Export (0) Print
Expand All GetCentralizedAccessPolicy

A support function, GetCentralizedAccessPolicy, determines if there is a central access policy and, if so, returns it based on the policy SID in the SACL. If no policy matches the policy SID, the function returns an implementation-specific local recovery policy.<78>

    ACL Sacl)
    -- On entry
    --    Sacl is the Sacl from the security descriptor used for Access Check.
    -- Returns
    --    NULL - there is no policy
    --    The policy from the configuration if one exists and matches the scoped SID
    --    The default (recovery) policy if none match the scoped SID

    Dim SID CentralizedAccessPolicySid
    Dim CentralAccessPolicy CentralizedAccessPolicy

    IF No central access policy is present in the configuration THEN
        return NULL
    END IF

    IF SACL is not NULL THEN
        CALL GetScopedPolicySid(SACL) returning CentralizedAccessPolicySid
        IF CentralizedAccessPolicySid is not NULL THEN
            Get CentralizedAccessPolicy using CentralizedAccessPolicySid
            IF CentralizedAccessPolicy is NULL THEN
                Set CentralizedAccessPolicy to RecoveryCentralizedAccessPolicy
            END IF
        END IF
    END IF

    return CentralizedAccessPolicy

© 2014 Microsoft