Export (0) Print
Expand All

2.4.4.4 ACCESS_DENIED_ACE

The ACCESS_DENIED_ACE structure defines an ACE for the DACL that controls access to an object. An access-denied ACE denies access to an object for a specific trustee identified by a SID.


0

1

2

3

4

5

6

7

8

9
1
0

1

2

3

4

5

6

7

8

9
2
0

1

2

3

4

5

6

7

8

9
3
0

1

Header

Mask

Sid (variable)

...

Header (4 bytes): An ACE_HEADER structure that specifies the size and type of ACE. It also contains flags that control inheritance of the ACE by child objects.

Mask (4 bytes): An ACCESS_MASK that specifies the user rights denied by this ACE.

Sid (variable): The SID of a trustee. The length of the SID MUST be a multiple of 4.

 
Show:
© 2014 Microsoft