ActiveDirectorySecurity.SetAccessRule Method (ActiveDirectoryAccessRule)
Searches an object's DACL for all access rules that contain a security identifier (SID) that matches the SID specified in the rule object, and an access control type (Allow or Deny) that matches the type specified in the rule object, and replaces all of those access rules with the access rules that are contained in the rule object.
Assembly: System.DirectoryServices (in System.DirectoryServices.dll)
When SetAccessRule is used to replace all access rules that match a particular SID and access control type (Allow or Deny) in an object's DACL, all rules in that DACL with an SID and type that match the SID and access control type contained in the rule object are replaced. Using this method, the developer can replace any Allow rules for that SID on that object without affecting existing Deny rules, or replace all Deny rules for that SID on that object without affecting existing Allow rules. To replace all rules for that object pertaining to the specified SID, regardless of type, use ResetAccessRule instead.
Windows 8.1, Windows Server 2012 R2, Windows 8, Windows Server 2012, Windows 7, Windows Vista SP2, Windows Server 2008 (Server Core Role not supported), Windows Server 2008 R2 (Server Core Role supported with SP1 or later; Itanium not supported)
The .NET Framework does not support all versions of every platform. For a list of the supported versions, see .NET Framework System Requirements.