CommonSecurityDescriptor.PurgeAccessControl(SecurityIdentifier) Method
Definition
Important
Some information relates to prerelease product that may be substantially modified before it’s released. Microsoft makes no warranties, express or implied, with respect to the information provided here.
Removes all access rules for the specified security identifier from the Discretionary Access Control List (DACL) associated with this CommonSecurityDescriptor object.
public:
void PurgeAccessControl(System::Security::Principal::SecurityIdentifier ^ sid);public void PurgeAccessControl (System.Security.Principal.SecurityIdentifier sid);member this.PurgeAccessControl : System.Security.Principal.SecurityIdentifier -> unitPublic Sub PurgeAccessControl (sid As SecurityIdentifier)Parameters
The security identifier for which to remove access rules.
Remarks
To avoid unintentionally allowing access to principals, applications should check for the existence of an allow everyone full access (AEFA) access control entry (ACE) and remove it before modifying a DACL.
Applies to
Feedback
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.
Submit and view feedback for