Export (0) Print
Expand All
This topic has not yet been rated - Rate this topic

System Audit Control Lists XML Elements

Exchange Server 2003

In a system access control list (ACL), the sacl XML element can contain the elements revision, audit_always, audit_on_success, and audit_on_failure. The following table lists the content models for these elements.

Element name Child elements or contents
sacl Attributes: defaulted ="boolean" protected ="boolean" autointerhited="boolean" revision? audit_always audit_on_failure audit_on_success
revision String. A revision for the SACL; for example, "2".
audit_always revision effective_aces subitem_inheritable_aces subcontainer_inheritable_aces
audit_on_failure revision effective_aces subitem_inheritable_aces subcontainer_inheritable_aces
audit_on_success revision? effective_aces subitem_inheritable_aces subcontainer_inheritable_aces
system_audit_ace Attributes: inherited =boolean (no_propagate_inherit=boolean)* access_mask sid
system_audit_object_ace Attributes: inherited =boolean (no_propagate_inherit=boolean)* (inherited_object_type=GUID)* access_mask sid (object_type | property_name)
access_mask A hexadecimal number in string format; for example, "1fc9ff". This number is the 32-bit access mask for the access control entry (ACE).
sid See Security Identifiers in XML.
object_type A globally unique identifier (GUID) in standard string format. The GUID or the name identifies the property to which this ACE applies.
property_name The name of the property. For example, urn:schemas:mailheader:from.

*Denotes attributes present in inheritable ACEs. These entries are present in the subcontainer_inheritable_aces and subitem_inheritable_aces elements.

Did you find this helpful?
(1500 characters remaining)
Thank you for your feedback
© 2014 Microsoft. All rights reserved.