c++備份與恢復登錄檔-錯誤記錄
在學習用c++進行登錄檔備份與恢復時。
參考網上資料進行學習。
備份與恢復均要申請許可權。
以管理員許可權執行程式後備份成功,而在進行恢復時卻始終不成功。void RegistryFunctionLib_class::Get_SE_BACKUP_NAME_Power(){ HANDLE hToken = NULL; LUID sedebugnameValue; TOKEN_PRIVILEGES tkp; if (!OpenProcessToken(GetCurrentProcess(), TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY, &hToken)) { //error } if (!LookupPrivilegeValue(NULL, SE_BACKUP_NAME, &sedebugnameValue)) { //error } tkp.PrivilegeCount = 1; tkp.Privileges[0].Luid = sedebugnameValue; tkp.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED; if (!AdjustTokenPrivileges(hToken, FALSE, &tkp, sizeof(tkp), NULL, NULL)) { //error } CloseHandle(hToken); }
於是去msdn官網查詢函式RegRestoreKey,發現標識位並非是true或false。
_In_ DWORD dwFlags
- dwFlags [in]
-
The flags that indicate how the key or keys are to be restored. This parameter can be one of the following values.
Value Meaning - REG_FORCE_RESTORE
- 0x00000008L
If specified, the restore operation is executed even if open handles exist at or beneath the location in the registry hierarchy to which thehKey
- REG_WHOLE_HIVE_VOLATILE
- 0x00000001L
If specified, a new, volatile (memory only) set of registry information, or hive, is created. If REG_WHOLE_HIVE_VOLATILE is specified, the key identified by thehKey parameter must be either theHKEY_USERS or HKEY_LOCAL_MACHINE value.
REG_FORCE_RESTORE
設定後依舊不成功,閱讀msdn文件介紹發現,進行恢復時需要將SE_BACKUP_NAME替換為SE_RESTORE_NAME,在
if (!LookupPrivilegeValue(NULL, SE_BACKUP_NAME,&sedebugnameValue))中
The calling process must have the SE_RESTORE_NAME and SE_BACKUP_NAME privileges on the computer in which the registry resides. For more information, see Running with Special Privileges.