Note that FesfUtil2 is a directly callable DLL and thus will run in the context of, and therefore with the security credentials of, the calling application. When a function requires the caller to have specific privileges, those privileges are documented in the function’s description. When a given function requires specific privileges, and those privileges are not enabled when the function is called, FesfUtil2 will attempt to temporarily enable the required privileges for the duration of the function call (and disable those privileges before returning). If FesfUtil2 is not able to enable the required privileges, an error is returned.
If you are migrating a Solution from the legacy FesfDs Service (the “OSR FESF Data Storage Service”), recall that FesfDs ran with full administrator privileges and therefore, in some cases, could be used by applications with lesser privileges to perform what might otherwise be privileged operations. Calling applications will now need to hold all necessary privileges to perform any functions that are called.