInteger</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.LargeInteger</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Protection --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Protection</maml:name> <maml:description> <maml:para>Memory allocation protection flags.</maml:para> <maml:para>Possible values: None, NoAccess, ReadOnly, ReadWrite, WriteCopy, Execute, ExecuteRead, ExecuteReadWrite, ExecuteWriteCopy, Guard, NoCache, WriteCombine</maml:para> </maml:description> <command:parameterValue required="true">MemoryAllocationProtect</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.MemoryAllocationProtect</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>ReadWrite</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">NoAccess</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadOnly</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteCopy</command:parameterValue> <command:parameterValue required="false" variableLength="false">Execute</command:parameterValue> <command:parameterValue required="false" variableLength="false">ExecuteRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">ExecuteReadWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">ExecuteWriteCopy</command:parameterValue> <command:parameterValue required="false" variableLength="false">Guard</command:parameterValue> <command:parameterValue required="false" variableLength="false">NoCache</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteCombine</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: SectionAttributes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SectionAttributes</maml:name> <maml:description> <maml:para>Section attribute flags.</maml:para> <maml:para>Possible values: None, PartitionOwnerHandle, Pages64k, Unknown100000, Based, NoChange, File, Image, ProtectedImage, Reserve, Commit, NoCache, WriteCombine, LargePages, ImageNoExecute</maml:para> </maml:description> <command:parameterValue required="true">SectionAttributes</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SectionAttributes</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>Commit</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">PartitionOwnerHandle</command:parameterValue> <command:parameterValue required="false" variableLength="false">Pages64k</command:parameterValue> <command:parameterValue required="false" variableLength="false">Unknown100000</command:parameterValue> <command:parameterValue required="false" variableLength="false">Based</command:parameterValue> <command:parameterValue required="false" variableLength="false">NoChange</command:parameterValue> <command:parameterValue required="false" variableLength="false">File</command:parameterValue> <command:parameterValue required="false" variableLength="false">Image</command:parameterValue> <command:parameterValue required="false" variableLength="false">ProtectedImage</command:parameterValue> <command:parameterValue required="false" variableLength="false">Reserve</command:parameterValue> <command:parameterValue required="false" variableLength="false">Commit</command:parameterValue> <command:parameterValue required="false" variableLength="false">NoCache</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteCombine</command:parameterValue> <command:parameterValue required="false" variableLength="false">LargePages</command:parameterValue> <command:parameterValue required="false" variableLength="false">ImageNoExecute</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Access --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Access</maml:name> <maml:description> <maml:para>Specify the access rights for a new handle when creating/opening an object.</maml:para> <maml:para>Possible values: Query, MapWrite, MapRead, MapExecute, ExtendSize, MapExecuteExplicit, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">SectionAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SectionAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>MaximumAllowed</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">Query</command:parameterValue> <command:parameterValue required="false" variableLength="false">MapWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">MapRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">MapExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">ExtendSize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MapExecuteExplicit</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Path --> <command:parameter required="false" globbing="false" pipelineInput="false" position="0"> <maml:name>Path</maml:name> <maml:description> <maml:para>The NT object manager path to the object to use.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Root --> <command:parameter required="false" globbing="false" pipelineInput="true (ByValue)" position="named"> <maml:name>Root</maml:name> <maml:description> <maml:para>An existing open NT object to use when Path is relative.</maml:para> </maml:description> <command:parameterValue required="true">NtObject</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtObject</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Win32Path --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Win32Path</maml:name> <maml:description> <maml:para>Use a Win32 path for lookups. For NT objects this means relative to BNO, for files means a DOS style path.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: CloseRoot --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CloseRoot</maml:name> <maml:description> <maml:para>Automatically close the Root object when this cmdlet finishes processing. Useful for pipelines.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: CreateDirectories --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CreateDirectories</maml:name> <maml:description> <maml:para>Create any necessary NtDirectory objects to create the required object. Will return the created directories as well as the object in the output. The new object will be the first entry in the list. This doesn't work when opening an object or creating keys/files.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ObjectAttributes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ObjectAttributes</maml:name> <maml:description> <maml:para>Object Attribute flags used during Open/Create calls.</maml:para> <maml:para>Possible values: None, ProtectClose, Inherit, AuditObjectClose, Permanent, Exclusive, CaseInsensitive, OpenIf, OpenLink, KernelHandle, ForceAccessCheck, IgnoreImpersonatedDevicemap, DontReparse</maml:para> </maml:description> <command:parameterValue required="true">AttributeFlags</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.AttributeFlags</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>CaseInsensitive</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ProtectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Inherit</command:parameterValue> <command:parameterValue required="false" variableLength="false">AuditObjectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Permanent</command:parameterValue> <command:parameterValue required="false" variableLength="false">Exclusive</command:parameterValue> <command:parameterValue required="false" variableLength="false">CaseInsensitive</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenIf</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenLink</command:parameterValue> <command:parameterValue required="false" variableLength="false">KernelHandle</command:parameterValue> <command:parameterValue required="false" variableLength="false">ForceAccessCheck</command:parameterValue> <command:parameterValue required="false" variableLength="false">IgnoreImpersonatedDevicemap</command:parameterValue> <command:parameterValue required="false" variableLength="false">DontReparse</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: SecurityDescriptor --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityDescriptor</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object.</maml:para> </maml:description> <command:parameterValue required="true">SecurityDescriptor</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityDescriptor</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Inherit --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Inherit</maml:name> <maml:description> <maml:para>Set to mark the new handle as inheritable. Can be used with ObjectAttributes.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: Sddl --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Sddl</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object in SDDL format.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SecurityQualityOfService --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityQualityOfService</maml:name> <maml:description> <maml:para>Set to provide an explicit security quality of service when opening files/namedpipes.</maml:para> </maml:description> <command:parameterValue required="true">SecurityQualityOfService</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityQualityOfService</maml:name> <maml:uri /> </dev:type> </command:parameter> </command:parameters> <command:inputTypes> <command:inputType> <dev:type> <maml:name>NtApiDotNet.NtObject</maml:name> <maml:uri /> </dev:type> <maml:description> <maml:para>An existing open NT object to use when Path is relative.</maml:para> </maml:description> </command:inputType> </command:inputTypes> <command:returnValues> <!-- OutputType: NtSection --> <command:returnValue> <dev:type> <maml:name>NtApiDotNet.NtSection</maml:name> <maml:uri /> </dev:type> </command:returnValue> </command:returnValues> <command:examples> <command:example> <maml:title>---------- EXAMPLE 1 ----------</maml:title> <dev:code>$obj = New-NtSection -Size 4096</dev:code> <dev:remarks> <maml:para>Create a new anonymous section object of size 4096 bytes.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 2 ----------</maml:title> <dev:code>$obj = New-NtSection \BaseNamedObjects\ABC -Size 4096</dev:code> <dev:remarks> <maml:para>Create a new section object with an absolute path.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 3 ----------</maml:title> <dev:code>$file = Get-NtFile \??\C:\SomeFile $obj = New-NtSection -File $file -Protection ReadOnly</dev:code> <dev:remarks> <maml:para>Create a new section object backed by a file with read only protection.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 4 ----------</maml:title> <dev:code>$file = Get-NtFile \??\C:\Windows\notepad.exe $obj = New-NtSection -File $file -SectionAttributes Image -Protection ReadOnly</dev:code> <dev:remarks> <maml:para>Create a new image section object backed by an executable file.</maml:para> </dev:remarks> </command:example> </command:examples> <maml:relatedLinks> <maml:navigationLink> <maml:linkText>about_ManagingNtObjectLifetime</maml:linkText> </maml:navigationLink> </maml:relatedLinks> </command:command> <!-- Cmdlet: New-NtSecurityDescriptor --> <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"> <command:details> <command:name>New-NtSecurityDescriptor</command:name> <command:verb>New</command:verb> <command:noun>NtSecurityDescriptor</command:noun> <maml:description> <maml:para>Create a new security descriptor which can be used on NT objects.</maml:para> </maml:description> </command:details> <maml:description> <maml:para>This cmdlet creates a new instance of a SecurityDescriptor object. This can be used directly with one of the New-Nt* cmdlets (via the -SecurityDescriptor parameter) or by calling SetSecurityDescriptor on an existing object (assume the object has been opened with the correct permissions.</maml:para> </maml:description> <command:syntax> <!-- Parameter set: EmptySd --> <command:syntaxItem> <maml:name>New-NtSecurityDescriptor</maml:name> <!-- Parameter: NullDacl --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>NullDacl</maml:name> <maml:description> <maml:para>Specify to create the security descriptor with a NULL DACL.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> </command:syntaxItem> <!-- Parameter set: FromSddl --> <command:syntaxItem> <maml:name>New-NtSecurityDescriptor</maml:name> <!-- Parameter: Sddl --> <command:parameter required="true" globbing="false" pipelineInput="false" position="0"> <maml:name>Sddl</maml:name> <maml:description> <maml:para>Specify to create the security descriptor from an SDDL representation.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: MapType --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>MapType</maml:name> <maml:description> <maml:para>Specify mapping the generic accesses based on the NT Type.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: Type --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Type</maml:name> <maml:description> <maml:para>Specify a default NT type for the security descriptor.</maml:para> </maml:description> <command:parameterValue required="true">NtType</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtType</maml:name> <maml:uri /> </dev:type> </command:parameter> </command:syntaxItem> <!-- Parameter set: FromToken --> <command:syntaxItem> <maml:name>New-NtSecurityDescriptor</maml:name> <!-- Parameter: Token --> <command:parameter required="true" globbing="false" pipelineInput="false" position="0"> <maml:name>Token</maml:name> <maml:description> <maml:para>Specify to create the security descriptor from the default DACL of a token object.</maml:para> </maml:description> <command:parameterValue required="true">NtToken</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtToken</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: MapType --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>MapType</maml:name> <maml:description> <maml:para>Specify mapping the generic accesses based on the NT Type.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: Type --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Type</maml:name> <maml:description> <maml:para>Specify a default NT type for the security descriptor.</maml:para> </maml:description> <command:parameterValue required="true">NtType</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtType</maml:name> <maml:uri /> </dev:type> </command:parameter> </command:syntaxItem> <!-- Parameter set: FromBytes --> <command:syntaxItem> <maml:name>New-NtSecurityDescriptor</maml:name> <!-- Parameter: Bytes --> <command:parameter required="true" globbing="false" pipelineInput="false" position="0"> <maml:name>Bytes</maml:name> <maml:description> <maml:para>Specify a byte array containing the security descriptor.</maml:para> </maml:description> <command:parameterValue required="true">byte[]</command:parameterValue> <dev:type> <maml:name>System.Byte[]</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: MapType --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>MapType</maml:name> <maml:description> <maml:para>Specify mapping the generic accesses based on the NT Type.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: Type --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Type</maml:name> <maml:description> <maml:para>Specify a default NT type for the security descriptor.</maml:para> </maml:description> <command:parameterValue required="true">NtType</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtType</maml:name> <maml:uri /> </dev:type> </command:parameter> </command:syntaxItem> <!-- Parameter set: FromKey --> <command:syntaxItem> <maml:name>New-NtSecurityDescriptor</maml:name> <!-- Parameter: Key --> <command:parameter required="true" globbing="false" pipelineInput="false" position="0"> <maml:name>Key</maml:name> <maml:description> <maml:para>Specify a registry key to read the security descriptor from.</maml:para> </maml:description> <command:parameterValue required="true">NtKey</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtKey</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: ValueName --> <command:parameter required="true" globbing="false" pipelineInput="false" position="1"> <maml:name>ValueName</maml:name> <maml:description> <maml:para>Specify a registry value name in the key to read the security descriptor from.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: MapType --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>MapType</maml:name> <maml:description> <maml:para>Specify mapping the generic accesses based on the NT Type.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: Type --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Type</maml:name> <maml:description> <maml:para>Specify a default NT type for the security descriptor.</maml:para> </maml:description> <command:parameterValue required="true">NtType</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtType</maml:name> <maml:uri /> </dev:type> </command:parameter> </command:syntaxItem> <!-- Parameter set: FromKeyValue --> <command:syntaxItem> <maml:name>New-NtSecurityDescriptor</maml:name> <!-- Parameter: KeyValue --> <command:parameter required="true" globbing="false" pipelineInput="false" position="0"> <maml:name>KeyValue</maml:name> <maml:description> <maml:para>Specify a registry key value to read the security descriptor from.</maml:para> </maml:description> <command:parameterValue required="true">NtKeyValue</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtKeyValue</maml:name> <maml:uri /> </dev:type> </command:parameter> </command:syntaxItem> </command:syntax> <command:parameters> <!-- Parameter: NullDacl --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>NullDacl</maml:name> <maml:description> <maml:para>Specify to create the security descriptor with a NULL DACL.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: Sddl --> <command:parameter required="true" globbing="false" pipelineInput="false" position="0"> <maml:name>Sddl</maml:name> <maml:description> <maml:para>Specify to create the security descriptor from an SDDL representation.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Token --> <command:parameter required="true" globbing="false" pipelineInput="false" position="0"> <maml:name>Token</maml:name> <maml:description> <maml:para>Specify to create the security descriptor from the default DACL of a token object.</maml:para> </maml:description> <command:parameterValue required="true">NtToken</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtToken</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: MapType --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>MapType</maml:name> <maml:description> <maml:para>Specify mapping the generic accesses based on the NT Type.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: Type --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Type</maml:name> <maml:description> <maml:para>Specify a default NT type for the security descriptor.</maml:para> </maml:description> <command:parameterValue required="true">NtType</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtType</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Bytes --> <command:parameter required="true" globbing="false" pipelineInput="false" position="0"> <maml:name>Bytes</maml:name> <maml:description> <maml:para>Specify a byte array containing the security descriptor.</maml:para> </maml:description> <command:parameterValue required="true">byte[]</command:parameterValue> <dev:type> <maml:name>System.Byte[]</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Key --> <command:parameter required="true" globbing="false" pipelineInput="false" position="0"> <maml:name>Key</maml:name> <maml:description> <maml:para>Specify a registry key to read the security descriptor from.</maml:para> </maml:description> <command:parameterValue required="true">NtKey</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtKey</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: ValueName --> <command:parameter required="true" globbing="false" pipelineInput="false" position="1"> <maml:name>ValueName</maml:name> <maml:description> <maml:para>Specify a registry value name in the key to read the security descriptor from.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: KeyValue --> <command:parameter required="true" globbing="false" pipelineInput="false" position="0"> <maml:name>KeyValue</maml:name> <maml:description> <maml:para>Specify a registry key value to read the security descriptor from.</maml:para> </maml:description> <command:parameterValue required="true">NtKeyValue</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtKeyValue</maml:name> <maml:uri /> </dev:type> </command:parameter> </command:parameters> <command:inputTypes /> <command:returnValues> <!-- OutputType: SecurityDescriptor --> <command:returnValue> <dev:type> <maml:name>NtApiDotNet.SecurityDescriptor</maml:name> <maml:uri /> </dev:type> </command:returnValue> </command:returnValues> <command:examples> <command:example> <maml:title>---------- EXAMPLE 1 ----------</maml:title> <dev:code>$sd = New-NtSecurityDescriptor</dev:code> <dev:remarks> <maml:para>Create a new empty security descriptor object.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 2 ----------</maml:title> <dev:code>$sd = New-NtSecurityDescriptor "O:BAG:BAD:(A;;GA;;;WD)"</dev:code> <dev:remarks> <maml:para>Create a new security descriptor object from an SDDL string</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 3 ----------</maml:title> <dev:code>$sd = New-NtSecurityDescriptor -NullDacl</dev:code> <dev:remarks> <maml:para>Create a new security descriptor object with a NULL DACL.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 4 ----------</maml:title> <dev:code>$sd = New-NtSecurityDescriptor "D:(A;;GA;;;WD)" $obj = New-NtDirectory \BaseNamedObjects\ABC -SecurityDescriptor $sd</dev:code> <dev:remarks> <maml:para>Create a new object directory with an explicit security descriptor.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 5 ----------</maml:title> <dev:code>$sd = New-NtSecurityDescriptor -Key $key -ValueName SD</dev:code> <dev:remarks> <maml:para>Create a new security descriptor with the contents from the key $Key and value "SD".</maml:para> </dev:remarks> </command:example> </command:examples> </command:command> <!-- Cmdlet: Get-NtSemaphore --> <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"> <command:details> <command:name>Get-NtSemaphore</command:name> <command:verb>Get</command:verb> <command:noun>NtSemaphore</command:noun> <maml:description> <maml:para>Open a NT semaphore object by path.</maml:para> </maml:description> </command:details> <maml:description> <maml:para>This cmdlet opens an existing NT semaphore object (also known as a mutex). The absolute path to the object in the NT object manager name space must be specified. It's also possible to create the object relative to an existing object by specified the -Root parameter.</maml:para> </maml:description> <command:syntax> <!-- Parameter set: __AllParameterSets --> <command:syntaxItem> <maml:name>Get-NtSemaphore</maml:name> <!-- Parameter: Path --> <command:parameter required="true" globbing="false" pipelineInput="false" position="0"> <maml:name>Path</maml:name> <maml:description> <maml:para>The NT object manager path to the object to use.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Access --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Access</maml:name> <maml:description> <maml:para>Specify the access rights for a new handle when creating/opening an object.</maml:para> <maml:para>Possible values: None, QueryState, ModifyState, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">SemaphoreAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SemaphoreAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>MaximumAllowed</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">QueryState</command:parameterValue> <command:parameterValue required="false" variableLength="false">ModifyState</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: CloseRoot --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CloseRoot</maml:name> <maml:description> <maml:para>Automatically close the Root object when this cmdlet finishes processing. Useful for pipelines.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: CreateDirectories --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CreateDirectories</maml:name> <maml:description> <maml:para>Create any necessary NtDirectory objects to create the required object. Will return the created directories as well as the object in the output. The new object will be the first entry in the list. This doesn't work when opening an object or creating keys/files.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: Inherit --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Inherit</maml:name> <maml:description> <maml:para>Set to mark the new handle as inheritable. Can be used with ObjectAttributes.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ObjectAttributes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ObjectAttributes</maml:name> <maml:description> <maml:para>Object Attribute flags used during Open/Create calls.</maml:para> <maml:para>Possible values: None, ProtectClose, Inherit, AuditObjectClose, Permanent, Exclusive, CaseInsensitive, OpenIf, OpenLink, KernelHandle, ForceAccessCheck, IgnoreImpersonatedDevicemap, DontReparse</maml:para> </maml:description> <command:parameterValue required="true">AttributeFlags</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.AttributeFlags</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>CaseInsensitive</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ProtectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Inherit</command:parameterValue> <command:parameterValue required="false" variableLength="false">AuditObjectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Permanent</command:parameterValue> <command:parameterValue required="false" variableLength="false">Exclusive</command:parameterValue> <command:parameterValue required="false" variableLength="false">CaseInsensitive</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenIf</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenLink</command:parameterValue> <command:parameterValue required="false" variableLength="false">KernelHandle</command:parameterValue> <command:parameterValue required="false" variableLength="false">ForceAccessCheck</command:parameterValue> <command:parameterValue required="false" variableLength="false">IgnoreImpersonatedDevicemap</command:parameterValue> <command:parameterValue required="false" variableLength="false">DontReparse</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Root --> <command:parameter required="false" globbing="false" pipelineInput="true (ByValue)" position="named"> <maml:name>Root</maml:name> <maml:description> <maml:para>An existing open NT object to use when Path is relative.</maml:para> </maml:description> <command:parameterValue required="true">NtObject</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtObject</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Sddl --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Sddl</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object in SDDL format.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SecurityDescriptor --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityDescriptor</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object.</maml:para> </maml:description> <command:parameterValue required="true">SecurityDescriptor</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityDescriptor</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SecurityQualityOfService --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityQualityOfService</maml:name> <maml:description> <maml:para>Set to provide an explicit security quality of service when opening files/namedpipes.</maml:para> </maml:description> <command:parameterValue required="true">SecurityQualityOfService</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityQualityOfService</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Win32Path --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Win32Path</maml:name> <maml:description> <maml:para>Use a Win32 path for lookups. For NT objects this means relative to BNO, for files means a DOS style path.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> </command:syntaxItem> </command:syntax> <command:parameters> <!-- Parameter: Path --> <command:parameter required="true" globbing="false" pipelineInput="false" position="0"> <maml:name>Path</maml:name> <maml:description> <maml:para>The NT object manager path to the object to use.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Access --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Access</maml:name> <maml:description> <maml:para>Specify the access rights for a new handle when creating/opening an object.</maml:para> <maml:para>Possible values: None, QueryState, ModifyState, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">SemaphoreAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SemaphoreAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>MaximumAllowed</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">QueryState</command:parameterValue> <command:parameterValue required="false" variableLength="false">ModifyState</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Root --> <command:parameter required="false" globbing="false" pipelineInput="true (ByValue)" position="named"> <maml:name>Root</maml:name> <maml:description> <maml:para>An existing open NT object to use when Path is relative.</maml:para> </maml:description> <command:parameterValue required="true">NtObject</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtObject</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Win32Path --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Win32Path</maml:name> <maml:description> <maml:para>Use a Win32 path for lookups. For NT objects this means relative to BNO, for files means a DOS style path.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: CloseRoot --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CloseRoot</maml:name> <maml:description> <maml:para>Automatically close the Root object when this cmdlet finishes processing. Useful for pipelines.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: CreateDirectories --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CreateDirectories</maml:name> <maml:description> <maml:para>Create any necessary NtDirectory objects to create the required object. Will return the created directories as well as the object in the output. The new object will be the first entry in the list. This doesn't work when opening an object or creating keys/files.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ObjectAttributes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ObjectAttributes</maml:name> <maml:description> <maml:para>Object Attribute flags used during Open/Create calls.</maml:para> <maml:para>Possible values: None, ProtectClose, Inherit, AuditObjectClose, Permanent, Exclusive, CaseInsensitive, OpenIf, OpenLink, KernelHandle, ForceAccessCheck, IgnoreImpersonatedDevicemap, DontReparse</maml:para> </maml:description> <command:parameterValue required="true">AttributeFlags</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.AttributeFlags</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>CaseInsensitive</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ProtectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Inherit</command:parameterValue> <command:parameterValue required="false" variableLength="false">AuditObjectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Permanent</command:parameterValue> <command:parameterValue required="false" variableLength="false">Exclusive</command:parameterValue> <command:parameterValue required="false" variableLength="false">CaseInsensitive</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenIf</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenLink</command:parameterValue> <command:parameterValue required="false" variableLength="false">KernelHandle</command:parameterValue> <command:parameterValue required="false" variableLength="false">ForceAccessCheck</command:parameterValue> <command:parameterValue required="false" variableLength="false">IgnoreImpersonatedDevicemap</command:parameterValue> <command:parameterValue required="false" variableLength="false">DontReparse</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: SecurityDescriptor --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityDescriptor</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object.</maml:para> </maml:description> <command:parameterValue required="true">SecurityDescriptor</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityDescriptor</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Inherit --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Inherit</maml:name> <maml:description> <maml:para>Set to mark the new handle as inheritable. Can be used with ObjectAttributes.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: Sddl --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Sddl</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object in SDDL format.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SecurityQualityOfService --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityQualityOfService</maml:name> <maml:description> <maml:para>Set to provide an explicit security quality of service when opening files/namedpipes.</maml:para> </maml:description> <command:parameterValue required="true">SecurityQualityOfService</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityQualityOfService</maml:name> <maml:uri /> </dev:type> </command:parameter> </command:parameters> <command:inputTypes> <command:inputType> <dev:type> <maml:name>NtApiDotNet.NtObject</maml:name> <maml:uri /> </dev:type> <maml:description> <maml:para>An existing open NT object to use when Path is relative.</maml:para> </maml:description> </command:inputType> </command:inputTypes> <command:returnValues> <!-- OutputType: NtSemaphore --> <command:returnValue> <dev:type> <maml:name>NtApiDotNet.NtSemaphore</maml:name> <maml:uri /> </dev:type> </command:returnValue> </command:returnValues> <command:examples> <command:example> <maml:title>---------- EXAMPLE 1 ----------</maml:title> <dev:code>$obj = Get-NtSemaphore \BaseNamedObjects\ABC</dev:code> <dev:remarks> <maml:para>Get a semaphore object with an absolute path.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 2 ----------</maml:title> <dev:code>$root = Get-NtDirectory \BaseNamedObjects $obj = Get-NtSemaphore ABC -Root $root</dev:code> <dev:remarks> <maml:para>Get a semaphore object with a relative path.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 3 ----------</maml:title> <dev:code>cd NtObject:\BaseNamedObjects $obj = Get-NtSemaphore ABC</dev:code> <dev:remarks> <maml:para>Get a semaphore object with a relative path based on the current location.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 4 ----------</maml:title> <dev:code>$obj = Get-NtSemaphore -Path \BaseNamedObjects\ABC $obj.Wait() # Do something in lock... $obj.Release()</dev:code> <dev:remarks> <maml:para>Get a semaphore object, acquire the lock via Wait and Release it.</maml:para> </dev:remarks> </command:example> </command:examples> <maml:relatedLinks> <maml:navigationLink> <maml:linkText>about_ManagingNtObjectLifetime</maml:linkText> </maml:navigationLink> </maml:relatedLinks> </command:command> <!-- Cmdlet: New-NtSemaphore --> <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"> <command:details> <command:name>New-NtSemaphore</command:name> <command:verb>New</command:verb> <command:noun>NtSemaphore</command:noun> <maml:description> <maml:para>Create a new NT semaphore object.</maml:para> </maml:description> </command:details> <maml:description> <maml:para>This cmdlet creates a new NT semaphore object. The absolute path to the object in the NT object manager name space can be specified. It's also possible to create the object relative to an existing object by specified the -Root parameter. If no path is specified than an unnamed object will be created which can only be duplicated by handle.</maml:para> </maml:description> <command:syntax> <!-- Parameter set: __AllParameterSets --> <command:syntaxItem> <maml:name>New-NtSemaphore</maml:name> <!-- Parameter: Path --> <command:parameter required="false" globbing="false" pipelineInput="false" position="0"> <maml:name>Path</maml:name> <maml:description> <maml:para>The NT object manager path to the object to use.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Access --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Access</maml:name> <maml:description> <maml:para>Specify the access rights for a new handle when creating/opening an object.</maml:para> <maml:para>Possible values: None, QueryState, ModifyState, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">SemaphoreAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SemaphoreAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>MaximumAllowed</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">QueryState</command:parameterValue> <command:parameterValue required="false" variableLength="false">ModifyState</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: CloseRoot --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CloseRoot</maml:name> <maml:description> <maml:para>Automatically close the Root object when this cmdlet finishes processing. Useful for pipelines.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: CreateDirectories --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CreateDirectories</maml:name> <maml:description> <maml:para>Create any necessary NtDirectory objects to create the required object. Will return the created directories as well as the object in the output. The new object will be the first entry in the list. This doesn't work when opening an object or creating keys/files.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: Inherit --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Inherit</maml:name> <maml:description> <maml:para>Set to mark the new handle as inheritable. Can be used with ObjectAttributes.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: InitialCount --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>InitialCount</maml:name> <maml:description> <maml:para>Specify the intial count of the semaphore.</maml:para> </maml:description> <command:parameterValue required="true">int</command:parameterValue> <dev:type> <maml:name>System.Int32</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>0</dev:defaultValue> </command:parameter> <!-- Parameter: MaximumCount --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>MaximumCount</maml:name> <maml:description> <maml:para>Specify the maximum count of the semaphore.</maml:para> </maml:description> <command:parameterValue required="true">int</command:parameterValue> <dev:type> <maml:name>System.Int32</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>1</dev:defaultValue> </command:parameter> <!-- Parameter: ObjectAttributes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ObjectAttributes</maml:name> <maml:description> <maml:para>Object Attribute flags used during Open/Create calls.</maml:para> <maml:para>Possible values: None, ProtectClose, Inherit, AuditObjectClose, Permanent, Exclusive, CaseInsensitive, OpenIf, OpenLink, KernelHandle, ForceAccessCheck, IgnoreImpersonatedDevicemap, DontReparse</maml:para> </maml:description> <command:parameterValue required="true">AttributeFlags</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.AttributeFlags</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>CaseInsensitive</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ProtectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Inherit</command:parameterValue> <command:parameterValue required="false" variableLength="false">AuditObjectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Permanent</command:parameterValue> <command:parameterValue required="false" variableLength="false">Exclusive</command:parameterValue> <command:parameterValue required="false" variableLength="false">CaseInsensitive</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenIf</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenLink</command:parameterValue> <command:parameterValue required="false" variableLength="false">KernelHandle</command:parameterValue> <command:parameterValue required="false" variableLength="false">ForceAccessCheck</command:parameterValue> <command:parameterValue required="false" variableLength="false">IgnoreImpersonatedDevicemap</command:parameterValue> <command:parameterValue required="false" variableLength="false">DontReparse</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Root --> <command:parameter required="false" globbing="false" pipelineInput="true (ByValue)" position="named"> <maml:name>Root</maml:name> <maml:description> <maml:para>An existing open NT object to use when Path is relative.</maml:para> </maml:description> <command:parameterValue required="true">NtObject</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtObject</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Sddl --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Sddl</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object in SDDL format.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SecurityDescriptor --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityDescriptor</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object.</maml:para> </maml:description> <command:parameterValue required="true">SecurityDescriptor</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityDescriptor</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SecurityQualityOfService --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityQualityOfService</maml:name> <maml:description> <maml:para>Set to provide an explicit security quality of service when opening files/namedpipes.</maml:para> </maml:description> <command:parameterValue required="true">SecurityQualityOfService</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityQualityOfService</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Win32Path --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Win32Path</maml:name> <maml:description> <maml:para>Use a Win32 path for lookups. For NT objects this means relative to BNO, for files means a DOS style path.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> </command:syntaxItem> </command:syntax> <command:parameters> <!-- Parameter: InitialCount --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>InitialCount</maml:name> <maml:description> <maml:para>Specify the intial count of the semaphore.</maml:para> </maml:description> <command:parameterValue required="true">int</command:parameterValue> <dev:type> <maml:name>System.Int32</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>0</dev:defaultValue> </command:parameter> <!-- Parameter: MaximumCount --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>MaximumCount</maml:name> <maml:description> <maml:para>Specify the maximum count of the semaphore.</maml:para> </maml:description> <command:parameterValue required="true">int</command:parameterValue> <dev:type> <maml:name>System.Int32</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>1</dev:defaultValue> </command:parameter> <!-- Parameter: Access --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Access</maml:name> <maml:description> <maml:para>Specify the access rights for a new handle when creating/opening an object.</maml:para> <maml:para>Possible values: None, QueryState, ModifyState, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">SemaphoreAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SemaphoreAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>MaximumAllowed</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">QueryState</command:parameterValue> <command:parameterValue required="false" variableLength="false">ModifyState</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Path --> <command:parameter required="false" globbing="false" pipelineInput="false" position="0"> <maml:name>Path</maml:name> <maml:description> <maml:para>The NT object manager path to the object to use.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Root --> <command:parameter required="false" globbing="false" pipelineInput="true (ByValue)" position="named"> <maml:name>Root</maml:name> <maml:description> <maml:para>An existing open NT object to use when Path is relative.</maml:para> </maml:description> <command:parameterValue required="true">NtObject</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtObject</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Win32Path --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Win32Path</maml:name> <maml:description> <maml:para>Use a Win32 path for lookups. For NT objects this means relative to BNO, for files means a DOS style path.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: CloseRoot --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CloseRoot</maml:name> <maml:description> <maml:para>Automatically close the Root object when this cmdlet finishes processing. Useful for pipelines.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: CreateDirectories --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CreateDirectories</maml:name> <maml:description> <maml:para>Create any necessary NtDirectory objects to create the required object. Will return the created directories as well as the object in the output. The new object will be the first entry in the list. This doesn't work when opening an object or creating keys/files.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ObjectAttributes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ObjectAttributes</maml:name> <maml:description> <maml:para>Object Attribute flags used during Open/Create calls.</maml:para> <maml:para>Possible values: None, ProtectClose, Inherit, AuditObjectClose, Permanent, Exclusive, CaseInsensitive, OpenIf, OpenLink, KernelHandle, ForceAccessCheck, IgnoreImpersonatedDevicemap, DontReparse</maml:para> </maml:description> <command:parameterValue required="true">AttributeFlags</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.AttributeFlags</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>CaseInsensitive</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ProtectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Inherit</command:parameterValue> <command:parameterValue required="false" variableLength="false">AuditObjectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Permanent</command:parameterValue> <command:parameterValue required="false" variableLength="false">Exclusive</command:parameterValue> <command:parameterValue required="false" variableLength="false">CaseInsensitive</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenIf</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenLink</command:parameterValue> <command:parameterValue required="false" variableLength="false">KernelHandle</command:parameterValue> <command:parameterValue required="false" variableLength="false">ForceAccessCheck</command:parameterValue> <command:parameterValue required="false" variableLength="false">IgnoreImpersonatedDevicemap</command:parameterValue> <command:parameterValue required="false" variableLength="false">DontReparse</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: SecurityDescriptor --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityDescriptor</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object.</maml:para> </maml:description> <command:parameterValue required="true">SecurityDescriptor</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityDescriptor</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Inherit --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Inherit</maml:name> <maml:description> <maml:para>Set to mark the new handle as inheritable. Can be used with ObjectAttributes.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: Sddl --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Sddl</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object in SDDL format.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SecurityQualityOfService --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityQualityOfService</maml:name> <maml:description> <maml:para>Set to provide an explicit security quality of service when opening files/namedpipes.</maml:para> </maml:description> <command:parameterValue required="true">SecurityQualityOfService</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityQualityOfService</maml:name> <maml:uri /> </dev:type> </command:parameter> </command:parameters> <command:inputTypes> <command:inputType> <dev:type> <maml:name>NtApiDotNet.NtObject</maml:name> <maml:uri /> </dev:type> <maml:description> <maml:para>An existing open NT object to use when Path is relative.</maml:para> </maml:description> </command:inputType> </command:inputTypes> <command:returnValues> <!-- OutputType: NtSemaphore --> <command:returnValue> <dev:type> <maml:name>NtApiDotNet.NtSemaphore</maml:name> <maml:uri /> </dev:type> </command:returnValue> </command:returnValues> <command:examples> <command:example> <maml:title>---------- EXAMPLE 1 ----------</maml:title> <dev:code>$obj = New-NtSemaphore</dev:code> <dev:remarks> <maml:para>Create a new anonymous semaphore object.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 2 ----------</maml:title> <dev:code>$obj = New-NtSemaphore \BaseNamedObjects\ABC</dev:code> <dev:remarks> <maml:para>Create a new semaphore object with an absolute path.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 3 ----------</maml:title> <dev:code>$root = Get-NtDirectory \BaseNamedObjects $obj = New-NtSemaphore ABC -Root $root</dev:code> <dev:remarks> <maml:para>Create a new semaphore object with a relative path.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 4 ----------</maml:title> <dev:code>cd NtObject:\BaseNamedObjects $obj = New-NtSemaphore ABC</dev:code> <dev:remarks> <maml:para>Create a new semaphore object with a relative path based on the current location.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 5 ----------</maml:title> <dev:code>$semaphore = New-NtSemaphore -MaximumCount 10</dev:code> <dev:remarks> <maml:para>Create a new anonymous semaphore object a maximum count of 10.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 6 ----------</maml:title> <dev:code>$semaphore = New-NtSemaphore -InitialCount 1</dev:code> <dev:remarks> <maml:para>Create a new anonymous semaphore object the initial count set to 1.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 7 ----------</maml:title> <dev:code>$obj = New-NtSemaphore -InitialCount 1 $semaphore.Wait(10) # Do something with the semaphore... $obj.Release(1)</dev:code> <dev:remarks> <maml:para>Create a new anonymous semaphore object with an initial count of 1, decrement the semaphore via Wait with a 10 second wait and Release it.</maml:para> </dev:remarks> </command:example> </command:examples> <maml:relatedLinks> <maml:navigationLink> <maml:linkText>about_ManagingNtObjectLifetime</maml:linkText> </maml:navigationLink> </maml:relatedLinks> </command:command> <!-- Cmdlet: Get-NtSid --> <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"> <command:details> <command:name>Get-NtSid</command:name> <command:verb>Get</command:verb> <command:noun>NtSid</command:noun> <maml:description> <maml:para>Get a SID using various different mechanisms.</maml:para> </maml:description> </command:details> <maml:description> <maml:para>This cmdlet will create a SID object based on one of many mechanisms. For example it can parse the SDDL representation of the SID, or it can look up the account name. It can also create a SID based on a service name or integerity level.</maml:para> </maml:description> <command:syntax> <!-- Parameter set: sddl --> <command:syntaxItem> <maml:name>Get-NtSid</maml:name> <!-- Parameter: Sddl --> <command:parameter required="true" globbing="false" pipelineInput="false" position="0"> <maml:name>Sddl</maml:name> <maml:description> <maml:para>Specify a SID using an SDDL string.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> </command:syntaxItem> <!-- Parameter set: name --> <command:syntaxItem> <maml:name>Get-NtSid</maml:name> <!-- Parameter: Name --> <command:parameter required="true" globbing="false" pipelineInput="false" position="named"> <maml:name>Name</maml:name> <maml:description> <maml:para>Lookup a SID using an NT account name.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> </command:syntaxItem> <!-- Parameter set: service --> <command:syntaxItem> <maml:name>Get-NtSid</maml:name> <!-- Parameter: ServiceName --> <command:parameter required="true" globbing="false" pipelineInput="false" position="named"> <maml:name>ServiceName</maml:name> <maml:description> <maml:para>Create a SID based on a service name.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> </command:syntaxItem> <!-- Parameter set: il --> <command:syntaxItem> <maml:name>Get-NtSid</maml:name> <!-- Parameter: IntegrityLevel --> <command:parameter required="true" globbing="false" pipelineInput="false" position="named"> <maml:name>IntegrityLevel</maml:name> <maml:description> <maml:para>Create a SID based on the standard set of integrity levels.</maml:para> <maml:para>Possible values: Untrusted, Low, Medium, MediumPlus, High, System, ProtectedProcess</maml:para> </maml:description> <command:parameterValue required="true">TokenIntegrityLevel</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.TokenIntegrityLevel</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>Untrusted</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">Untrusted</command:parameterValue> <command:parameterValue required="false" variableLength="false">Low</command:parameterValue> <command:parameterValue required="false" variableLength="false">Medium</command:parameterValue> <command:parameterValue required="false" variableLength="false">MediumPlus</command:parameterValue> <command:parameterValue required="false" variableLength="false">High</command:parameterValue> <command:parameterValue required="false" variableLength="false">System</command:parameterValue> <command:parameterValue required="false" variableLength="false">ProtectedProcess</command:parameterValue> </command:parameterValueGroup> </command:parameter> </command:syntaxItem> <!-- Parameter set: il_raw --> <command:syntaxItem> <maml:name>Get-NtSid</maml:name> <!-- Parameter: IntegrityLevelRaw --> <command:parameter required="true" globbing="false" pipelineInput="false" position="named"> <maml:name>IntegrityLevelRaw</maml:name> <maml:description> <maml:para>Create a SID based on a raw integerity level.</maml:para> </maml:description> <command:parameterValue required="true">int</command:parameterValue> <dev:type> <maml:name>System.Int32</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>0</dev:defaultValue> </command:parameter> </command:syntaxItem> <!-- Parameter set: package --> <command:syntaxItem> <maml:name>Get-NtSid</maml:name> <!-- Parameter: PackageName --> <command:parameter required="true" globbing="false" pipelineInput="false" position="named"> <maml:name>PackageName</maml:name> <maml:description> <maml:para>Create a SID from App Container package name.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: RestrictedPackageName --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>RestrictedPackageName</maml:name> <maml:description> <maml:para>Specify an additional restricted name for the package SID.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> </command:syntaxItem> <!-- Parameter set: known --> <command:syntaxItem> <maml:name>Get-NtSid</maml:name> <!-- Parameter: KnownSid --> <command:parameter required="true" globbing="false" pipelineInput="false" position="named"> <maml:name>KnownSid</maml:name> <maml:description> <maml:para>Get a known SID.</maml:para> <maml:para>Possible values: Null, World, Local, CreatorOwner, CreatorGroup, Service, Anonymous, AuthenticatedUsers, Restricted, LocalSystem, LocalService, NetworkService, AllApplicationPackages, AllRestrictedApplicationPackages, TrustedInstaller, BuiltinUsers, BuiltinAdministrators, CapabilityInternetClient, CapabilityInternetClientServer, CapabilityPrivateNetworkClientServer, CapabilityPicturesLibrary, CapabilityVideosLibrary, CapabilityMusicLibrary, CapabilityDocumentsLibrary, CapabilityEnterpriseAuthentication, CapabilitySharedUserCertificates, CapabilityRemovableStorage, CapabilityAppointments, CapabilityContacts, CapabilityInternetExplorer, CapabilityConstrainedImpersonation, OwnerRights, Self, WriteRestricted, Builtin, Interactive, Dialup, Network, Batch, Proxy</maml:para> </maml:description> <command:parameterValue required="true">KnownSidValue</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.KnownSidValue</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>Null</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">Null</command:parameterValue> <command:parameterValue required="false" variableLength="false">World</command:parameterValue> <command:parameterValue required="false" variableLength="false">Local</command:parameterValue> <command:parameterValue required="false" variableLength="false">CreatorOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">CreatorGroup</command:parameterValue> <command:parameterValue required="false" variableLength="false">Service</command:parameterValue> <command:parameterValue required="false" variableLength="false">Anonymous</command:parameterValue> <command:parameterValue required="false" variableLength="false">AuthenticatedUsers</command:parameterValue> <command:parameterValue required="false" variableLength="false">Restricted</command:parameterValue> <command:parameterValue required="false" variableLength="false">LocalSystem</command:parameterValue> <command:parameterValue required="false" variableLength="false">LocalService</command:parameterValue> <command:parameterValue required="false" variableLength="false">NetworkService</command:parameterValue> <command:parameterValue required="false" variableLength="false">AllApplicationPackages</command:parameterValue> <command:parameterValue required="false" variableLength="false">AllRestrictedApplicationPackages</command:parameterValue> <command:parameterValue required="false" variableLength="false">TrustedInstaller</command:parameterValue> <command:parameterValue required="false" variableLength="false">BuiltinUsers</command:parameterValue> <command:parameterValue required="false" variableLength="false">BuiltinAdministrators</command:parameterValue> <command:parameterValue required="false" variableLength="false">CapabilityInternetClient</command:parameterValue> <command:parameterValue required="false" variableLength="false">CapabilityInternetClientServer</command:parameterValue> <command:parameterValue required="false" variableLength="false">CapabilityPrivateNetworkClientServer</command:parameterValue> <command:parameterValue required="false" variableLength="false">CapabilityPicturesLibrary</command:parameterValue> <command:parameterValue required="false" variableLength="false">CapabilityVideosLibrary</command:parameterValue> <command:parameterValue required="false" variableLength="false">CapabilityMusicLibrary</command:parameterValue> <command:parameterValue required="false" variableLength="false">CapabilityDocumentsLibrary</command:parameterValue> <command:parameterValue required="false" variableLength="false">CapabilityEnterpriseAuthentication</command:parameterValue> <command:parameterValue required="false" variableLength="false">CapabilitySharedUserCertificates</command:parameterValue> <command:parameterValue required="false" variableLength="false">CapabilityRemovableStorage</command:parameterValue> <command:parameterValue required="false" variableLength="false">CapabilityAppointments</command:parameterValue> <command:parameterValue required="false" variableLength="false">CapabilityContacts</command:parameterValue> <command:parameterValue required="false" variableLength="false">CapabilityInternetExplorer</command:parameterValue> <command:parameterValue required="false" variableLength="false">CapabilityConstrainedImpersonation</command:parameterValue> <command:parameterValue required="false" variableLength="false">OwnerRights</command:parameterValue> <command:parameterValue required="false" variableLength="false">Self</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteRestricted</command:parameterValue> <command:parameterValue required="false" variableLength="false">Builtin</command:parameterValue> <command:parameterValue required="false" variableLength="false">Interactive</command:parameterValue> <command:parameterValue required="false" variableLength="false">Dialup</command:parameterValue> <command:parameterValue required="false" variableLength="false">Network</command:parameterValue> <command:parameterValue required="false" variableLength="false">Batch</command:parameterValue> <command:parameterValue required="false" variableLength="false">Proxy</command:parameterValue> </command:parameterValueGroup> </command:parameter> </command:syntaxItem> <!-- Parameter set: token --> <command:syntaxItem> <maml:name>Get-NtSid</maml:name> <!-- Parameter: Token --> <command:parameter required="true" globbing="false" pipelineInput="false" position="named"> <maml:name>Token</maml:name> <maml:description> <maml:para>Get the SID from the current user token. Defaults to the user SID.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: AppContainer --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>AppContainer</maml:name> <maml:description> <maml:para>Get the SID for the current package (if an App Container token).</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: Label --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Label</maml:name> <maml:description> <maml:para>Get the SID for the current integrity level.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: LogonGroup --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>LogonGroup</maml:name> <maml:description> <maml:para>Get the SID for the current login group.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: Owner --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Owner</maml:name> <maml:description> <maml:para>Get the SID for the current default owner.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: PrimaryGroup --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>PrimaryGroup</maml:name> <maml:description> <maml:para>Get the SID for the current default group.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> </command:syntaxItem> <!-- Parameter set: cap --> <command:syntaxItem> <maml:name>Get-NtSid</maml:name> <!-- Parameter: CapabilityName --> <command:parameter required="true" globbing="false" pipelineInput="false" position="named"> <maml:name>CapabilityName</maml:name> <maml:description> <maml:para>Create a SID from App Container capability name.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: CapabilityGroup --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CapabilityGroup</maml:name> <maml:description> <maml:para>Returns the group capability SID rather than normal capability SID.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> </command:syntaxItem> <!-- Parameter set: sid --> <command:syntaxItem> <maml:name>Get-NtSid</maml:name> <!-- Parameter: RelativeIdentifiers --> <command:parameter required="true" globbing="false" pipelineInput="false" position="named"> <maml:name>RelativeIdentifiers</maml:name> <maml:description> <maml:para>Specify the relative identifiers.</maml:para> </maml:description> <command:parameterValue required="true">uint[]</command:parameterValue> <dev:type> <maml:name>System.UInt32[]</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SecurityAuthority --> <command:parameter required="true" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityAuthority</maml:name> <maml:description> <maml:para>Specify a SIDs security authority.</maml:para> <maml:para>Possible values: Null, World, Local, Creator, NonUnique, Nt, ResourceManager, Package, Label, ScopedPolicyId, Authentication, ProcessTrust</maml:para> </maml:description> <command:parameterValue required="true">SecurityAuthority</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityAuthority</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>Null</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">Null</command:parameterValue> <command:parameterValue required="false" variableLength="false">World</command:parameterValue> <command:parameterValue required="false" variableLength="false">Local</command:parameterValue> <command:parameterValue required="false" variableLength="false">Creator</command:parameterValue> <command:parameterValue required="false" variableLength="false">NonUnique</command:parameterValue> <command:parameterValue required="false" variableLength="false">Nt</command:parameterValue> <command:parameterValue required="false" variableLength="false">ResourceManager</command:parameterValue> <command:parameterValue required="false" variableLength="false">Package</command:parameterValue> <command:parameterValue required="false" variableLength="false">Label</command:parameterValue> <command:parameterValue required="false" variableLength="false">ScopedPolicyId</command:parameterValue> <command:parameterValue required="false" variableLength="false">Authentication</command:parameterValue> <command:parameterValue required="false" variableLength="false">ProcessTrust</command:parameterValue> </command:parameterValueGroup> </command:parameter> </command:syntaxItem> <!-- Parameter set: logon --> <command:syntaxItem> <maml:name>Get-NtSid</maml:name> <!-- Parameter: NewLogon --> <command:parameter required="true" globbing="false" pipelineInput="false" position="named"> <maml:name>NewLogon</maml:name> <maml:description> <maml:para>Get a new logon session SID.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> </command:syntaxItem> </command:syntax> <command:parameters> <!-- Parameter: Sddl --> <command:parameter required="true" globbing="false" pipelineInput="false" position="0"> <maml:name>Sddl</maml:name> <maml:description> <maml:para>Specify a SID using an SDDL string.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Name --> <command:parameter required="true" globbing="false" pipelineInput="false" position="named"> <maml:name>Name</maml:name> <maml:description> <maml:para>Lookup a SID using an NT account name.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: ServiceName --> <command:parameter required="true" globbing="false" pipelineInput="false" position="named"> <maml:name>ServiceName</maml:name> <maml:description> <maml:para>Create a SID based on a service name.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: IntegrityLevel --> <command:parameter required="true" globbing="false" pipelineInput="false" position="named"> <maml:name>IntegrityLevel</maml:name> <maml:description> <maml:para>Create a SID based on the standard set of integrity levels.</maml:para> <maml:para>Possible values: Untrusted, Low, Medium, MediumPlus, High, System, ProtectedProcess</maml:para> </maml:description> <command:parameterValue required="true">TokenIntegrityLevel</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.TokenIntegrityLevel</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>Untrusted</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">Untrusted</command:parameterValue> <command:parameterValue required="false" variableLength="false">Low</command:parameterValue> <command:parameterValue required="false" variableLength="false">Medium</command:parameterValue> <command:parameterValue required="false" variableLength="false">MediumPlus</command:parameterValue> <command:parameterValue required="false" variableLength="false">High</command:parameterValue> <command:parameterValue required="false" variableLength="false">System</command:parameterValue> <command:parameterValue required="false" variableLength="false">ProtectedProcess</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: IntegrityLevelRaw --> <command:parameter required="true" globbing="false" pipelineInput="false" position="named"> <maml:name>IntegrityLevelRaw</maml:name> <maml:description> <maml:para>Create a SID based on a raw integerity level.</maml:para> </maml:description> <command:parameterValue required="true">int</command:parameterValue> <dev:type> <maml:name>System.Int32</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>0</dev:defaultValue> </command:parameter> <!-- Parameter: PackageName --> <command:parameter required="true" globbing="false" pipelineInput="false" position="named"> <maml:name>PackageName</maml:name> <maml:description> <maml:para>Create a SID from App Container package name.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: RestrictedPackageName --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>RestrictedPackageName</maml:name> <maml:description> <maml:para>Specify an additional restricted name for the package SID.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: KnownSid --> <command:parameter required="true" globbing="false" pipelineInput="false" position="named"> <maml:name>KnownSid</maml:name> <maml:description> <maml:para>Get a known SID.</maml:para> <maml:para>Possible values: Null, World, Local, CreatorOwner, CreatorGroup, Service, Anonymous, AuthenticatedUsers, Restricted, LocalSystem, LocalService, NetworkService, AllApplicationPackages, AllRestrictedApplicationPackages, TrustedInstaller, BuiltinUsers, BuiltinAdministrators, CapabilityInternetClient, CapabilityInternetClientServer, CapabilityPrivateNetworkClientServer, CapabilityPicturesLibrary, CapabilityVideosLibrary, CapabilityMusicLibrary, CapabilityDocumentsLibrary, CapabilityEnterpriseAuthentication, CapabilitySharedUserCertificates, CapabilityRemovableStorage, CapabilityAppointments, CapabilityContacts, CapabilityInternetExplorer, CapabilityConstrainedImpersonation, OwnerRights, Self, WriteRestricted, Builtin, Interactive, Dialup, Network, Batch, Proxy</maml:para> </maml:description> <command:parameterValue required="true">KnownSidValue</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.KnownSidValue</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>Null</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">Null</command:parameterValue> <command:parameterValue required="false" variableLength="false">World</command:parameterValue> <command:parameterValue required="false" variableLength="false">Local</command:parameterValue> <command:parameterValue required="false" variableLength="false">CreatorOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">CreatorGroup</command:parameterValue> <command:parameterValue required="false" variableLength="false">Service</command:parameterValue> <command:parameterValue required="false" variableLength="false">Anonymous</command:parameterValue> <command:parameterValue required="false" variableLength="false">AuthenticatedUsers</command:parameterValue> <command:parameterValue required="false" variableLength="false">Restricted</command:parameterValue> <command:parameterValue required="false" variableLength="false">LocalSystem</command:parameterValue> <command:parameterValue required="false" variableLength="false">LocalService</command:parameterValue> <command:parameterValue required="false" variableLength="false">NetworkService</command:parameterValue> <command:parameterValue required="false" variableLength="false">AllApplicationPackages</command:parameterValue> <command:parameterValue required="false" variableLength="false">AllRestrictedApplicationPackages</command:parameterValue> <command:parameterValue required="false" variableLength="false">TrustedInstaller</command:parameterValue> <command:parameterValue required="false" variableLength="false">BuiltinUsers</command:parameterValue> <command:parameterValue required="false" variableLength="false">BuiltinAdministrators</command:parameterValue> <command:parameterValue required="false" variableLength="false">CapabilityInternetClient</command:parameterValue> <command:parameterValue required="false" variableLength="false">CapabilityInternetClientServer</command:parameterValue> <command:parameterValue required="false" variableLength="false">CapabilityPrivateNetworkClientServer</command:parameterValue> <command:parameterValue required="false" variableLength="false">CapabilityPicturesLibrary</command:parameterValue> <command:parameterValue required="false" variableLength="false">CapabilityVideosLibrary</command:parameterValue> <command:parameterValue required="false" variableLength="false">CapabilityMusicLibrary</command:parameterValue> <command:parameterValue required="false" variableLength="false">CapabilityDocumentsLibrary</command:parameterValue> <command:parameterValue required="false" variableLength="false">CapabilityEnterpriseAuthentication</command:parameterValue> <command:parameterValue required="false" variableLength="false">CapabilitySharedUserCertificates</command:parameterValue> <command:parameterValue required="false" variableLength="false">CapabilityRemovableStorage</command:parameterValue> <command:parameterValue required="false" variableLength="false">CapabilityAppointments</command:parameterValue> <command:parameterValue required="false" variableLength="false">CapabilityContacts</command:parameterValue> <command:parameterValue required="false" variableLength="false">CapabilityInternetExplorer</command:parameterValue> <command:parameterValue required="false" variableLength="false">CapabilityConstrainedImpersonation</command:parameterValue> <command:parameterValue required="false" variableLength="false">OwnerRights</command:parameterValue> <command:parameterValue required="false" variableLength="false">Self</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteRestricted</command:parameterValue> <command:parameterValue required="false" variableLength="false">Builtin</command:parameterValue> <command:parameterValue required="false" variableLength="false">Interactive</command:parameterValue> <command:parameterValue required="false" variableLength="false">Dialup</command:parameterValue> <command:parameterValue required="false" variableLength="false">Network</command:parameterValue> <command:parameterValue required="false" variableLength="false">Batch</command:parameterValue> <command:parameterValue required="false" variableLength="false">Proxy</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Token --> <command:parameter required="true" globbing="false" pipelineInput="false" position="named"> <maml:name>Token</maml:name> <maml:description> <maml:para>Get the SID from the current user token. Defaults to the user SID.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: Owner --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Owner</maml:name> <maml:description> <maml:para>Get the SID for the current default owner.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: PrimaryGroup --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>PrimaryGroup</maml:name> <maml:description> <maml:para>Get the SID for the current default group.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: LogonGroup --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>LogonGroup</maml:name> <maml:description> <maml:para>Get the SID for the current login group.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: AppContainer --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>AppContainer</maml:name> <maml:description> <maml:para>Get the SID for the current package (if an App Container token).</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: Label --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Label</maml:name> <maml:description> <maml:para>Get the SID for the current integrity level.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: CapabilityName --> <command:parameter required="true" globbing="false" pipelineInput="false" position="named"> <maml:name>CapabilityName</maml:name> <maml:description> <maml:para>Create a SID from App Container capability name.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: CapabilityGroup --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CapabilityGroup</maml:name> <maml:description> <maml:para>Returns the group capability SID rather than normal capability SID.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: SecurityAuthority --> <command:parameter required="true" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityAuthority</maml:name> <maml:description> <maml:para>Specify a SIDs security authority.</maml:para> <maml:para>Possible values: Null, World, Local, Creator, NonUnique, Nt, ResourceManager, Package, Label, ScopedPolicyId, Authentication, ProcessTrust</maml:para> </maml:description> <command:parameterValue required="true">SecurityAuthority</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityAuthority</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>Null</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">Null</command:parameterValue> <command:parameterValue required="false" variableLength="false">World</command:parameterValue> <command:parameterValue required="false" variableLength="false">Local</command:parameterValue> <command:parameterValue required="false" variableLength="false">Creator</command:parameterValue> <command:parameterValue required="false" variableLength="false">NonUnique</command:parameterValue> <command:parameterValue required="false" variableLength="false">Nt</command:parameterValue> <command:parameterValue required="false" variableLength="false">ResourceManager</command:parameterValue> <command:parameterValue required="false" variableLength="false">Package</command:parameterValue> <command:parameterValue required="false" variableLength="false">Label</command:parameterValue> <command:parameterValue required="false" variableLength="false">ScopedPolicyId</command:parameterValue> <command:parameterValue required="false" variableLength="false">Authentication</command:parameterValue> <command:parameterValue required="false" variableLength="false">ProcessTrust</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: RelativeIdentifiers --> <command:parameter required="true" globbing="false" pipelineInput="false" position="named"> <maml:name>RelativeIdentifiers</maml:name> <maml:description> <maml:para>Specify the relative identifiers.</maml:para> </maml:description> <command:parameterValue required="true">uint[]</command:parameterValue> <dev:type> <maml:name>System.UInt32[]</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: NewLogon --> <command:parameter required="true" globbing="false" pipelineInput="false" position="named"> <maml:name>NewLogon</maml:name> <maml:description> <maml:para>Get a new logon session SID.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> </command:parameters> <command:inputTypes /> <command:returnValues /> <command:examples> <command:example> <maml:title>---------- EXAMPLE 1 ----------</maml:title> <dev:code>Get-NtSid BA</dev:code> <dev:remarks> <maml:para>Gets the Sid for the builtin administrators group based on the SDDL form.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 2 ----------</maml:title> <dev:code>Get-NtSid S-1-2-3-4-5</dev:code> <dev:remarks> <maml:para>Gets the Sid S-1-2-3-4-5 from its SDDL form.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 3 ----------</maml:title> <dev:code>Get-NtSid -Name domain\user</dev:code> <dev:remarks> <maml:para>Gets the Sid for the username 'user' in domain 'domain'.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 4 ----------</maml:title> <dev:code>Get-NtSid -Name BUILTIN\Administrators</dev:code> <dev:remarks> <maml:para>Gets the Sid for the the builtin administrators group.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 5 ----------</maml:title> <dev:code>Get-NtSid -ServiceName service</dev:code> <dev:remarks> <maml:para>Gets the Sid for service name 'service'.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 6 ----------</maml:title> <dev:code>Get-NtSid -IntegrityLevel Low</dev:code> <dev:remarks> <maml:para>Gets the Sid Low integrity level.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 7 ----------</maml:title> <dev:code>Get-NtSid -IntegrityLevelRaw 1234</dev:code> <dev:remarks> <maml:para>Gets the Sid for the arbitrary integrity level 1234.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 8 ----------</maml:title> <dev:code>Get-NtSid -PackageName some.package.name</dev:code> <dev:remarks> <maml:para>Gets the Sid for App Container package name 'some.package.name'.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 9 ----------</maml:title> <dev:code>Get-NtSid -PackageName some.package.name -RestrictedPackageName restricted</dev:code> <dev:remarks> <maml:para>Gets the Sid for App Container package name 'some.package.name' with the restricted name 'restricted'</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 10 ----------</maml:title> <dev:code>Get-NtSid -KnownSid BuiltinAdministrators</dev:code> <dev:remarks> <maml:para>Gets the Sid for the builtin administrators group.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 11 ----------</maml:title> <dev:code>Get-NtSid -Token</dev:code> <dev:remarks> <maml:para>Gets the Sid for the current user.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 12 ----------</maml:title> <dev:code>Get-NtSid -Token -LogonGroup</dev:code> <dev:remarks> <maml:para>Gets the Sid for the current default logon group.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 13 ----------</maml:title> <dev:code>Get-NtSid -CapabilityName internetClient</dev:code> <dev:remarks> <maml:para>Gets the capability Sid the internetClient capability.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 14 ----------</maml:title> <dev:code>Get-NtSid -CapabilityName internetClient -CapabilityGroup</dev:code> <dev:remarks> <maml:para>Gets the capability group Sid the internetClient capability.</maml:para> </dev:remarks> </command:example> </command:examples> </command:command> <!-- Cmdlet: Get-NtStatus --> <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"> <command:details> <command:name>Get-NtStatus</command:name> <command:verb>Get</command:verb> <command:noun>NtStatus</command:noun> <maml:description> <maml:para>Get known information about an NTSTATUS code.</maml:para> </maml:description> </command:details> <maml:description> <maml:para>This cmdlet looks up an NTSTATUS code and if possible prints the enumeration name, the message description and the corresponding win32 error.</maml:para> </maml:description> <command:syntax> <!-- Parameter set: __AllParameterSets --> <command:syntaxItem> <maml:name>Get-NtStatus</maml:name> <!-- Parameter: Status --> <command:parameter required="false" globbing="false" pipelineInput="false" position="0"> <maml:name>Status</maml:name> <maml:description> <maml:para>Specify a NTSTATUS code to retrieve.</maml:para> </maml:description> <command:parameterValue required="true">int</command:parameterValue> <dev:type> <maml:name>System.Int32</maml:name> <maml:uri /> </dev:type> </command:parameter> </command:syntaxItem> </command:syntax> <command:parameters> <!-- Parameter: Status --> <command:parameter required="false" globbing="false" pipelineInput="false" position="0"> <maml:name>Status</maml:name> <maml:description> <maml:para>Specify a NTSTATUS code to retrieve.</maml:para> </maml:description> <command:parameterValue required="true">int</command:parameterValue> <dev:type> <maml:name>System.Int32</maml:name> <maml:uri /> </dev:type> </command:parameter> </command:parameters> <command:inputTypes /> <command:returnValues /> <command:examples> <command:example> <maml:title>---------- EXAMPLE 1 ----------</maml:title> <dev:code>Get-NtStatus</dev:code> <dev:remarks> <maml:para>Gets all known NTSTATUS codes defined in this library.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 2 ----------</maml:title> <dev:code>Get-NtStatus -Status 0xc0000022</dev:code> <dev:remarks> <maml:para>Gets information about a specific status code.</maml:para> </dev:remarks> </command:example> </command:examples> </command:command> <!-- Cmdlet: Get-NtSymbolicLink --> <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"> <command:details> <command:name>Get-NtSymbolicLink</command:name> <command:verb>Get</command:verb> <command:noun>NtSymbolicLink</command:noun> <maml:description> <maml:para>Open a existing NT symbolic link object.</maml:para> </maml:description> </command:details> <maml:description> <maml:para>This cmdlet opens a existing NT symbolic link object. The absolute path to the object in the NT object manager name space can be specified. It's also possible to open the object relative to an existing object by specified the -Root parameter.</maml:para> </maml:description> <command:syntax> <!-- Parameter set: __AllParameterSets --> <command:syntaxItem> <maml:name>Get-NtSymbolicLink</maml:name> <!-- Parameter: Path --> <command:parameter required="true" globbing="false" pipelineInput="false" position="0"> <maml:name>Path</maml:name> <maml:description> <maml:para>The NT object manager path to the object to use.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Access --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Access</maml:name> <maml:description> <maml:para>Specify the access rights for a new handle when creating/opening an object.</maml:para> <maml:para>Possible values: Query, Set, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed</maml:para> </maml:description> <command:parameterValue required="true">SymbolicLinkAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SymbolicLinkAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>MaximumAllowed</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">Query</command:parameterValue> <command:parameterValue required="false" variableLength="false">Set</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: CloseRoot --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CloseRoot</maml:name> <maml:description> <maml:para>Automatically close the Root object when this cmdlet finishes processing. Useful for pipelines.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: CreateDirectories --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CreateDirectories</maml:name> <maml:description> <maml:para>Create any necessary NtDirectory objects to create the required object. Will return the created directories as well as the object in the output. The new object will be the first entry in the list. This doesn't work when opening an object or creating keys/files.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: Inherit --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Inherit</maml:name> <maml:description> <maml:para>Set to mark the new handle as inheritable. Can be used with ObjectAttributes.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ObjectAttributes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ObjectAttributes</maml:name> <maml:description> <maml:para>Object Attribute flags used during Open/Create calls.</maml:para> <maml:para>Possible values: None, ProtectClose, Inherit, AuditObjectClose, Permanent, Exclusive, CaseInsensitive, OpenIf, OpenLink, KernelHandle, ForceAccessCheck, IgnoreImpersonatedDevicemap, DontReparse</maml:para> </maml:description> <command:parameterValue required="true">AttributeFlags</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.AttributeFlags</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>CaseInsensitive</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ProtectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Inherit</command:parameterValue> <command:parameterValue required="false" variableLength="false">AuditObjectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Permanent</command:parameterValue> <command:parameterValue required="false" variableLength="false">Exclusive</command:parameterValue> <command:parameterValue required="false" variableLength="false">CaseInsensitive</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenIf</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenLink</command:parameterValue> <command:parameterValue required="false" variableLength="false">KernelHandle</command:parameterValue> <command:parameterValue required="false" variableLength="false">ForceAccessCheck</command:parameterValue> <command:parameterValue required="false" variableLength="false">IgnoreImpersonatedDevicemap</command:parameterValue> <command:parameterValue required="false" variableLength="false">DontReparse</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Root --> <command:parameter required="false" globbing="false" pipelineInput="true (ByValue)" position="named"> <maml:name>Root</maml:name> <maml:description> <maml:para>An existing open NT object to use when Path is relative.</maml:para> </maml:description> <command:parameterValue required="true">NtObject</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtObject</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Sddl --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Sddl</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object in SDDL format.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SecurityDescriptor --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityDescriptor</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object.</maml:para> </maml:description> <command:parameterValue required="true">SecurityDescriptor</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityDescriptor</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SecurityQualityOfService --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityQualityOfService</maml:name> <maml:description> <maml:para>Set to provide an explicit security quality of service when opening files/namedpipes.</maml:para> </maml:description> <command:parameterValue required="true">SecurityQualityOfService</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityQualityOfService</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Win32Path --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Win32Path</maml:name> <maml:description> <maml:para>Use a Win32 path for lookups. For NT objects this means relative to BNO, for files means a DOS style path.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> </command:syntaxItem> </command:syntax> <command:parameters> <!-- Parameter: Path --> <command:parameter required="true" globbing="false" pipelineInput="false" position="0"> <maml:name>Path</maml:name> <maml:description> <maml:para>The NT object manager path to the object to use.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Access --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Access</maml:name> <maml:description> <maml:para>Specify the access rights for a new handle when creating/opening an object.</maml:para> <maml:para>Possible values: Query, Set, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed</maml:para> </maml:description> <command:parameterValue required="true">SymbolicLinkAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SymbolicLinkAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>MaximumAllowed</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">Query</command:parameterValue> <command:parameterValue required="false" variableLength="false">Set</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Root --> <command:parameter required="false" globbing="false" pipelineInput="true (ByValue)" position="named"> <maml:name>Root</maml:name> <maml:description> <maml:para>An existing open NT object to use when Path is relative.</maml:para> </maml:description> <command:parameterValue required="true">NtObject</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtObject</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Win32Path --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Win32Path</maml:name> <maml:description> <maml:para>Use a Win32 path for lookups. For NT objects this means relative to BNO, for files means a DOS style path.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: CloseRoot --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CloseRoot</maml:name> <maml:description> <maml:para>Automatically close the Root object when this cmdlet finishes processing. Useful for pipelines.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: CreateDirectories --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CreateDirectories</maml:name> <maml:description> <maml:para>Create any necessary NtDirectory objects to create the required object. Will return the created directories as well as the object in the output. The new object will be the first entry in the list. This doesn't work when opening an object or creating keys/files.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ObjectAttributes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ObjectAttributes</maml:name> <maml:description> <maml:para>Object Attribute flags used during Open/Create calls.</maml:para> <maml:para>Possible values: None, ProtectClose, Inherit, AuditObjectClose, Permanent, Exclusive, CaseInsensitive, OpenIf, OpenLink, KernelHandle, ForceAccessCheck, IgnoreImpersonatedDevicemap, DontReparse</maml:para> </maml:description> <command:parameterValue required="true">AttributeFlags</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.AttributeFlags</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>CaseInsensitive</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ProtectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Inherit</command:parameterValue> <command:parameterValue required="false" variableLength="false">AuditObjectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Permanent</command:parameterValue> <command:parameterValue required="false" variableLength="false">Exclusive</command:parameterValue> <command:parameterValue required="false" variableLength="false">CaseInsensitive</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenIf</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenLink</command:parameterValue> <command:parameterValue required="false" variableLength="false">KernelHandle</command:parameterValue> <command:parameterValue required="false" variableLength="false">ForceAccessCheck</command:parameterValue> <command:parameterValue required="false" variableLength="false">IgnoreImpersonatedDevicemap</command:parameterValue> <command:parameterValue required="false" variableLength="false">DontReparse</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: SecurityDescriptor --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityDescriptor</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object.</maml:para> </maml:description> <command:parameterValue required="true">SecurityDescriptor</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityDescriptor</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Inherit --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Inherit</maml:name> <maml:description> <maml:para>Set to mark the new handle as inheritable. Can be used with ObjectAttributes.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: Sddl --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Sddl</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object in SDDL format.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SecurityQualityOfService --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityQualityOfService</maml:name> <maml:description> <maml:para>Set to provide an explicit security quality of service when opening files/namedpipes.</maml:para> </maml:description> <command:parameterValue required="true">SecurityQualityOfService</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityQualityOfService</maml:name> <maml:uri /> </dev:type> </command:parameter> </command:parameters> <command:inputTypes> <command:inputType> <dev:type> <maml:name>NtApiDotNet.NtObject</maml:name> <maml:uri /> </dev:type> <maml:description> <maml:para>An existing open NT object to use when Path is relative.</maml:para> </maml:description> </command:inputType> </command:inputTypes> <command:returnValues /> <command:examples> <command:example> <maml:title>---------- EXAMPLE 1 ----------</maml:title> <dev:code>$obj = Get-NtSymbolicLink \DosDevices\ABC</dev:code> <dev:remarks> <maml:para>Open a symbolic link object with an absolute path.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 2 ----------</maml:title> <dev:code>$root = Get-NtDirectory \DosDevices $obj = Get-NtSymbolicLink ABC -Root $root</dev:code> <dev:remarks> <maml:para>Open a symbolic link object with a relative path.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 3 ----------</maml:title> <dev:code>cd NtObject:\BaseNamedObjects $obj = Get-NtSymbolicLink ABC</dev:code> <dev:remarks> <maml:para>Get a symbolic link object with a relative path based on the current location.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 4 ----------</maml:title> <dev:code>$obj = Get-NtSymbolicLink \DosDevices\ABC $obj.Query()</dev:code> <dev:remarks> <maml:para>Open a symbolic link object and query its target.</maml:para> </dev:remarks> </command:example> </command:examples> <maml:relatedLinks> <maml:navigationLink> <maml:linkText>about_ManagingNtObjectLifetime</maml:linkText> </maml:navigationLink> </maml:relatedLinks> </command:command> <!-- Cmdlet: New-NtSymbolicLink --> <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"> <command:details> <command:name>New-NtSymbolicLink</command:name> <command:verb>New</command:verb> <command:noun>NtSymbolicLink</command:noun> <maml:description> <maml:para>Create a new NT symbolic link object.</maml:para> </maml:description> </command:details> <maml:description> <maml:para>This cmdlet creates a new NT symbolic link object. The absolute path to the object in the NT object manager name space can be specified. It's also possible to create the object relative to an existing object by specified the -Root parameter. If no path is specified than an unnamed object will be created which can only be duplicated by handle.</maml:para> </maml:description> <command:syntax> <!-- Parameter set: __AllParameterSets --> <command:syntaxItem> <maml:name>New-NtSymbolicLink</maml:name> <!-- Parameter: Path --> <command:parameter required="false" globbing="false" pipelineInput="false" position="0"> <maml:name>Path</maml:name> <maml:description> <maml:para>The NT object manager path to the object to use.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: TargetPath --> <command:parameter required="true" globbing="false" pipelineInput="false" position="1"> <maml:name>TargetPath</maml:name> <maml:description> <maml:para>Specify the target NT object manager path to follow if processing this symbolic link.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Access --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Access</maml:name> <maml:description> <maml:para>Specify the access rights for a new handle when creating/opening an object.</maml:para> <maml:para>Possible values: Query, Set, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed</maml:para> </maml:description> <command:parameterValue required="true">SymbolicLinkAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SymbolicLinkAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>MaximumAllowed</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">Query</command:parameterValue> <command:parameterValue required="false" variableLength="false">Set</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: CloseRoot --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CloseRoot</maml:name> <maml:description> <maml:para>Automatically close the Root object when this cmdlet finishes processing. Useful for pipelines.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: CreateDirectories --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CreateDirectories</maml:name> <maml:description> <maml:para>Create any necessary NtDirectory objects to create the required object. Will return the created directories as well as the object in the output. The new object will be the first entry in the list. This doesn't work when opening an object or creating keys/files.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: Inherit --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Inherit</maml:name> <maml:description> <maml:para>Set to mark the new handle as inheritable. Can be used with ObjectAttributes.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ObjectAttributes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ObjectAttributes</maml:name> <maml:description> <maml:para>Object Attribute flags used during Open/Create calls.</maml:para> <maml:para>Possible values: None, ProtectClose, Inherit, AuditObjectClose, Permanent, Exclusive, CaseInsensitive, OpenIf, OpenLink, KernelHandle, ForceAccessCheck, IgnoreImpersonatedDevicemap, DontReparse</maml:para> </maml:description> <command:parameterValue required="true">AttributeFlags</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.AttributeFlags</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>CaseInsensitive</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ProtectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Inherit</command:parameterValue> <command:parameterValue required="false" variableLength="false">AuditObjectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Permanent</command:parameterValue> <command:parameterValue required="false" variableLength="false">Exclusive</command:parameterValue> <command:parameterValue required="false" variableLength="false">CaseInsensitive</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenIf</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenLink</command:parameterValue> <command:parameterValue required="false" variableLength="false">KernelHandle</command:parameterValue> <command:parameterValue required="false" variableLength="false">ForceAccessCheck</command:parameterValue> <command:parameterValue required="false" variableLength="false">IgnoreImpersonatedDevicemap</command:parameterValue> <command:parameterValue required="false" variableLength="false">DontReparse</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Root --> <command:parameter required="false" globbing="false" pipelineInput="true (ByValue)" position="named"> <maml:name>Root</maml:name> <maml:description> <maml:para>An existing open NT object to use when Path is relative.</maml:para> </maml:description> <command:parameterValue required="true">NtObject</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtObject</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Sddl --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Sddl</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object in SDDL format.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SecurityDescriptor --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityDescriptor</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object.</maml:para> </maml:description> <command:parameterValue required="true">SecurityDescriptor</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityDescriptor</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SecurityQualityOfService --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityQualityOfService</maml:name> <maml:description> <maml:para>Set to provide an explicit security quality of service when opening files/namedpipes.</maml:para> </maml:description> <command:parameterValue required="true">SecurityQualityOfService</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityQualityOfService</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Win32Path --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Win32Path</maml:name> <maml:description> <maml:para>Use a Win32 path for lookups. For NT objects this means relative to BNO, for files means a DOS style path.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> </command:syntaxItem> </command:syntax> <command:parameters> <!-- Parameter: TargetPath --> <command:parameter required="true" globbing="false" pipelineInput="false" position="1"> <maml:name>TargetPath</maml:name> <maml:description> <maml:para>Specify the target NT object manager path to follow if processing this symbolic link.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Access --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Access</maml:name> <maml:description> <maml:para>Specify the access rights for a new handle when creating/opening an object.</maml:para> <maml:para>Possible values: Query, Set, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed</maml:para> </maml:description> <command:parameterValue required="true">SymbolicLinkAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SymbolicLinkAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>MaximumAllowed</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">Query</command:parameterValue> <command:parameterValue required="false" variableLength="false">Set</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Path --> <command:parameter required="false" globbing="false" pipelineInput="false" position="0"> <maml:name>Path</maml:name> <maml:description> <maml:para>The NT object manager path to the object to use.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Root --> <command:parameter required="false" globbing="false" pipelineInput="true (ByValue)" position="named"> <maml:name>Root</maml:name> <maml:description> <maml:para>An existing open NT object to use when Path is relative.</maml:para> </maml:description> <command:parameterValue required="true">NtObject</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtObject</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Win32Path --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Win32Path</maml:name> <maml:description> <maml:para>Use a Win32 path for lookups. For NT objects this means relative to BNO, for files means a DOS style path.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: CloseRoot --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CloseRoot</maml:name> <maml:description> <maml:para>Automatically close the Root object when this cmdlet finishes processing. Useful for pipelines.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: CreateDirectories --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CreateDirectories</maml:name> <maml:description> <maml:para>Create any necessary NtDirectory objects to create the required object. Will return the created directories as well as the object in the output. The new object will be the first entry in the list. This doesn't work when opening an object or creating keys/files.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ObjectAttributes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ObjectAttributes</maml:name> <maml:description> <maml:para>Object Attribute flags used during Open/Create calls.</maml:para> <maml:para>Possible values: None, ProtectClose, Inherit, AuditObjectClose, Permanent, Exclusive, CaseInsensitive, OpenIf, OpenLink, KernelHandle, ForceAccessCheck, IgnoreImpersonatedDevicemap, DontReparse</maml:para> </maml:description> <command:parameterValue required="true">AttributeFlags</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.AttributeFlags</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>CaseInsensitive</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ProtectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Inherit</command:parameterValue> <command:parameterValue required="false" variableLength="false">AuditObjectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Permanent</command:parameterValue> <command:parameterValue required="false" variableLength="false">Exclusive</command:parameterValue> <command:parameterValue required="false" variableLength="false">CaseInsensitive</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenIf</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenLink</command:parameterValue> <command:parameterValue required="false" variableLength="false">KernelHandle</command:parameterValue> <command:parameterValue required="false" variableLength="false">ForceAccessCheck</command:parameterValue> <command:parameterValue required="false" variableLength="false">IgnoreImpersonatedDevicemap</command:parameterValue> <command:parameterValue required="false" variableLength="false">DontReparse</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: SecurityDescriptor --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityDescriptor</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object.</maml:para> </maml:description> <command:parameterValue required="true">SecurityDescriptor</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityDescriptor</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Inherit --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Inherit</maml:name> <maml:description> <maml:para>Set to mark the new handle as inheritable. Can be used with ObjectAttributes.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: Sddl --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Sddl</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object in SDDL format.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SecurityQualityOfService --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityQualityOfService</maml:name> <maml:description> <maml:para>Set to provide an explicit security quality of service when opening files/namedpipes.</maml:para> </maml:description> <command:parameterValue required="true">SecurityQualityOfService</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityQualityOfService</maml:name> <maml:uri /> </dev:type> </command:parameter> </command:parameters> <command:inputTypes> <command:inputType> <dev:type> <maml:name>NtApiDotNet.NtObject</maml:name> <maml:uri /> </dev:type> <maml:description> <maml:para>An existing open NT object to use when Path is relative.</maml:para> </maml:description> </command:inputType> </command:inputTypes> <command:returnValues /> <command:examples> <command:example> <maml:title>---------- EXAMPLE 1 ----------</maml:title> <dev:code>$obj = New-NtSymbolicLink -TargetPath \Symlink\Target</dev:code> <dev:remarks> <maml:para>Create a new anonymous symbolic link object.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 2 ----------</maml:title> <dev:code>$obj = New-NtSymbolicLink \DosDevices\ABC \Symlink\Target</dev:code> <dev:remarks> <maml:para>Create a new symbolic link object with an absolute path.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 3 ----------</maml:title> <dev:code>$root = Get-NtDirectory \DosDevices $obj = New-NtSymbolicLink ABC \Symlink\Target -Root $root</dev:code> <dev:remarks> <maml:para>Create a new symbolic link object with a relative path.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 4 ----------</maml:title> <dev:code>cd NtObject:\BaseNamedObjects $obj = New-NtSymbolicLink ABC \Symlink\Target</dev:code> <dev:remarks> <maml:para>Create a new symbolic link object with a relative path based on the current location.</maml:para> </dev:remarks> </command:example> </command:examples> <maml:relatedLinks> <maml:navigationLink> <maml:linkText>about_ManagingNtObjectLifetime</maml:linkText> </maml:navigationLink> </maml:relatedLinks> </command:command> <!-- Cmdlet: Get-NtSymbolicLinkTarget --> <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"> <command:details> <command:name>Get-NtSymbolicLinkTarget</command:name> <command:verb>Get</command:verb> <command:noun>NtSymbolicLinkTarget</command:noun> <maml:description> <maml:para>Get the target path for an existing NT symbolic link object.</maml:para> </maml:description> </command:details> <maml:description> <maml:para>This cmdlet opens a existing NT symbolic link object and queries its target path. That can be done using Get-NtSymbolicLink and the Query method but this simplifies the operation so that the object handle doesn't have to be closed.</maml:para> </maml:description> <command:syntax> <!-- Parameter set: __AllParameterSets --> <command:syntaxItem> <maml:name>Get-NtSymbolicLinkTarget</maml:name> <!-- Parameter: Path --> <command:parameter required="true" globbing="false" pipelineInput="false" position="0"> <maml:name>Path</maml:name> <maml:description> <maml:para>The NT object manager path to the object to use.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: CloseRoot --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CloseRoot</maml:name> <maml:description> <maml:para>Automatically close the Root object when this cmdlet finishes processing. Useful for pipelines.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: CreateDirectories --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CreateDirectories</maml:name> <maml:description> <maml:para>Create any necessary NtDirectory objects to create the required object. Will return the created directories as well as the object in the output. The new object will be the first entry in the list. This doesn't work when opening an object or creating keys/files.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: Inherit --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Inherit</maml:name> <maml:description> <maml:para>Set to mark the new handle as inheritable. Can be used with ObjectAttributes.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ObjectAttributes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ObjectAttributes</maml:name> <maml:description> <maml:para>Object Attribute flags used during Open/Create calls.</maml:para> <maml:para>Possible values: None, ProtectClose, Inherit, AuditObjectClose, Permanent, Exclusive, CaseInsensitive, OpenIf, OpenLink, KernelHandle, ForceAccessCheck, IgnoreImpersonatedDevicemap, DontReparse</maml:para> </maml:description> <command:parameterValue required="true">AttributeFlags</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.AttributeFlags</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>CaseInsensitive</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ProtectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Inherit</command:parameterValue> <command:parameterValue required="false" variableLength="false">AuditObjectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Permanent</command:parameterValue> <command:parameterValue required="false" variableLength="false">Exclusive</command:parameterValue> <command:parameterValue required="false" variableLength="false">CaseInsensitive</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenIf</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenLink</command:parameterValue> <command:parameterValue required="false" variableLength="false">KernelHandle</command:parameterValue> <command:parameterValue required="false" variableLength="false">ForceAccessCheck</command:parameterValue> <command:parameterValue required="false" variableLength="false">IgnoreImpersonatedDevicemap</command:parameterValue> <command:parameterValue required="false" variableLength="false">DontReparse</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Root --> <command:parameter required="false" globbing="false" pipelineInput="true (ByValue)" position="named"> <maml:name>Root</maml:name> <maml:description> <maml:para>An existing open NT object to use when Path is relative.</maml:para> </maml:description> <command:parameterValue required="true">NtObject</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtObject</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Sddl --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Sddl</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object in SDDL format.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SecurityDescriptor --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityDescriptor</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object.</maml:para> </maml:description> <command:parameterValue required="true">SecurityDescriptor</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityDescriptor</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SecurityQualityOfService --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityQualityOfService</maml:name> <maml:description> <maml:para>Set to provide an explicit security quality of service when opening files/namedpipes.</maml:para> </maml:description> <command:parameterValue required="true">SecurityQualityOfService</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityQualityOfService</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Win32Path --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Win32Path</maml:name> <maml:description> <maml:para>Use a Win32 path for lookups. For NT objects this means relative to BNO, for files means a DOS style path.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> </command:syntaxItem> </command:syntax> <command:parameters> <!-- Parameter: Path --> <command:parameter required="true" globbing="false" pipelineInput="false" position="0"> <maml:name>Path</maml:name> <maml:description> <maml:para>The NT object manager path to the object to use.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Root --> <command:parameter required="false" globbing="false" pipelineInput="true (ByValue)" position="named"> <maml:name>Root</maml:name> <maml:description> <maml:para>An existing open NT object to use when Path is relative.</maml:para> </maml:description> <command:parameterValue required="true">NtObject</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtObject</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Win32Path --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Win32Path</maml:name> <maml:description> <maml:para>Use a Win32 path for lookups. For NT objects this means relative to BNO, for files means a DOS style path.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: CloseRoot --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CloseRoot</maml:name> <maml:description> <maml:para>Automatically close the Root object when this cmdlet finishes processing. Useful for pipelines.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: CreateDirectories --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CreateDirectories</maml:name> <maml:description> <maml:para>Create any necessary NtDirectory objects to create the required object. Will return the created directories as well as the object in the output. The new object will be the first entry in the list. This doesn't work when opening an object or creating keys/files.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ObjectAttributes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ObjectAttributes</maml:name> <maml:description> <maml:para>Object Attribute flags used during Open/Create calls.</maml:para> <maml:para>Possible values: None, ProtectClose, Inherit, AuditObjectClose, Permanent, Exclusive, CaseInsensitive, OpenIf, OpenLink, KernelHandle, ForceAccessCheck, IgnoreImpersonatedDevicemap, DontReparse</maml:para> </maml:description> <command:parameterValue required="true">AttributeFlags</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.AttributeFlags</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>CaseInsensitive</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ProtectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Inherit</command:parameterValue> <command:parameterValue required="false" variableLength="false">AuditObjectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Permanent</command:parameterValue> <command:parameterValue required="false" variableLength="false">Exclusive</command:parameterValue> <command:parameterValue required="false" variableLength="false">CaseInsensitive</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenIf</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenLink</command:parameterValue> <command:parameterValue required="false" variableLength="false">KernelHandle</command:parameterValue> <command:parameterValue required="false" variableLength="false">ForceAccessCheck</command:parameterValue> <command:parameterValue required="false" variableLength="false">IgnoreImpersonatedDevicemap</command:parameterValue> <command:parameterValue required="false" variableLength="false">DontReparse</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: SecurityDescriptor --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityDescriptor</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object.</maml:para> </maml:description> <command:parameterValue required="true">SecurityDescriptor</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityDescriptor</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Inherit --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Inherit</maml:name> <maml:description> <maml:para>Set to mark the new handle as inheritable. Can be used with ObjectAttributes.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: Sddl --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Sddl</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object in SDDL format.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SecurityQualityOfService --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityQualityOfService</maml:name> <maml:description> <maml:para>Set to provide an explicit security quality of service when opening files/namedpipes.</maml:para> </maml:description> <command:parameterValue required="true">SecurityQualityOfService</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityQualityOfService</maml:name> <maml:uri /> </dev:type> </command:parameter> </command:parameters> <command:inputTypes> <command:inputType> <dev:type> <maml:name>NtApiDotNet.NtObject</maml:name> <maml:uri /> </dev:type> <maml:description> <maml:para>An existing open NT object to use when Path is relative.</maml:para> </maml:description> </command:inputType> </command:inputTypes> <command:returnValues /> <command:examples> <command:example> <maml:title>---------- EXAMPLE 1 ----------</maml:title> <dev:code>Get-NtSymbolicLinkTarget \DosDevices\ABC</dev:code> <dev:remarks> <maml:para>Gets the symbolic link object target with an absolute path.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 2 ----------</maml:title> <dev:code>$root = Get-NtDirectory \DosDevices Get-NtSymbolicLinkTarget ABC -Root $root</dev:code> <dev:remarks> <maml:para>Gets the symbolic link object target with a relative path.</maml:para> </dev:remarks> </command:example> </command:examples> <maml:relatedLinks> <maml:navigationLink> <maml:linkText>about_ManagingNtObjectLifetime</maml:linkText> </maml:navigationLink> </maml:relatedLinks> </command:command> <!-- Cmdlet: Get-NtThread --> <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"> <command:details> <command:name>Get-NtThread</command:name> <command:verb>Get</command:verb> <command:noun>NtThread</command:noun> <maml:description> <maml:para>Get NT threads.</maml:para> </maml:description> </command:details> <maml:description> <maml:para>This cmdlet gets all accessible threads on the system. You can specify a specific thread by setting the -ThreadId parameter.</maml:para> </maml:description> <command:syntax> <!-- Parameter set: tid --> <command:syntaxItem> <maml:name>Get-NtThread</maml:name> <!-- Parameter: ThreadId --> <command:parameter required="true" globbing="false" pipelineInput="false" position="0" aliases="tid"> <maml:name>ThreadId</maml:name> <maml:description> <maml:para>Specify a thread ID to open.</maml:para> </maml:description> <command:parameterValue required="true">int</command:parameterValue> <dev:type> <maml:name>System.Int32</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>-1</dev:defaultValue> </command:parameter> <!-- Parameter: Access --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Access</maml:name> <maml:description> <maml:para>Specify access rights for each thread opened.</maml:para> <maml:para>Possible values: Terminate, SuspendResume, Alert, GetContext, SetContext, SetInformation, QueryInformation, SetThreadToken, Impersonate, DirectImpersonation, SetLimitedInformation, QueryLimitedInformation, Resume, AllAccess, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">ThreadAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.ThreadAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>MaximumAllowed</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">Terminate</command:parameterValue> <command:parameterValue required="false" variableLength="false">SuspendResume</command:parameterValue> <command:parameterValue required="false" variableLength="false">Alert</command:parameterValue> <command:parameterValue required="false" variableLength="false">GetContext</command:parameterValue> <command:parameterValue required="false" variableLength="false">SetContext</command:parameterValue> <command:parameterValue required="false" variableLength="false">SetInformation</command:parameterValue> <command:parameterValue required="false" variableLength="false">QueryInformation</command:parameterValue> <command:parameterValue required="false" variableLength="false">SetThreadToken</command:parameterValue> <command:parameterValue required="false" variableLength="false">Impersonate</command:parameterValue> <command:parameterValue required="false" variableLength="false">DirectImpersonation</command:parameterValue> <command:parameterValue required="false" variableLength="false">SetLimitedInformation</command:parameterValue> <command:parameterValue required="false" variableLength="false">QueryLimitedInformation</command:parameterValue> <command:parameterValue required="false" variableLength="false">Resume</command:parameterValue> <command:parameterValue required="false" variableLength="false">AllAccess</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> </command:syntaxItem> <!-- Parameter set: pid --> <command:syntaxItem> <maml:name>Get-NtThread</maml:name> <!-- Parameter: ProcessId --> <command:parameter required="true" globbing="false" pipelineInput="false" position="named" aliases="pid"> <maml:name>ProcessId</maml:name> <maml:description> <maml:para>Specify a process ID to enumerate only its threads.</maml:para> </maml:description> <command:parameterValue required="true">int</command:parameterValue> <dev:type> <maml:name>System.Int32</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>-1</dev:defaultValue> </command:parameter> <!-- Parameter: Access --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Access</maml:name> <maml:description> <maml:para>Specify access rights for each thread opened.</maml:para> <maml:para>Possible values: Terminate, SuspendResume, Alert, GetContext, SetContext, SetInformation, QueryInformation, SetThreadToken, Impersonate, DirectImpersonation, SetLimitedInformation, QueryLimitedInformation, Resume, AllAccess, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">ThreadAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.ThreadAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>MaximumAllowed</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">Terminate</command:parameterValue> <command:parameterValue required="false" variableLength="false">SuspendResume</command:parameterValue> <command:parameterValue required="false" variableLength="false">Alert</command:parameterValue> <command:parameterValue required="false" variableLength="false">GetContext</command:parameterValue> <command:parameterValue required="false" variableLength="false">SetContext</command:parameterValue> <command:parameterValue required="false" variableLength="false">SetInformation</command:parameterValue> <command:parameterValue required="false" variableLength="false">QueryInformation</command:parameterValue> <command:parameterValue required="false" variableLength="false">SetThreadToken</command:parameterValue> <command:parameterValue required="false" variableLength="false">Impersonate</command:parameterValue> <command:parameterValue required="false" variableLength="false">DirectImpersonation</command:parameterValue> <command:parameterValue required="false" variableLength="false">SetLimitedInformation</command:parameterValue> <command:parameterValue required="false" variableLength="false">QueryLimitedInformation</command:parameterValue> <command:parameterValue required="false" variableLength="false">Resume</command:parameterValue> <command:parameterValue required="false" variableLength="false">AllAccess</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> </command:syntaxItem> <!-- Parameter set: infoonly --> <command:syntaxItem> <maml:name>Get-NtThread</maml:name> <!-- Parameter: InfoOnly --> <command:parameter required="true" globbing="false" pipelineInput="false" position="named"> <maml:name>InfoOnly</maml:name> <maml:description> <maml:para>Only get thread information, do not open the objects.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ProcessId --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named" aliases="pid"> <maml:name>ProcessId</maml:name> <maml:description> <maml:para>Specify a process ID to enumerate only its threads.</maml:para> </maml:description> <command:parameterValue required="true">int</command:parameterValue> <dev:type> <maml:name>System.Int32</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>-1</dev:defaultValue> </command:parameter> </command:syntaxItem> <!-- Parameter set: current --> <command:syntaxItem> <maml:name>Get-NtThread</maml:name> <!-- Parameter: Access --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Access</maml:name> <maml:description> <maml:para>Specify access rights for each thread opened.</maml:para> <maml:para>Possible values: Terminate, SuspendResume, Alert, GetContext, SetContext, SetInformation, QueryInformation, SetThreadToken, Impersonate, DirectImpersonation, SetLimitedInformation, QueryLimitedInformation, Resume, AllAccess, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">ThreadAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.ThreadAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>MaximumAllowed</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">Terminate</command:parameterValue> <command:parameterValue required="false" variableLength="false">SuspendResume</command:parameterValue> <command:parameterValue required="false" variableLength="false">Alert</command:parameterValue> <command:parameterValue required="false" variableLength="false">GetContext</command:parameterValue> <command:parameterValue required="false" variableLength="false">SetContext</command:parameterValue> <command:parameterValue required="false" variableLength="false">SetInformation</command:parameterValue> <command:parameterValue required="false" variableLength="false">QueryInformation</command:parameterValue> <command:parameterValue required="false" variableLength="false">SetThreadToken</command:parameterValue> <command:parameterValue required="false" variableLength="false">Impersonate</command:parameterValue> <command:parameterValue required="false" variableLength="false">DirectImpersonation</command:parameterValue> <command:parameterValue required="false" variableLength="false">SetLimitedInformation</command:parameterValue> <command:parameterValue required="false" variableLength="false">QueryLimitedInformation</command:parameterValue> <command:parameterValue required="false" variableLength="false">Resume</command:parameterValue> <command:parameterValue required="false" variableLength="false">AllAccess</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Current --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Current</maml:name> <maml:description> <maml:para>Get the current thread.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: PseudoHandle --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>PseudoHandle</maml:name> <maml:description> <maml:para>When getting the current thread return pseudo handle. This handle doesn't need to be closed but changes identity if used in a different thread.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> </command:syntaxItem> <!-- Parameter set: all --> <command:syntaxItem> <maml:name>Get-NtThread</maml:name> <!-- Parameter: Access --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Access</maml:name> <maml:description> <maml:para>Specify access rights for each thread opened.</maml:para> <maml:para>Possible values: Terminate, SuspendResume, Alert, GetContext, SetContext, SetInformation, QueryInformation, SetThreadToken, Impersonate, DirectImpersonation, SetLimitedInformation, QueryLimitedInformation, Resume, AllAccess, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">ThreadAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.ThreadAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>MaximumAllowed</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">Terminate</command:parameterValue> <command:parameterValue required="false" variableLength="false">SuspendResume</command:parameterValue> <command:parameterValue required="false" variableLength="false">Alert</command:parameterValue> <command:parameterValue required="false" variableLength="false">GetContext</command:parameterValue> <command:parameterValue required="false" variableLength="false">SetContext</command:parameterValue> <command:parameterValue required="false" variableLength="false">SetInformation</command:parameterValue> <command:parameterValue required="false" variableLength="false">QueryInformation</command:parameterValue> <command:parameterValue required="false" variableLength="false">SetThreadToken</command:parameterValue> <command:parameterValue required="false" variableLength="false">Impersonate</command:parameterValue> <command:parameterValue required="false" variableLength="false">DirectImpersonation</command:parameterValue> <command:parameterValue required="false" variableLength="false">SetLimitedInformation</command:parameterValue> <command:parameterValue required="false" variableLength="false">QueryLimitedInformation</command:parameterValue> <command:parameterValue required="false" variableLength="false">Resume</command:parameterValue> <command:parameterValue required="false" variableLength="false">AllAccess</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: FilterScript --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>FilterScript</maml:name> <maml:description> <maml:para>Specify an arbitrary filter script.</maml:para> </maml:description> <command:parameterValue required="true">ScriptBlock</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.ScriptBlock</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: FromSystem --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>FromSystem</maml:name> <maml:description> <maml:para>When getting all threads only get the system information thread list.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> </command:syntaxItem> </command:syntax> <command:parameters> <!-- Parameter: ThreadId --> <command:parameter required="true" globbing="false" pipelineInput="false" position="0" aliases="tid"> <maml:name>ThreadId</maml:name> <maml:description> <maml:para>Specify a thread ID to open.</maml:para> </maml:description> <command:parameterValue required="true">int</command:parameterValue> <dev:type> <maml:name>System.Int32</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>-1</dev:defaultValue> </command:parameter> <command:parameter required="true" globbing="false" pipelineInput="false" position="0" aliases="tid"> <maml:name>tid</maml:name> <maml:description> <maml:para>Specify a thread ID to open.</maml:para> <maml:para>This is an alias of the ThreadId parameter.</maml:para> </maml:description> <command:parameterValue required="true">int</command:parameterValue> <dev:type> <maml:name>System.Int32</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>-1</dev:defaultValue> </command:parameter> <!-- Parameter: ProcessId --> <command:parameter required="true" globbing="false" pipelineInput="false" position="named" aliases="pid"> <maml:name>ProcessId</maml:name> <maml:description> <maml:para>Specify a process ID to enumerate only its threads.</maml:para> </maml:description> <command:parameterValue required="true">int</command:parameterValue> <dev:type> <maml:name>System.Int32</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>-1</dev:defaultValue> </command:parameter> <command:parameter required="true" globbing="false" pipelineInput="false" position="named" aliases="pid"> <maml:name>pid</maml:name> <maml:description> <maml:para>Specify a process ID to enumerate only its threads.</maml:para> <maml:para>This is an alias of the ProcessId parameter.</maml:para> </maml:description> <command:parameterValue required="true">int</command:parameterValue> <dev:type> <maml:name>System.Int32</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>-1</dev:defaultValue> </command:parameter> <!-- Parameter: Current --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Current</maml:name> <maml:description> <maml:para>Get the current thread.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: PseudoHandle --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>PseudoHandle</maml:name> <maml:description> <maml:para>When getting the current thread return pseudo handle. This handle doesn't need to be closed but changes identity if used in a different thread.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: FilterScript --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>FilterScript</maml:name> <maml:description> <maml:para>Specify an arbitrary filter script.</maml:para> </maml:description> <command:parameterValue required="true">ScriptBlock</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.ScriptBlock</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Access --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Access</maml:name> <maml:description> <maml:para>Specify access rights for each thread opened.</maml:para> <maml:para>Possible values: Terminate, SuspendResume, Alert, GetContext, SetContext, SetInformation, QueryInformation, SetThreadToken, Impersonate, DirectImpersonation, SetLimitedInformation, QueryLimitedInformation, Resume, AllAccess, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">ThreadAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.ThreadAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>MaximumAllowed</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">Terminate</command:parameterValue> <command:parameterValue required="false" variableLength="false">SuspendResume</command:parameterValue> <command:parameterValue required="false" variableLength="false">Alert</command:parameterValue> <command:parameterValue required="false" variableLength="false">GetContext</command:parameterValue> <command:parameterValue required="false" variableLength="false">SetContext</command:parameterValue> <command:parameterValue required="false" variableLength="false">SetInformation</command:parameterValue> <command:parameterValue required="false" variableLength="false">QueryInformation</command:parameterValue> <command:parameterValue required="false" variableLength="false">SetThreadToken</command:parameterValue> <command:parameterValue required="false" variableLength="false">Impersonate</command:parameterValue> <command:parameterValue required="false" variableLength="false">DirectImpersonation</command:parameterValue> <command:parameterValue required="false" variableLength="false">SetLimitedInformation</command:parameterValue> <command:parameterValue required="false" variableLength="false">QueryLimitedInformation</command:parameterValue> <command:parameterValue required="false" variableLength="false">Resume</command:parameterValue> <command:parameterValue required="false" variableLength="false">AllAccess</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: FromSystem --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>FromSystem</maml:name> <maml:description> <maml:para>When getting all threads only get the system information thread list.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: InfoOnly --> <command:parameter required="true" globbing="false" pipelineInput="false" position="named"> <maml:name>InfoOnly</maml:name> <maml:description> <maml:para>Only get thread information, do not open the objects.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> </command:parameters> <command:inputTypes /> <command:returnValues> <!-- OutputType: NtThread --> <command:returnValue> <dev:type> <maml:name>NtApiDotNet.NtThread</maml:name> <maml:uri /> </dev:type> </command:returnValue> </command:returnValues> <command:examples> <command:example> <maml:title>---------- EXAMPLE 1 ----------</maml:title> <dev:code>$ts = Get-NtThread</dev:code> <dev:remarks> <maml:para>Get all NT threads accessible by the current user.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 2 ----------</maml:title> <dev:code>$ts = Get-NtThread -Access Impersonate</dev:code> <dev:remarks> <maml:para>Get all NT threads accessible by the current user for impersonate access.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 3 ----------</maml:title> <dev:code>$t = Get-NtThread 1234</dev:code> <dev:remarks> <maml:para>Get a specific thread.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 4 ----------</maml:title> <dev:code>$t = Get-NtThread -ProcessId 1234</dev:code> <dev:remarks> <maml:para>Get threads for a specific process.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 5 ----------</maml:title> <dev:code>$ts = Get-NtThread -Current</dev:code> <dev:remarks> <maml:para>Get the current NT thread.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 6 ----------</maml:title> <dev:code>$ts = Get-NtThread -FilterScript { Use-NtObject($k = $_.OpenToken()) { $k -ne $null } }</dev:code> <dev:remarks> <maml:para>Get threads which have impersonation tokens set.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 7 ----------</maml:title> <dev:code>Get-NtThread -InfoOnly</dev:code> <dev:remarks> <maml:para>Get all thread information, but don't open the thread objects.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 8 ----------</maml:title> <dev:code>Get-NtThread -InfoOnly -ProcessId $pid</dev:code> <dev:remarks> <maml:para>Get all thread information for the current process, but don't open the thread objects.</maml:para> </dev:remarks> </command:example> </command:examples> <maml:relatedLinks> <maml:navigationLink> <maml:linkText>about_ManagingNtObjectLifetime</maml:linkText> </maml:navigationLink> </maml:relatedLinks> </command:command> <!-- Cmdlet: Get-NtToken --> <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"> <command:details> <command:name>Get-NtToken</command:name> <command:verb>Get</command:verb> <command:noun>NtToken</command:noun> <maml:description> <maml:para>Open an NT token from different sources.</maml:para> </maml:description> </command:details> <maml:description> <maml:para>This cmdlet gets a token from one of multiple possible sources. You can specify either a Primary process token, a Thread impersonation token, an Effective token, a Clipboard token, a Logon/S4U token, the anonymous token, a lowbox or a filtered token.</maml:para> </maml:description> <command:syntax> <!-- Parameter set: Primary --> <command:syntaxItem> <maml:name>Get-NtToken</maml:name> <!-- Parameter: Access --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Access</maml:name> <maml:description> <maml:para>Specify access rights for the token.</maml:para> <maml:para>Possible values: AssignPrimary, Duplicate, Impersonate, Query, QuerySource, AdjustPrivileges, AdjustGroups, AdjustDefault, AdjustSessionId, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">TokenAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.TokenAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>MaximumAllowed</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">AssignPrimary</command:parameterValue> <command:parameterValue required="false" variableLength="false">Duplicate</command:parameterValue> <command:parameterValue required="false" variableLength="false">Impersonate</command:parameterValue> <command:parameterValue required="false" variableLength="false">Query</command:parameterValue> <command:parameterValue required="false" variableLength="false">QuerySource</command:parameterValue> <command:parameterValue required="false" variableLength="false">AdjustPrivileges</command:parameterValue> <command:parameterValue required="false" variableLength="false">AdjustGroups</command:parameterValue> <command:parameterValue required="false" variableLength="false">AdjustDefault</command:parameterValue> <command:parameterValue required="false" variableLength="false">AdjustSessionId</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Duplicate --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Duplicate</maml:name> <maml:description> <maml:para>Return a duplicated version of the token. The type of token is specified using -TokenType and -ImpersonationLevel</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ImpersonationLevel --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ImpersonationLevel</maml:name> <maml:description> <maml:para>Specify the impersonation level of the token to create if -Duplicate is specified and TokenType is Impersonation.</maml:para> <maml:para>Possible values: Anonymous, Identification, Impersonation, Delegation</maml:para> </maml:description> <command:parameterValue required="true">SecurityImpersonationLevel</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityImpersonationLevel</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>Impersonation</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">Anonymous</command:parameterValue> <command:parameterValue required="false" variableLength="false">Identification</command:parameterValue> <command:parameterValue required="false" variableLength="false">Impersonation</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delegation</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: IntegrityLevel --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>IntegrityLevel</maml:name> <maml:description> <maml:para>Specify the integrity level of the token to if -Duplicate is specified.</maml:para> <maml:para>Possible values: Untrusted, Low, Medium, MediumPlus, High, System, ProtectedProcess</maml:para> </maml:description> <command:parameterValue required="true">TokenIntegrityLevel</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.TokenIntegrityLevel</maml:name> <maml:uri /> </dev:type> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">Untrusted</command:parameterValue> <command:parameterValue required="false" variableLength="false">Low</command:parameterValue> <command:parameterValue required="false" variableLength="false">Medium</command:parameterValue> <command:parameterValue required="false" variableLength="false">MediumPlus</command:parameterValue> <command:parameterValue required="false" variableLength="false">High</command:parameterValue> <command:parameterValue required="false" variableLength="false">System</command:parameterValue> <command:parameterValue required="false" variableLength="false">ProtectedProcess</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Primary --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Primary</maml:name> <maml:description> <maml:para>Get the primary token for a process.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: Process --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Process</maml:name> <maml:description> <maml:para>Specify the process to open the token from. If not set will use the current process.</maml:para> </maml:description> <command:parameterValue required="true">NtProcess</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtProcess</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: ProcessId --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named" aliases="pid"> <maml:name>ProcessId</maml:name> <maml:description> <maml:para>Specify the process to open the token from as a PID. Overridden by the Process parameter.</maml:para> </maml:description> <command:parameterValue required="true">int</command:parameterValue> <dev:type> <maml:name>System.Int32</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Pseduo --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Pseduo</maml:name> <maml:description> <maml:para>Specify the token should be a pseudo token. When set you can't use the object for anything other than queries.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: TokenType --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>TokenType</maml:name> <maml:description> <maml:para>Specify the type of token to create if -Duplicate is specified.</maml:para> <maml:para>Possible values: Primary, Impersonation</maml:para> </maml:description> <command:parameterValue required="true">TokenType</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.TokenType</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>Impersonation</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">Primary</command:parameterValue> <command:parameterValue required="false" variableLength="false">Impersonation</command:parameterValue> </command:parameterValueGroup> </command:parameter> </command:syntaxItem> <!-- Parameter set: Impersonation --> <command:syntaxItem> <maml:name>Get-NtToken</maml:name> <!-- Parameter: Impersonation --> <command:parameter required="true" globbing="false" pipelineInput="false" position="named"> <maml:name>Impersonation</maml:name> <maml:description> <maml:para>Get an impersonation token for a thread.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: Access --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Access</maml:name> <maml:description> <maml:para>Specify access rights for the token.</maml:para> <maml:para>Possible values: AssignPrimary, Duplicate, Impersonate, Query, QuerySource, AdjustPrivileges, AdjustGroups, AdjustDefault, AdjustSessionId, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">TokenAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.TokenAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>MaximumAllowed</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">AssignPrimary</command:parameterValue> <command:parameterValue required="false" variableLength="false">Duplicate</command:parameterValue> <command:parameterValue required="false" variableLength="false">Impersonate</command:parameterValue> <command:parameterValue required="false" variableLength="false">Query</command:parameterValue> <command:parameterValue required="false" variableLength="false">QuerySource</command:parameterValue> <command:parameterValue required="false" variableLength="false">AdjustPrivileges</command:parameterValue> <command:parameterValue required="false" variableLength="false">AdjustGroups</command:parameterValue> <command:parameterValue required="false" variableLength="false">AdjustDefault</command:parameterValue> <command:parameterValue required="false" variableLength="false">AdjustSessionId</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Duplicate --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Duplicate</maml:name> <maml:description> <maml:para>Return a duplicated version of the token. The type of token is specified using -TokenType and -ImpersonationLevel</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ImpersonationLevel --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ImpersonationLevel</maml:name> <maml:description> <maml:para>Specify the impersonation level of the token to create if -Duplicate is specified and TokenType is Impersonation.</maml:para> <maml:para>Possible values: Anonymous, Identification, Impersonation, Delegation</maml:para> </maml:description> <command:parameterValue required="true">SecurityImpersonationLevel</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityImpersonationLevel</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>Impersonation</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">Anonymous</command:parameterValue> <command:parameterValue required="false" variableLength="false">Identification</command:parameterValue> <command:parameterValue required="false" variableLength="false">Impersonation</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delegation</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: IntegrityLevel --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>IntegrityLevel</maml:name> <maml:description> <maml:para>Specify the integrity level of the token to if -Duplicate is specified.</maml:para> <maml:para>Possible values: Untrusted, Low, Medium, MediumPlus, High, System, ProtectedProcess</maml:para> </maml:description> <command:parameterValue required="true">TokenIntegrityLevel</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.TokenIntegrityLevel</maml:name> <maml:uri /> </dev:type> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">Untrusted</command:parameterValue> <command:parameterValue required="false" variableLength="false">Low</command:parameterValue> <command:parameterValue required="false" variableLength="false">Medium</command:parameterValue> <command:parameterValue required="false" variableLength="false">MediumPlus</command:parameterValue> <command:parameterValue required="false" variableLength="false">High</command:parameterValue> <command:parameterValue required="false" variableLength="false">System</command:parameterValue> <command:parameterValue required="false" variableLength="false">ProtectedProcess</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: OpenAsSelf --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>OpenAsSelf</maml:name> <maml:description> <maml:para>Specify the token should be open with the process identity rather than the impersonated identity.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: Pseduo --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Pseduo</maml:name> <maml:description> <maml:para>Specify the token should be a pseudo token. When set you can't use the object for anything other than queries.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: Thread --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Thread</maml:name> <maml:description> <maml:para>Specify the thread to open the token from. If not set will use the current thread.</maml:para> </maml:description> <command:parameterValue required="true">NtThread</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtThread</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: ThreadId --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named" aliases="tid"> <maml:name>ThreadId</maml:name> <maml:description> <maml:para>Specify the thread to open the token from by ID.</maml:para> </maml:description> <command:parameterValue required="true">int</command:parameterValue> <dev:type> <maml:name>System.Int32</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: TokenType --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>TokenType</maml:name> <maml:description> <maml:para>Specify the type of token to create if -Duplicate is specified.</maml:para> <maml:para>Possible values: Primary, Impersonation</maml:para> </maml:description> <command:parameterValue required="true">TokenType</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.TokenType</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>Impersonation</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">Primary</command:parameterValue> <command:parameterValue required="false" variableLength="false">Impersonation</command:parameterValue> </command:parameterValueGroup> </command:parameter> </command:syntaxItem> <!-- Parameter set: Effective --> <command:syntaxItem> <maml:name>Get-NtToken</maml:name> <!-- Parameter: Effective --> <command:parameter required="true" globbing="false" pipelineInput="false" position="named"> <maml:name>Effective</maml:name> <maml:description> <maml:para>If thread impersonation token doesn't exist then get the primary token for the associated process. This is getting the "effective" token for the thread.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: Access --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Access</maml:name> <maml:description> <maml:para>Specify access rights for the token.</maml:para> <maml:para>Possible values: AssignPrimary, Duplicate, Impersonate, Query, QuerySource, AdjustPrivileges, AdjustGroups, AdjustDefault, AdjustSessionId, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">TokenAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.TokenAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>MaximumAllowed</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">AssignPrimary</command:parameterValue> <command:parameterValue required="false" variableLength="false">Duplicate</command:parameterValue> <command:parameterValue required="false" variableLength="false">Impersonate</command:parameterValue> <command:parameterValue required="false" variableLength="false">Query</command:parameterValue> <command:parameterValue required="false" variableLength="false">QuerySource</command:parameterValue> <command:parameterValue required="false" variableLength="false">AdjustPrivileges</command:parameterValue> <command:parameterValue required="false" variableLength="false">AdjustGroups</command:parameterValue> <command:parameterValue required="false" variableLength="false">AdjustDefault</command:parameterValue> <command:parameterValue required="false" variableLength="false">AdjustSessionId</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Duplicate --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Duplicate</maml:name> <maml:description> <maml:para>Return a duplicated version of the token. The type of token is specified using -TokenType and -ImpersonationLevel</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ImpersonationLevel --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ImpersonationLevel</maml:name> <maml:description> <maml:para>Specify the impersonation level of the token to create if -Duplicate is specified and TokenType is Impersonation.</maml:para> <maml:para>Possible values: Anonymous, Identification, Impersonation, Delegation</maml:para> </maml:description> <command:parameterValue required="true">SecurityImpersonationLevel</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityImpersonationLevel</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>Impersonation</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">Anonymous</command:parameterValue> <command:parameterValue required="false" variableLength="false">Identification</command:parameterValue> <command:parameterValue required="false" variableLength="false">Impersonation</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delegation</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: IntegrityLevel --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>IntegrityLevel</maml:name> <maml:description> <maml:para>Specify the integrity level of the token to if -Duplicate is specified.</maml:para> <maml:para>Possible values: Untrusted, Low, Medium, MediumPlus, High, System, ProtectedProcess</maml:para> </maml:description> <command:parameterValue required="true">TokenIntegrityLevel</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.TokenIntegrityLevel</maml:name> <maml:uri /> </dev:type> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">Untrusted</command:parameterValue> <command:parameterValue required="false" variableLength="false">Low</command:parameterValue> <command:parameterValue required="false" variableLength="false">Medium</command:parameterValue> <command:parameterValue required="false" variableLength="false">MediumPlus</command:parameterValue> <command:parameterValue required="false" variableLength="false">High</command:parameterValue> <command:parameterValue required="false" variableLength="false">System</command:parameterValue> <command:parameterValue required="false" variableLength="false">ProtectedProcess</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: OpenAsSelf --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>OpenAsSelf</maml:name> <maml:description> <maml:para>Specify the token should be open with the process identity rather than the impersonated identity.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: Pseduo --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Pseduo</maml:name> <maml:description> <maml:para>Specify the token should be a pseudo token. When set you can't use the object for anything other than queries.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: Thread --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Thread</maml:name> <maml:description> <maml:para>Specify the thread to open the token from. If not set will use the current thread.</maml:para> </maml:description> <command:parameterValue required="true">NtThread</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtThread</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: ThreadId --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named" aliases="tid"> <maml:name>ThreadId</maml:name> <maml:description> <maml:para>Specify the thread to open the token from by ID.</maml:para> </maml:description> <command:parameterValue required="true">int</command:parameterValue> <dev:type> <maml:name>System.Int32</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: TokenType --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>TokenType</maml:name> <maml:description> <maml:para>Specify the type of token to create if -Duplicate is specified.</maml:para> <maml:para>Possible values: Primary, Impersonation</maml:para> </maml:description> <command:parameterValue required="true">TokenType</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.TokenType</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>Impersonation</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">Primary</command:parameterValue> <command:parameterValue required="false" variableLength="false">Impersonation</command:parameterValue> </command:parameterValueGroup> </command:parameter> </command:syntaxItem> <!-- Parameter set: Clipboard --> <command:syntaxItem> <maml:name>Get-NtToken</maml:name> <!-- Parameter: Clipboard --> <command:parameter required="true" globbing="false" pipelineInput="false" position="named"> <maml:name>Clipboard</maml:name> <maml:description> <maml:para>Get the current clipboard token.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: Access --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Access</maml:name> <maml:description> <maml:para>Specify access rights for the token.</maml:para> <maml:para>Possible values: AssignPrimary, Duplicate, Impersonate, Query, QuerySource, AdjustPrivileges, AdjustGroups, AdjustDefault, AdjustSessionId, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">TokenAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.TokenAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>MaximumAllowed</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">AssignPrimary</command:parameterValue> <command:parameterValue required="false" variableLength="false">Duplicate</command:parameterValue> <command:parameterValue required="false" variableLength="false">Impersonate</command:parameterValue> <command:parameterValue required="false" variableLength="false">Query</command:parameterValue> <command:parameterValue required="false" variableLength="false">QuerySource</command:parameterValue> <command:parameterValue required="false" variableLength="false">AdjustPrivileges</command:parameterValue> <command:parameterValue required="false" variableLength="false">AdjustGroups</command:parameterValue> <command:parameterValue required="false" variableLength="false">AdjustDefault</command:parameterValue> <command:parameterValue required="false" variableLength="false">AdjustSessionId</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Duplicate --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Duplicate</maml:name> <maml:description> <maml:para>Return a duplicated version of the token. The type of token is specified using -TokenType and -ImpersonationLevel</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ImpersonationLevel --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ImpersonationLevel</maml:name> <maml:description> <maml:para>Specify the impersonation level of the token to create if -Duplicate is specified and TokenType is Impersonation.</maml:para> <maml:para>Possible values: Anonymous, Identification, Impersonation, Delegation</maml:para> </maml:description> <command:parameterValue required="true">SecurityImpersonationLevel</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityImpersonationLevel</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>Impersonation</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">Anonymous</command:parameterValue> <command:parameterValue required="false" variableLength="false">Identification</command:parameterValue> <command:parameterValue required="false" variableLength="false">Impersonation</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delegation</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: IntegrityLevel --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>IntegrityLevel</maml:name> <maml:description> <maml:para>Specify the integrity level of the token to if -Duplicate is specified.</maml:para> <maml:para>Possible values: Untrusted, Low, Medium, MediumPlus, High, System, ProtectedProcess</maml:para> </maml:description> <command:parameterValue required="true">TokenIntegrityLevel</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.TokenIntegrityLevel</maml:name> <maml:uri /> </dev:type> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">Untrusted</command:parameterValue> <command:parameterValue required="false" variableLength="false">Low</command:parameterValue> <command:parameterValue required="false" variableLength="false">Medium</command:parameterValue> <command:parameterValue required="false" variableLength="false">MediumPlus</command:parameterValue> <command:parameterValue required="false" variableLength="false">High</command:parameterValue> <command:parameterValue required="false" variableLength="false">System</command:parameterValue> <command:parameterValue required="false" variableLength="false">ProtectedProcess</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: TokenType --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>TokenType</maml:name> <maml:description> <maml:para>Specify the type of token to create if -Duplicate is specified.</maml:para> <maml:para>Possible values: Primary, Impersonation</maml:para> </maml:description> <command:parameterValue required="true">TokenType</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.TokenType</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>Impersonation</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">Primary</command:parameterValue> <command:parameterValue required="false" variableLength="false">Impersonation</command:parameterValue> </command:parameterValueGroup> </command:parameter> </command:syntaxItem> <!-- Parameter set: Logon --> <command:syntaxItem> <maml:name>Get-NtToken</maml:name> <!-- Parameter: Logon --> <command:parameter required="true" globbing="false" pipelineInput="false" position="named"> <maml:name>Logon</maml:name> <maml:description> <maml:para>Get a logon token.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: User --> <command:parameter required="true" globbing="false" pipelineInput="false" position="named"> <maml:name>User</maml:name> <maml:description> <maml:para>Specify username for logon token.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Access --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Access</maml:name> <maml:description> <maml:para>Specify access rights for the token.</maml:para> <maml:para>Possible values: AssignPrimary, Duplicate, Impersonate, Query, QuerySource, AdjustPrivileges, AdjustGroups, AdjustDefault, AdjustSessionId, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">TokenAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.TokenAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>MaximumAllowed</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">AssignPrimary</command:parameterValue> <command:parameterValue required="false" variableLength="false">Duplicate</command:parameterValue> <command:parameterValue required="false" variableLength="false">Impersonate</command:parameterValue> <command:parameterValue required="false" variableLength="false">Query</command:parameterValue> <command:parameterValue required="false" variableLength="false">QuerySource</command:parameterValue> <command:parameterValue required="false" variableLength="false">AdjustPrivileges</command:parameterValue> <command:parameterValue required="false" variableLength="false">AdjustGroups</command:parameterValue> <command:parameterValue required="false" variableLength="false">AdjustDefault</command:parameterValue> <command:parameterValue required="false" variableLength="false">AdjustSessionId</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: AdditionalGroups --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>AdditionalGroups</maml:name> <maml:description> <maml:para>Specify additional group sids for logon token. Needs TCB privilege.</maml:para> </maml:description> <command:parameterValue required="true">Sid[]</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.Sid[]</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Domain --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Domain</maml:name> <maml:description> <maml:para>Specify domain for logon token.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>GOOGLE</dev:defaultValue> </command:parameter> <!-- Parameter: Duplicate --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Duplicate</maml:name> <maml:description> <maml:para>Return a duplicated version of the token. The type of token is specified using -TokenType and -ImpersonationLevel</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ImpersonationLevel --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ImpersonationLevel</maml:name> <maml:description> <maml:para>Specify the impersonation level of the token to create if -Duplicate is specified and TokenType is Impersonation.</maml:para> <maml:para>Possible values: Anonymous, Identification, Impersonation, Delegation</maml:para> </maml:description> <command:parameterValue required="true">SecurityImpersonationLevel</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityImpersonationLevel</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>Impersonation</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">Anonymous</command:parameterValue> <command:parameterValue required="false" variableLength="false">Identification</command:parameterValue> <command:parameterValue required="false" variableLength="false">Impersonation</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delegation</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: IntegrityLevel --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>IntegrityLevel</maml:name> <maml:description> <maml:para>Specify the integrity level of the token to if -Duplicate is specified.</maml:para> <maml:para>Possible values: Untrusted, Low, Medium, MediumPlus, High, System, ProtectedProcess</maml:para> </maml:description> <command:parameterValue required="true">TokenIntegrityLevel</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.TokenIntegrityLevel</maml:name> <maml:uri /> </dev:type> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">Untrusted</command:parameterValue> <command:parameterValue required="false" variableLength="false">Low</command:parameterValue> <command:parameterValue required="false" variableLength="false">Medium</command:parameterValue> <command:parameterValue required="false" variableLength="false">MediumPlus</command:parameterValue> <command:parameterValue required="false" variableLength="false">High</command:parameterValue> <command:parameterValue required="false" variableLength="false">System</command:parameterValue> <command:parameterValue required="false" variableLength="false">ProtectedProcess</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: LogonType --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>LogonType</maml:name> <maml:description> <maml:para>Specify logon type for logon token.</maml:para> <maml:para>Possible values: UndefinedLogonType, Interactive, Network, Batch, Service, Proxy, Unlock, NetworkCleartext, NewCredentials</maml:para> </maml:description> <command:parameterValue required="true">SecurityLogonType</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.Win32.SecurityLogonType</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>Network</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">UndefinedLogonType</command:parameterValue> <command:parameterValue required="false" variableLength="false">Interactive</command:parameterValue> <command:parameterValue required="false" variableLength="false">Network</command:parameterValue> <command:parameterValue required="false" variableLength="false">Batch</command:parameterValue> <command:parameterValue required="false" variableLength="false">Service</command:parameterValue> <command:parameterValue required="false" variableLength="false">Proxy</command:parameterValue> <command:parameterValue required="false" variableLength="false">Unlock</command:parameterValue> <command:parameterValue required="false" variableLength="false">NetworkCleartext</command:parameterValue> <command:parameterValue required="false" variableLength="false">NewCredentials</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Password --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Password</maml:name> <maml:description> <maml:para>Specify password for logon token.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SecurePassword --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurePassword</maml:name> <maml:description> <maml:para>Specify password for logon token using a secure string. Note this isn't really secure, but useful for Read-Host -AsSecureString.</maml:para> </maml:description> <command:parameterValue required="true">SecureString</command:parameterValue> <dev:type> <maml:name>System.Security.SecureString</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: TokenType --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>TokenType</maml:name> <maml:description> <maml:para>Specify the type of token to create if -Duplicate is specified.</maml:para> <maml:para>Possible values: Primary, Impersonation</maml:para> </maml:description> <command:parameterValue required="true">TokenType</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.TokenType</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>Impersonation</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">Primary</command:parameterValue> <command:parameterValue required="false" variableLength="false">Impersonation</command:parameterValue> </command:parameterValueGroup> </command:parameter> </command:syntaxItem> <!-- Parameter set: S4U --> <command:syntaxItem> <maml:name>Get-NtToken</maml:name> <!-- Parameter: S4U --> <command:parameter required="true" globbing="false" pipelineInput="false" position="named"> <maml:name>S4U</maml:name> <maml:description> <maml:para>Get an Services for User (S4U) logon token.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: User --> <command:parameter required="true" globbing="false" pipelineInput="false" position="named"> <maml:name>User</maml:name> <maml:description> <maml:para>Specify username for logon token.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Access --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Access</maml:name> <maml:description> <maml:para>Specify access rights for the token.</maml:para> <maml:para>Possible values: AssignPrimary, Duplicate, Impersonate, Query, QuerySource, AdjustPrivileges, AdjustGroups, AdjustDefault, AdjustSessionId, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">TokenAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.TokenAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>MaximumAllowed</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">AssignPrimary</command:parameterValue> <command:parameterValue required="false" variableLength="false">Duplicate</command:parameterValue> <command:parameterValue required="false" variableLength="false">Impersonate</command:parameterValue> <command:parameterValue required="false" variableLength="false">Query</command:parameterValue> <command:parameterValue required="false" variableLength="false">QuerySource</command:parameterValue> <command:parameterValue required="false" variableLength="false">AdjustPrivileges</command:parameterValue> <command:parameterValue required="false" variableLength="false">AdjustGroups</command:parameterValue> <command:parameterValue required="false" variableLength="false">AdjustDefault</command:parameterValue> <command:parameterValue required="false" variableLength="false">AdjustSessionId</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Domain --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Domain</maml:name> <maml:description> <maml:para>Specify domain for logon token.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>GOOGLE</dev:defaultValue> </command:parameter> <!-- Parameter: Duplicate --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Duplicate</maml:name> <maml:description> <maml:para>Return a duplicated version of the token. The type of token is specified using -TokenType and -ImpersonationLevel</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ImpersonationLevel --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ImpersonationLevel</maml:name> <maml:description> <maml:para>Specify the impersonation level of the token to create if -Duplicate is specified and TokenType is Impersonation.</maml:para> <maml:para>Possible values: Anonymous, Identification, Impersonation, Delegation</maml:para> </maml:description> <command:parameterValue required="true">SecurityImpersonationLevel</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityImpersonationLevel</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>Impersonation</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">Anonymous</command:parameterValue> <command:parameterValue required="false" variableLength="false">Identification</command:parameterValue> <command:parameterValue required="false" variableLength="false">Impersonation</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delegation</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: IntegrityLevel --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>IntegrityLevel</maml:name> <maml:description> <maml:para>Specify the integrity level of the token to if -Duplicate is specified.</maml:para> <maml:para>Possible values: Untrusted, Low, Medium, MediumPlus, High, System, ProtectedProcess</maml:para> </maml:description> <command:parameterValue required="true">TokenIntegrityLevel</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.TokenIntegrityLevel</maml:name> <maml:uri /> </dev:type> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">Untrusted</command:parameterValue> <command:parameterValue required="false" variableLength="false">Low</command:parameterValue> <command:parameterValue required="false" variableLength="false">Medium</command:parameterValue> <command:parameterValue required="false" variableLength="false">MediumPlus</command:parameterValue> <command:parameterValue required="false" variableLength="false">High</command:parameterValue> <command:parameterValue required="false" variableLength="false">System</command:parameterValue> <command:parameterValue required="false" variableLength="false">ProtectedProcess</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: LogonType --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>LogonType</maml:name> <maml:description> <maml:para>Specify logon type for logon token.</maml:para> <maml:para>Possible values: UndefinedLogonType, Interactive, Network, Batch, Service, Proxy, Unlock, NetworkCleartext, NewCredentials</maml:para> </maml:description> <command:parameterValue required="true">SecurityLogonType</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.Win32.SecurityLogonType</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>Network</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">UndefinedLogonType</command:parameterValue> <command:parameterValue required="false" variableLength="false">Interactive</command:parameterValue> <command:parameterValue required="false" variableLength="false">Network</command:parameterValue> <command:parameterValue required="false" variableLength="false">Batch</command:parameterValue> <command:parameterValue required="false" variableLength="false">Service</command:parameterValue> <command:parameterValue required="false" variableLength="false">Proxy</command:parameterValue> <command:parameterValue required="false" variableLength="false">Unlock</command:parameterValue> <command:parameterValue required="false" variableLength="false">NetworkCleartext</command:parameterValue> <command:parameterValue required="false" variableLength="false">NewCredentials</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: TokenType --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>TokenType</maml:name> <maml:description> <maml:para>Specify the type of token to create if -Duplicate is specified.</maml:para> <maml:para>Possible values: Primary, Impersonation</maml:para> </maml:description> <command:parameterValue required="true">TokenType</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.TokenType</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>Impersonation</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">Primary</command:parameterValue> <command:parameterValue required="false" variableLength="false">Impersonation</command:parameterValue> </command:parameterValueGroup> </command:parameter> </command:syntaxItem> <!-- Parameter set: Service --> <command:syntaxItem> <maml:name>Get-NtToken</maml:name> <!-- Parameter: Service --> <command:parameter required="true" globbing="false" pipelineInput="false" position="named"> <maml:name>Service</maml:name> <maml:description> <maml:para>Specify a service account to create.</maml:para> <maml:para>Possible values: System, LocalService, NetworkService, IUser</maml:para> </maml:description> <command:parameterValue required="true">ServiceAccountType</command:parameterValue> <dev:type> <maml:name>NtObjectManager.ServiceAccountType</maml:name> <maml:uri /> <maml:description> <maml:para>Type of service account to create.</maml:para> </maml:description> </dev:type> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">System</command:parameterValue> <command:parameterValue required="false" variableLength="false">LocalService</command:parameterValue> <command:parameterValue required="false" variableLength="false">NetworkService</command:parameterValue> <command:parameterValue required="false" variableLength="false">IUser</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Access --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Access</maml:name> <maml:description> <maml:para>Specify access rights for the token.</maml:para> <maml:para>Possible values: AssignPrimary, Duplicate, Impersonate, Query, QuerySource, AdjustPrivileges, AdjustGroups, AdjustDefault, AdjustSessionId, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">TokenAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.TokenAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>MaximumAllowed</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">AssignPrimary</command:parameterValue> <command:parameterValue required="false" variableLength="false">Duplicate</command:parameterValue> <command:parameterValue required="false" variableLength="false">Impersonate</command:parameterValue> <command:parameterValue required="false" variableLength="false">Query</command:parameterValue> <command:parameterValue required="false" variableLength="false">QuerySource</command:parameterValue> <command:parameterValue required="false" variableLength="false">AdjustPrivileges</command:parameterValue> <command:parameterValue required="false" variableLength="false">AdjustGroups</command:parameterValue> <command:parameterValue required="false" variableLength="false">AdjustDefault</command:parameterValue> <command:parameterValue required="false" variableLength="false">AdjustSessionId</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: AdditionalGroups --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>AdditionalGroups</maml:name> <maml:description> <maml:para>Specify additional group sids for logon token. Needs TCB privilege.</maml:para> </maml:description> <command:parameterValue required="true">Sid[]</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.Sid[]</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Duplicate --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Duplicate</maml:name> <maml:description> <maml:para>Return a duplicated version of the token. The type of token is specified using -TokenType and -ImpersonationLevel</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ImpersonationLevel --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ImpersonationLevel</maml:name> <maml:description> <maml:para>Specify the impersonation level of the token to create if -Duplicate is specified and TokenType is Impersonation.</maml:para> <maml:para>Possible values: Anonymous, Identification, Impersonation, Delegation</maml:para> </maml:description> <command:parameterValue required="true">SecurityImpersonationLevel</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityImpersonationLevel</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>Impersonation</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">Anonymous</command:parameterValue> <command:parameterValue required="false" variableLength="false">Identification</command:parameterValue> <command:parameterValue required="false" variableLength="false">Impersonation</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delegation</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: IntegrityLevel --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>IntegrityLevel</maml:name> <maml:description> <maml:para>Specify the integrity level of the token to if -Duplicate is specified.</maml:para> <maml:para>Possible values: Untrusted, Low, Medium, MediumPlus, High, System, ProtectedProcess</maml:para> </maml:description> <command:parameterValue required="true">TokenIntegrityLevel</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.TokenIntegrityLevel</maml:name> <maml:uri /> </dev:type> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">Untrusted</command:parameterValue> <command:parameterValue required="false" variableLength="false">Low</command:parameterValue> <command:parameterValue required="false" variableLength="false">Medium</command:parameterValue> <command:parameterValue required="false" variableLength="false">MediumPlus</command:parameterValue> <command:parameterValue required="false" variableLength="false">High</command:parameterValue> <command:parameterValue required="false" variableLength="false">System</command:parameterValue> <command:parameterValue required="false" variableLength="false">ProtectedProcess</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: TokenType --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>TokenType</maml:name> <maml:description> <maml:para>Specify the type of token to create if -Duplicate is specified.</maml:para> <maml:para>Possible values: Primary, Impersonation</maml:para> </maml:description> <command:parameterValue required="true">TokenType</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.TokenType</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>Impersonation</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">Primary</command:parameterValue> <command:parameterValue required="false" variableLength="false">Impersonation</command:parameterValue> </command:parameterValueGroup> </command:parameter> </command:syntaxItem> <!-- Parameter set: Anonymous --> <command:syntaxItem> <maml:name>Get-NtToken</maml:name> <!-- Parameter: Anonymous --> <command:parameter required="true" globbing="false" pipelineInput="false" position="named"> <maml:name>Anonymous</maml:name> <maml:description> <maml:para>Get anonymous token.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: Access --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Access</maml:name> <maml:description> <maml:para>Specify access rights for the token.</maml:para> <maml:para>Possible values: AssignPrimary, Duplicate, Impersonate, Query, QuerySource, AdjustPrivileges, AdjustGroups, AdjustDefault, AdjustSessionId, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">TokenAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.TokenAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>MaximumAllowed</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">AssignPrimary</command:parameterValue> <command:parameterValue required="false" variableLength="false">Duplicate</command:parameterValue> <command:parameterValue required="false" variableLength="false">Impersonate</command:parameterValue> <command:parameterValue required="false" variableLength="false">Query</command:parameterValue> <command:parameterValue required="false" variableLength="false">QuerySource</command:parameterValue> <command:parameterValue required="false" variableLength="false">AdjustPrivileges</command:parameterValue> <command:parameterValue required="false" variableLength="false">AdjustGroups</command:parameterValue> <command:parameterValue required="false" variableLength="false">AdjustDefault</command:parameterValue> <command:parameterValue required="false" variableLength="false">AdjustSessionId</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Duplicate --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Duplicate</maml:name> <maml:description> <maml:para>Return a duplicated version of the token. The type of token is specified using -TokenType and -ImpersonationLevel</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ImpersonationLevel --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ImpersonationLevel</maml:name> <maml:description> <maml:para>Specify the impersonation level of the token to create if -Duplicate is specified and TokenType is Impersonation.</maml:para> <maml:para>Possible values: Anonymous, Identification, Impersonation, Delegation</maml:para> </maml:description> <command:parameterValue required="true">SecurityImpersonationLevel</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityImpersonationLevel</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>Impersonation</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">Anonymous</command:parameterValue> <command:parameterValue required="false" variableLength="false">Identification</command:parameterValue> <command:parameterValue required="false" variableLength="false">Impersonation</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delegation</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: IntegrityLevel --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>IntegrityLevel</maml:name> <maml:description> <maml:para>Specify the integrity level of the token to if -Duplicate is specified.</maml:para> <maml:para>Possible values: Untrusted, Low, Medium, MediumPlus, High, System, ProtectedProcess</maml:para> </maml:description> <command:parameterValue required="true">TokenIntegrityLevel</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.TokenIntegrityLevel</maml:name> <maml:uri /> </dev:type> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">Untrusted</command:parameterValue> <command:parameterValue required="false" variableLength="false">Low</command:parameterValue> <command:parameterValue required="false" variableLength="false">Medium</command:parameterValue> <command:parameterValue required="false" variableLength="false">MediumPlus</command:parameterValue> <command:parameterValue required="false" variableLength="false">High</command:parameterValue> <command:parameterValue required="false" variableLength="false">System</command:parameterValue> <command:parameterValue required="false" variableLength="false">ProtectedProcess</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: TokenType --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>TokenType</maml:name> <maml:description> <maml:para>Specify the type of token to create if -Duplicate is specified.</maml:para> <maml:para>Possible values: Primary, Impersonation</maml:para> </maml:description> <command:parameterValue required="true">TokenType</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.TokenType</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>Impersonation</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">Primary</command:parameterValue> <command:parameterValue required="false" variableLength="false">Impersonation</command:parameterValue> </command:parameterValueGroup> </command:parameter> </command:syntaxItem> <!-- Parameter set: LowBox --> <command:syntaxItem> <maml:name>Get-NtToken</maml:name> <!-- Parameter: LowBox --> <command:parameter required="true" globbing="false" pipelineInput="false" position="named"> <maml:name>LowBox</maml:name> <maml:description> <maml:para>Get a lowbox token.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: PackageSid --> <command:parameter required="true" globbing="false" pipelineInput="false" position="named"> <maml:name>PackageSid</maml:name> <maml:description> <maml:para>Specify package SID or a package name.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Access --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Access</maml:name> <maml:description> <maml:para>Specify access rights for the token.</maml:para> <maml:para>Possible values: AssignPrimary, Duplicate, Impersonate, Query, QuerySource, AdjustPrivileges, AdjustGroups, AdjustDefault, AdjustSessionId, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">TokenAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.TokenAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>MaximumAllowed</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">AssignPrimary</command:parameterValue> <command:parameterValue required="false" variableLength="false">Duplicate</command:parameterValue> <command:parameterValue required="false" variableLength="false">Impersonate</command:parameterValue> <command:parameterValue required="false" variableLength="false">Query</command:parameterValue> <command:parameterValue required="false" variableLength="false">QuerySource</command:parameterValue> <command:parameterValue required="false" variableLength="false">AdjustPrivileges</command:parameterValue> <command:parameterValue required="false" variableLength="false">AdjustGroups</command:parameterValue> <command:parameterValue required="false" variableLength="false">AdjustDefault</command:parameterValue> <command:parameterValue required="false" variableLength="false">AdjustSessionId</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: CapabilitySids --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CapabilitySids</maml:name> <maml:description> <maml:para>Specify list of capability SIDS to add to token. Can specify an SDDL format string or a capability name.</maml:para> </maml:description> <command:parameterValue required="true">string[]</command:parameterValue> <dev:type> <maml:name>System.String[]</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Duplicate --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Duplicate</maml:name> <maml:description> <maml:para>Return a duplicated version of the token. The type of token is specified using -TokenType and -ImpersonationLevel</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: Handles --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Handles</maml:name> <maml:description> <maml:para>Specify list of handles to capture with lowbox token.</maml:para> </maml:description> <command:parameterValue required="true">NtObject[]</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtObject[]</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: ImpersonationLevel --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ImpersonationLevel</maml:name> <maml:description> <maml:para>Specify the impersonation level of the token to create if -Duplicate is specified and TokenType is Impersonation.</maml:para> <maml:para>Possible values: Anonymous, Identification, Impersonation, Delegation</maml:para> </maml:description> <command:parameterValue required="true">SecurityImpersonationLevel</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityImpersonationLevel</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>Impersonation</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">Anonymous</command:parameterValue> <command:parameterValue required="false" variableLength="false">Identification</command:parameterValue> <command:parameterValue required="false" variableLength="false">Impersonation</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delegation</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: IntegrityLevel --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>IntegrityLevel</maml:name> <maml:description> <maml:para>Specify the integrity level of the token to if -Duplicate is specified.</maml:para> <maml:para>Possible values: Untrusted, Low, Medium, MediumPlus, High, System, ProtectedProcess</maml:para> </maml:description> <command:parameterValue required="true">TokenIntegrityLevel</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.TokenIntegrityLevel</maml:name> <maml:uri /> </dev:type> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">Untrusted</command:parameterValue> <command:parameterValue required="false" variableLength="false">Low</command:parameterValue> <command:parameterValue required="false" variableLength="false">Medium</command:parameterValue> <command:parameterValue required="false" variableLength="false">MediumPlus</command:parameterValue> <command:parameterValue required="false" variableLength="false">High</command:parameterValue> <command:parameterValue required="false" variableLength="false">System</command:parameterValue> <command:parameterValue required="false" variableLength="false">ProtectedProcess</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: RestrictedPackageName --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>RestrictedPackageName</maml:name> <maml:description> <maml:para>Specify an additional restricted name for the package SID.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Token --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Token</maml:name> <maml:description> <maml:para>Specify the token to sandbox. If not specified then the current primary token is used.</maml:para> </maml:description> <command:parameterValue required="true">NtToken</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtToken</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: TokenType --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>TokenType</maml:name> <maml:description> <maml:para>Specify the type of token to create if -Duplicate is specified.</maml:para> <maml:para>Possible values: Primary, Impersonation</maml:para> </maml:description> <command:parameterValue required="true">TokenType</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.TokenType</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>Impersonation</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">Primary</command:parameterValue> <command:parameterValue required="false" variableLength="false">Impersonation</command:parameterValue> </command:parameterValueGroup> </command:parameter> </command:syntaxItem> <!-- Parameter set: Filtered --> <command:syntaxItem> <maml:name>Get-NtToken</maml:name> <!-- Parameter: Filtered --> <command:parameter required="true" globbing="false" pipelineInput="false" position="named"> <maml:name>Filtered</maml:name> <maml:description> <maml:para>Get a filtered token.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: Access --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Access</maml:name> <maml:description> <maml:para>Specify access rights for the token.</maml:para> <maml:para>Possible values: AssignPrimary, Duplicate, Impersonate, Query, QuerySource, AdjustPrivileges, AdjustGroups, AdjustDefault, AdjustSessionId, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">TokenAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.TokenAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>MaximumAllowed</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">AssignPrimary</command:parameterValue> <command:parameterValue required="false" variableLength="false">Duplicate</command:parameterValue> <command:parameterValue required="false" variableLength="false">Impersonate</command:parameterValue> <command:parameterValue required="false" variableLength="false">Query</command:parameterValue> <command:parameterValue required="false" variableLength="false">QuerySource</command:parameterValue> <command:parameterValue required="false" variableLength="false">AdjustPrivileges</command:parameterValue> <command:parameterValue required="false" variableLength="false">AdjustGroups</command:parameterValue> <command:parameterValue required="false" variableLength="false">AdjustDefault</command:parameterValue> <command:parameterValue required="false" variableLength="false">AdjustSessionId</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Duplicate --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Duplicate</maml:name> <maml:description> <maml:para>Return a duplicated version of the token. The type of token is specified using -TokenType and -ImpersonationLevel</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: Flags --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Flags</maml:name> <maml:description> <maml:para>Specify filter flags.</maml:para> <maml:para>Possible values: None, DisableMaxPrivileges, SandboxInert, LuaToken, WriteRestricted</maml:para> </maml:description> <command:parameterValue required="true">FilterTokenFlags</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.FilterTokenFlags</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">DisableMaxPrivileges</command:parameterValue> <command:parameterValue required="false" variableLength="false">SandboxInert</command:parameterValue> <command:parameterValue required="false" variableLength="false">LuaToken</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteRestricted</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: ImpersonationLevel --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ImpersonationLevel</maml:name> <maml:description> <maml:para>Specify the impersonation level of the token to create if -Duplicate is specified and TokenType is Impersonation.</maml:para> <maml:para>Possible values: Anonymous, Identification, Impersonation, Delegation</maml:para> </maml:description> <command:parameterValue required="true">SecurityImpersonationLevel</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityImpersonationLevel</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>Impersonation</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">Anonymous</command:parameterValue> <command:parameterValue required="false" variableLength="false">Identification</command:parameterValue> <command:parameterValue required="false" variableLength="false">Impersonation</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delegation</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: IntegrityLevel --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>IntegrityLevel</maml:name> <maml:description> <maml:para>Specify the integrity level of the token to if -Duplicate is specified.</maml:para> <maml:para>Possible values: Untrusted, Low, Medium, MediumPlus, High, System, ProtectedProcess</maml:para> </maml:description> <command:parameterValue required="true">TokenIntegrityLevel</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.TokenIntegrityLevel</maml:name> <maml:uri /> </dev:type> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">Untrusted</command:parameterValue> <command:parameterValue required="false" variableLength="false">Low</command:parameterValue> <command:parameterValue required="false" variableLength="false">Medium</command:parameterValue> <command:parameterValue required="false" variableLength="false">MediumPlus</command:parameterValue> <command:parameterValue required="false" variableLength="false">High</command:parameterValue> <command:parameterValue required="false" variableLength="false">System</command:parameterValue> <command:parameterValue required="false" variableLength="false">ProtectedProcess</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: PrivilegesToDelete --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>PrivilegesToDelete</maml:name> <maml:description> <maml:para>Specify list of privileges to delete.</maml:para> </maml:description> <command:parameterValue required="true">TokenPrivilege[]</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.TokenPrivilege[]</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: RestrictedSids --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>RestrictedSids</maml:name> <maml:description> <maml:para>Specify list restricted SIDS to add to token.</maml:para> </maml:description> <command:parameterValue required="true">UserGroup[]</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.UserGroup[]</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SidsToDisable --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SidsToDisable</maml:name> <maml:description> <maml:para>Specify list group SIDS to disable.</maml:para> </maml:description> <command:parameterValue required="true">UserGroup[]</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.UserGroup[]</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Token --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Token</maml:name> <maml:description> <maml:para>Specify the token to sandbox. If not specified then the current primary token is used.</maml:para> </maml:description> <command:parameterValue required="true">NtToken</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtToken</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: TokenType --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>TokenType</maml:name> <maml:description> <maml:para>Specify the type of token to create if -Duplicate is specified.</maml:para> <maml:para>Possible values: Primary, Impersonation</maml:para> </maml:description> <command:parameterValue required="true">TokenType</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.TokenType</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>Impersonation</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">Primary</command:parameterValue> <command:parameterValue required="false" variableLength="false">Impersonation</command:parameterValue> </command:parameterValueGroup> </command:parameter> </command:syntaxItem> <!-- Parameter set: Session --> <command:syntaxItem> <maml:name>Get-NtToken</maml:name> <!-- Parameter: Session --> <command:parameter required="true" globbing="false" pipelineInput="false" position="named"> <maml:name>Session</maml:name> <maml:description> <maml:para>Specify getting a session token.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: Access --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Access</maml:name> <maml:description> <maml:para>Specify access rights for the token.</maml:para> <maml:para>Possible values: AssignPrimary, Duplicate, Impersonate, Query, QuerySource, AdjustPrivileges, AdjustGroups, AdjustDefault, AdjustSessionId, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">TokenAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.TokenAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>MaximumAllowed</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">AssignPrimary</command:parameterValue> <command:parameterValue required="false" variableLength="false">Duplicate</command:parameterValue> <command:parameterValue required="false" variableLength="false">Impersonate</command:parameterValue> <command:parameterValue required="false" variableLength="false">Query</command:parameterValue> <command:parameterValue required="false" variableLength="false">QuerySource</command:parameterValue> <command:parameterValue required="false" variableLength="false">AdjustPrivileges</command:parameterValue> <command:parameterValue required="false" variableLength="false">AdjustGroups</command:parameterValue> <command:parameterValue required="false" variableLength="false">AdjustDefault</command:parameterValue> <command:parameterValue required="false" variableLength="false">AdjustSessionId</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Duplicate --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Duplicate</maml:name> <maml:description> <maml:para>Return a duplicated version of the token. The type of token is specified using -TokenType and -ImpersonationLevel</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ImpersonationLevel --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ImpersonationLevel</maml:name> <maml:description> <maml:para>Specify the impersonation level of the token to create if -Duplicate is specified and TokenType is Impersonation.</maml:para> <maml:para>Possible values: Anonymous, Identification, Impersonation, Delegation</maml:para> </maml:description> <command:parameterValue required="true">SecurityImpersonationLevel</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityImpersonationLevel</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>Impersonation</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">Anonymous</command:parameterValue> <command:parameterValue required="false" variableLength="false">Identification</command:parameterValue> <command:parameterValue required="false" variableLength="false">Impersonation</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delegation</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: IntegrityLevel --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>IntegrityLevel</maml:name> <maml:description> <maml:para>Specify the integrity level of the token to if -Duplicate is specified.</maml:para> <maml:para>Possible values: Untrusted, Low, Medium, MediumPlus, High, System, ProtectedProcess</maml:para> </maml:description> <command:parameterValue required="true">TokenIntegrityLevel</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.TokenIntegrityLevel</maml:name> <maml:uri /> </dev:type> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">Untrusted</command:parameterValue> <command:parameterValue required="false" variableLength="false">Low</command:parameterValue> <command:parameterValue required="false" variableLength="false">Medium</command:parameterValue> <command:parameterValue required="false" variableLength="false">MediumPlus</command:parameterValue> <command:parameterValue required="false" variableLength="false">High</command:parameterValue> <command:parameterValue required="false" variableLength="false">System</command:parameterValue> <command:parameterValue required="false" variableLength="false">ProtectedProcess</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: SessionId --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SessionId</maml:name> <maml:description> <maml:para>Specify the session ID for the session token.</maml:para> </maml:description> <command:parameterValue required="true">int</command:parameterValue> <dev:type> <maml:name>System.Int32</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>-1</dev:defaultValue> </command:parameter> <!-- Parameter: TokenType --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>TokenType</maml:name> <maml:description> <maml:para>Specify the type of token to create if -Duplicate is specified.</maml:para> <maml:para>Possible values: Primary, Impersonation</maml:para> </maml:description> <command:parameterValue required="true">TokenType</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.TokenType</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>Impersonation</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">Primary</command:parameterValue> <command:parameterValue required="false" variableLength="false">Impersonation</command:parameterValue> </command:parameterValueGroup> </command:parameter> </command:syntaxItem> </command:syntax> <command:parameters> <!-- Parameter: Access --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Access</maml:name> <maml:description> <maml:para>Specify access rights for the token.</maml:para> <maml:para>Possible values: AssignPrimary, Duplicate, Impersonate, Query, QuerySource, AdjustPrivileges, AdjustGroups, AdjustDefault, AdjustSessionId, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">TokenAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.TokenAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>MaximumAllowed</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">AssignPrimary</command:parameterValue> <command:parameterValue required="false" variableLength="false">Duplicate</command:parameterValue> <command:parameterValue required="false" variableLength="false">Impersonate</command:parameterValue> <command:parameterValue required="false" variableLength="false">Query</command:parameterValue> <command:parameterValue required="false" variableLength="false">QuerySource</command:parameterValue> <command:parameterValue required="false" variableLength="false">AdjustPrivileges</command:parameterValue> <command:parameterValue required="false" variableLength="false">AdjustGroups</command:parameterValue> <command:parameterValue required="false" variableLength="false">AdjustDefault</command:parameterValue> <command:parameterValue required="false" variableLength="false">AdjustSessionId</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Duplicate --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Duplicate</maml:name> <maml:description> <maml:para>Return a duplicated version of the token. The type of token is specified using -TokenType and -ImpersonationLevel</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: TokenType --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>TokenType</maml:name> <maml:description> <maml:para>Specify the type of token to create if -Duplicate is specified.</maml:para> <maml:para>Possible values: Primary, Impersonation</maml:para> </maml:description> <command:parameterValue required="true">TokenType</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.TokenType</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>Impersonation</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">Primary</command:parameterValue> <command:parameterValue required="false" variableLength="false">Impersonation</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: ImpersonationLevel --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ImpersonationLevel</maml:name> <maml:description> <maml:para>Specify the impersonation level of the token to create if -Duplicate is specified and TokenType is Impersonation.</maml:para> <maml:para>Possible values: Anonymous, Identification, Impersonation, Delegation</maml:para> </maml:description> <command:parameterValue required="true">SecurityImpersonationLevel</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityImpersonationLevel</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>Impersonation</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">Anonymous</command:parameterValue> <command:parameterValue required="false" variableLength="false">Identification</command:parameterValue> <command:parameterValue required="false" variableLength="false">Impersonation</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delegation</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: IntegrityLevel --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>IntegrityLevel</maml:name> <maml:description> <maml:para>Specify the integrity level of the token to if -Duplicate is specified.</maml:para> <maml:para>Possible values: Untrusted, Low, Medium, MediumPlus, High, System, ProtectedProcess</maml:para> </maml:description> <command:parameterValue required="true">TokenIntegrityLevel</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.TokenIntegrityLevel</maml:name> <maml:uri /> </dev:type> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">Untrusted</command:parameterValue> <command:parameterValue required="false" variableLength="false">Low</command:parameterValue> <command:parameterValue required="false" variableLength="false">Medium</command:parameterValue> <command:parameterValue required="false" variableLength="false">MediumPlus</command:parameterValue> <command:parameterValue required="false" variableLength="false">High</command:parameterValue> <command:parameterValue required="false" variableLength="false">System</command:parameterValue> <command:parameterValue required="false" variableLength="false">ProtectedProcess</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Primary --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Primary</maml:name> <maml:description> <maml:para>Get the primary token for a process.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: Process --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Process</maml:name> <maml:description> <maml:para>Specify the process to open the token from. If not set will use the current process.</maml:para> </maml:description> <command:parameterValue required="true">NtProcess</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtProcess</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: ProcessId --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named" aliases="pid"> <maml:name>ProcessId</maml:name> <maml:description> <maml:para>Specify the process to open the token from as a PID. Overridden by the Process parameter.</maml:para> </maml:description> <command:parameterValue required="true">int</command:parameterValue> <dev:type> <maml:name>System.Int32</maml:name> <maml:uri /> </dev:type> </command:parameter> <command:parameter required="false" globbing="false" pipelineInput="false" position="named" aliases="pid"> <maml:name>pid</maml:name> <maml:description> <maml:para>Specify the process to open the token from as a PID. Overridden by the Process parameter.</maml:para> <maml:para>This is an alias of the ProcessId parameter.</maml:para> </maml:description> <command:parameterValue required="true">int</command:parameterValue> <dev:type> <maml:name>System.Int32</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Impersonation --> <command:parameter required="true" globbing="false" pipelineInput="false" position="named"> <maml:name>Impersonation</maml:name> <maml:description> <maml:para>Get an impersonation token for a thread.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: Effective --> <command:parameter required="true" globbing="false" pipelineInput="false" position="named"> <maml:name>Effective</maml:name> <maml:description> <maml:para>If thread impersonation token doesn't exist then get the primary token for the associated process. This is getting the "effective" token for the thread.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: Thread --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Thread</maml:name> <maml:description> <maml:para>Specify the thread to open the token from. If not set will use the current thread.</maml:para> </maml:description> <command:parameterValue required="true">NtThread</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtThread</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: ThreadId --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named" aliases="tid"> <maml:name>ThreadId</maml:name> <maml:description> <maml:para>Specify the thread to open the token from by ID.</maml:para> </maml:description> <command:parameterValue required="true">int</command:parameterValue> <dev:type> <maml:name>System.Int32</maml:name> <maml:uri /> </dev:type> </command:parameter> <command:parameter required="false" globbing="false" pipelineInput="false" position="named" aliases="tid"> <maml:name>tid</maml:name> <maml:description> <maml:para>Specify the thread to open the token from by ID.</maml:para> <maml:para>This is an alias of the ThreadId parameter.</maml:para> </maml:description> <command:parameterValue required="true">int</command:parameterValue> <dev:type> <maml:name>System.Int32</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: OpenAsSelf --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>OpenAsSelf</maml:name> <maml:description> <maml:para>Specify the token should be open with the process identity rather than the impersonated identity.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: Pseduo --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Pseduo</maml:name> <maml:description> <maml:para>Specify the token should be a pseudo token. When set you can't use the object for anything other than queries.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: Clipboard --> <command:parameter required="true" globbing="false" pipelineInput="false" position="named"> <maml:name>Clipboard</maml:name> <maml:description> <maml:para>Get the current clipboard token.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: Logon --> <command:parameter required="true" globbing="false" pipelineInput="false" position="named"> <maml:name>Logon</maml:name> <maml:description> <maml:para>Get a logon token.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: S4U --> <command:parameter required="true" globbing="false" pipelineInput="false" position="named"> <maml:name>S4U</maml:name> <maml:description> <maml:para>Get an Services for User (S4U) logon token.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: User --> <command:parameter required="true" globbing="false" pipelineInput="false" position="named"> <maml:name>User</maml:name> <maml:description> <maml:para>Specify username for logon token.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Password --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Password</maml:name> <maml:description> <maml:para>Specify password for logon token.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SecurePassword --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurePassword</maml:name> <maml:description> <maml:para>Specify password for logon token using a secure string. Note this isn't really secure, but useful for Read-Host -AsSecureString.</maml:para> </maml:description> <command:parameterValue required="true">SecureString</command:parameterValue> <dev:type> <maml:name>System.Security.SecureString</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: AdditionalGroups --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>AdditionalGroups</maml:name> <maml:description> <maml:para>Specify additional group sids for logon token. Needs TCB privilege.</maml:para> </maml:description> <command:parameterValue required="true">Sid[]</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.Sid[]</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Domain --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Domain</maml:name> <maml:description> <maml:para>Specify domain for logon token.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>GOOGLE</dev:defaultValue> </command:parameter> <!-- Parameter: LogonType --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>LogonType</maml:name> <maml:description> <maml:para>Specify logon type for logon token.</maml:para> <maml:para>Possible values: UndefinedLogonType, Interactive, Network, Batch, Service, Proxy, Unlock, NetworkCleartext, NewCredentials</maml:para> </maml:description> <command:parameterValue required="true">SecurityLogonType</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.Win32.SecurityLogonType</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>Network</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">UndefinedLogonType</command:parameterValue> <command:parameterValue required="false" variableLength="false">Interactive</command:parameterValue> <command:parameterValue required="false" variableLength="false">Network</command:parameterValue> <command:parameterValue required="false" variableLength="false">Batch</command:parameterValue> <command:parameterValue required="false" variableLength="false">Service</command:parameterValue> <command:parameterValue required="false" variableLength="false">Proxy</command:parameterValue> <command:parameterValue required="false" variableLength="false">Unlock</command:parameterValue> <command:parameterValue required="false" variableLength="false">NetworkCleartext</command:parameterValue> <command:parameterValue required="false" variableLength="false">NewCredentials</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Anonymous --> <command:parameter required="true" globbing="false" pipelineInput="false" position="named"> <maml:name>Anonymous</maml:name> <maml:description> <maml:para>Get anonymous token.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: LowBox --> <command:parameter required="true" globbing="false" pipelineInput="false" position="named"> <maml:name>LowBox</maml:name> <maml:description> <maml:para>Get a lowbox token.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: Filtered --> <command:parameter required="true" globbing="false" pipelineInput="false" position="named"> <maml:name>Filtered</maml:name> <maml:description> <maml:para>Get a filtered token.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: Token --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Token</maml:name> <maml:description> <maml:para>Specify the token to sandbox. If not specified then the current primary token is used.</maml:para> </maml:description> <command:parameterValue required="true">NtToken</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtToken</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: PrivilegesToDelete --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>PrivilegesToDelete</maml:name> <maml:description> <maml:para>Specify list of privileges to delete.</maml:para> </maml:description> <command:parameterValue required="true">TokenPrivilege[]</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.TokenPrivilege[]</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SidsToDisable --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SidsToDisable</maml:name> <maml:description> <maml:para>Specify list group SIDS to disable.</maml:para> </maml:description> <command:parameterValue required="true">UserGroup[]</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.UserGroup[]</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: RestrictedSids --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>RestrictedSids</maml:name> <maml:description> <maml:para>Specify list restricted SIDS to add to token.</maml:para> </maml:description> <command:parameterValue required="true">UserGroup[]</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.UserGroup[]</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Flags --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Flags</maml:name> <maml:description> <maml:para>Specify filter flags.</maml:para> <maml:para>Possible values: None, DisableMaxPrivileges, SandboxInert, LuaToken, WriteRestricted</maml:para> </maml:description> <command:parameterValue required="true">FilterTokenFlags</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.FilterTokenFlags</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">DisableMaxPrivileges</command:parameterValue> <command:parameterValue required="false" variableLength="false">SandboxInert</command:parameterValue> <command:parameterValue required="false" variableLength="false">LuaToken</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteRestricted</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: PackageSid --> <command:parameter required="true" globbing="false" pipelineInput="false" position="named"> <maml:name>PackageSid</maml:name> <maml:description> <maml:para>Specify package SID or a package name.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: RestrictedPackageName --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>RestrictedPackageName</maml:name> <maml:description> <maml:para>Specify an additional restricted name for the package SID.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: CapabilitySids --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CapabilitySids</maml:name> <maml:description> <maml:para>Specify list of capability SIDS to add to token. Can specify an SDDL format string or a capability name.</maml:para> </maml:description> <command:parameterValue required="true">string[]</command:parameterValue> <dev:type> <maml:name>System.String[]</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Handles --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Handles</maml:name> <maml:description> <maml:para>Specify list of handles to capture with lowbox token.</maml:para> </maml:description> <command:parameterValue required="true">NtObject[]</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtObject[]</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Service --> <command:parameter required="true" globbing="false" pipelineInput="false" position="named"> <maml:name>Service</maml:name> <maml:description> <maml:para>Specify a service account to create.</maml:para> <maml:para>Possible values: System, LocalService, NetworkService, IUser</maml:para> </maml:description> <command:parameterValue required="true">ServiceAccountType</command:parameterValue> <dev:type> <maml:name>NtObjectManager.ServiceAccountType</maml:name> <maml:uri /> <maml:description> <maml:para>Type of service account to create.</maml:para> </maml:description> </dev:type> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">System</command:parameterValue> <command:parameterValue required="false" variableLength="false">LocalService</command:parameterValue> <command:parameterValue required="false" variableLength="false">NetworkService</command:parameterValue> <command:parameterValue required="false" variableLength="false">IUser</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Session --> <command:parameter required="true" globbing="false" pipelineInput="false" position="named"> <maml:name>Session</maml:name> <maml:description> <maml:para>Specify getting a session token.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: SessionId --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SessionId</maml:name> <maml:description> <maml:para>Specify the session ID for the session token.</maml:para> </maml:description> <command:parameterValue required="true">int</command:parameterValue> <dev:type> <maml:name>System.Int32</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>-1</dev:defaultValue> </command:parameter> </command:parameters> <command:inputTypes /> <command:returnValues> <!-- OutputType: NtToken --> <command:returnValue> <dev:type> <maml:name>NtApiDotNet.NtToken</maml:name> <maml:uri /> </dev:type> </command:returnValue> </command:returnValues> <command:examples> <command:example> <maml:title>---------- EXAMPLE 1 ----------</maml:title> <dev:code>$obj = Get-NtToken</dev:code> <dev:remarks> <maml:para>Get current process' primary token.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 2 ----------</maml:title> <dev:code>$obj = Get-NtToken -Pseudo</dev:code> <dev:remarks> <maml:para>Get current process' pseudo primary token.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 3 ----------</maml:title> <dev:code>$obj = Get-NtToken -Primary</dev:code> <dev:remarks> <maml:para>Get current process' primary token (-Primary is optional)</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 4 ----------</maml:title> <dev:code>$obj = Get-NtToken -Access Duplicate</dev:code> <dev:remarks> <maml:para>Get current process' primary token for Duplicate access.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 5 ----------</maml:title> <dev:code>$obj = Get-NtToken -Duplicate -TokenType Impersonation -ImpersonationLevel Impersonation</dev:code> <dev:remarks> <maml:para>Get current process' primary token and convert to an impersonation token.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 6 ----------</maml:title> <dev:code>$obj = Get-NtToken -Duplicate -TokenType Primary -IntegrityLevel Low</dev:code> <dev:remarks> <maml:para>Get current process token, duplicate as primary and set integrity level to Low.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 7 ----------</maml:title> <dev:code>$obj = Get-NtTokenPrimary -Access AdjustPrivileges $obj.SetPrivilege("SeDebugPrivilege", $true)</dev:code> <dev:remarks> <maml:para>Enable debug privilege on current token.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 8 ----------</maml:title> <dev:code>$process = Get-NtProcess -ProcessId 1234 $obj = Get-NtToken -Primary -Process $process</dev:code> <dev:remarks> <maml:para>Get process token for a specific process.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 9 ----------</maml:title> <dev:code>$obj = Get-NtToken -Primary -ProcessId 1234</dev:code> <dev:remarks> <maml:para>Get process token for a specific process by process ID.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 10 ----------</maml:title> <dev:code>$obj = Get-NtToken -Primary $obj.GetPrivileges()</dev:code> <dev:remarks> <maml:para>Query the privileges of a token.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 11 ----------</maml:title> <dev:code>$obj = Get-NtToken -Primary $obj.GetGroups()</dev:code> <dev:remarks> <maml:para>Query the groups of a token.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 12 ----------</maml:title> <dev:code>$thread = Get-NtThread -ThreadId 1234 $obj = Get-NtToken -Impersonation -Thread $thread</dev:code> <dev:remarks> <maml:para>Get the impersonation token for a specific thread.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 13 ----------</maml:title> <dev:code>$obj = Get-NtToken -Impersonation -ThreadId 1234</dev:code> <dev:remarks> <maml:para>Get impersonation token for a specific thread by ID.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 14 ----------</maml:title> <dev:code>$obj = Get-NtToken -Effective -ThreadId 1234</dev:code> <dev:remarks> <maml:para>Get the effective token for a specific thread by ID.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 15 ----------</maml:title> <dev:code>$obj = Get-NtToken -Clipboard</dev:code> <dev:remarks> <maml:para>Get the current clipboard token.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 16 ----------</maml:title> <dev:code>$obj = Get-NtToken -Logon -User Bob -Password BobP@ssword</dev:code> <dev:remarks> <maml:para>Get network logon token for user Bob in the current domain with password BobP@ssword.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 17 ----------</maml:title> <dev:code>$obj = Get-NtToken -Logon -User Bob -Password BobP@ssword -Domain BADGERS -LogonType Interactive</dev:code> <dev:remarks> <maml:para>Get interactive logon token for BADGERS\\Bob with password BobP@ssword.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 18 ----------</maml:title> <dev:code>$obj = Get-NtToken -S4U -User Bob -Domain BADGERS</dev:code> <dev:remarks> <maml:para>Get S4U network logon token for BADGERS\\Bob with no password.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 19 ----------</maml:title> <dev:code>$obj = Get-NtToken -Anonymous</dev:code> <dev:remarks> <maml:para>Get the anonymous logon token.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 20 ----------</maml:title> <dev:code>Get-NtToken -Filtered -Flags DisableMaxPrivileges</dev:code> <dev:remarks> <maml:para>Get current process' primary token and disable the maximum privileges.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 21 ----------</maml:title> <dev:code>Get-NtToken -Filtered -SidsToDisable "WD","BA"</dev:code> <dev:remarks> <maml:para>Get current process' primary token and set Everyone and Built Administrators groups to deny only.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 22 ----------</maml:title> <dev:code>$token = Use-NtObject($tmp = Get-NtToken -Primary) { Get-NtToken -Filtered -Token $tmp -RestrictedSids $tmp.Groups }</dev:code> <dev:remarks> <maml:para>Get current process' primary token, pass it as an explicit token and add all groups as restricted SIDs.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 23 ----------</maml:title> <dev:code>Get-NtToken -Filtered -Flags LuaToken</dev:code> <dev:remarks> <maml:para>Get current process' primary token and convert it to a LUA token.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 24 ----------</maml:title> <dev:code>Get-NtToken -LowBox -PackageSid "Application.Name"</dev:code> <dev:remarks> <maml:para>Get current process' primary token create a lowbox token with a named package.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 25 ----------</maml:title> <dev:code>Get-NtToken -LowBox -PackageSid "S-1-15-2-1-2-3-4-5-6-7"</dev:code> <dev:remarks> <maml:para>Get current process' primary token create a lowbox token with a package Sid.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 26 ----------</maml:title> <dev:code>Get-NtToken -LowBox -PackageSid "Application.Name" -CapabilitySid "readRegistry", "S-1-15-3-1"</dev:code> <dev:remarks> <maml:para>Get current process' primary token create a lowbox token with a named package and the internetClient and readRegistry capabilities.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 27 ----------</maml:title> <dev:code>Get-NtToken -Session</dev:code> <dev:remarks> <maml:para>Get current session token.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 28 ----------</maml:title> <dev:code>Get-NtToken -Session -SessionId 10</dev:code> <dev:remarks> <maml:para>Get session token for session 10.</maml:para> </dev:remarks> </command:example> </command:examples> <maml:relatedLinks> <maml:navigationLink> <maml:linkText>about_ManagingNtObjectLifetime</maml:linkText> </maml:navigationLink> </maml:relatedLinks> </command:command> <!-- Cmdlet: New-NtToken --> <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"> <command:details> <command:name>New-NtToken</command:name> <command:verb>New</command:verb> <command:noun>NtToken</command:noun> <maml:description> <maml:para>Create a new NT token.</maml:para> </maml:description> </command:details> <maml:description> <maml:para>This cmdlet creates a new NT token kernel APIs. It needs SeCreateTokenPrivilege to succeed.</maml:para> </maml:description> <command:syntax> <!-- Parameter set: __AllParameterSets --> <command:syntaxItem> <maml:name>New-NtToken</maml:name> <!-- Parameter: Path --> <command:parameter required="false" globbing="false" pipelineInput="false" position="0"> <maml:name>Path</maml:name> <maml:description> <maml:para>The NT object manager path to the object to use.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: User --> <command:parameter required="true" globbing="false" pipelineInput="false" position="named"> <maml:name>User</maml:name> <maml:description> <maml:para>Specify the user SID.</maml:para> </maml:description> <command:parameterValue required="true">Sid</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.Sid</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Access --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Access</maml:name> <maml:description> <maml:para>Specify the access rights for a new handle when creating/opening an object.</maml:para> <maml:para>Possible values: AssignPrimary, Duplicate, Impersonate, Query, QuerySource, AdjustPrivileges, AdjustGroups, AdjustDefault, AdjustSessionId, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">TokenAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.TokenAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>MaximumAllowed</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">AssignPrimary</command:parameterValue> <command:parameterValue required="false" variableLength="false">Duplicate</command:parameterValue> <command:parameterValue required="false" variableLength="false">Impersonate</command:parameterValue> <command:parameterValue required="false" variableLength="false">Query</command:parameterValue> <command:parameterValue required="false" variableLength="false">QuerySource</command:parameterValue> <command:parameterValue required="false" variableLength="false">AdjustPrivileges</command:parameterValue> <command:parameterValue required="false" variableLength="false">AdjustGroups</command:parameterValue> <command:parameterValue required="false" variableLength="false">AdjustDefault</command:parameterValue> <command:parameterValue required="false" variableLength="false">AdjustSessionId</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: AuthenticationId --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>AuthenticationId</maml:name> <maml:description> <maml:para>Specify an authentication ID.</maml:para> </maml:description> <command:parameterValue required="true">Luid</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.Luid</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>00000000-000003E7</dev:defaultValue> </command:parameter> <!-- Parameter: CloseRoot --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CloseRoot</maml:name> <maml:description> <maml:para>Automatically close the Root object when this cmdlet finishes processing. Useful for pipelines.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: CreateDirectories --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CreateDirectories</maml:name> <maml:description> <maml:para>Create any necessary NtDirectory objects to create the required object. Will return the created directories as well as the object in the output. The new object will be the first entry in the list. This doesn't work when opening an object or creating keys/files.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: DefaultAcl --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>DefaultAcl</maml:name> <maml:description> <maml:para>Specify the token's default ACL.</maml:para> </maml:description> <command:parameterValue required="true">Acl</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.Acl</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>Type Allowed - Flags None - Mask 10000000 - Sid S-1-5-18, Type Allowed - Flags None - Mask 10000000 - Sid S-1-5-32-544</dev:defaultValue> </command:parameter> <!-- Parameter: ExpirationTime --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ExpirationTime</maml:name> <maml:description> <maml:para>Specify the token expiration time.</maml:para> </maml:description> <command:parameterValue required="true">DateTime</command:parameterValue> <dev:type> <maml:name>System.DateTime</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>1/21/2030 1:53:31 PM</dev:defaultValue> </command:parameter> <!-- Parameter: Groups --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Groups</maml:name> <maml:description> <maml:para>Specify a list of groups.</maml:para> </maml:description> <command:parameterValue required="true">Sid[]</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.Sid[]</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Inherit --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Inherit</maml:name> <maml:description> <maml:para>Set to mark the new handle as inheritable. Can be used with ObjectAttributes.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: IntegrityLevel --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>IntegrityLevel</maml:name> <maml:description> <maml:para>Specify the token's integrity level.</maml:para> <maml:para>Possible values: Untrusted, Low, Medium, MediumPlus, High, System, ProtectedProcess</maml:para> </maml:description> <command:parameterValue required="true">TokenIntegrityLevel</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.TokenIntegrityLevel</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>System</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">Untrusted</command:parameterValue> <command:parameterValue required="false" variableLength="false">Low</command:parameterValue> <command:parameterValue required="false" variableLength="false">Medium</command:parameterValue> <command:parameterValue required="false" variableLength="false">MediumPlus</command:parameterValue> <command:parameterValue required="false" variableLength="false">High</command:parameterValue> <command:parameterValue required="false" variableLength="false">System</command:parameterValue> <command:parameterValue required="false" variableLength="false">ProtectedProcess</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: ObjectAttributes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ObjectAttributes</maml:name> <maml:description> <maml:para>Object Attribute flags used during Open/Create calls.</maml:para> <maml:para>Possible values: None, ProtectClose, Inherit, AuditObjectClose, Permanent, Exclusive, CaseInsensitive, OpenIf, OpenLink, KernelHandle, ForceAccessCheck, IgnoreImpersonatedDevicemap, DontReparse</maml:para> </maml:description> <command:parameterValue required="true">AttributeFlags</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.AttributeFlags</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>CaseInsensitive</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ProtectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Inherit</command:parameterValue> <command:parameterValue required="false" variableLength="false">AuditObjectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Permanent</command:parameterValue> <command:parameterValue required="false" variableLength="false">Exclusive</command:parameterValue> <command:parameterValue required="false" variableLength="false">CaseInsensitive</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenIf</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenLink</command:parameterValue> <command:parameterValue required="false" variableLength="false">KernelHandle</command:parameterValue> <command:parameterValue required="false" variableLength="false">ForceAccessCheck</command:parameterValue> <command:parameterValue required="false" variableLength="false">IgnoreImpersonatedDevicemap</command:parameterValue> <command:parameterValue required="false" variableLength="false">DontReparse</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Privileges --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Privileges</maml:name> <maml:description> <maml:para>Specify a list of groups.</maml:para> </maml:description> <command:parameterValue required="true">TokenPrivilegeValue[]</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.TokenPrivilegeValue[]</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Root --> <command:parameter required="false" globbing="false" pipelineInput="true (ByValue)" position="named"> <maml:name>Root</maml:name> <maml:description> <maml:para>An existing open NT object to use when Path is relative.</maml:para> </maml:description> <command:parameterValue required="true">NtObject</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtObject</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Sddl --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Sddl</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object in SDDL format.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SecurityDescriptor --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityDescriptor</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object.</maml:para> </maml:description> <command:parameterValue required="true">SecurityDescriptor</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityDescriptor</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SecurityQualityOfService --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityQualityOfService</maml:name> <maml:description> <maml:para>Set to provide an explicit security quality of service when opening files/namedpipes.</maml:para> </maml:description> <command:parameterValue required="true">SecurityQualityOfService</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityQualityOfService</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>NtApiDotNet.SecurityQualityOfService</dev:defaultValue> </command:parameter> <!-- Parameter: TokenType --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>TokenType</maml:name> <maml:description> <maml:para>Specify the token type.</maml:para> <maml:para>Possible values: Primary, Impersonation</maml:para> </maml:description> <command:parameterValue required="true">TokenType</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.TokenType</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>Primary</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">Primary</command:parameterValue> <command:parameterValue required="false" variableLength="false">Impersonation</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Win32Path --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Win32Path</maml:name> <maml:description> <maml:para>Use a Win32 path for lookups. For NT objects this means relative to BNO, for files means a DOS style path.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> </command:syntaxItem> </command:syntax> <command:parameters> <!-- Parameter: User --> <command:parameter required="true" globbing="false" pipelineInput="false" position="named"> <maml:name>User</maml:name> <maml:description> <maml:para>Specify the user SID.</maml:para> </maml:description> <command:parameterValue required="true">Sid</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.Sid</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Groups --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Groups</maml:name> <maml:description> <maml:para>Specify a list of groups.</maml:para> </maml:description> <command:parameterValue required="true">Sid[]</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.Sid[]</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Privileges --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Privileges</maml:name> <maml:description> <maml:para>Specify a list of groups.</maml:para> </maml:description> <command:parameterValue required="true">TokenPrivilegeValue[]</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.TokenPrivilegeValue[]</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: AuthenticationId --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>AuthenticationId</maml:name> <maml:description> <maml:para>Specify an authentication ID.</maml:para> </maml:description> <command:parameterValue required="true">Luid</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.Luid</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>00000000-000003E7</dev:defaultValue> </command:parameter> <!-- Parameter: TokenType --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>TokenType</maml:name> <maml:description> <maml:para>Specify the token type.</maml:para> <maml:para>Possible values: Primary, Impersonation</maml:para> </maml:description> <command:parameterValue required="true">TokenType</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.TokenType</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>Primary</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">Primary</command:parameterValue> <command:parameterValue required="false" variableLength="false">Impersonation</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: ExpirationTime --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ExpirationTime</maml:name> <maml:description> <maml:para>Specify the token expiration time.</maml:para> </maml:description> <command:parameterValue required="true">DateTime</command:parameterValue> <dev:type> <maml:name>System.DateTime</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>1/21/2030 1:53:31 PM</dev:defaultValue> </command:parameter> <!-- Parameter: DefaultAcl --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>DefaultAcl</maml:name> <maml:description> <maml:para>Specify the token's default ACL.</maml:para> </maml:description> <command:parameterValue required="true">Acl</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.Acl</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>Type Allowed - Flags None - Mask 10000000 - Sid S-1-5-18, Type Allowed - Flags None - Mask 10000000 - Sid S-1-5-32-544</dev:defaultValue> </command:parameter> <!-- Parameter: IntegrityLevel --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>IntegrityLevel</maml:name> <maml:description> <maml:para>Specify the token's integrity level.</maml:para> <maml:para>Possible values: Untrusted, Low, Medium, MediumPlus, High, System, ProtectedProcess</maml:para> </maml:description> <command:parameterValue required="true">TokenIntegrityLevel</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.TokenIntegrityLevel</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>System</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">Untrusted</command:parameterValue> <command:parameterValue required="false" variableLength="false">Low</command:parameterValue> <command:parameterValue required="false" variableLength="false">Medium</command:parameterValue> <command:parameterValue required="false" variableLength="false">MediumPlus</command:parameterValue> <command:parameterValue required="false" variableLength="false">High</command:parameterValue> <command:parameterValue required="false" variableLength="false">System</command:parameterValue> <command:parameterValue required="false" variableLength="false">ProtectedProcess</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Access --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Access</maml:name> <maml:description> <maml:para>Specify the access rights for a new handle when creating/opening an object.</maml:para> <maml:para>Possible values: AssignPrimary, Duplicate, Impersonate, Query, QuerySource, AdjustPrivileges, AdjustGroups, AdjustDefault, AdjustSessionId, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">TokenAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.TokenAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>MaximumAllowed</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">AssignPrimary</command:parameterValue> <command:parameterValue required="false" variableLength="false">Duplicate</command:parameterValue> <command:parameterValue required="false" variableLength="false">Impersonate</command:parameterValue> <command:parameterValue required="false" variableLength="false">Query</command:parameterValue> <command:parameterValue required="false" variableLength="false">QuerySource</command:parameterValue> <command:parameterValue required="false" variableLength="false">AdjustPrivileges</command:parameterValue> <command:parameterValue required="false" variableLength="false">AdjustGroups</command:parameterValue> <command:parameterValue required="false" variableLength="false">AdjustDefault</command:parameterValue> <command:parameterValue required="false" variableLength="false">AdjustSessionId</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Path --> <command:parameter required="false" globbing="false" pipelineInput="false" position="0"> <maml:name>Path</maml:name> <maml:description> <maml:para>The NT object manager path to the object to use.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Root --> <command:parameter required="false" globbing="false" pipelineInput="true (ByValue)" position="named"> <maml:name>Root</maml:name> <maml:description> <maml:para>An existing open NT object to use when Path is relative.</maml:para> </maml:description> <command:parameterValue required="true">NtObject</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtObject</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Win32Path --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Win32Path</maml:name> <maml:description> <maml:para>Use a Win32 path for lookups. For NT objects this means relative to BNO, for files means a DOS style path.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: CloseRoot --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CloseRoot</maml:name> <maml:description> <maml:para>Automatically close the Root object when this cmdlet finishes processing. Useful for pipelines.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: CreateDirectories --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CreateDirectories</maml:name> <maml:description> <maml:para>Create any necessary NtDirectory objects to create the required object. Will return the created directories as well as the object in the output. The new object will be the first entry in the list. This doesn't work when opening an object or creating keys/files.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ObjectAttributes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ObjectAttributes</maml:name> <maml:description> <maml:para>Object Attribute flags used during Open/Create calls.</maml:para> <maml:para>Possible values: None, ProtectClose, Inherit, AuditObjectClose, Permanent, Exclusive, CaseInsensitive, OpenIf, OpenLink, KernelHandle, ForceAccessCheck, IgnoreImpersonatedDevicemap, DontReparse</maml:para> </maml:description> <command:parameterValue required="true">AttributeFlags</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.AttributeFlags</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>CaseInsensitive</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ProtectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Inherit</command:parameterValue> <command:parameterValue required="false" variableLength="false">AuditObjectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Permanent</command:parameterValue> <command:parameterValue required="false" variableLength="false">Exclusive</command:parameterValue> <command:parameterValue required="false" variableLength="false">CaseInsensitive</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenIf</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenLink</command:parameterValue> <command:parameterValue required="false" variableLength="false">KernelHandle</command:parameterValue> <command:parameterValue required="false" variableLength="false">ForceAccessCheck</command:parameterValue> <command:parameterValue required="false" variableLength="false">IgnoreImpersonatedDevicemap</command:parameterValue> <command:parameterValue required="false" variableLength="false">DontReparse</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: SecurityDescriptor --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityDescriptor</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object.</maml:para> </maml:description> <command:parameterValue required="true">SecurityDescriptor</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityDescriptor</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Inherit --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Inherit</maml:name> <maml:description> <maml:para>Set to mark the new handle as inheritable. Can be used with ObjectAttributes.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: Sddl --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Sddl</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object in SDDL format.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SecurityQualityOfService --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityQualityOfService</maml:name> <maml:description> <maml:para>Set to provide an explicit security quality of service when opening files/namedpipes.</maml:para> </maml:description> <command:parameterValue required="true">SecurityQualityOfService</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityQualityOfService</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>NtApiDotNet.SecurityQualityOfService</dev:defaultValue> </command:parameter> </command:parameters> <command:inputTypes> <command:inputType> <dev:type> <maml:name>NtApiDotNet.NtObject</maml:name> <maml:uri /> </dev:type> <maml:description> <maml:para>An existing open NT object to use when Path is relative.</maml:para> </maml:description> </command:inputType> </command:inputTypes> <command:returnValues> <!-- OutputType: NtToken --> <command:returnValue> <dev:type> <maml:name>NtApiDotNet.NtToken</maml:name> <maml:uri /> </dev:type> </command:returnValue> </command:returnValues> <command:examples> <command:example> <maml:title>---------- EXAMPLE 1 ----------</maml:title> <dev:code>$token = New-NtToken -User "SY"</dev:code> <dev:remarks> <maml:para>Create a new LocalSystem token with no groups or privileges.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 2 ----------</maml:title> <dev:code>$token = New-NtToken -User "SY" -Groups "BA","WD" -Privileges SeDebugPrivilege,SeImpersonatePrivilege</dev:code> <dev:remarks> <maml:para>Create a new LocalSystem token with two groups and two privileges.</maml:para> </dev:remarks> </command:example> </command:examples> <maml:relatedLinks> <maml:navigationLink> <maml:linkText>about_ManagingNtObjectLifetime</maml:linkText> </maml:navigationLink> </maml:relatedLinks> </command:command> <!-- Cmdlet: Add-NtTokenSecurityAttribute --> <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"> <command:details> <command:name>Add-NtTokenSecurityAttribute</command:name> <command:verb>Add</command:verb> <command:noun>NtTokenSecurityAttribute</command:noun> <maml:description> <maml:para>Adds or replaces security attributes on an NT token.</maml:para> </maml:description> </command:details> <maml:description> <maml:para>This cmdlet adds or replaces security attributes on an NT token. It needs SeTcbPrivilege to succeed.</maml:para> </maml:description> <command:syntax> <!-- Parameter set: FromString --> <command:syntaxItem> <maml:name>Add-NtTokenSecurityAttribute</maml:name> <!-- Parameter: Token --> <command:parameter required="true" globbing="false" pipelineInput="false" position="0"> <maml:name>Token</maml:name> <maml:description> <maml:para>Specify the token to set the attributes on.</maml:para> </maml:description> <command:parameterValue required="true">NtToken</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtToken</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Name --> <command:parameter required="true" globbing="false" pipelineInput="false" position="1"> <maml:name>Name</maml:name> <maml:description> <maml:para>Specify the name of the attribute to add or update.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Flags --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Flags</maml:name> <maml:description> <maml:para>Specify the attribute flags.</maml:para> <maml:para>Possible values: NonInheritable, CaseSensitive, UseForDenyOnly, DisabledByDefault, Disabled, Mandatory, Unique, InheritOnce</maml:para> </maml:description> <command:parameterValue required="true">ClaimSecurityFlags</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.ClaimSecurityFlags</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>0</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">NonInheritable</command:parameterValue> <command:parameterValue required="false" variableLength="false">CaseSensitive</command:parameterValue> <command:parameterValue required="false" variableLength="false">UseForDenyOnly</command:parameterValue> <command:parameterValue required="false" variableLength="false">DisabledByDefault</command:parameterValue> <command:parameterValue required="false" variableLength="false">Disabled</command:parameterValue> <command:parameterValue required="false" variableLength="false">Mandatory</command:parameterValue> <command:parameterValue required="false" variableLength="false">Unique</command:parameterValue> <command:parameterValue required="false" variableLength="false">InheritOnce</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Replace --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Replace</maml:name> <maml:description> <maml:para>Specify to replace the security attribute.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: StringValue --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>StringValue</maml:name> <maml:description> <maml:para>Specify the string values.</maml:para> </maml:description> <command:parameterValue required="true">string[]</command:parameterValue> <dev:type> <maml:name>System.String[]</maml:name> <maml:uri /> </dev:type> </command:parameter> </command:syntaxItem> <!-- Parameter set: FromULong --> <command:syntaxItem> <maml:name>Add-NtTokenSecurityAttribute</maml:name> <!-- Parameter: Token --> <command:parameter required="true" globbing="false" pipelineInput="false" position="0"> <maml:name>Token</maml:name> <maml:description> <maml:para>Specify the token to set the attributes on.</maml:para> </maml:description> <command:parameterValue required="true">NtToken</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtToken</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Name --> <command:parameter required="true" globbing="false" pipelineInput="false" position="1"> <maml:name>Name</maml:name> <maml:description> <maml:para>Specify the name of the attribute to add or update.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Flags --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Flags</maml:name> <maml:description> <maml:para>Specify the attribute flags.</maml:para> <maml:para>Possible values: NonInheritable, CaseSensitive, UseForDenyOnly, DisabledByDefault, Disabled, Mandatory, Unique, InheritOnce</maml:para> </maml:description> <command:parameterValue required="true">ClaimSecurityFlags</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.ClaimSecurityFlags</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>0</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">NonInheritable</command:parameterValue> <command:parameterValue required="false" variableLength="false">CaseSensitive</command:parameterValue> <command:parameterValue required="false" variableLength="false">UseForDenyOnly</command:parameterValue> <command:parameterValue required="false" variableLength="false">DisabledByDefault</command:parameterValue> <command:parameterValue required="false" variableLength="false">Disabled</command:parameterValue> <command:parameterValue required="false" variableLength="false">Mandatory</command:parameterValue> <command:parameterValue required="false" variableLength="false">Unique</command:parameterValue> <command:parameterValue required="false" variableLength="false">InheritOnce</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Replace --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Replace</maml:name> <maml:description> <maml:para>Specify to replace the security attribute.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ULongValue --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ULongValue</maml:name> <maml:description> <maml:para>Specify the ulong values.</maml:para> </maml:description> <command:parameterValue required="true">ulong[]</command:parameterValue> <dev:type> <maml:name>System.UInt64[]</maml:name> <maml:uri /> </dev:type> </command:parameter> </command:syntaxItem> <!-- Parameter set: FromLong --> <command:syntaxItem> <maml:name>Add-NtTokenSecurityAttribute</maml:name> <!-- Parameter: Token --> <command:parameter required="true" globbing="false" pipelineInput="false" position="0"> <maml:name>Token</maml:name> <maml:description> <maml:para>Specify the token to set the attributes on.</maml:para> </maml:description> <command:parameterValue required="true">NtToken</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtToken</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Name --> <command:parameter required="true" globbing="false" pipelineInput="false" position="1"> <maml:name>Name</maml:name> <maml:description> <maml:para>Specify the name of the attribute to add or update.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Flags --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Flags</maml:name> <maml:description> <maml:para>Specify the attribute flags.</maml:para> <maml:para>Possible values: NonInheritable, CaseSensitive, UseForDenyOnly, DisabledByDefault, Disabled, Mandatory, Unique, InheritOnce</maml:para> </maml:description> <command:parameterValue required="true">ClaimSecurityFlags</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.ClaimSecurityFlags</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>0</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">NonInheritable</command:parameterValue> <command:parameterValue required="false" variableLength="false">CaseSensitive</command:parameterValue> <command:parameterValue required="false" variableLength="false">UseForDenyOnly</command:parameterValue> <command:parameterValue required="false" variableLength="false">DisabledByDefault</command:parameterValue> <command:parameterValue required="false" variableLength="false">Disabled</command:parameterValue> <command:parameterValue required="false" variableLength="false">Mandatory</command:parameterValue> <command:parameterValue required="false" variableLength="false">Unique</command:parameterValue> <command:parameterValue required="false" variableLength="false">InheritOnce</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: LongValue --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>LongValue</maml:name> <maml:description> <maml:para>Specify the long values.</maml:para> </maml:description> <command:parameterValue required="true">long[]</command:parameterValue> <dev:type> <maml:name>System.Int64[]</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Replace --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Replace</maml:name> <maml:description> <maml:para>Specify to replace the security attribute.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> </command:syntaxItem> <!-- Parameter set: FromBool --> <command:syntaxItem> <maml:name>Add-NtTokenSecurityAttribute</maml:name> <!-- Parameter: Token --> <command:parameter required="true" globbing="false" pipelineInput="false" position="0"> <maml:name>Token</maml:name> <maml:description> <maml:para>Specify the token to set the attributes on.</maml:para> </maml:description> <command:parameterValue required="true">NtToken</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtToken</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Name --> <command:parameter required="true" globbing="false" pipelineInput="false" position="1"> <maml:name>Name</maml:name> <maml:description> <maml:para>Specify the name of the attribute to add or update.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: BoolValue --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>BoolValue</maml:name> <maml:description> <maml:para>Specify the bool values.</maml:para> </maml:description> <command:parameterValue required="true">bool[]</command:parameterValue> <dev:type> <maml:name>System.Boolean[]</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Flags --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Flags</maml:name> <maml:description> <maml:para>Specify the attribute flags.</maml:para> <maml:para>Possible values: NonInheritable, CaseSensitive, UseForDenyOnly, DisabledByDefault, Disabled, Mandatory, Unique, InheritOnce</maml:para> </maml:description> <command:parameterValue required="true">ClaimSecurityFlags</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.ClaimSecurityFlags</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>0</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">NonInheritable</command:parameterValue> <command:parameterValue required="false" variableLength="false">CaseSensitive</command:parameterValue> <command:parameterValue required="false" variableLength="false">UseForDenyOnly</command:parameterValue> <command:parameterValue required="false" variableLength="false">DisabledByDefault</command:parameterValue> <command:parameterValue required="false" variableLength="false">Disabled</command:parameterValue> <command:parameterValue required="false" variableLength="false">Mandatory</command:parameterValue> <command:parameterValue required="false" variableLength="false">Unique</command:parameterValue> <command:parameterValue required="false" variableLength="false">InheritOnce</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Replace --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Replace</maml:name> <maml:description> <maml:para>Specify to replace the security attribute.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> </command:syntaxItem> <!-- Parameter set: FromSid --> <command:syntaxItem> <maml:name>Add-NtTokenSecurityAttribute</maml:name> <!-- Parameter: Token --> <command:parameter required="true" globbing="false" pipelineInput="false" position="0"> <maml:name>Token</maml:name> <maml:description> <maml:para>Specify the token to set the attributes on.</maml:para> </maml:description> <command:parameterValue required="true">NtToken</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtToken</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Name --> <command:parameter required="true" globbing="false" pipelineInput="false" position="1"> <maml:name>Name</maml:name> <maml:description> <maml:para>Specify the name of the attribute to add or update.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Flags --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Flags</maml:name> <maml:description> <maml:para>Specify the attribute flags.</maml:para> <maml:para>Possible values: NonInheritable, CaseSensitive, UseForDenyOnly, DisabledByDefault, Disabled, Mandatory, Unique, InheritOnce</maml:para> </maml:description> <command:parameterValue required="true">ClaimSecurityFlags</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.ClaimSecurityFlags</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>0</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">NonInheritable</command:parameterValue> <command:parameterValue required="false" variableLength="false">CaseSensitive</command:parameterValue> <command:parameterValue required="false" variableLength="false">UseForDenyOnly</command:parameterValue> <command:parameterValue required="false" variableLength="false">DisabledByDefault</command:parameterValue> <command:parameterValue required="false" variableLength="false">Disabled</command:parameterValue> <command:parameterValue required="false" variableLength="false">Mandatory</command:parameterValue> <command:parameterValue required="false" variableLength="false">Unique</command:parameterValue> <command:parameterValue required="false" variableLength="false">InheritOnce</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Replace --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Replace</maml:name> <maml:description> <maml:para>Specify to replace the security attribute.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: SidValue --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SidValue</maml:name> <maml:description> <maml:para>Specify the SID values.</maml:para> </maml:description> <command:parameterValue required="true">Sid[]</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.Sid[]</maml:name> <maml:uri /> </dev:type> </command:parameter> </command:syntaxItem> <!-- Parameter set: FromFqbn --> <command:syntaxItem> <maml:name>Add-NtTokenSecurityAttribute</maml:name> <!-- Parameter: Token --> <command:parameter required="true" globbing="false" pipelineInput="false" position="0"> <maml:name>Token</maml:name> <maml:description> <maml:para>Specify the token to set the attributes on.</maml:para> </maml:description> <command:parameterValue required="true">NtToken</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtToken</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Name --> <command:parameter required="true" globbing="false" pipelineInput="false" position="1"> <maml:name>Name</maml:name> <maml:description> <maml:para>Specify the name of the attribute to add or update.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Flags --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Flags</maml:name> <maml:description> <maml:para>Specify the attribute flags.</maml:para> <maml:para>Possible values: NonInheritable, CaseSensitive, UseForDenyOnly, DisabledByDefault, Disabled, Mandatory, Unique, InheritOnce</maml:para> </maml:description> <command:parameterValue required="true">ClaimSecurityFlags</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.ClaimSecurityFlags</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>0</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">NonInheritable</command:parameterValue> <command:parameterValue required="false" variableLength="false">CaseSensitive</command:parameterValue> <command:parameterValue required="false" variableLength="false">UseForDenyOnly</command:parameterValue> <command:parameterValue required="false" variableLength="false">DisabledByDefault</command:parameterValue> <command:parameterValue required="false" variableLength="false">Disabled</command:parameterValue> <command:parameterValue required="false" variableLength="false">Mandatory</command:parameterValue> <command:parameterValue required="false" variableLength="false">Unique</command:parameterValue> <command:parameterValue required="false" variableLength="false">InheritOnce</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: FqbnValue --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>FqbnValue</maml:name> <maml:description> <maml:para>Specify the fully qualified binary name values.</maml:para> </maml:description> <command:parameterValue required="true">ClaimSecurityAttributeFqbn[]</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.ClaimSecurityAttributeFqbn[]</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Replace --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Replace</maml:name> <maml:description> <maml:para>Specify to replace the security attribute.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> </command:syntaxItem> <!-- Parameter set: FromOctet --> <command:syntaxItem> <maml:name>Add-NtTokenSecurityAttribute</maml:name> <!-- Parameter: Token --> <command:parameter required="true" globbing="false" pipelineInput="false" position="0"> <maml:name>Token</maml:name> <maml:description> <maml:para>Specify the token to set the attributes on.</maml:para> </maml:description> <command:parameterValue required="true">NtToken</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtToken</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Name --> <command:parameter required="true" globbing="false" pipelineInput="false" position="1"> <maml:name>Name</maml:name> <maml:description> <maml:para>Specify the name of the attribute to add or update.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Flags --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Flags</maml:name> <maml:description> <maml:para>Specify the attribute flags.</maml:para> <maml:para>Possible values: NonInheritable, CaseSensitive, UseForDenyOnly, DisabledByDefault, Disabled, Mandatory, Unique, InheritOnce</maml:para> </maml:description> <command:parameterValue required="true">ClaimSecurityFlags</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.ClaimSecurityFlags</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>0</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">NonInheritable</command:parameterValue> <command:parameterValue required="false" variableLength="false">CaseSensitive</command:parameterValue> <command:parameterValue required="false" variableLength="false">UseForDenyOnly</command:parameterValue> <command:parameterValue required="false" variableLength="false">DisabledByDefault</command:parameterValue> <command:parameterValue required="false" variableLength="false">Disabled</command:parameterValue> <command:parameterValue required="false" variableLength="false">Mandatory</command:parameterValue> <command:parameterValue required="false" variableLength="false">Unique</command:parameterValue> <command:parameterValue required="false" variableLength="false">InheritOnce</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: OctetValue --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>OctetValue</maml:name> <maml:description> <maml:para>Specify the octet values.</maml:para> </maml:description> <command:parameterValue required="true">byte[][]</command:parameterValue> <dev:type> <maml:name>System.Byte[][]</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Replace --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Replace</maml:name> <maml:description> <maml:para>Specify to replace the security attribute.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> </command:syntaxItem> <!-- Parameter set: FromAttribute --> <command:syntaxItem> <maml:name>Add-NtTokenSecurityAttribute</maml:name> <!-- Parameter: Token --> <command:parameter required="true" globbing="false" pipelineInput="false" position="0"> <maml:name>Token</maml:name> <maml:description> <maml:para>Specify the token to set the attributes on.</maml:para> </maml:description> <command:parameterValue required="true">NtToken</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtToken</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Attribute --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Attribute</maml:name> <maml:description> <maml:para>Specify existing attribute values.</maml:para> </maml:description> <command:parameterValue required="true">ClaimSecurityAttribute[]</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.ClaimSecurityAttribute[]</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Replace --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Replace</maml:name> <maml:description> <maml:para>Specify to replace the security attribute.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> </command:syntaxItem> </command:syntax> <command:parameters> <!-- Parameter: Token --> <command:parameter required="true" globbing="false" pipelineInput="false" position="0"> <maml:name>Token</maml:name> <maml:description> <maml:para>Specify the token to set the attributes on.</maml:para> </maml:description> <command:parameterValue required="true">NtToken</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtToken</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Name --> <command:parameter required="true" globbing="false" pipelineInput="false" position="1"> <maml:name>Name</maml:name> <maml:description> <maml:para>Specify the name of the attribute to add or update.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Flags --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Flags</maml:name> <maml:description> <maml:para>Specify the attribute flags.</maml:para> <maml:para>Possible values: NonInheritable, CaseSensitive, UseForDenyOnly, DisabledByDefault, Disabled, Mandatory, Unique, InheritOnce</maml:para> </maml:description> <command:parameterValue required="true">ClaimSecurityFlags</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.ClaimSecurityFlags</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>0</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">NonInheritable</command:parameterValue> <command:parameterValue required="false" variableLength="false">CaseSensitive</command:parameterValue> <command:parameterValue required="false" variableLength="false">UseForDenyOnly</command:parameterValue> <command:parameterValue required="false" variableLength="false">DisabledByDefault</command:parameterValue> <command:parameterValue required="false" variableLength="false">Disabled</command:parameterValue> <command:parameterValue required="false" variableLength="false">Mandatory</command:parameterValue> <command:parameterValue required="false" variableLength="false">Unique</command:parameterValue> <command:parameterValue required="false" variableLength="false">InheritOnce</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Replace --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Replace</maml:name> <maml:description> <maml:para>Specify to replace the security attribute.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: StringValue --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>StringValue</maml:name> <maml:description> <maml:para>Specify the string values.</maml:para> </maml:description> <command:parameterValue required="true">string[]</command:parameterValue> <dev:type> <maml:name>System.String[]</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: ULongValue --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ULongValue</maml:name> <maml:description> <maml:para>Specify the ulong values.</maml:para> </maml:description> <command:parameterValue required="true">ulong[]</command:parameterValue> <dev:type> <maml:name>System.UInt64[]</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: LongValue --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>LongValue</maml:name> <maml:description> <maml:para>Specify the long values.</maml:para> </maml:description> <command:parameterValue required="true">long[]</command:parameterValue> <dev:type> <maml:name>System.Int64[]</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: BoolValue --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>BoolValue</maml:name> <maml:description> <maml:para>Specify the bool values.</maml:para> </maml:description> <command:parameterValue required="true">bool[]</command:parameterValue> <dev:type> <maml:name>System.Boolean[]</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SidValue --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SidValue</maml:name> <maml:description> <maml:para>Specify the SID values.</maml:para> </maml:description> <command:parameterValue required="true">Sid[]</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.Sid[]</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: FqbnValue --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>FqbnValue</maml:name> <maml:description> <maml:para>Specify the fully qualified binary name values.</maml:para> </maml:description> <command:parameterValue required="true">ClaimSecurityAttributeFqbn[]</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.ClaimSecurityAttributeFqbn[]</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: OctetValue --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>OctetValue</maml:name> <maml:description> <maml:para>Specify the octet values.</maml:para> </maml:description> <command:parameterValue required="true">byte[][]</command:parameterValue> <dev:type> <maml:name>System.Byte[][]</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Attribute --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Attribute</maml:name> <maml:description> <maml:para>Specify existing attribute values.</maml:para> </maml:description> <command:parameterValue required="true">ClaimSecurityAttribute[]</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.ClaimSecurityAttribute[]</maml:name> <maml:uri /> </dev:type> </command:parameter> </command:parameters> <command:inputTypes /> <command:returnValues /> <command:examples> <command:example> <maml:title>---------- EXAMPLE 1 ----------</maml:title> <dev:code>Add-NtTokenSecurityAttribute -Token $token -Name "TEST://ME" -String "ABC"</dev:code> <dev:remarks> <maml:para>Adds the security attribute TEST://ME with the string value "ABC".</maml:para> </dev:remarks> </command:example> </command:examples> </command:command> <!-- Cmdlet: Remove-NtTokenSecurityAttribute --> <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"> <command:details> <command:name>Remove-NtTokenSecurityAttribute</command:name> <command:verb>Remove</command:verb> <command:noun>NtTokenSecurityAttribute</command:noun> <maml:description> <maml:para>Removes security attributes on an NT token.</maml:para> </maml:description> </command:details> <maml:description> <maml:para>This cmdlet removes security attributes on an NT token. It needs SeTcbPrivilege to succeed.</maml:para> </maml:description> <command:syntax> <!-- Parameter set: FromName --> <command:syntaxItem> <maml:name>Remove-NtTokenSecurityAttribute</maml:name> <!-- Parameter: Token --> <command:parameter required="true" globbing="false" pipelineInput="false" position="0"> <maml:name>Token</maml:name> <maml:description> <maml:para>Specify the token to set the attributes on.</maml:para> </maml:description> <command:parameterValue required="true">NtToken</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtToken</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Name --> <command:parameter required="true" globbing="false" pipelineInput="false" position="1"> <maml:name>Name</maml:name> <maml:description> <maml:para>Specify the name of the attributes to remove.</maml:para> </maml:description> <command:parameterValue required="true">string[]</command:parameterValue> <dev:type> <maml:name>System.String[]</maml:name> <maml:uri /> </dev:type> </command:parameter> </command:syntaxItem> <!-- Parameter set: FromAttribute --> <command:syntaxItem> <maml:name>Remove-NtTokenSecurityAttribute</maml:name> <!-- Parameter: Token --> <command:parameter required="true" globbing="false" pipelineInput="false" position="0"> <maml:name>Token</maml:name> <maml:description> <maml:para>Specify the token to set the attributes on.</maml:para> </maml:description> <command:parameterValue required="true">NtToken</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtToken</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Attribute --> <command:parameter required="true" globbing="false" pipelineInput="false" position="1"> <maml:name>Attribute</maml:name> <maml:description> <maml:para>Specify existing attribute values.</maml:para> </maml:description> <command:parameterValue required="true">ClaimSecurityAttribute[]</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.ClaimSecurityAttribute[]</maml:name> <maml:uri /> </dev:type> </command:parameter> </command:syntaxItem> </command:syntax> <command:parameters> <!-- Parameter: Token --> <command:parameter required="true" globbing="false" pipelineInput="false" position="0"> <maml:name>Token</maml:name> <maml:description> <maml:para>Specify the token to set the attributes on.</maml:para> </maml:description> <command:parameterValue required="true">NtToken</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtToken</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Name --> <command:parameter required="true" globbing="false" pipelineInput="false" position="1"> <maml:name>Name</maml:name> <maml:description> <maml:para>Specify the name of the attributes to remove.</maml:para> </maml:description> <command:parameterValue required="true">string[]</command:parameterValue> <dev:type> <maml:name>System.String[]</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Attribute --> <command:parameter required="true" globbing="false" pipelineInput="false" position="1"> <maml:name>Attribute</maml:name> <maml:description> <maml:para>Specify existing attribute values.</maml:para> </maml:description> <command:parameterValue required="true">ClaimSecurityAttribute[]</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.ClaimSecurityAttribute[]</maml:name> <maml:uri /> </dev:type> </command:parameter> </command:parameters> <command:inputTypes /> <command:returnValues /> <command:examples> <command:example> <maml:title>---------- EXAMPLE 1 ----------</maml:title> <dev:code>Remove-NtTokenSecurityAttribute -Token $token -Name "TEST://ME"</dev:code> <dev:remarks> <maml:para>Removes the security attribute TEST://ME.</maml:para> </dev:remarks> </command:example> </command:examples> </command:command> <!-- Cmdlet: Get-NtTransaction --> <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"> <command:details> <command:name>Get-NtTransaction</command:name> <command:verb>Get</command:verb> <command:noun>NtTransaction</command:noun> <maml:description> <maml:para>Open a NT transaction object or get all accessible transaction objects.</maml:para> </maml:description> </command:details> <maml:description> <maml:para>This cmdlet opens an existing NT transaction object or can get all accessible transaction objects.</maml:para> </maml:description> <command:syntax> <!-- Parameter set: FromId --> <command:syntaxItem> <maml:name>Get-NtTransaction</maml:name> <!-- Parameter: UnitOfWork --> <command:parameter required="true" globbing="false" pipelineInput="false" position="0"> <maml:name>UnitOfWork</maml:name> <maml:description> <maml:para>Specify the Unit of Work GUID to open.</maml:para> </maml:description> <command:parameterValue required="true">Guid</command:parameterValue> <dev:type> <maml:name>System.Guid</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>00000000-0000-0000-0000-000000000000</dev:defaultValue> </command:parameter> <!-- Parameter: TransactionManager --> <command:parameter required="false" globbing="false" pipelineInput="false" position="1"> <maml:name>TransactionManager</maml:name> <maml:description> <maml:para>Specify an optional Transaction Manager.</maml:para> </maml:description> <command:parameterValue required="true">NtTransactionManager</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtTransactionManager</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Access --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Access</maml:name> <maml:description> <maml:para>Specify the access rights for a new handle when creating/opening an object.</maml:para> <maml:para>Possible values: QueryInformation, SetInformation, Enlist, Commit, Rollback, Propagate, RightReserved1, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">TransactionAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.TransactionAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>MaximumAllowed</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">QueryInformation</command:parameterValue> <command:parameterValue required="false" variableLength="false">SetInformation</command:parameterValue> <command:parameterValue required="false" variableLength="false">Enlist</command:parameterValue> <command:parameterValue required="false" variableLength="false">Commit</command:parameterValue> <command:parameterValue required="false" variableLength="false">Rollback</command:parameterValue> <command:parameterValue required="false" variableLength="false">Propagate</command:parameterValue> <command:parameterValue required="false" variableLength="false">RightReserved1</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Inherit --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Inherit</maml:name> <maml:description> <maml:para>Set to mark the new handle as inheritable. Can be used with ObjectAttributes.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ObjectAttributes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ObjectAttributes</maml:name> <maml:description> <maml:para>Object Attribute flags used during Open/Create calls.</maml:para> <maml:para>Possible values: None, ProtectClose, Inherit, AuditObjectClose, Permanent, Exclusive, CaseInsensitive, OpenIf, OpenLink, KernelHandle, ForceAccessCheck, IgnoreImpersonatedDevicemap, DontReparse</maml:para> </maml:description> <command:parameterValue required="true">AttributeFlags</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.AttributeFlags</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>CaseInsensitive</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ProtectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Inherit</command:parameterValue> <command:parameterValue required="false" variableLength="false">AuditObjectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Permanent</command:parameterValue> <command:parameterValue required="false" variableLength="false">Exclusive</command:parameterValue> <command:parameterValue required="false" variableLength="false">CaseInsensitive</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenIf</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenLink</command:parameterValue> <command:parameterValue required="false" variableLength="false">KernelHandle</command:parameterValue> <command:parameterValue required="false" variableLength="false">ForceAccessCheck</command:parameterValue> <command:parameterValue required="false" variableLength="false">IgnoreImpersonatedDevicemap</command:parameterValue> <command:parameterValue required="false" variableLength="false">DontReparse</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Sddl --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Sddl</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object in SDDL format.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SecurityDescriptor --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityDescriptor</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object.</maml:para> </maml:description> <command:parameterValue required="true">SecurityDescriptor</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityDescriptor</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SecurityQualityOfService --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityQualityOfService</maml:name> <maml:description> <maml:para>Set to provide an explicit security quality of service when opening files/namedpipes.</maml:para> </maml:description> <command:parameterValue required="true">SecurityQualityOfService</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityQualityOfService</maml:name> <maml:uri /> </dev:type> </command:parameter> </command:syntaxItem> <!-- Parameter set: All --> <command:syntaxItem> <maml:name>Get-NtTransaction</maml:name> <!-- Parameter: Access --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Access</maml:name> <maml:description> <maml:para>Specify the access rights for a new handle when creating/opening an object.</maml:para> <maml:para>Possible values: QueryInformation, SetInformation, Enlist, Commit, Rollback, Propagate, RightReserved1, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">TransactionAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.TransactionAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>MaximumAllowed</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">QueryInformation</command:parameterValue> <command:parameterValue required="false" variableLength="false">SetInformation</command:parameterValue> <command:parameterValue required="false" variableLength="false">Enlist</command:parameterValue> <command:parameterValue required="false" variableLength="false">Commit</command:parameterValue> <command:parameterValue required="false" variableLength="false">Rollback</command:parameterValue> <command:parameterValue required="false" variableLength="false">Propagate</command:parameterValue> <command:parameterValue required="false" variableLength="false">RightReserved1</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Inherit --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Inherit</maml:name> <maml:description> <maml:para>Set to mark the new handle as inheritable. Can be used with ObjectAttributes.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ObjectAttributes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ObjectAttributes</maml:name> <maml:description> <maml:para>Object Attribute flags used during Open/Create calls.</maml:para> <maml:para>Possible values: None, ProtectClose, Inherit, AuditObjectClose, Permanent, Exclusive, CaseInsensitive, OpenIf, OpenLink, KernelHandle, ForceAccessCheck, IgnoreImpersonatedDevicemap, DontReparse</maml:para> </maml:description> <command:parameterValue required="true">AttributeFlags</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.AttributeFlags</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>CaseInsensitive</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ProtectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Inherit</command:parameterValue> <command:parameterValue required="false" variableLength="false">AuditObjectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Permanent</command:parameterValue> <command:parameterValue required="false" variableLength="false">Exclusive</command:parameterValue> <command:parameterValue required="false" variableLength="false">CaseInsensitive</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenIf</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenLink</command:parameterValue> <command:parameterValue required="false" variableLength="false">KernelHandle</command:parameterValue> <command:parameterValue required="false" variableLength="false">ForceAccessCheck</command:parameterValue> <command:parameterValue required="false" variableLength="false">IgnoreImpersonatedDevicemap</command:parameterValue> <command:parameterValue required="false" variableLength="false">DontReparse</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Sddl --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Sddl</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object in SDDL format.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SecurityDescriptor --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityDescriptor</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object.</maml:para> </maml:description> <command:parameterValue required="true">SecurityDescriptor</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityDescriptor</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SecurityQualityOfService --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityQualityOfService</maml:name> <maml:description> <maml:para>Set to provide an explicit security quality of service when opening files/namedpipes.</maml:para> </maml:description> <command:parameterValue required="true">SecurityQualityOfService</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityQualityOfService</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: TransactionManager --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>TransactionManager</maml:name> <maml:description> <maml:para>Specify an optional Transaction Manager.</maml:para> </maml:description> <command:parameterValue required="true">NtTransactionManager</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtTransactionManager</maml:name> <maml:uri /> </dev:type> </command:parameter> </command:syntaxItem> </command:syntax> <command:parameters> <!-- Parameter: UnitOfWork --> <command:parameter required="true" globbing="false" pipelineInput="false" position="0"> <maml:name>UnitOfWork</maml:name> <maml:description> <maml:para>Specify the Unit of Work GUID to open.</maml:para> </maml:description> <command:parameterValue required="true">Guid</command:parameterValue> <dev:type> <maml:name>System.Guid</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>00000000-0000-0000-0000-000000000000</dev:defaultValue> </command:parameter> <!-- Parameter: TransactionManager --> <command:parameter required="false" globbing="false" pipelineInput="false" position="1"> <maml:name>TransactionManager</maml:name> <maml:description> <maml:para>Specify an optional Transaction Manager.</maml:para> </maml:description> <command:parameterValue required="true">NtTransactionManager</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtTransactionManager</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Access --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Access</maml:name> <maml:description> <maml:para>Specify the access rights for a new handle when creating/opening an object.</maml:para> <maml:para>Possible values: QueryInformation, SetInformation, Enlist, Commit, Rollback, Propagate, RightReserved1, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">TransactionAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.TransactionAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>MaximumAllowed</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">QueryInformation</command:parameterValue> <command:parameterValue required="false" variableLength="false">SetInformation</command:parameterValue> <command:parameterValue required="false" variableLength="false">Enlist</command:parameterValue> <command:parameterValue required="false" variableLength="false">Commit</command:parameterValue> <command:parameterValue required="false" variableLength="false">Rollback</command:parameterValue> <command:parameterValue required="false" variableLength="false">Propagate</command:parameterValue> <command:parameterValue required="false" variableLength="false">RightReserved1</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: ObjectAttributes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ObjectAttributes</maml:name> <maml:description> <maml:para>Object Attribute flags used during Open/Create calls.</maml:para> <maml:para>Possible values: None, ProtectClose, Inherit, AuditObjectClose, Permanent, Exclusive, CaseInsensitive, OpenIf, OpenLink, KernelHandle, ForceAccessCheck, IgnoreImpersonatedDevicemap, DontReparse</maml:para> </maml:description> <command:parameterValue required="true">AttributeFlags</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.AttributeFlags</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>CaseInsensitive</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ProtectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Inherit</command:parameterValue> <command:parameterValue required="false" variableLength="false">AuditObjectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Permanent</command:parameterValue> <command:parameterValue required="false" variableLength="false">Exclusive</command:parameterValue> <command:parameterValue required="false" variableLength="false">CaseInsensitive</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenIf</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenLink</command:parameterValue> <command:parameterValue required="false" variableLength="false">KernelHandle</command:parameterValue> <command:parameterValue required="false" variableLength="false">ForceAccessCheck</command:parameterValue> <command:parameterValue required="false" variableLength="false">IgnoreImpersonatedDevicemap</command:parameterValue> <command:parameterValue required="false" variableLength="false">DontReparse</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: SecurityDescriptor --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityDescriptor</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object.</maml:para> </maml:description> <command:parameterValue required="true">SecurityDescriptor</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityDescriptor</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Inherit --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Inherit</maml:name> <maml:description> <maml:para>Set to mark the new handle as inheritable. Can be used with ObjectAttributes.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: Sddl --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Sddl</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object in SDDL format.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SecurityQualityOfService --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityQualityOfService</maml:name> <maml:description> <maml:para>Set to provide an explicit security quality of service when opening files/namedpipes.</maml:para> </maml:description> <command:parameterValue required="true">SecurityQualityOfService</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityQualityOfService</maml:name> <maml:uri /> </dev:type> </command:parameter> </command:parameters> <command:inputTypes /> <command:returnValues> <!-- OutputType: NtTransaction --> <command:returnValue> <dev:type> <maml:name>NtApiDotNet.NtTransaction</maml:name> <maml:uri /> </dev:type> </command:returnValue> </command:returnValues> <command:examples> <command:example> <maml:title>---------- EXAMPLE 1 ----------</maml:title> <dev:code>$obj = Get-NtTransaction</dev:code> <dev:remarks> <maml:para>Get all accessible transaction objects.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 2 ----------</maml:title> <dev:code>$obj = Get-NtTransaction -TransactionManager $tm</dev:code> <dev:remarks> <maml:para>Get all accessible transaction objects in a specific transaction manager.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 3 ----------</maml:title> <dev:code>$obj = Get-NtTransaction -UnitOfWork '04422e91-63c2-4025-944d-d66fae133274'</dev:code> <dev:remarks> <maml:para>Get a transaction object from its Unit of Work GUID.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 4 ----------</maml:title> <dev:code>$obj = Get-NtTransaction -UnitOfWork '04422e91-63c2-4025-944d-d66fae133274' -TransactionManager $tm</dev:code> <dev:remarks> <maml:para>Get a transaction object from its Unit of Work GUID from a specific transaction manager.</maml:para> </dev:remarks> </command:example> </command:examples> <maml:relatedLinks> <maml:navigationLink> <maml:linkText>about_ManagingNtObjectLifetime</maml:linkText> </maml:navigationLink> </maml:relatedLinks> </command:command> <!-- Cmdlet: New-NtTransaction --> <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"> <command:details> <command:name>New-NtTransaction</command:name> <command:verb>New</command:verb> <command:noun>NtTransaction</command:noun> <maml:description> <maml:para>Creates a new NT transaction object.</maml:para> </maml:description> </command:details> <maml:description> <maml:para>This cmdlet creates a new NT transaction object.</maml:para> </maml:description> <command:syntax> <!-- Parameter set: __AllParameterSets --> <command:syntaxItem> <maml:name>New-NtTransaction</maml:name> <!-- Parameter: Path --> <command:parameter required="false" globbing="false" pipelineInput="false" position="0"> <maml:name>Path</maml:name> <maml:description> <maml:para>The NT object manager path to the object to use.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Access --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Access</maml:name> <maml:description> <maml:para>Specify the access rights for a new handle when creating/opening an object.</maml:para> <maml:para>Possible values: QueryInformation, SetInformation, Enlist, Commit, Rollback, Propagate, RightReserved1, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">TransactionAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.TransactionAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>MaximumAllowed</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">QueryInformation</command:parameterValue> <command:parameterValue required="false" variableLength="false">SetInformation</command:parameterValue> <command:parameterValue required="false" variableLength="false">Enlist</command:parameterValue> <command:parameterValue required="false" variableLength="false">Commit</command:parameterValue> <command:parameterValue required="false" variableLength="false">Rollback</command:parameterValue> <command:parameterValue required="false" variableLength="false">Propagate</command:parameterValue> <command:parameterValue required="false" variableLength="false">RightReserved1</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: CloseRoot --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CloseRoot</maml:name> <maml:description> <maml:para>Automatically close the Root object when this cmdlet finishes processing. Useful for pipelines.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: CreateDirectories --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CreateDirectories</maml:name> <maml:description> <maml:para>Create any necessary NtDirectory objects to create the required object. Will return the created directories as well as the object in the output. The new object will be the first entry in the list. This doesn't work when opening an object or creating keys/files.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: CreateFlags --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CreateFlags</maml:name> <maml:description> <maml:para>Specify flags for transaction creation.</maml:para> <maml:para>Possible values: None, DoNotPromote</maml:para> </maml:description> <command:parameterValue required="true">TransactionCreateFlags</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.TransactionCreateFlags</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">DoNotPromote</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Description --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Description</maml:name> <maml:description> <maml:para>Specify an optional description.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Inherit --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Inherit</maml:name> <maml:description> <maml:para>Set to mark the new handle as inheritable. Can be used with ObjectAttributes.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: IsolationFlags --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>IsolationFlags</maml:name> <maml:description> <maml:para>Specify isolation falgs.</maml:para> <maml:para>Possible values: None</maml:para> </maml:description> <command:parameterValue required="true">TransactionIsolationFlags</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.TransactionIsolationFlags</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: IsolationLevel --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>IsolationLevel</maml:name> <maml:description> <maml:para>Specify an optional isolation level.</maml:para> </maml:description> <command:parameterValue required="true">int</command:parameterValue> <dev:type> <maml:name>System.Int32</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>0</dev:defaultValue> </command:parameter> <!-- Parameter: ObjectAttributes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ObjectAttributes</maml:name> <maml:description> <maml:para>Object Attribute flags used during Open/Create calls.</maml:para> <maml:para>Possible values: None, ProtectClose, Inherit, AuditObjectClose, Permanent, Exclusive, CaseInsensitive, OpenIf, OpenLink, KernelHandle, ForceAccessCheck, IgnoreImpersonatedDevicemap, DontReparse</maml:para> </maml:description> <command:parameterValue required="true">AttributeFlags</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.AttributeFlags</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>CaseInsensitive</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ProtectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Inherit</command:parameterValue> <command:parameterValue required="false" variableLength="false">AuditObjectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Permanent</command:parameterValue> <command:parameterValue required="false" variableLength="false">Exclusive</command:parameterValue> <command:parameterValue required="false" variableLength="false">CaseInsensitive</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenIf</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenLink</command:parameterValue> <command:parameterValue required="false" variableLength="false">KernelHandle</command:parameterValue> <command:parameterValue required="false" variableLength="false">ForceAccessCheck</command:parameterValue> <command:parameterValue required="false" variableLength="false">IgnoreImpersonatedDevicemap</command:parameterValue> <command:parameterValue required="false" variableLength="false">DontReparse</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Root --> <command:parameter required="false" globbing="false" pipelineInput="true (ByValue)" position="named"> <maml:name>Root</maml:name> <maml:description> <maml:para>An existing open NT object to use when Path is relative.</maml:para> </maml:description> <command:parameterValue required="true">NtObject</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtObject</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Sddl --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Sddl</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object in SDDL format.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SecurityDescriptor --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityDescriptor</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object.</maml:para> </maml:description> <command:parameterValue required="true">SecurityDescriptor</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityDescriptor</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SecurityQualityOfService --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityQualityOfService</maml:name> <maml:description> <maml:para>Set to provide an explicit security quality of service when opening files/namedpipes.</maml:para> </maml:description> <command:parameterValue required="true">SecurityQualityOfService</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityQualityOfService</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Timeout --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Timeout</maml:name> <maml:description> <maml:para>Specify timeout in milliseconds (0 is Infinite).</maml:para> </maml:description> <command:parameterValue required="true">NtWaitTimeout</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtWaitTimeout</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: TransactionManager --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>TransactionManager</maml:name> <maml:description> <maml:para>Specify an optional Transaction Manager.</maml:para> </maml:description> <command:parameterValue required="true">NtTransactionManager</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtTransactionManager</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: UnitOfWork --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>UnitOfWork</maml:name> <maml:description> <maml:para>Specify an optional Unit of Work GUID.</maml:para> </maml:description> <command:parameterValue required="true">Guid</command:parameterValue> <dev:type> <maml:name>System.Guid</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Win32Path --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Win32Path</maml:name> <maml:description> <maml:para>Use a Win32 path for lookups. For NT objects this means relative to BNO, for files means a DOS style path.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> </command:syntaxItem> </command:syntax> <command:parameters> <!-- Parameter: UnitOfWork --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>UnitOfWork</maml:name> <maml:description> <maml:para>Specify an optional Unit of Work GUID.</maml:para> </maml:description> <command:parameterValue required="true">Guid</command:parameterValue> <dev:type> <maml:name>System.Guid</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: TransactionManager --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>TransactionManager</maml:name> <maml:description> <maml:para>Specify an optional Transaction Manager.</maml:para> </maml:description> <command:parameterValue required="true">NtTransactionManager</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtTransactionManager</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: CreateFlags --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CreateFlags</maml:name> <maml:description> <maml:para>Specify flags for transaction creation.</maml:para> <maml:para>Possible values: None, DoNotPromote</maml:para> </maml:description> <command:parameterValue required="true">TransactionCreateFlags</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.TransactionCreateFlags</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">DoNotPromote</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: IsolationLevel --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>IsolationLevel</maml:name> <maml:description> <maml:para>Specify an optional isolation level.</maml:para> </maml:description> <command:parameterValue required="true">int</command:parameterValue> <dev:type> <maml:name>System.Int32</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>0</dev:defaultValue> </command:parameter> <!-- Parameter: IsolationFlags --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>IsolationFlags</maml:name> <maml:description> <maml:para>Specify isolation falgs.</maml:para> <maml:para>Possible values: None</maml:para> </maml:description> <command:parameterValue required="true">TransactionIsolationFlags</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.TransactionIsolationFlags</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Timeout --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Timeout</maml:name> <maml:description> <maml:para>Specify timeout in milliseconds (0 is Infinite).</maml:para> </maml:description> <command:parameterValue required="true">NtWaitTimeout</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtWaitTimeout</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Description --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Description</maml:name> <maml:description> <maml:para>Specify an optional description.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Access --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Access</maml:name> <maml:description> <maml:para>Specify the access rights for a new handle when creating/opening an object.</maml:para> <maml:para>Possible values: QueryInformation, SetInformation, Enlist, Commit, Rollback, Propagate, RightReserved1, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">TransactionAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.TransactionAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>MaximumAllowed</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">QueryInformation</command:parameterValue> <command:parameterValue required="false" variableLength="false">SetInformation</command:parameterValue> <command:parameterValue required="false" variableLength="false">Enlist</command:parameterValue> <command:parameterValue required="false" variableLength="false">Commit</command:parameterValue> <command:parameterValue required="false" variableLength="false">Rollback</command:parameterValue> <command:parameterValue required="false" variableLength="false">Propagate</command:parameterValue> <command:parameterValue required="false" variableLength="false">RightReserved1</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Path --> <command:parameter required="false" globbing="false" pipelineInput="false" position="0"> <maml:name>Path</maml:name> <maml:description> <maml:para>The NT object manager path to the object to use.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Root --> <command:parameter required="false" globbing="false" pipelineInput="true (ByValue)" position="named"> <maml:name>Root</maml:name> <maml:description> <maml:para>An existing open NT object to use when Path is relative.</maml:para> </maml:description> <command:parameterValue required="true">NtObject</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtObject</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Win32Path --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Win32Path</maml:name> <maml:description> <maml:para>Use a Win32 path for lookups. For NT objects this means relative to BNO, for files means a DOS style path.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: CloseRoot --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CloseRoot</maml:name> <maml:description> <maml:para>Automatically close the Root object when this cmdlet finishes processing. Useful for pipelines.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: CreateDirectories --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CreateDirectories</maml:name> <maml:description> <maml:para>Create any necessary NtDirectory objects to create the required object. Will return the created directories as well as the object in the output. The new object will be the first entry in the list. This doesn't work when opening an object or creating keys/files.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ObjectAttributes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ObjectAttributes</maml:name> <maml:description> <maml:para>Object Attribute flags used during Open/Create calls.</maml:para> <maml:para>Possible values: None, ProtectClose, Inherit, AuditObjectClose, Permanent, Exclusive, CaseInsensitive, OpenIf, OpenLink, KernelHandle, ForceAccessCheck, IgnoreImpersonatedDevicemap, DontReparse</maml:para> </maml:description> <command:parameterValue required="true">AttributeFlags</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.AttributeFlags</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>CaseInsensitive</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ProtectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Inherit</command:parameterValue> <command:parameterValue required="false" variableLength="false">AuditObjectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Permanent</command:parameterValue> <command:parameterValue required="false" variableLength="false">Exclusive</command:parameterValue> <command:parameterValue required="false" variableLength="false">CaseInsensitive</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenIf</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenLink</command:parameterValue> <command:parameterValue required="false" variableLength="false">KernelHandle</command:parameterValue> <command:parameterValue required="false" variableLength="false">ForceAccessCheck</command:parameterValue> <command:parameterValue required="false" variableLength="false">IgnoreImpersonatedDevicemap</command:parameterValue> <command:parameterValue required="false" variableLength="false">DontReparse</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: SecurityDescriptor --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityDescriptor</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object.</maml:para> </maml:description> <command:parameterValue required="true">SecurityDescriptor</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityDescriptor</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Inherit --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Inherit</maml:name> <maml:description> <maml:para>Set to mark the new handle as inheritable. Can be used with ObjectAttributes.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: Sddl --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Sddl</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object in SDDL format.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SecurityQualityOfService --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityQualityOfService</maml:name> <maml:description> <maml:para>Set to provide an explicit security quality of service when opening files/namedpipes.</maml:para> </maml:description> <command:parameterValue required="true">SecurityQualityOfService</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityQualityOfService</maml:name> <maml:uri /> </dev:type> </command:parameter> </command:parameters> <command:inputTypes> <command:inputType> <dev:type> <maml:name>NtApiDotNet.NtObject</maml:name> <maml:uri /> </dev:type> <maml:description> <maml:para>An existing open NT object to use when Path is relative.</maml:para> </maml:description> </command:inputType> </command:inputTypes> <command:returnValues> <!-- OutputType: NtTransaction --> <command:returnValue> <dev:type> <maml:name>NtApiDotNet.NtTransaction</maml:name> <maml:uri /> </dev:type> </command:returnValue> </command:returnValues> <command:examples> <command:example> <maml:title>---------- EXAMPLE 1 ----------</maml:title> <dev:code>$obj = New-NtTransaction \BaseNamedObjects\ABC</dev:code> <dev:remarks> <maml:para>Create a transaction object with an absolute path.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 2 ----------</maml:title> <dev:code>$obj = New-NtTransaction \BaseNamedObjects\ABC -PreferredNode 2</dev:code> <dev:remarks> <maml:para>Create a transaction object with an absolute path and preferred node 2.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 3 ----------</maml:title> <dev:code>$root = Get-NtDirectory \BaseNamedObjects $obj = New-NtTransaction ABC -Root $root</dev:code> <dev:remarks> <maml:para>Create a transaction object with a relative path.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 4 ----------</maml:title> <dev:code>cd NtObject:\BaseNamedObjects $obj = New-NtTransaction ABC</dev:code> <dev:remarks> <maml:para>Create a transaction object with a relative path based on the current location.</maml:para> </dev:remarks> </command:example> </command:examples> <maml:relatedLinks> <maml:navigationLink> <maml:linkText>about_ManagingNtObjectLifetime</maml:linkText> </maml:navigationLink> </maml:relatedLinks> </command:command> <!-- Cmdlet: Get-NtTransactionGuid --> <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"> <command:details> <command:name>Get-NtTransactionGuid</command:name> <command:verb>Get</command:verb> <command:noun>NtTransactionGuid</command:noun> <maml:description> <maml:para>Enumerates Kernel Transaction Manager object GUIDs.</maml:para> </maml:description> </command:details> <maml:description> <maml:para>This cmdlet enumerates exiting Kernel Transaction Manager objects and returns the GUIDs associaed with the objects.</maml:para> </maml:description> <command:syntax> <!-- Parameter set: FromResourceManager --> <command:syntaxItem> <maml:name>Get-NtTransactionGuid</maml:name> <!-- Parameter: Type --> <command:parameter required="true" globbing="false" pipelineInput="false" position="0"> <maml:name>Type</maml:name> <maml:description> <maml:para>Specify the object type for the enumeration.</maml:para> <maml:para>Possible values: Transaction, TransactionManager, ResourceManager, Enlistment, Invalid</maml:para> </maml:description> <command:parameterValue required="true">KtmObjectType</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.KtmObjectType</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>Transaction</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">Transaction</command:parameterValue> <command:parameterValue required="false" variableLength="false">TransactionManager</command:parameterValue> <command:parameterValue required="false" variableLength="false">ResourceManager</command:parameterValue> <command:parameterValue required="false" variableLength="false">Enlistment</command:parameterValue> <command:parameterValue required="false" variableLength="false">Invalid</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: ResourceManager --> <command:parameter required="true" globbing="false" pipelineInput="false" position="named"> <maml:name>ResourceManager</maml:name> <maml:description> <maml:para>Specify the Resource Manager for the enumeration (needed for enlistments).</maml:para> </maml:description> <command:parameterValue required="true">NtResourceManager</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtResourceManager</maml:name> <maml:uri /> </dev:type> </command:parameter> </command:syntaxItem> <!-- Parameter set: FromTransactionManager --> <command:syntaxItem> <maml:name>Get-NtTransactionGuid</maml:name> <!-- Parameter: Type --> <command:parameter required="true" globbing="false" pipelineInput="false" position="0"> <maml:name>Type</maml:name> <maml:description> <maml:para>Specify the object type for the enumeration.</maml:para> <maml:para>Possible values: Transaction, TransactionManager, ResourceManager, Enlistment, Invalid</maml:para> </maml:description> <command:parameterValue required="true">KtmObjectType</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.KtmObjectType</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>Transaction</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">Transaction</command:parameterValue> <command:parameterValue required="false" variableLength="false">TransactionManager</command:parameterValue> <command:parameterValue required="false" variableLength="false">ResourceManager</command:parameterValue> <command:parameterValue required="false" variableLength="false">Enlistment</command:parameterValue> <command:parameterValue required="false" variableLength="false">Invalid</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: TransactionManager --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>TransactionManager</maml:name> <maml:description> <maml:para>Specify the Transaction Manager for the enumeration (needed for resource manager, optional for transactions).</maml:para> </maml:description> <command:parameterValue required="true">NtTransactionManager</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtTransactionManager</maml:name> <maml:uri /> </dev:type> </command:parameter> </command:syntaxItem> </command:syntax> <command:parameters> <!-- Parameter: Type --> <command:parameter required="true" globbing="false" pipelineInput="false" position="0"> <maml:name>Type</maml:name> <maml:description> <maml:para>Specify the object type for the enumeration.</maml:para> <maml:para>Possible values: Transaction, TransactionManager, ResourceManager, Enlistment, Invalid</maml:para> </maml:description> <command:parameterValue required="true">KtmObjectType</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.KtmObjectType</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>Transaction</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">Transaction</command:parameterValue> <command:parameterValue required="false" variableLength="false">TransactionManager</command:parameterValue> <command:parameterValue required="false" variableLength="false">ResourceManager</command:parameterValue> <command:parameterValue required="false" variableLength="false">Enlistment</command:parameterValue> <command:parameterValue required="false" variableLength="false">Invalid</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: ResourceManager --> <command:parameter required="true" globbing="false" pipelineInput="false" position="named"> <maml:name>ResourceManager</maml:name> <maml:description> <maml:para>Specify the Resource Manager for the enumeration (needed for enlistments).</maml:para> </maml:description> <command:parameterValue required="true">NtResourceManager</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtResourceManager</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: TransactionManager --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>TransactionManager</maml:name> <maml:description> <maml:para>Specify the Transaction Manager for the enumeration (needed for resource manager, optional for transactions).</maml:para> </maml:description> <command:parameterValue required="true">NtTransactionManager</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtTransactionManager</maml:name> <maml:uri /> </dev:type> </command:parameter> </command:parameters> <command:inputTypes /> <command:returnValues> <!-- OutputType: Guid --> <command:returnValue> <dev:type> <maml:name>System.Guid</maml:name> <maml:uri /> </dev:type> </command:returnValue> </command:returnValues> <command:examples> <command:example> <maml:title>---------- EXAMPLE 1 ----------</maml:title> <dev:code>$obj = Get-NtTransactionGuid -Type Transaction</dev:code> <dev:remarks> <maml:para>Get all transaction object GUIDs.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 2 ----------</maml:title> <dev:code>$obj = Get-NtTransactionGuid -Type TransactionManager</dev:code> <dev:remarks> <maml:para>Get all transaction manager object GUIDs.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 3 ----------</maml:title> <dev:code>$obj = Get-NtTransactionGuid -Type Transaction -TransactionManager $tm</dev:code> <dev:remarks> <maml:para>Get all transaction object GUIDs from a transaction manager.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 4 ----------</maml:title> <dev:code>$obj = Get-NtTransactionGuid -Type ResourceManager -TransactionManager $tm</dev:code> <dev:remarks> <maml:para>Get all resource manager object GUIDs from a transaction manager.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 5 ----------</maml:title> <dev:code>$obj = Get-NtTransactionGuid -Type Enlistment -ResourceManager $rm</dev:code> <dev:remarks> <maml:para>Get all enlistment object GUIDs from a resource manager.</maml:para> </dev:remarks> </command:example> </command:examples> </command:command> <!-- Cmdlet: Get-NtTransactionManager --> <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"> <command:details> <command:name>Get-NtTransactionManager</command:name> <command:verb>Get</command:verb> <command:noun>NtTransactionManager</command:noun> <maml:description> <maml:para>Open a NT transaction manager object or all transaction manager objects.</maml:para> </maml:description> </command:details> <maml:description> <maml:para>This cmdlet opens an existing NT transaction manager object or all transaction manager objects.</maml:para> </maml:description> <command:syntax> <!-- Parameter set: FromPath --> <command:syntaxItem> <maml:name>Get-NtTransactionManager</maml:name> <!-- Parameter: Path --> <command:parameter required="true" globbing="false" pipelineInput="false" position="0"> <maml:name>Path</maml:name> <maml:description> <maml:para>The NT object manager path to the object to use.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Access --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Access</maml:name> <maml:description> <maml:para>Specify the access rights for a new handle when creating/opening an object.</maml:para> <maml:para>Possible values: QueryInformation, SetInformation, Recover, Rename, CreateRm, BindTransaction, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">TransactionManagerAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.TransactionManagerAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>MaximumAllowed</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">QueryInformation</command:parameterValue> <command:parameterValue required="false" variableLength="false">SetInformation</command:parameterValue> <command:parameterValue required="false" variableLength="false">Recover</command:parameterValue> <command:parameterValue required="false" variableLength="false">Rename</command:parameterValue> <command:parameterValue required="false" variableLength="false">CreateRm</command:parameterValue> <command:parameterValue required="false" variableLength="false">BindTransaction</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: CloseRoot --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CloseRoot</maml:name> <maml:description> <maml:para>Automatically close the Root object when this cmdlet finishes processing. Useful for pipelines.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: CreateDirectories --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CreateDirectories</maml:name> <maml:description> <maml:para>Create any necessary NtDirectory objects to create the required object. Will return the created directories as well as the object in the output. The new object will be the first entry in the list. This doesn't work when opening an object or creating keys/files.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: Inherit --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Inherit</maml:name> <maml:description> <maml:para>Set to mark the new handle as inheritable. Can be used with ObjectAttributes.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ObjectAttributes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ObjectAttributes</maml:name> <maml:description> <maml:para>Object Attribute flags used during Open/Create calls.</maml:para> <maml:para>Possible values: None, ProtectClose, Inherit, AuditObjectClose, Permanent, Exclusive, CaseInsensitive, OpenIf, OpenLink, KernelHandle, ForceAccessCheck, IgnoreImpersonatedDevicemap, DontReparse</maml:para> </maml:description> <command:parameterValue required="true">AttributeFlags</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.AttributeFlags</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>CaseInsensitive</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ProtectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Inherit</command:parameterValue> <command:parameterValue required="false" variableLength="false">AuditObjectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Permanent</command:parameterValue> <command:parameterValue required="false" variableLength="false">Exclusive</command:parameterValue> <command:parameterValue required="false" variableLength="false">CaseInsensitive</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenIf</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenLink</command:parameterValue> <command:parameterValue required="false" variableLength="false">KernelHandle</command:parameterValue> <command:parameterValue required="false" variableLength="false">ForceAccessCheck</command:parameterValue> <command:parameterValue required="false" variableLength="false">IgnoreImpersonatedDevicemap</command:parameterValue> <command:parameterValue required="false" variableLength="false">DontReparse</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: OpenFlags --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>OpenFlags</maml:name> <maml:description> <maml:para>Specify optional open flags..</maml:para> <maml:para>Possible values: None</maml:para> </maml:description> <command:parameterValue required="true">TransactionManagerOpenOptions</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.TransactionManagerOpenOptions</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Root --> <command:parameter required="false" globbing="false" pipelineInput="true (ByValue)" position="named"> <maml:name>Root</maml:name> <maml:description> <maml:para>An existing open NT object to use when Path is relative.</maml:para> </maml:description> <command:parameterValue required="true">NtObject</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtObject</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Sddl --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Sddl</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object in SDDL format.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SecurityDescriptor --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityDescriptor</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object.</maml:para> </maml:description> <command:parameterValue required="true">SecurityDescriptor</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityDescriptor</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SecurityQualityOfService --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityQualityOfService</maml:name> <maml:description> <maml:para>Set to provide an explicit security quality of service when opening files/namedpipes.</maml:para> </maml:description> <command:parameterValue required="true">SecurityQualityOfService</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityQualityOfService</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Win32Path --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Win32Path</maml:name> <maml:description> <maml:para>Use a Win32 path for lookups. For NT objects this means relative to BNO, for files means a DOS style path.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> </command:syntaxItem> <!-- Parameter set: FromLogFile --> <command:syntaxItem> <maml:name>Get-NtTransactionManager</maml:name> <!-- Parameter: Path --> <command:parameter required="true" globbing="false" pipelineInput="false" position="0"> <maml:name>Path</maml:name> <maml:description> <maml:para>The NT object manager path to the object to use.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: LogFile --> <command:parameter required="true" globbing="false" pipelineInput="false" position="named"> <maml:name>LogFile</maml:name> <maml:description> <maml:para>Specify that the path resolves to a logfile rather than an object manager path.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: Access --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Access</maml:name> <maml:description> <maml:para>Specify the access rights for a new handle when creating/opening an object.</maml:para> <maml:para>Possible values: QueryInformation, SetInformation, Recover, Rename, CreateRm, BindTransaction, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">TransactionManagerAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.TransactionManagerAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>MaximumAllowed</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">QueryInformation</command:parameterValue> <command:parameterValue required="false" variableLength="false">SetInformation</command:parameterValue> <command:parameterValue required="false" variableLength="false">Recover</command:parameterValue> <command:parameterValue required="false" variableLength="false">Rename</command:parameterValue> <command:parameterValue required="false" variableLength="false">CreateRm</command:parameterValue> <command:parameterValue required="false" variableLength="false">BindTransaction</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: CloseRoot --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CloseRoot</maml:name> <maml:description> <maml:para>Automatically close the Root object when this cmdlet finishes processing. Useful for pipelines.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: CreateDirectories --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CreateDirectories</maml:name> <maml:description> <maml:para>Create any necessary NtDirectory objects to create the required object. Will return the created directories as well as the object in the output. The new object will be the first entry in the list. This doesn't work when opening an object or creating keys/files.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: Inherit --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Inherit</maml:name> <maml:description> <maml:para>Set to mark the new handle as inheritable. Can be used with ObjectAttributes.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ObjectAttributes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ObjectAttributes</maml:name> <maml:description> <maml:para>Object Attribute flags used during Open/Create calls.</maml:para> <maml:para>Possible values: None, ProtectClose, Inherit, AuditObjectClose, Permanent, Exclusive, CaseInsensitive, OpenIf, OpenLink, KernelHandle, ForceAccessCheck, IgnoreImpersonatedDevicemap, DontReparse</maml:para> </maml:description> <command:parameterValue required="true">AttributeFlags</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.AttributeFlags</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>CaseInsensitive</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ProtectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Inherit</command:parameterValue> <command:parameterValue required="false" variableLength="false">AuditObjectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Permanent</command:parameterValue> <command:parameterValue required="false" variableLength="false">Exclusive</command:parameterValue> <command:parameterValue required="false" variableLength="false">CaseInsensitive</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenIf</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenLink</command:parameterValue> <command:parameterValue required="false" variableLength="false">KernelHandle</command:parameterValue> <command:parameterValue required="false" variableLength="false">ForceAccessCheck</command:parameterValue> <command:parameterValue required="false" variableLength="false">IgnoreImpersonatedDevicemap</command:parameterValue> <command:parameterValue required="false" variableLength="false">DontReparse</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: OpenFlags --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>OpenFlags</maml:name> <maml:description> <maml:para>Specify optional open flags..</maml:para> <maml:para>Possible values: None</maml:para> </maml:description> <command:parameterValue required="true">TransactionManagerOpenOptions</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.TransactionManagerOpenOptions</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Root --> <command:parameter required="false" globbing="false" pipelineInput="true (ByValue)" position="named"> <maml:name>Root</maml:name> <maml:description> <maml:para>An existing open NT object to use when Path is relative.</maml:para> </maml:description> <command:parameterValue required="true">NtObject</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtObject</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Sddl --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Sddl</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object in SDDL format.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SecurityDescriptor --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityDescriptor</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object.</maml:para> </maml:description> <command:parameterValue required="true">SecurityDescriptor</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityDescriptor</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SecurityQualityOfService --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityQualityOfService</maml:name> <maml:description> <maml:para>Set to provide an explicit security quality of service when opening files/namedpipes.</maml:para> </maml:description> <command:parameterValue required="true">SecurityQualityOfService</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityQualityOfService</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Win32Path --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Win32Path</maml:name> <maml:description> <maml:para>Use a Win32 path for lookups. For NT objects this means relative to BNO, for files means a DOS style path.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> </command:syntaxItem> <!-- Parameter set: FromId --> <command:syntaxItem> <maml:name>Get-NtTransactionManager</maml:name> <!-- Parameter: Path --> <command:parameter required="false" globbing="false" pipelineInput="false" position="0"> <maml:name>Path</maml:name> <maml:description> <maml:para>The NT object manager path to the object to use.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Identity --> <command:parameter required="true" globbing="false" pipelineInput="false" position="named"> <maml:name>Identity</maml:name> <maml:description> <maml:para>Specify a identity GUID to open.</maml:para> </maml:description> <command:parameterValue required="true">Guid</command:parameterValue> <dev:type> <maml:name>System.Guid</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>00000000-0000-0000-0000-000000000000</dev:defaultValue> </command:parameter> <!-- Parameter: Access --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Access</maml:name> <maml:description> <maml:para>Specify the access rights for a new handle when creating/opening an object.</maml:para> <maml:para>Possible values: QueryInformation, SetInformation, Recover, Rename, CreateRm, BindTransaction, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">TransactionManagerAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.TransactionManagerAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>MaximumAllowed</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">QueryInformation</command:parameterValue> <command:parameterValue required="false" variableLength="false">SetInformation</command:parameterValue> <command:parameterValue required="false" variableLength="false">Recover</command:parameterValue> <command:parameterValue required="false" variableLength="false">Rename</command:parameterValue> <command:parameterValue required="false" variableLength="false">CreateRm</command:parameterValue> <command:parameterValue required="false" variableLength="false">BindTransaction</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: CloseRoot --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CloseRoot</maml:name> <maml:description> <maml:para>Automatically close the Root object when this cmdlet finishes processing. Useful for pipelines.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: CreateDirectories --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CreateDirectories</maml:name> <maml:description> <maml:para>Create any necessary NtDirectory objects to create the required object. Will return the created directories as well as the object in the output. The new object will be the first entry in the list. This doesn't work when opening an object or creating keys/files.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: Inherit --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Inherit</maml:name> <maml:description> <maml:para>Set to mark the new handle as inheritable. Can be used with ObjectAttributes.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ObjectAttributes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ObjectAttributes</maml:name> <maml:description> <maml:para>Object Attribute flags used during Open/Create calls.</maml:para> <maml:para>Possible values: None, ProtectClose, Inherit, AuditObjectClose, Permanent, Exclusive, CaseInsensitive, OpenIf, OpenLink, KernelHandle, ForceAccessCheck, IgnoreImpersonatedDevicemap, DontReparse</maml:para> </maml:description> <command:parameterValue required="true">AttributeFlags</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.AttributeFlags</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>CaseInsensitive</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ProtectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Inherit</command:parameterValue> <command:parameterValue required="false" variableLength="false">AuditObjectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Permanent</command:parameterValue> <command:parameterValue required="false" variableLength="false">Exclusive</command:parameterValue> <command:parameterValue required="false" variableLength="false">CaseInsensitive</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenIf</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenLink</command:parameterValue> <command:parameterValue required="false" variableLength="false">KernelHandle</command:parameterValue> <command:parameterValue required="false" variableLength="false">ForceAccessCheck</command:parameterValue> <command:parameterValue required="false" variableLength="false">IgnoreImpersonatedDevicemap</command:parameterValue> <command:parameterValue required="false" variableLength="false">DontReparse</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: OpenFlags --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>OpenFlags</maml:name> <maml:description> <maml:para>Specify optional open flags..</maml:para> <maml:para>Possible values: None</maml:para> </maml:description> <command:parameterValue required="true">TransactionManagerOpenOptions</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.TransactionManagerOpenOptions</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Root --> <command:parameter required="false" globbing="false" pipelineInput="true (ByValue)" position="named"> <maml:name>Root</maml:name> <maml:description> <maml:para>An existing open NT object to use when Path is relative.</maml:para> </maml:description> <command:parameterValue required="true">NtObject</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtObject</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Sddl --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Sddl</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object in SDDL format.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SecurityDescriptor --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityDescriptor</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object.</maml:para> </maml:description> <command:parameterValue required="true">SecurityDescriptor</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityDescriptor</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SecurityQualityOfService --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityQualityOfService</maml:name> <maml:description> <maml:para>Set to provide an explicit security quality of service when opening files/namedpipes.</maml:para> </maml:description> <command:parameterValue required="true">SecurityQualityOfService</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityQualityOfService</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Win32Path --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Win32Path</maml:name> <maml:description> <maml:para>Use a Win32 path for lookups. For NT objects this means relative to BNO, for files means a DOS style path.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> </command:syntaxItem> </command:syntax> <command:parameters> <!-- Parameter: Path --> <command:parameter required="true" globbing="false" pipelineInput="false" position="0"> <maml:name>Path</maml:name> <maml:description> <maml:para>The NT object manager path to the object to use.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Identity --> <command:parameter required="true" globbing="false" pipelineInput="false" position="named"> <maml:name>Identity</maml:name> <maml:description> <maml:para>Specify a identity GUID to open.</maml:para> </maml:description> <command:parameterValue required="true">Guid</command:parameterValue> <dev:type> <maml:name>System.Guid</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>00000000-0000-0000-0000-000000000000</dev:defaultValue> </command:parameter> <!-- Parameter: OpenFlags --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>OpenFlags</maml:name> <maml:description> <maml:para>Specify optional open flags..</maml:para> <maml:para>Possible values: None</maml:para> </maml:description> <command:parameterValue required="true">TransactionManagerOpenOptions</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.TransactionManagerOpenOptions</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>None</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: LogFile --> <command:parameter required="true" globbing="false" pipelineInput="false" position="named"> <maml:name>LogFile</maml:name> <maml:description> <maml:para>Specify that the path resolves to a logfile rather than an object manager path.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: Access --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Access</maml:name> <maml:description> <maml:para>Specify the access rights for a new handle when creating/opening an object.</maml:para> <maml:para>Possible values: QueryInformation, SetInformation, Recover, Rename, CreateRm, BindTransaction, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">TransactionManagerAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.TransactionManagerAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>MaximumAllowed</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">QueryInformation</command:parameterValue> <command:parameterValue required="false" variableLength="false">SetInformation</command:parameterValue> <command:parameterValue required="false" variableLength="false">Recover</command:parameterValue> <command:parameterValue required="false" variableLength="false">Rename</command:parameterValue> <command:parameterValue required="false" variableLength="false">CreateRm</command:parameterValue> <command:parameterValue required="false" variableLength="false">BindTransaction</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Root --> <command:parameter required="false" globbing="false" pipelineInput="true (ByValue)" position="named"> <maml:name>Root</maml:name> <maml:description> <maml:para>An existing open NT object to use when Path is relative.</maml:para> </maml:description> <command:parameterValue required="true">NtObject</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtObject</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Win32Path --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Win32Path</maml:name> <maml:description> <maml:para>Use a Win32 path for lookups. For NT objects this means relative to BNO, for files means a DOS style path.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: CloseRoot --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CloseRoot</maml:name> <maml:description> <maml:para>Automatically close the Root object when this cmdlet finishes processing. Useful for pipelines.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: CreateDirectories --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CreateDirectories</maml:name> <maml:description> <maml:para>Create any necessary NtDirectory objects to create the required object. Will return the created directories as well as the object in the output. The new object will be the first entry in the list. This doesn't work when opening an object or creating keys/files.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ObjectAttributes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ObjectAttributes</maml:name> <maml:description> <maml:para>Object Attribute flags used during Open/Create calls.</maml:para> <maml:para>Possible values: None, ProtectClose, Inherit, AuditObjectClose, Permanent, Exclusive, CaseInsensitive, OpenIf, OpenLink, KernelHandle, ForceAccessCheck, IgnoreImpersonatedDevicemap, DontReparse</maml:para> </maml:description> <command:parameterValue required="true">AttributeFlags</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.AttributeFlags</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>CaseInsensitive</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ProtectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Inherit</command:parameterValue> <command:parameterValue required="false" variableLength="false">AuditObjectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Permanent</command:parameterValue> <command:parameterValue required="false" variableLength="false">Exclusive</command:parameterValue> <command:parameterValue required="false" variableLength="false">CaseInsensitive</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenIf</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenLink</command:parameterValue> <command:parameterValue required="false" variableLength="false">KernelHandle</command:parameterValue> <command:parameterValue required="false" variableLength="false">ForceAccessCheck</command:parameterValue> <command:parameterValue required="false" variableLength="false">IgnoreImpersonatedDevicemap</command:parameterValue> <command:parameterValue required="false" variableLength="false">DontReparse</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: SecurityDescriptor --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityDescriptor</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object.</maml:para> </maml:description> <command:parameterValue required="true">SecurityDescriptor</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityDescriptor</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Inherit --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Inherit</maml:name> <maml:description> <maml:para>Set to mark the new handle as inheritable. Can be used with ObjectAttributes.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: Sddl --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Sddl</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object in SDDL format.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SecurityQualityOfService --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityQualityOfService</maml:name> <maml:description> <maml:para>Set to provide an explicit security quality of service when opening files/namedpipes.</maml:para> </maml:description> <command:parameterValue required="true">SecurityQualityOfService</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityQualityOfService</maml:name> <maml:uri /> </dev:type> </command:parameter> </command:parameters> <command:inputTypes> <command:inputType> <dev:type> <maml:name>NtApiDotNet.NtObject</maml:name> <maml:uri /> </dev:type> <maml:description> <maml:para>An existing open NT object to use when Path is relative.</maml:para> </maml:description> </command:inputType> </command:inputTypes> <command:returnValues> <!-- OutputType: NtTransactionManager --> <command:returnValue> <dev:type> <maml:name>NtApiDotNet.NtTransactionManager</maml:name> <maml:uri /> </dev:type> </command:returnValue> </command:returnValues> <command:examples> <command:example> <maml:title>---------- EXAMPLE 1 ----------</maml:title> <dev:code>$obj = Get-NtTransactionManager</dev:code> <dev:remarks> <maml:para>Get all accessible transaction manager objects.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 2 ----------</maml:title> <dev:code>$obj = Get-NtTransactionManager \BaseNamedObjects\ABC</dev:code> <dev:remarks> <maml:para>Get a transaction manager object with an absolute path.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 3 ----------</maml:title> <dev:code>$obj = Get-NtTransactionManager -Identity '04422e91-63c2-4025-944d-d66fae133274'</dev:code> <dev:remarks> <maml:para>Get a transaction manager object from its identity GUID.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 4 ----------</maml:title> <dev:code>$obj = Get-NtTransactionManager \??\c:\abc\xyz</dev:code> <dev:remarks> <maml:para>Get a transaction manager object from an existing logfile.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 5 ----------</maml:title> <dev:code>$root = Get-NtDirectory \BaseNamedObjects $obj = Get-NtTransactionManager ABC -Root $root</dev:code> <dev:remarks> <maml:para>Get a transaction manager object with a relative path.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 6 ----------</maml:title> <dev:code>cd NtObject:\BaseNamedObjects $obj = Get-NtTransactionManager ABC</dev:code> <dev:remarks> <maml:para>Get a transaction manager object with a relative path based on the current location.</maml:para> </dev:remarks> </command:example> </command:examples> <maml:relatedLinks> <maml:navigationLink> <maml:linkText>about_ManagingNtObjectLifetime</maml:linkText> </maml:navigationLink> </maml:relatedLinks> </command:command> <!-- Cmdlet: New-NtTransactionManager --> <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"> <command:details> <command:name>New-NtTransactionManager</command:name> <command:verb>New</command:verb> <command:noun>NtTransactionManager</command:noun> <maml:description> <maml:para>Creates a new NT transaction manager object.</maml:para> </maml:description> </command:details> <maml:description> <maml:para>This cmdlet creates a new NT transaction object.</maml:para> </maml:description> <command:syntax> <!-- Parameter set: __AllParameterSets --> <command:syntaxItem> <maml:name>New-NtTransactionManager</maml:name> <!-- Parameter: Path --> <command:parameter required="false" globbing="false" pipelineInput="false" position="0"> <maml:name>Path</maml:name> <maml:description> <maml:para>The NT object manager path to the object to use.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Access --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Access</maml:name> <maml:description> <maml:para>Specify the access rights for a new handle when creating/opening an object.</maml:para> <maml:para>Possible values: QueryInformation, SetInformation, Recover, Rename, CreateRm, BindTransaction, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">TransactionManagerAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.TransactionManagerAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>MaximumAllowed</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">QueryInformation</command:parameterValue> <command:parameterValue required="false" variableLength="false">SetInformation</command:parameterValue> <command:parameterValue required="false" variableLength="false">Recover</command:parameterValue> <command:parameterValue required="false" variableLength="false">Rename</command:parameterValue> <command:parameterValue required="false" variableLength="false">CreateRm</command:parameterValue> <command:parameterValue required="false" variableLength="false">BindTransaction</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: CloseRoot --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CloseRoot</maml:name> <maml:description> <maml:para>Automatically close the Root object when this cmdlet finishes processing. Useful for pipelines.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: CommitStrength --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CommitStrength</maml:name> <maml:description> <maml:para>Specify an optional commit strength.</maml:para> </maml:description> <command:parameterValue required="true">int</command:parameterValue> <dev:type> <maml:name>System.Int32</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>0</dev:defaultValue> </command:parameter> <!-- Parameter: CreateDirectories --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CreateDirectories</maml:name> <maml:description> <maml:para>Create any necessary NtDirectory objects to create the required object. Will return the created directories as well as the object in the output. The new object will be the first entry in the list. This doesn't work when opening an object or creating keys/files.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: CreateFlags --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CreateFlags</maml:name> <maml:description> <maml:para>Specify flags for transaction manager creation.</maml:para> <maml:para>Possible values: CommitDefault, Volatile, CommitSystemVolume, CommitSystemHives, CommitLowest, CorruptForRecovery, CorruptForProgress</maml:para> </maml:description> <command:parameterValue required="true">TransactionManagerCreateOptions</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.TransactionManagerCreateOptions</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>CommitDefault</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">CommitDefault</command:parameterValue> <command:parameterValue required="false" variableLength="false">Volatile</command:parameterValue> <command:parameterValue required="false" variableLength="false">CommitSystemVolume</command:parameterValue> <command:parameterValue required="false" variableLength="false">CommitSystemHives</command:parameterValue> <command:parameterValue required="false" variableLength="false">CommitLowest</command:parameterValue> <command:parameterValue required="false" variableLength="false">CorruptForRecovery</command:parameterValue> <command:parameterValue required="false" variableLength="false">CorruptForProgress</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Inherit --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Inherit</maml:name> <maml:description> <maml:para>Set to mark the new handle as inheritable. Can be used with ObjectAttributes.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: LogFileName --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>LogFileName</maml:name> <maml:description> <maml:para>Specify an optional log file name.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: ObjectAttributes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ObjectAttributes</maml:name> <maml:description> <maml:para>Object Attribute flags used during Open/Create calls.</maml:para> <maml:para>Possible values: None, ProtectClose, Inherit, AuditObjectClose, Permanent, Exclusive, CaseInsensitive, OpenIf, OpenLink, KernelHandle, ForceAccessCheck, IgnoreImpersonatedDevicemap, DontReparse</maml:para> </maml:description> <command:parameterValue required="true">AttributeFlags</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.AttributeFlags</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>CaseInsensitive</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ProtectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Inherit</command:parameterValue> <command:parameterValue required="false" variableLength="false">AuditObjectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Permanent</command:parameterValue> <command:parameterValue required="false" variableLength="false">Exclusive</command:parameterValue> <command:parameterValue required="false" variableLength="false">CaseInsensitive</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenIf</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenLink</command:parameterValue> <command:parameterValue required="false" variableLength="false">KernelHandle</command:parameterValue> <command:parameterValue required="false" variableLength="false">ForceAccessCheck</command:parameterValue> <command:parameterValue required="false" variableLength="false">IgnoreImpersonatedDevicemap</command:parameterValue> <command:parameterValue required="false" variableLength="false">DontReparse</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Root --> <command:parameter required="false" globbing="false" pipelineInput="true (ByValue)" position="named"> <maml:name>Root</maml:name> <maml:description> <maml:para>An existing open NT object to use when Path is relative.</maml:para> </maml:description> <command:parameterValue required="true">NtObject</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtObject</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Sddl --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Sddl</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object in SDDL format.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SecurityDescriptor --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityDescriptor</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object.</maml:para> </maml:description> <command:parameterValue required="true">SecurityDescriptor</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityDescriptor</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SecurityQualityOfService --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityQualityOfService</maml:name> <maml:description> <maml:para>Set to provide an explicit security quality of service when opening files/namedpipes.</maml:para> </maml:description> <command:parameterValue required="true">SecurityQualityOfService</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityQualityOfService</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Win32Path --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Win32Path</maml:name> <maml:description> <maml:para>Use a Win32 path for lookups. For NT objects this means relative to BNO, for files means a DOS style path.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> </command:syntaxItem> </command:syntax> <command:parameters> <!-- Parameter: CreateFlags --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CreateFlags</maml:name> <maml:description> <maml:para>Specify flags for transaction manager creation.</maml:para> <maml:para>Possible values: CommitDefault, Volatile, CommitSystemVolume, CommitSystemHives, CommitLowest, CorruptForRecovery, CorruptForProgress</maml:para> </maml:description> <command:parameterValue required="true">TransactionManagerCreateOptions</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.TransactionManagerCreateOptions</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>CommitDefault</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">CommitDefault</command:parameterValue> <command:parameterValue required="false" variableLength="false">Volatile</command:parameterValue> <command:parameterValue required="false" variableLength="false">CommitSystemVolume</command:parameterValue> <command:parameterValue required="false" variableLength="false">CommitSystemHives</command:parameterValue> <command:parameterValue required="false" variableLength="false">CommitLowest</command:parameterValue> <command:parameterValue required="false" variableLength="false">CorruptForRecovery</command:parameterValue> <command:parameterValue required="false" variableLength="false">CorruptForProgress</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: CommitStrength --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CommitStrength</maml:name> <maml:description> <maml:para>Specify an optional commit strength.</maml:para> </maml:description> <command:parameterValue required="true">int</command:parameterValue> <dev:type> <maml:name>System.Int32</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>0</dev:defaultValue> </command:parameter> <!-- Parameter: LogFileName --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>LogFileName</maml:name> <maml:description> <maml:para>Specify an optional log file name.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Access --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Access</maml:name> <maml:description> <maml:para>Specify the access rights for a new handle when creating/opening an object.</maml:para> <maml:para>Possible values: QueryInformation, SetInformation, Recover, Rename, CreateRm, BindTransaction, GenericRead, GenericWrite, GenericExecute, GenericAll, Delete, ReadControl, WriteDac, WriteOwner, Synchronize, MaximumAllowed, AccessSystemSecurity</maml:para> </maml:description> <command:parameterValue required="true">TransactionManagerAccessRights</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.TransactionManagerAccessRights</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>MaximumAllowed</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">QueryInformation</command:parameterValue> <command:parameterValue required="false" variableLength="false">SetInformation</command:parameterValue> <command:parameterValue required="false" variableLength="false">Recover</command:parameterValue> <command:parameterValue required="false" variableLength="false">Rename</command:parameterValue> <command:parameterValue required="false" variableLength="false">CreateRm</command:parameterValue> <command:parameterValue required="false" variableLength="false">BindTransaction</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericRead</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericWrite</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericExecute</command:parameterValue> <command:parameterValue required="false" variableLength="false">GenericAll</command:parameterValue> <command:parameterValue required="false" variableLength="false">Delete</command:parameterValue> <command:parameterValue required="false" variableLength="false">ReadControl</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteDac</command:parameterValue> <command:parameterValue required="false" variableLength="false">WriteOwner</command:parameterValue> <command:parameterValue required="false" variableLength="false">Synchronize</command:parameterValue> <command:parameterValue required="false" variableLength="false">MaximumAllowed</command:parameterValue> <command:parameterValue required="false" variableLength="false">AccessSystemSecurity</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: Path --> <command:parameter required="false" globbing="false" pipelineInput="false" position="0"> <maml:name>Path</maml:name> <maml:description> <maml:para>The NT object manager path to the object to use.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Root --> <command:parameter required="false" globbing="false" pipelineInput="true (ByValue)" position="named"> <maml:name>Root</maml:name> <maml:description> <maml:para>An existing open NT object to use when Path is relative.</maml:para> </maml:description> <command:parameterValue required="true">NtObject</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtObject</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Win32Path --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Win32Path</maml:name> <maml:description> <maml:para>Use a Win32 path for lookups. For NT objects this means relative to BNO, for files means a DOS style path.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: CloseRoot --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CloseRoot</maml:name> <maml:description> <maml:para>Automatically close the Root object when this cmdlet finishes processing. Useful for pipelines.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: CreateDirectories --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CreateDirectories</maml:name> <maml:description> <maml:para>Create any necessary NtDirectory objects to create the required object. Will return the created directories as well as the object in the output. The new object will be the first entry in the list. This doesn't work when opening an object or creating keys/files.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: ObjectAttributes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>ObjectAttributes</maml:name> <maml:description> <maml:para>Object Attribute flags used during Open/Create calls.</maml:para> <maml:para>Possible values: None, ProtectClose, Inherit, AuditObjectClose, Permanent, Exclusive, CaseInsensitive, OpenIf, OpenLink, KernelHandle, ForceAccessCheck, IgnoreImpersonatedDevicemap, DontReparse</maml:para> </maml:description> <command:parameterValue required="true">AttributeFlags</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.AttributeFlags</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>CaseInsensitive</dev:defaultValue> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">None</command:parameterValue> <command:parameterValue required="false" variableLength="false">ProtectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Inherit</command:parameterValue> <command:parameterValue required="false" variableLength="false">AuditObjectClose</command:parameterValue> <command:parameterValue required="false" variableLength="false">Permanent</command:parameterValue> <command:parameterValue required="false" variableLength="false">Exclusive</command:parameterValue> <command:parameterValue required="false" variableLength="false">CaseInsensitive</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenIf</command:parameterValue> <command:parameterValue required="false" variableLength="false">OpenLink</command:parameterValue> <command:parameterValue required="false" variableLength="false">KernelHandle</command:parameterValue> <command:parameterValue required="false" variableLength="false">ForceAccessCheck</command:parameterValue> <command:parameterValue required="false" variableLength="false">IgnoreImpersonatedDevicemap</command:parameterValue> <command:parameterValue required="false" variableLength="false">DontReparse</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: SecurityDescriptor --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityDescriptor</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object.</maml:para> </maml:description> <command:parameterValue required="true">SecurityDescriptor</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityDescriptor</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Inherit --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Inherit</maml:name> <maml:description> <maml:para>Set to mark the new handle as inheritable. Can be used with ObjectAttributes.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: Sddl --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Sddl</maml:name> <maml:description> <maml:para>Set to provide an explicit security descriptor to a newly created object in SDDL format.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SecurityQualityOfService --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SecurityQualityOfService</maml:name> <maml:description> <maml:para>Set to provide an explicit security quality of service when opening files/namedpipes.</maml:para> </maml:description> <command:parameterValue required="true">SecurityQualityOfService</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.SecurityQualityOfService</maml:name> <maml:uri /> </dev:type> </command:parameter> </command:parameters> <command:inputTypes> <command:inputType> <dev:type> <maml:name>NtApiDotNet.NtObject</maml:name> <maml:uri /> </dev:type> <maml:description> <maml:para>An existing open NT object to use when Path is relative.</maml:para> </maml:description> </command:inputType> </command:inputTypes> <command:returnValues> <!-- OutputType: NtTransactionManager --> <command:returnValue> <dev:type> <maml:name>NtApiDotNet.NtTransactionManager</maml:name> <maml:uri /> </dev:type> </command:returnValue> </command:returnValues> <command:examples> <command:example> <maml:title>---------- EXAMPLE 1 ----------</maml:title> <dev:code>$obj = New-NtTransaction \BaseNamedObjects\ABC</dev:code> <dev:remarks> <maml:para>Create a transaction manager object with an absolute path.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 2 ----------</maml:title> <dev:code>$obj = New-NtTransaction \BaseNamedObjects\ABC -PreferredNode 2</dev:code> <dev:remarks> <maml:para>Create a transaction manager object with an absolute path and preferred node 2.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 3 ----------</maml:title> <dev:code>$root = Get-NtDirectory \BaseNamedObjects $obj = New-NtTransaction ABC -Root $root</dev:code> <dev:remarks> <maml:para>Create a transaction manager object with a relative path.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 4 ----------</maml:title> <dev:code>cd NtObject:\BaseNamedObjects $obj = New-NtTransaction ABC</dev:code> <dev:remarks> <maml:para>Create a transaction manager object with a relative path based on the current location.</maml:para> </dev:remarks> </command:example> </command:examples> <maml:relatedLinks> <maml:navigationLink> <maml:linkText>about_ManagingNtObjectLifetime</maml:linkText> </maml:navigationLink> </maml:relatedLinks> </command:command> <!-- Cmdlet: Get-NtType --> <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"> <command:details> <command:name>Get-NtType</command:name> <command:verb>Get</command:verb> <command:noun>NtType</command:noun> <maml:description> <maml:para>Get NT type information.</maml:para> </maml:description> </command:details> <maml:description> <maml:para>This cmdlet gets NT type information from the operating system. If run without parameters it'll retrieve all types. You can limit it to only one type using the -TypeName parameter. By default it will used cached versions of the type information as most of the time you don't need information such as how many objects are created, however if you want that current information specify the -CurrentStatus parameter.</maml:para> </maml:description> <command:syntax> <!-- Parameter set: __AllParameterSets --> <command:syntaxItem> <maml:name>Get-NtType</maml:name> <!-- Parameter: TypeName --> <command:parameter required="false" globbing="false" pipelineInput="false" position="0"> <maml:name>TypeName</maml:name> <maml:description> <maml:para>Specify a specific NT type to retrieve.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: CurrentStatus --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CurrentStatus</maml:name> <maml:description> <maml:para>If set then will pull the latest information for the types rather than using cached data.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> </command:syntaxItem> </command:syntax> <command:parameters> <!-- Parameter: TypeName --> <command:parameter required="false" globbing="false" pipelineInput="false" position="0"> <maml:name>TypeName</maml:name> <maml:description> <maml:para>Specify a specific NT type to retrieve.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: CurrentStatus --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>CurrentStatus</maml:name> <maml:description> <maml:para>If set then will pull the latest information for the types rather than using cached data.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> </command:parameters> <command:inputTypes /> <command:returnValues> <!-- OutputType: NtType --> <command:returnValue> <dev:type> <maml:name>NtApiDotNet.NtType</maml:name> <maml:uri /> </dev:type> </command:returnValue> </command:returnValues> <command:examples> <command:example> <maml:title>---------- EXAMPLE 1 ----------</maml:title> <dev:code>Get-NtType</dev:code> <dev:remarks> <maml:para>Get all NT types.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 2 ----------</maml:title> <dev:code>Get-NtType | Where-Object SecurityRequired -eq $False</dev:code> <dev:remarks> <maml:para>Get all NT types which don't require security.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 3 ----------</maml:title> <dev:code>Get-NtType Directory</dev:code> <dev:remarks> <maml:para>Get the Directory NT type.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 4 ----------</maml:title> <dev:code>Get-NtType Directory -CurrentStatus</dev:code> <dev:remarks> <maml:para>Get the Directory NT type with the current status of all information.</maml:para> </dev:remarks> </command:example> </command:examples> </command:command> <!-- Cmdlet: Start-NtWait --> <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"> <command:details> <command:name>Start-NtWait</command:name> <command:verb>Start</command:verb> <command:noun>NtWait</command:noun> <maml:description> <maml:para>Wait on one or more NT objects to become signalled.</maml:para> </maml:description> </command:details> <maml:description> <maml:para>This cmdlet allows you to issue a wait on one or more NT objects until they become signalled. This is used for example to acquire a Mutant, decrement a Semaphore or wait for a Process to exit. The timeout value is a combination of all the allowed time parameters, e.g. if you specify 1 second and 1000 milliseconds it will actually wait 2 seconds in total. Specifying -Infinite overrides the time parameters and will wait indefinitely.</maml:para> </maml:description> <command:syntax> <!-- Parameter set: time --> <command:syntaxItem> <maml:name>Start-NtWait</maml:name> <!-- Parameter: Objects --> <command:parameter required="true" globbing="false" pipelineInput="true (ByValue)" position="0"> <maml:name>Objects</maml:name> <maml:description> <maml:para>Specify a list of objects to wait on.</maml:para> </maml:description> <command:parameterValue required="true">NtObject[]</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtObject[]</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Alertable --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Alertable</maml:name> <maml:description> <maml:para>Specify the wait should be alertable.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: Hours --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named" aliases="h"> <maml:name>Hours</maml:name> <maml:description> <maml:para>Specify a wait time in hours.</maml:para> </maml:description> <command:parameterValue required="true">int</command:parameterValue> <dev:type> <maml:name>System.Int32</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>0</dev:defaultValue> </command:parameter> <!-- Parameter: MilliSeconds --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named" aliases="ms"> <maml:name>MilliSeconds</maml:name> <maml:description> <maml:para>Specify a wait time in milliseconds.</maml:para> </maml:description> <command:parameterValue required="true">long</command:parameterValue> <dev:type> <maml:name>System.Int64</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>0</dev:defaultValue> </command:parameter> <!-- Parameter: Minutes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named" aliases="m"> <maml:name>Minutes</maml:name> <maml:description> <maml:para>Specify a wait time in minutes.</maml:para> </maml:description> <command:parameterValue required="true">int</command:parameterValue> <dev:type> <maml:name>System.Int32</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>0</dev:defaultValue> </command:parameter> <!-- Parameter: Seconds --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named" aliases="s"> <maml:name>Seconds</maml:name> <maml:description> <maml:para>Specify a wait time in seconds.</maml:para> </maml:description> <command:parameterValue required="true">int</command:parameterValue> <dev:type> <maml:name>System.Int32</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>0</dev:defaultValue> </command:parameter> <!-- Parameter: WaitAll --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>WaitAll</maml:name> <maml:description> <maml:para>Specify a multiple object wait should exit only when all objects becomes signalled.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> </command:syntaxItem> <!-- Parameter set: infinite --> <command:syntaxItem> <maml:name>Start-NtWait</maml:name> <!-- Parameter: Objects --> <command:parameter required="true" globbing="false" pipelineInput="true (ByValue)" position="0"> <maml:name>Objects</maml:name> <maml:description> <maml:para>Specify a list of objects to wait on.</maml:para> </maml:description> <command:parameterValue required="true">NtObject[]</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtObject[]</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Alertable --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Alertable</maml:name> <maml:description> <maml:para>Specify the wait should be alertable.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: Infinite --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Infinite</maml:name> <maml:description> <maml:para>Specify an infinite wait time.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: WaitAll --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>WaitAll</maml:name> <maml:description> <maml:para>Specify a multiple object wait should exit only when all objects becomes signalled.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> </command:syntaxItem> </command:syntax> <command:parameters> <!-- Parameter: Objects --> <command:parameter required="true" globbing="false" pipelineInput="true (ByValue)" position="0"> <maml:name>Objects</maml:name> <maml:description> <maml:para>Specify a list of objects to wait on.</maml:para> </maml:description> <command:parameterValue required="true">NtObject[]</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.NtObject[]</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Alertable --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Alertable</maml:name> <maml:description> <maml:para>Specify the wait should be alertable.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: WaitAll --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>WaitAll</maml:name> <maml:description> <maml:para>Specify a multiple object wait should exit only when all objects becomes signalled.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: Seconds --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named" aliases="s"> <maml:name>Seconds</maml:name> <maml:description> <maml:para>Specify a wait time in seconds.</maml:para> </maml:description> <command:parameterValue required="true">int</command:parameterValue> <dev:type> <maml:name>System.Int32</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>0</dev:defaultValue> </command:parameter> <command:parameter required="false" globbing="false" pipelineInput="false" position="named" aliases="s"> <maml:name>s</maml:name> <maml:description> <maml:para>Specify a wait time in seconds.</maml:para> <maml:para>This is an alias of the Seconds parameter.</maml:para> </maml:description> <command:parameterValue required="true">int</command:parameterValue> <dev:type> <maml:name>System.Int32</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>0</dev:defaultValue> </command:parameter> <!-- Parameter: MilliSeconds --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named" aliases="ms"> <maml:name>MilliSeconds</maml:name> <maml:description> <maml:para>Specify a wait time in milliseconds.</maml:para> </maml:description> <command:parameterValue required="true">long</command:parameterValue> <dev:type> <maml:name>System.Int64</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>0</dev:defaultValue> </command:parameter> <command:parameter required="false" globbing="false" pipelineInput="false" position="named" aliases="ms"> <maml:name>ms</maml:name> <maml:description> <maml:para>Specify a wait time in milliseconds.</maml:para> <maml:para>This is an alias of the MilliSeconds parameter.</maml:para> </maml:description> <command:parameterValue required="true">long</command:parameterValue> <dev:type> <maml:name>System.Int64</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>0</dev:defaultValue> </command:parameter> <!-- Parameter: Minutes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named" aliases="m"> <maml:name>Minutes</maml:name> <maml:description> <maml:para>Specify a wait time in minutes.</maml:para> </maml:description> <command:parameterValue required="true">int</command:parameterValue> <dev:type> <maml:name>System.Int32</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>0</dev:defaultValue> </command:parameter> <command:parameter required="false" globbing="false" pipelineInput="false" position="named" aliases="m"> <maml:name>m</maml:name> <maml:description> <maml:para>Specify a wait time in minutes.</maml:para> <maml:para>This is an alias of the Minutes parameter.</maml:para> </maml:description> <command:parameterValue required="true">int</command:parameterValue> <dev:type> <maml:name>System.Int32</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>0</dev:defaultValue> </command:parameter> <!-- Parameter: Hours --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named" aliases="h"> <maml:name>Hours</maml:name> <maml:description> <maml:para>Specify a wait time in hours.</maml:para> </maml:description> <command:parameterValue required="true">int</command:parameterValue> <dev:type> <maml:name>System.Int32</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>0</dev:defaultValue> </command:parameter> <command:parameter required="false" globbing="false" pipelineInput="false" position="named" aliases="h"> <maml:name>h</maml:name> <maml:description> <maml:para>Specify a wait time in hours.</maml:para> <maml:para>This is an alias of the Hours parameter.</maml:para> </maml:description> <command:parameterValue required="true">int</command:parameterValue> <dev:type> <maml:name>System.Int32</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>0</dev:defaultValue> </command:parameter> <!-- Parameter: Infinite --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Infinite</maml:name> <maml:description> <maml:para>Specify an infinite wait time.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> </command:parameters> <command:inputTypes> <command:inputType> <dev:type> <maml:name>NtApiDotNet.NtObject[]</maml:name> <maml:uri /> </dev:type> <maml:description> <maml:para>Specify a list of objects to wait on.</maml:para> </maml:description> </command:inputType> </command:inputTypes> <command:returnValues> <!-- OutputType: NtStatus --> <command:returnValue> <dev:type> <maml:name>NtApiDotNet.NtStatus</maml:name> <maml:uri /> </dev:type> </command:returnValue> </command:returnValues> <command:examples> <command:example> <maml:title>---------- EXAMPLE 1 ----------</maml:title> <dev:code>$ev = Get-NtEvent \BaseNamedObjects\ABC Start-NtWait $ev -Seconds 10</dev:code> <dev:remarks> <maml:para>Get an event and wait for 10 seconds for it to be signalled.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 2 ----------</maml:title> <dev:code>$ev = Get-NtEvent \BaseNamedObjects\ABC $ev | Start-NtWait -Infinite</dev:code> <dev:remarks> <maml:para>Get an event and wait indefinitely for it to be signalled.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 3 ----------</maml:title> <dev:code>$ev = Get-NtEvent \BaseNamedObjects\ABC $ev | Start-NtWait -Infinite -Alertable</dev:code> <dev:remarks> <maml:para>Get an event and wait indefinitely for it to be signalled or alerted.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 4 ----------</maml:title> <dev:code>$evs = @($ev1, $ev2)$ Start-NtWait $evs -WaitAll -Seconds 100</dev:code> <dev:remarks> <maml:para>Get a list of events and wait 100 seconds for all events to be signalled.</maml:para> </dev:remarks> </command:example> </command:examples> <maml:relatedLinks> <maml:navigationLink> <maml:linkText>about_ManagingNtObjectLifetime</maml:linkText> </maml:navigationLink> </maml:relatedLinks> </command:command> <!-- Cmdlet: Get-NtWaitTimeout --> <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"> <command:details> <command:name>Get-NtWaitTimeout</command:name> <command:verb>Get</command:verb> <command:noun>NtWaitTimeout</command:noun> <maml:description> <maml:para>Get a wait timeout which represents a specific time.</maml:para> </maml:description> </command:details> <maml:description> <maml:para>This cmdlet gets an NtWaitTimeout which can be passed to other calls. The timeout value is a combination of all the allowed time parameters, e.g. if you specify 1 second and 1000 milliseconds it will actually wait 2 seconds in total. Specifying -Infinite will get cause a wait to stop indefinitely.</maml:para> </maml:description> <command:syntax> <!-- Parameter set: time --> <command:syntaxItem> <maml:name>Get-NtWaitTimeout</maml:name> <!-- Parameter: Hours --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named" aliases="h"> <maml:name>Hours</maml:name> <maml:description> <maml:para>Specify a wait time in hours.</maml:para> </maml:description> <command:parameterValue required="true">int</command:parameterValue> <dev:type> <maml:name>System.Int32</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>0</dev:defaultValue> </command:parameter> <!-- Parameter: MilliSeconds --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named" aliases="ms"> <maml:name>MilliSeconds</maml:name> <maml:description> <maml:para>Specify a wait time in milliseconds.</maml:para> </maml:description> <command:parameterValue required="true">long</command:parameterValue> <dev:type> <maml:name>System.Int64</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>0</dev:defaultValue> </command:parameter> <!-- Parameter: Minutes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named" aliases="m"> <maml:name>Minutes</maml:name> <maml:description> <maml:para>Specify a wait time in minutes.</maml:para> </maml:description> <command:parameterValue required="true">int</command:parameterValue> <dev:type> <maml:name>System.Int32</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>0</dev:defaultValue> </command:parameter> <!-- Parameter: Seconds --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named" aliases="s"> <maml:name>Seconds</maml:name> <maml:description> <maml:para>Specify a wait time in seconds.</maml:para> </maml:description> <command:parameterValue required="true">int</command:parameterValue> <dev:type> <maml:name>System.Int32</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>0</dev:defaultValue> </command:parameter> </command:syntaxItem> <!-- Parameter set: infinite --> <command:syntaxItem> <maml:name>Get-NtWaitTimeout</maml:name> <!-- Parameter: Infinite --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Infinite</maml:name> <maml:description> <maml:para>Specify an infinite wait time.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> </command:syntaxItem> </command:syntax> <command:parameters> <!-- Parameter: Seconds --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named" aliases="s"> <maml:name>Seconds</maml:name> <maml:description> <maml:para>Specify a wait time in seconds.</maml:para> </maml:description> <command:parameterValue required="true">int</command:parameterValue> <dev:type> <maml:name>System.Int32</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>0</dev:defaultValue> </command:parameter> <command:parameter required="false" globbing="false" pipelineInput="false" position="named" aliases="s"> <maml:name>s</maml:name> <maml:description> <maml:para>Specify a wait time in seconds.</maml:para> <maml:para>This is an alias of the Seconds parameter.</maml:para> </maml:description> <command:parameterValue required="true">int</command:parameterValue> <dev:type> <maml:name>System.Int32</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>0</dev:defaultValue> </command:parameter> <!-- Parameter: MilliSeconds --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named" aliases="ms"> <maml:name>MilliSeconds</maml:name> <maml:description> <maml:para>Specify a wait time in milliseconds.</maml:para> </maml:description> <command:parameterValue required="true">long</command:parameterValue> <dev:type> <maml:name>System.Int64</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>0</dev:defaultValue> </command:parameter> <command:parameter required="false" globbing="false" pipelineInput="false" position="named" aliases="ms"> <maml:name>ms</maml:name> <maml:description> <maml:para>Specify a wait time in milliseconds.</maml:para> <maml:para>This is an alias of the MilliSeconds parameter.</maml:para> </maml:description> <command:parameterValue required="true">long</command:parameterValue> <dev:type> <maml:name>System.Int64</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>0</dev:defaultValue> </command:parameter> <!-- Parameter: Minutes --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named" aliases="m"> <maml:name>Minutes</maml:name> <maml:description> <maml:para>Specify a wait time in minutes.</maml:para> </maml:description> <command:parameterValue required="true">int</command:parameterValue> <dev:type> <maml:name>System.Int32</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>0</dev:defaultValue> </command:parameter> <command:parameter required="false" globbing="false" pipelineInput="false" position="named" aliases="m"> <maml:name>m</maml:name> <maml:description> <maml:para>Specify a wait time in minutes.</maml:para> <maml:para>This is an alias of the Minutes parameter.</maml:para> </maml:description> <command:parameterValue required="true">int</command:parameterValue> <dev:type> <maml:name>System.Int32</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>0</dev:defaultValue> </command:parameter> <!-- Parameter: Hours --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named" aliases="h"> <maml:name>Hours</maml:name> <maml:description> <maml:para>Specify a wait time in hours.</maml:para> </maml:description> <command:parameterValue required="true">int</command:parameterValue> <dev:type> <maml:name>System.Int32</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>0</dev:defaultValue> </command:parameter> <command:parameter required="false" globbing="false" pipelineInput="false" position="named" aliases="h"> <maml:name>h</maml:name> <maml:description> <maml:para>Specify a wait time in hours.</maml:para> <maml:para>This is an alias of the Hours parameter.</maml:para> </maml:description> <command:parameterValue required="true">int</command:parameterValue> <dev:type> <maml:name>System.Int32</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>0</dev:defaultValue> </command:parameter> <!-- Parameter: Infinite --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>Infinite</maml:name> <maml:description> <maml:para>Specify an infinite wait time.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> </command:parameters> <command:inputTypes /> <command:returnValues> <!-- OutputType: NtStatus --> <command:returnValue> <dev:type> <maml:name>NtApiDotNet.NtStatus</maml:name> <maml:uri /> </dev:type> </command:returnValue> </command:returnValues> <command:examples> <command:example> <maml:title>---------- EXAMPLE 1 ----------</maml:title> <dev:code>$to = Get-NtWaitTimeout -Seconds 10</dev:code> <dev:remarks> <maml:para>Get a wait timeout represent 10 seconds.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 2 ----------</maml:title> <dev:code>$to = Get-NtWaitTimeout Infinite</dev:code> <dev:remarks> <maml:para>Get a wait timeout representing infinity.</maml:para> </dev:remarks> </command:example> </command:examples> </command:command> <!-- Cmdlet: Compare-RpcServer --> <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"> <command:details> <command:name>Compare-RpcServer</command:name> <command:verb>Compare</command:verb> <command:noun>RpcServer</command:noun> <maml:description> <maml:para>Compare two lists of RPC server objects for differences.</maml:para> </maml:description> </command:details> <maml:description> <maml:para>This cmdlet compares two lists of RPC server objects for differences. It highlights servers which didn't exist before, servers removed from the list as well as servers which have been modified in some way.</maml:para> </maml:description> <command:syntax> <!-- Parameter set: __AllParameterSets --> <command:syntaxItem> <maml:name>Compare-RpcServer</maml:name> <!-- Parameter: Server --> <command:parameter required="true" globbing="false" pipelineInput="false" position="0"> <maml:name>Server</maml:name> <maml:description> <maml:para>Specify a list of RPC servers for comparison.</maml:para> </maml:description> <command:parameterValue required="true">RpcServer[]</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.Win32.RpcServer[]</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: CompareServer --> <command:parameter required="true" globbing="false" pipelineInput="false" position="1"> <maml:name>CompareServer</maml:name> <maml:description> <maml:para>Specify a list of RPC servers to compare against Server.</maml:para> </maml:description> <command:parameterValue required="true">RpcServer[]</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.Win32.RpcServer[]</maml:name> <maml:uri /> </dev:type> </command:parameter> </command:syntaxItem> </command:syntax> <command:parameters> <!-- Parameter: Server --> <command:parameter required="true" globbing="false" pipelineInput="false" position="0"> <maml:name>Server</maml:name> <maml:description> <maml:para>Specify a list of RPC servers for comparison.</maml:para> </maml:description> <command:parameterValue required="true">RpcServer[]</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.Win32.RpcServer[]</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: CompareServer --> <command:parameter required="true" globbing="false" pipelineInput="false" position="1"> <maml:name>CompareServer</maml:name> <maml:description> <maml:para>Specify a list of RPC servers to compare against Server.</maml:para> </maml:description> <command:parameterValue required="true">RpcServer[]</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.Win32.RpcServer[]</maml:name> <maml:uri /> </dev:type> </command:parameter> </command:parameters> <command:inputTypes /> <command:returnValues> <!-- OutputType: CompareRpcServerResult --> <command:returnValue> <dev:type> <maml:name>NtObjectManager.CompareRpcServerResult</maml:name> <maml:uri /> </dev:type> <maml:description> <maml:para>Result of a RPC server comparison.</maml:para> </maml:description> </command:returnValue> </command:returnValues> <command:examples> <command:example> <maml:title>---------- EXAMPLE 1 ----------</maml:title> <dev:code>Compare-RpcServer -Server $old -CompareServer $new</dev:code> <dev:remarks> <maml:para>Compare a list of old servers in $old with ones in $new.</maml:para> </dev:remarks> </command:example> </command:examples> </command:command> <!-- Cmdlet: Select-RpcServer --> <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"> <command:details> <command:name>Select-RpcServer</command:name> <command:verb>Select</command:verb> <command:noun>RpcServer</command:noun> <maml:description> <maml:para>Selects RPC server objects based on some specific criteria.</maml:para> </maml:description> </command:details> <maml:description> <maml:para>This cmdlet selects out RPC servers from a list based on a few specific criteria such as partial name match or specific parameter types.</maml:para> </maml:description> <command:syntax> <!-- Parameter set: MatchName --> <command:syntaxItem> <maml:name>Select-RpcServer</maml:name> <!-- Parameter: Server --> <command:parameter required="true" globbing="false" pipelineInput="true (ByValue)" position="0"> <maml:name>Server</maml:name> <maml:description> <maml:para>Specify a list of RPC servers for selecting.</maml:para> </maml:description> <command:parameterValue required="true">RpcServer[]</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.Win32.RpcServer[]</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Name --> <command:parameter required="true" globbing="false" pipelineInput="false" position="1"> <maml:name>Name</maml:name> <maml:description> <maml:para>Specify name to partially match against a function name.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> </command:syntaxItem> <!-- Parameter set: MatchSystemHandle --> <command:syntaxItem> <maml:name>Select-RpcServer</maml:name> <!-- Parameter: Server --> <command:parameter required="true" globbing="false" pipelineInput="true (ByValue)" position="0"> <maml:name>Server</maml:name> <maml:description> <maml:para>Specify a list of RPC servers for selecting.</maml:para> </maml:description> <command:parameterValue required="true">RpcServer[]</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.Win32.RpcServer[]</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SystemHandle --> <command:parameter required="true" globbing="false" pipelineInput="false" position="named"> <maml:name>SystemHandle</maml:name> <maml:description> <maml:para>Specify one function must take a system handle parameter.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: SystemHandleType --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SystemHandleType</maml:name> <maml:description> <maml:para>Specify an optional type of system handle to match.</maml:para> <maml:para>Possible values: File, Semaphore, Event, Mutex, Process, Token, Section, RegKey, Thread, Composition, Socket, Job, Pipe</maml:para> </maml:description> <command:parameterValue required="true">NdrSystemHandleResource</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.Ndr.NdrSystemHandleResource</maml:name> <maml:uri /> </dev:type> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">File</command:parameterValue> <command:parameterValue required="false" variableLength="false">Semaphore</command:parameterValue> <command:parameterValue required="false" variableLength="false">Event</command:parameterValue> <command:parameterValue required="false" variableLength="false">Mutex</command:parameterValue> <command:parameterValue required="false" variableLength="false">Process</command:parameterValue> <command:parameterValue required="false" variableLength="false">Token</command:parameterValue> <command:parameterValue required="false" variableLength="false">Section</command:parameterValue> <command:parameterValue required="false" variableLength="false">RegKey</command:parameterValue> <command:parameterValue required="false" variableLength="false">Thread</command:parameterValue> <command:parameterValue required="false" variableLength="false">Composition</command:parameterValue> <command:parameterValue required="false" variableLength="false">Socket</command:parameterValue> <command:parameterValue required="false" variableLength="false">Job</command:parameterValue> <command:parameterValue required="false" variableLength="false">Pipe</command:parameterValue> </command:parameterValueGroup> </command:parameter> </command:syntaxItem> <!-- Parameter set: MatchInterfaceId --> <command:syntaxItem> <maml:name>Select-RpcServer</maml:name> <!-- Parameter: Server --> <command:parameter required="true" globbing="false" pipelineInput="true (ByValue)" position="0"> <maml:name>Server</maml:name> <maml:description> <maml:para>Specify a list of RPC servers for selecting.</maml:para> </maml:description> <command:parameterValue required="true">RpcServer[]</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.Win32.RpcServer[]</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: InterfaceId --> <command:parameter required="true" globbing="false" pipelineInput="false" position="named" aliases="UUID"> <maml:name>InterfaceId</maml:name> <maml:description> <maml:para>Specify the Interface ID to match.</maml:para> </maml:description> <command:parameterValue required="true">Guid</command:parameterValue> <dev:type> <maml:name>System.Guid</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>00000000-0000-0000-0000-000000000000</dev:defaultValue> </command:parameter> <!-- Parameter: InterfaceVersion --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>InterfaceVersion</maml:name> <maml:description> <maml:para>Specify an optional interface version to match.</maml:para> </maml:description> <command:parameterValue required="true">Version</command:parameterValue> <dev:type> <maml:name>System.Version</maml:name> <maml:uri /> </dev:type> </command:parameter> </command:syntaxItem> </command:syntax> <command:parameters> <!-- Parameter: Server --> <command:parameter required="true" globbing="false" pipelineInput="true (ByValue)" position="0"> <maml:name>Server</maml:name> <maml:description> <maml:para>Specify a list of RPC servers for selecting.</maml:para> </maml:description> <command:parameterValue required="true">RpcServer[]</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.Win32.RpcServer[]</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Name --> <command:parameter required="true" globbing="false" pipelineInput="false" position="1"> <maml:name>Name</maml:name> <maml:description> <maml:para>Specify name to partially match against a function name.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: SystemHandle --> <command:parameter required="true" globbing="false" pipelineInput="false" position="named"> <maml:name>SystemHandle</maml:name> <maml:description> <maml:para>Specify one function must take a system handle parameter.</maml:para> </maml:description> <command:parameterValue required="true">SwitchParameter</command:parameterValue> <dev:type> <maml:name>System.Management.Automation.SwitchParameter</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>False</dev:defaultValue> </command:parameter> <!-- Parameter: SystemHandleType --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>SystemHandleType</maml:name> <maml:description> <maml:para>Specify an optional type of system handle to match.</maml:para> <maml:para>Possible values: File, Semaphore, Event, Mutex, Process, Token, Section, RegKey, Thread, Composition, Socket, Job, Pipe</maml:para> </maml:description> <command:parameterValue required="true">NdrSystemHandleResource</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.Ndr.NdrSystemHandleResource</maml:name> <maml:uri /> </dev:type> <command:parameterValueGroup> <command:parameterValue required="false" variableLength="false">File</command:parameterValue> <command:parameterValue required="false" variableLength="false">Semaphore</command:parameterValue> <command:parameterValue required="false" variableLength="false">Event</command:parameterValue> <command:parameterValue required="false" variableLength="false">Mutex</command:parameterValue> <command:parameterValue required="false" variableLength="false">Process</command:parameterValue> <command:parameterValue required="false" variableLength="false">Token</command:parameterValue> <command:parameterValue required="false" variableLength="false">Section</command:parameterValue> <command:parameterValue required="false" variableLength="false">RegKey</command:parameterValue> <command:parameterValue required="false" variableLength="false">Thread</command:parameterValue> <command:parameterValue required="false" variableLength="false">Composition</command:parameterValue> <command:parameterValue required="false" variableLength="false">Socket</command:parameterValue> <command:parameterValue required="false" variableLength="false">Job</command:parameterValue> <command:parameterValue required="false" variableLength="false">Pipe</command:parameterValue> </command:parameterValueGroup> </command:parameter> <!-- Parameter: InterfaceId --> <command:parameter required="true" globbing="false" pipelineInput="false" position="named" aliases="UUID"> <maml:name>InterfaceId</maml:name> <maml:description> <maml:para>Specify the Interface ID to match.</maml:para> </maml:description> <command:parameterValue required="true">Guid</command:parameterValue> <dev:type> <maml:name>System.Guid</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>00000000-0000-0000-0000-000000000000</dev:defaultValue> </command:parameter> <command:parameter required="true" globbing="false" pipelineInput="false" position="named" aliases="UUID"> <maml:name>UUID</maml:name> <maml:description> <maml:para>Specify the Interface ID to match.</maml:para> <maml:para>This is an alias of the InterfaceId parameter.</maml:para> </maml:description> <command:parameterValue required="true">Guid</command:parameterValue> <dev:type> <maml:name>System.Guid</maml:name> <maml:uri /> </dev:type> <dev:defaultValue>00000000-0000-0000-0000-000000000000</dev:defaultValue> </command:parameter> <!-- Parameter: InterfaceVersion --> <command:parameter required="false" globbing="false" pipelineInput="false" position="named"> <maml:name>InterfaceVersion</maml:name> <maml:description> <maml:para>Specify an optional interface version to match.</maml:para> </maml:description> <command:parameterValue required="true">Version</command:parameterValue> <dev:type> <maml:name>System.Version</maml:name> <maml:uri /> </dev:type> </command:parameter> </command:parameters> <command:inputTypes> <command:inputType> <dev:type> <maml:name>NtApiDotNet.Win32.RpcServer[]</maml:name> <maml:uri /> </dev:type> <maml:description> <maml:para>Specify a list of RPC servers for selecting.</maml:para> </maml:description> </command:inputType> </command:inputTypes> <command:returnValues> <!-- OutputType: RpcServer --> <command:returnValue> <dev:type> <maml:name>NtApiDotNet.Win32.RpcServer</maml:name> <maml:uri /> </dev:type> </command:returnValue> </command:returnValues> <command:examples> <command:example> <maml:title>---------- EXAMPLE 1 ----------</maml:title> <dev:code>$rpc | Select-RpcServer -Name "Start"</dev:code> <dev:remarks> <maml:para>Select all servers which have a procedure containing the text Start.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 2 ----------</maml:title> <dev:code>$rpc | Select-RpcServer -SystemHandle</dev:code> <dev:remarks> <maml:para>Select all servers which have a procedure which take a system handle parameter.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 3 ----------</maml:title> <dev:code>$rpc | Select-RpcServer -SystemHandle -SystemHandleType File</dev:code> <dev:remarks> <maml:para>Select all servers which have a procedure which take a system handle parameter of type File.</maml:para> </dev:remarks> </command:example> </command:examples> </command:command> <!-- Cmdlet: Get-RpcServerName --> <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"> <command:details> <command:name>Get-RpcServerName</command:name> <command:verb>Get</command:verb> <command:noun>RpcServerName</command:noun> <maml:description> <maml:para>Get the names from a RPC server as XML.</maml:para> </maml:description> </command:details> <maml:description> <maml:para>This cmdlet extracts the names from a RPC server instance and generates an XML file for easy editing. You can then update the names with Set-RpcServerName.</maml:para> </maml:description> <command:syntax> <!-- Parameter set: __AllParameterSets --> <command:syntaxItem> <maml:name>Get-RpcServerName</maml:name> <!-- Parameter: Server --> <command:parameter required="true" globbing="false" pipelineInput="false" position="0"> <maml:name>Server</maml:name> <maml:description> <maml:para>Specify the server object to get the names from.</maml:para> </maml:description> <command:parameterValue required="true">RpcServer</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.Win32.RpcServer</maml:name> <maml:uri /> </dev:type> </command:parameter> </command:syntaxItem> </command:syntax> <command:parameters> <!-- Parameter: Server --> <command:parameter required="true" globbing="false" pipelineInput="false" position="0"> <maml:name>Server</maml:name> <maml:description> <maml:para>Specify the server object to get the names from.</maml:para> </maml:description> <command:parameterValue required="true">RpcServer</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.Win32.RpcServer</maml:name> <maml:uri /> </dev:type> </command:parameter> </command:parameters> <command:inputTypes /> <command:returnValues> <!-- OutputType: String --> <command:returnValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:returnValue> </command:returnValues> <command:examples> <command:example> <maml:title>---------- EXAMPLE 1 ----------</maml:title> <dev:code>Get-RpcServerName -Server $server</dev:code> <dev:remarks> <maml:para>Get names for an RPC server object.</maml:para> </dev:remarks> </command:example> </command:examples> </command:command> <!-- Cmdlet: Set-RpcServerName --> <command:command xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:command="http://schemas.microsoft.com/maml/dev/command/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"> <command:details> <command:name>Set-RpcServerName</command:name> <command:verb>Set</command:verb> <command:noun>RpcServerName</command:noun> <maml:description> <maml:para>Set the names of a RPC server from XML.</maml:para> </maml:description> </command:details> <maml:description> <maml:para>This cmdlet extracts updates the names for a RPC server instance from XML data. You can get the names with Get-RpcServerName.</maml:para> </maml:description> <command:syntax> <!-- Parameter set: __AllParameterSets --> <command:syntaxItem> <maml:name>Set-RpcServerName</maml:name> <!-- Parameter: Server --> <command:parameter required="true" globbing="false" pipelineInput="false" position="0"> <maml:name>Server</maml:name> <maml:description> <maml:para>Specify the server object to update the names on.</maml:para> </maml:description> <command:parameterValue required="true">RpcServer</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.Win32.RpcServer</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Xml --> <command:parameter required="true" globbing="false" pipelineInput="true (ByValue)" position="1"> <maml:name>Xml</maml:name> <maml:description> <maml:para>Specify the XML data which contains the names to update.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> </command:syntaxItem> </command:syntax> <command:parameters> <!-- Parameter: Server --> <command:parameter required="true" globbing="false" pipelineInput="false" position="0"> <maml:name>Server</maml:name> <maml:description> <maml:para>Specify the server object to update the names on.</maml:para> </maml:description> <command:parameterValue required="true">RpcServer</command:parameterValue> <dev:type> <maml:name>NtApiDotNet.Win32.RpcServer</maml:name> <maml:uri /> </dev:type> </command:parameter> <!-- Parameter: Xml --> <command:parameter required="true" globbing="false" pipelineInput="true (ByValue)" position="1"> <maml:name>Xml</maml:name> <maml:description> <maml:para>Specify the XML data which contains the names to update.</maml:para> </maml:description> <command:parameterValue required="true">string</command:parameterValue> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> </command:parameter> </command:parameters> <command:inputTypes> <command:inputType> <dev:type> <maml:name>System.String</maml:name> <maml:uri /> </dev:type> <maml:description> <maml:para>Specify the XML data which contains the names to update.</maml:para> </maml:description> </command:inputType> </command:inputTypes> <command:returnValues /> <command:examples> <command:example> <maml:title>---------- EXAMPLE 1 ----------</maml:title> <dev:code>Set-RpcServerName -Server $server -Names $xml</dev:code> <dev:remarks> <maml:para>Set names for an RPC server object from a string.</maml:para> </dev:remarks> </command:example> <command:example> <maml:title>---------- EXAMPLE 2 ----------</maml:title> <dev:code>Get-Content names.xml | Set-RpcServerName -Server $server</dev:code> <dev:remarks> <maml:para>Set names for an RPC server object from a file.</maml:para> </dev:remarks> </command:example> </command:examples> </command:command> </helpItems> |