Export (0) Print
Expand All
Expand Minimize

System.Security.AccessControl Namespace

The System.Security.AccessControl namespace provides programming elements that control access to and audit security-related actions on securable objects.

 ClassDescription
Public classAccessRuleRepresents a combination of a user's identity, an access mask, and an access control type (allow or deny). An AccessRule object also contains information about the how the rule is inherited by child objects and how that inheritance is propagated.
Public classAceEnumeratorProvides the ability to iterate through the access control entries (ACEs) in an access control list (ACL).
Public classAuditRuleRepresents a combination of a user's identity and an access mask. An AuditRule object also contains information about how the rule is inherited by child objects, how that inheritance is propagated, and for what conditions it is audited.
Public classAuthorizationRuleDetermines access to securable objects. The derived classes AccessRule and AuditRule offer specializations for access and audit functionality.
Public classAuthorizationRuleCollectionRepresents a collection of AuthorizationRule objects.
Public classCommonAceRepresents an access control entry (ACE).
Public classCommonAclRepresents an access control list (ACL) and is the base class for the DiscretionaryAcl and SystemAcl classes.
Public classCommonObjectSecurityControls access to objects without direct manipulation of access control lists (ACLs). This class is the abstract base class for the NativeObjectSecurity class.
Public classCommonSecurityDescriptorRepresents a security descriptor. A security descriptor includes an owner, a primary group, a Discretionary Access Control List (DACL), and a System Access Control List (SACL).
Public classCompoundAceRepresents a compound Access Control Entry (ACE).
Public classCryptoKeyAccessRuleRepresents an access rule for a cryptographic key. An access rule represents a combination of a user's identity, an access mask, and an access control type (allow or deny). An access rule object also contains information about the how the rule is inherited by child objects and how that inheritance is propagated.
Public classCryptoKeyAuditRuleRepresents an audit rule for a cryptographic key. An audit rule represents a combination of a user's identity and an access mask. An audit rule also contains information about the how the rule is inherited by child objects, how that inheritance is propagated, and for what conditions it is audited.
Public classCryptoKeySecurityProvides the ability to control access to a cryptographic key object without direct manipulation of an Access Control List (ACL).
Public classCustomAceRepresents an Access Control Entry (ACE) that is not defined by one of the members of the AceType enumeration.
Public classDirectoryObjectSecurityProvides the ability to control access to directory objects without direct manipulation of Access Control Lists (ACLs).
Public classDirectorySecurityRepresents the access control and audit security for a directory. This class cannot be inherited.
Public classDiscretionaryAclRepresents a Discretionary Access Control List (DACL).
Public classEventWaitHandleAccessRuleRepresents a set of access rights allowed or denied for a user or group. This class cannot be inherited.
Public classEventWaitHandleAuditRuleRepresents a set of access rights to be audited for a user or group. This class cannot be inherited.
Public classEventWaitHandleSecurityRepresents the Windows access control security applied to a named system wait handle. This class cannot be inherited.
Public classFileSecurityRepresents the access control and audit security for a file. This class cannot be inherited.
Public classFileSystemAccessRuleRepresents an abstraction of an access control entry (ACE) that defines an access rule for a file or directory. This class cannot be inherited.
Public classFileSystemAuditRuleRepresents an abstraction of an access control entry (ACE) that defines an audit rule for a file or directory. This class cannot be inherited.
Public classFileSystemSecurityRepresents the access control and audit security for a file or directory.
Public classGenericAceRepresents an Access Control Entry (ACE), and is the base class for all other ACE classes.
Public classGenericAclRepresents an access control list (ACL) and is the base class for the CommonAcl, DiscretionaryAcl, RawAcl, and SystemAcl classes.
Public classGenericSecurityDescriptorRepresents a security descriptor. A security descriptor includes an owner, a primary group, a Discretionary Access Control List (DACL), and a System Access Control List (SACL).
Public classKnownAceEncapsulates all Access Control Entry (ACE) types currently defined by Microsoft Corporation. All KnownAce objects contain a 32-bit access mask and a SecurityIdentifier object.
Public classMutexAccessRuleRepresents a set of access rights allowed or denied for a user or group. This class cannot be inherited.
Public classMutexAuditRuleRepresents a set of access rights to be audited for a user or group. This class cannot be inherited.
Public classMutexSecurityRepresents the Windows access control security for a named mutex. This class cannot be inherited.
Public classNativeObjectSecurityProvides the ability to control access to native objects without direct manipulation of Access Control Lists (ACLs). Native object types are defined by the ResourceType enumeration.
Public classObjectAccessRuleRepresents a combination of a user's identity, an access mask, and an access control type (allow or deny). An ObjectAccessRule object also contains information about the type of object to which the rule applies, the type of child object that can inherit the rule, how the rule is inherited by child objects, and how that inheritance is propagated.
Public classObjectAceControls access to Directory Services objects. This class represents an Access Control Entry (ACE) associated with a directory object.
Public classObjectAuditRuleRepresents a combination of a user's identity, an access mask, and audit conditions. An ObjectAuditRule object also contains information about the type of object to which the rule applies, the type of child object that can inherit the rule, how the rule is inherited by child objects, and how that inheritance is propagated.
Public classObjectSecurityProvides the ability to control access to objects without direct manipulation of Access Control Lists (ACLs). This class is the abstract base class for the CommonObjectSecurity and DirectoryObjectSecurity classes.
Public classPrivilegeNotHeldExceptionThe exception that is thrown when a method in the System.Security.AccessControl namespace attempts to enable a privilege that it does not have.
Public classQualifiedAceRepresents an Access Control Entry (ACE) that contains a qualifier. The qualifier, represented by an AceQualifier object, specifies whether the ACE allows access, denies access, causes system audits, or causes system alarms. The QualifiedAce class is the abstract base class for the CommonAce and ObjectAce classes.
Public classRawAclRepresents an Access Control List (ACL).
Public classRawSecurityDescriptorRepresents a security descriptor. A security descriptor includes an owner, a primary group, a Discretionary Access Control List (DACL), and a System Access Control List (SACL).
Public classRegistryAccessRuleRepresents a set of access rights allowed or denied for a user or group. This class cannot be inherited.
Public classRegistryAuditRuleRepresents a set of access rights to be audited for a user or group. This class cannot be inherited.
Public classRegistrySecurityRepresents the Windows access control security for a registry key. This class cannot be inherited.
Public classSemaphoreAccessRuleRepresents a set of access rights allowed or denied for a user or group. This class cannot be inherited.
Public classSemaphoreAuditRuleRepresents a set of access rights to be audited for a user or group. This class cannot be inherited.
Public classSemaphoreSecurityRepresents the Windows access control security for a named semaphore. This class cannot be inherited.
Public classSystemAclRepresents a System Access Control List (SACL).

 DelegateDescription
Public delegateNativeObjectSecurity.ExceptionFromErrorCodeProvides a way for integrators to map numeric error codes to specific exceptions that they create.

 EnumerationDescription
Public enumerationAccessControlActionsSpecifies the actions that are permitted for securable objects.
Public enumerationAccessControlModificationSpecifies the type of access control modification to perform. This enumeration is used by methods of the ObjectSecurity class and its descendents.
Public enumerationAccessControlSectionsSpecifies which sections of a security descriptor to save or load.
Public enumerationAccessControlTypeSpecifies whether an AccessRule object is used to allow or deny access. These values are not flags, and they cannot be combined.
Public enumerationAceFlagsSpecifies the inheritance and auditing behavior of an access control entry (ACE).
Public enumerationAceQualifierSpecifies the function of an access control entry (ACE).
Public enumerationAceTypeDefines the available access control entry (ACE) types.
Public enumerationAuditFlagsSpecifies the conditions for auditing attempts to access a securable object.
Public enumerationCompoundAceTypeSpecifies the type of a CompoundAce object.
Public enumerationControlFlagsThese flags affect the security descriptor behavior.
Public enumerationCryptoKeyRightsSpecifies the cryptographic key operation for which an authorization rule controls access or auditing.
Public enumerationEventWaitHandleRightsSpecifies the access control rights that can be applied to named system event objects.
Public enumerationFileSystemRightsDefines the access rights to use when creating access and audit rules.
Public enumerationInheritanceFlagsInheritance flags specify the semantics of inheritance for access control entries (ACEs).
Public enumerationMutexRightsSpecifies the access control rights that can be applied to named system mutex objects.
Public enumerationObjectAceFlagsSpecifies the presence of object types for Access Control Entries (ACEs).
Public enumerationPropagationFlagsSpecifies how Access Control Entries (ACEs) are propagated to child objects. These flags are significant only if inheritance flags are present.
Public enumerationRegistryRightsSpecifies the access control rights that can be applied to registry objects.
Public enumerationResourceTypeSpecifies the defined native object types.
Public enumerationSecurityInfosSpecifies the section of a security descriptor to be queried or set.
Public enumerationSemaphoreRightsSpecifies the access control rights that can be applied to named system semaphore objects.

Community Additions

ADD
Show:
© 2014 Microsoft