SetTimeZoneInformation and Vista RRS feed

  • Question

  • Having a problem where I'm getting a error return code of 1314 (A required privilege is not held by the client) after calling SetTimeZoneInformation API in C++. This is after I adjusted the token privilege for the SeSystemtimePrivelege, which is just baffling me. This code works in XP, but alas, not in Vista Beta 2. The user thread is the administrator and like I mentioned earlier, he now has the seSystemtimePriveilege set in his token. Is there another privileg I need or is this a bug?
    Tuesday, June 27, 2006 4:19 PM

All replies

  • I'm having this exact same problem with RC2, anyone find a reason?
    Thursday, October 19, 2006 9:05 PM
  • I am facing this exact problem (last error 1314) on Vista RC1.

    - Application is running with elevated admin mode.
    - Admin user has been granted SeSystemTimePrivilege privilege.

    Application verifier (LuaPriv)  is reporting error with stop code  0x330F.

    This looks like a bug to me.

    - <avrf:logEntry Time="2006-10-23 : 10:23:57" LayerName="LuaPriv" StopCode="0x330F" Severity="Error">
      <avrf:message>Requested a security-relevant privilege.</avrf:message>
      <avrf:formatmessage>Privs: Requested SeSystemtimePrivilege (the "Change the system time" privilege) with NtAdjustPrivilegesToken successfully</avrf:formatmessage>
      <avrf:parameter1>12fcc4 - Privilege LUID *</avrf:parameter1>
      <avrf:parameter2>2d5cfd0 - Privilege's display name (if available)</avrf:parameter2>
      <avrf:parameter3>70c414f8 - Requesting API</avrf:parameter3>
      <avrf:parameter4>0 - N/A</avrf:parameter4>
    - <avrf:stackTrace>

    Monday, October 23, 2006 6:30 PM
  • In Addition to the above, I have SE_TIME_ZONE_NAME turned on  as well for this admin user.
    Monday, October 23, 2006 6:34 PM
  • Really?
    SeTimeZonePrivilege is indeed the privilege that's required for this operation to succeed (this is the only use of this privilege at this point).
    Even though it's not enabled by default, elevation is not required.

    Is the thread making the call impersonating?
    The privilege check will be made in the security context of the calling thread if it's impersonating, or will use the process token instead.


    Tuesday, October 24, 2006 2:42 AM