Export (0) Print
Expand All

ACTRL_ACCESS_ENTRY structure

Contains access-control information for a specified trustee. This structure stores information equivalent to the access-control information stored in an ACE.

Syntax


typedef struct _ACTRL_ACCESS_ENTRY {
  TRUSTEE       Trustee;
  ULONG         fAccessFlags;
  ACCESS_RIGHTS Access;
  ACCESS_RIGHTS ProvSpecificAccess;
  INHERIT_FLAGS Inheritance;
  LPCTSTR       lpInheritProperty;
} ACTRL_ACCESS_ENTRY, *PACTRL_ACCESS_ENTRY;

Members

Trustee

A TRUSTEE structure that identifies the user, group, or program (such as a service) to which the access-control entry applies.

fAccessFlags

Indicates how the access rights specified by the Access and ProvSpecificAccess members apply to the trustee. This member can be one of the following values. If you are using this structure with the COM implementation of IAccessControl, this member must be ACTRL_ACCESS_ALLOWED or ACTRL_ACCESS_DENIED.

ValueMeaning
ACTRL_ACCESS_ALLOWED
0x00000001

The rights are allowed.

ACTRL_ACCESS_DENIED
0x00000002

The rights are denied.

ACTRL_AUDIT_SUCCESS
0x00000004

The system generates audit messages for failed attempts to use the rights.

ACTRL_AUDIT_FAILURE
0x00000008

The system generates audit messages for successful attempts to use the rights.

 

Access

A bitmask that specifies the access rights that the entry allows, denies, or audits for the trustee.

This member must use the provider-independent access flags, such as ACTRL_READ_CONTROL, rather than access flags such as READ_CONTROL. The provider for the object type converts these provider-independent flags to the corresponding provider-specific flags.

If you are using this structure with the COM implementation of IAccessControl, this member must be COM_RIGHTS_EXECUTE.

ACTRL_SYSTEM_ACCESS
ACTRL_DELETE
ACTRL_READ_CONTROL
ACTRL_CHANGE_ACCESS
ACTRL_CHANGE_OWNER
ACTRL_SYNCHRONIZE
ACTRL_STD_RIGHTS_ALL
ACTRL_STD_RIGHT_REQUIRED
COM_RIGHTS_EXECUTE
COM_RIGHTS_EXECUTE_LOCAL
COM_RIGHTS_EXECUTE_REMOTE
COM_RIGHTS_ACTIVATE_LOCAL
COM_RIGHTS_ACTIVATE_REMOTE
ProvSpecificAccess

A bitmask that specifies access rights specific to the provider type. The functions that use the ACTRL_ACCESS_ENTRY structure pass these bits on to the provider without interpreting them. In most cases, this member should be 0.

Inheritance

A set of bit flags that determines whether other containers or objects can inherit the access-control entry from the primary object to which the access list is attached. If you are using this structure with the COM implementation of IAccessControl, this value must be NO_INHERITANCE, which indicates that the access-control entry is not inheritable. Otherwise, this value can be NO_INHERITANCE or it can be a combination of the following values.

ValueMeaning
CONTAINER_INHERIT_ACE
0x2

Other containers that are contained by the primary object inherit the entry.

INHERIT_ONLY_ACE
0x8

The ACE does not apply to the primary object to which the ACL is attached, but objects contained by the primary object inherit the entry.

NO_PROPAGATE_INHERIT_ACE
0x4

The OBJECT_INHERIT_ACE and CONTAINER_INHERIT_ACE flags are not propagated to an inherited entry.

OBJECT_INHERIT_ACE
0x1

Noncontainer objects contained by the primary object inherit the entry.

SUB_CONTAINERS_AND_OBJECTS_INHERIT
0x3

Both containers and noncontainer objects that are contained by the primary object inherit the entry. This flag corresponds to the combination of the CONTAINER_INHERIT_ACE and OBJECT_INHERIT_ACE flags.

SUB_CONTAINERS_ONLY_INHERIT
0x2

Other containers that are contained by the primary object inherit the entry. This flag corresponds to the CONTAINER_INHERIT_ACE flag.

SUB_OBJECTS_ONLY_INHERIT
0x1

Noncontainer objects contained by the primary object inherit the entry. This flag corresponds to the OBJECT_INHERIT_ACE flag.

 

lpInheritProperty

A pointer to a null-terminated string that identifies the object types that can inherit the entry. If you are using this structure with the COM implementation of IAccessControl, this member must be NULL.

Requirements

Minimum supported client

Windows 2000 Professional [desktop apps only]

Minimum supported server

Windows 2000 Server [desktop apps only]

Header

AccCtrl.h

Unicode and ANSI names

ACTRL_ACCESS_ENTRYW (Unicode) and ACTRL_ACCESS_ENTRYA (ANSI)

See also

ACTRL_ACCESS_ENTRY_LIST
TRUSTEE

 

 

Community Additions

ADD
Show:
© 2014 Microsoft