Export (0) Print
Expand All
ACE
ACL
SID
Expand Minimize

CLAIM_SECURITY_ATTRIBUTE_V1 structure

The CLAIM_SECURITY_ATTRIBUTE_V1 structure defines a security attribute that can be associated with a token or authorization context.

Syntax


typedef struct _CLAIM_SECURITY_ATTRIBUTE_V1 {
  PWSTR Name;
  WORD  ValueType;
  WORD  Reserved;
  DWORD Flags;
  DWORD ValueCount;
  union {
    PLONG64                                      pInt64;
    PDWORD64                                     pUint64;
    PWSTR                                        *ppString;
    PCLAIM_SECURITY_ATTRIBUTE_FQBN_VALUE         pFqbn;
    PCLAIM_SECURITY_ATTRIBUTE_OCTET_STRING_VALUE pOctetString;
  } Values;
} CLAIM_SECURITY_ATTRIBUTE_V1, *PCLAIM_SECURITY_ATTRIBUTE_V1;

Members

Name

A pointer to a string of Unicode characters that contains the name of the security attribute. This string must be at least 4 bytes in length.

ValueType

A union tag value that indicates the type of information contained in the Values member. The ValueType member must be one of the following values.

ValueMeaning
CLAIM_SECURITY_ATTRIBUTE_TYPE_INT64
0x0001

The Values member refers to an array of LONG64 values.

CLAIM_SECURITY_ATTRIBUTE_TYPE_UINT64
0x0002

The Values member refers to an array of ULONG64 values.

CLAIM_SECURITY_ATTRIBUTE_TYPE_STRING
0x0003

The Values member refers to an array of pointers to Unicode string values.

CLAIM_SECURITY_ATTRIBUTE_TYPE_FQBN
0x0004

The Values member refers to an array of CLAIM_SECURITY_ATTRIBUTE_FQBN_VALUE values.

CLAIM_SECURITY_ATTRIBUTE_TYPE_SID
0x0005

The Values member refers to an array of CLAIM_SECURITY_ATTRIBUTE_OCTET_STRING_VALUE values where the pValue member of each CLAIM_SECURITY_ATTRIBUTE_OCTET_STRING_VALUE is a PSID.

CLAIM_SECURITY_ATTRIBUTE_TYPE_BOOLEAN
0x0006

The Values member refers to an array of ULONG64 values where each element indicates a Boolean value. The value 1 indicates TRUE and the value 0 indicates FALSE.

CLAIM_SECURITY_ATTRIBUTE_TYPE_OCTET_STRING
0x0010

The Values member refers to an array of CLAIM_SECURITY_ATTRIBUTE_OCTET_STRING_VALUE values.

 

Reserved

This member is reserved and must be set to zero when sent and must be ignored when received.

Flags

The attribute flags that are a 32-bitmask. Bits 16 through 31 may be set to any value. Bits 0 through 15 must be zero or a combination of one or more of the following mask values.

ValueMeaning
CLAIM_SECURITY_ATTRIBUTE_NON_INHERITABLE
0x0001

This attribute is ignored by the operating system. This claim security attribute is not inherited across processes.

CLAIM_SECURITY_ATTRIBUTE_VALUE_CASE_SENSITIVE
0x0002

The value of the claim security attribute is case sensitive. This flag is valid for values that contain string types.

CLAIM_SECURITY_ATTRIBUTE_USE_FOR_DENY_ONLY
0x0004

The claim security attribute is considered only for deny access control entries (ACEs).

CLAIM_SECURITY_ATTRIBUTE_DISABLED_BY_DEFAULT
0x0008

The claim security attribute is disabled by default.

CLAIM_SECURITY_ATTRIBUTE_DISABLED
0x0010

The claim security attribute is disabled and will not be applied by the AccessCheck function.

CLAIM_SECURITY_ATTRIBUTE_MANDATORY
0x0020

The claim security attribute is mandatory.

 

ValueCount

The number of values specified in the Values member.

Values

An array of security attribute values of the type specified in the ValueType member.

pInt64

Pointer to an array of ValueCount members where each member is a LONG64 of type CLAIM_SECURITY_ATTRIBUTE_TYPE_INT64.

pUint64

Pointer to an array of ValueCount members where each member is a ULONG64 of type CLAIM_SECURITY_ATTRIBUTE_TYPE_UINT64.

ppString

Pointer to an array of ValueCount members where each member is a PWSTR of type CLAIM_SECURITY_ATTRIBUTE_TYPE_STRING.

pFqbn

Pointer to an array of ValueCount members where each member is a fully qualified binary name value of type CLAIM_SECURITY_ATTRIBUTE_FQBN_VALUE.

pOctetString

Pointer to an array of ValueCount members where each member is an octet string of type CLAIM_SECURITY_ATTRIBUTE_OCTET_STRING_VALUE.

Requirements

Minimum supported client

Windows 8 [desktop apps only]

Minimum supported server

Windows Server 2012 [desktop apps only]

Header

Winnt.h

See also

CLAIM_SECURITY_ATTRIBUTES_INFORMATION

 

 

Community Additions

ADD
Show:
© 2014 Microsoft