Export (0) Print
Expand All
This topic has not yet been rated - Rate this topic

Example Descriptor in XML

Exchange Server 2003

The following example represents a security descriptor in XML format:


<S:security_descriptor xmlns:S="http://schemas.microsoft.com/security/"
      xmlns:D="urn:uuid:c2f41010-65b3-11d1-a29f-00aa00c14882/"
      D:dt="microsoft.security_descriptor">
 <S:revision>1</S:revision>
 <S:owner S:defaulted="0">
  <S:sid>
   <S:string_sid>S-1-5-44-444</S:string_sid>
   <S:type>alias</S:type>
   <S:nt4_compatible_name>BUILTIN\Administrators</S:nt4_compatible_name>
  </S:sid>
 </S:owner>
 <S:primary_group S:defaulted="0">
  <S:sid>
   <S:string_sid>S-1-5-21-555555555-555555555-55555555555-555</S:string_sid>
   <S:type>group</S:type>
   <S:nt4_compatible_name>DOMAIN\Domain Users</S:nt4_compatible_name>
   <S:ad_object_guid>{2bdc2b0c-a8e1-a8e1-a8e1-1a12ec24a8e1}</S:ad_object_guid>
  </S:sid>
 </S:primary_group>
<S:dacl S:defaulted="0" S:protected="0" S:autoinherited="1">
  <S:revision>2</S:revision>
  <S:effective_aces>
   <S:access_allowed_ace S:inherited="1">
    <S:access_mask>1f0fbf</S:access_mask>
    <S:sid>
     <S:string_sid>S-1-5-21-5555555555-5555555555-555555555-599</S:string_sid>
     <S:type>user</S:type>
     <S:nt4_compatible_name>DOMAIN\Administrator</S:nt4_compatible_name>
     <S:ad_object_guid>{48b548b5-48b5-48b5-48b5-48b548b548b5}</S:ad_object_guid>
     <S:display_name>Administrator</S:display_name>
    </S:sid>
   </S:access_allowed_ace>
   <S:access_denied_ace S:inherited="1">
    <S:access_mask>1f0fbf</S:access_mask>
    <S:sid>
     <S:string_sid>S-1-5-7</S:string_sid>
     <S:type>well_known_group</S:type>
     <S:nt4_compatible_name>NT AUTHORITY\ANONYMOUS LOGON</S:nt4_compatible_name>
    </S:sid>
   </S:access_denied_ace>
   <S:access_allowed_ace S:inherited="1">
    <S:access_mask>120ea9</S:access_mask>
    <S:sid>
     <S:string_sid>S-1-1-0</S:string_sid>
     <S:type>well_known_group</S:type>
     <S:nt4_compatible_name>\Everyone</S:nt4_compatible_name>
    </S:sid>
   </S:access_allowed_ace>
  </S:effective_aces>
 </S:dacl>
</S:security_descriptor>

Did you find this helpful?
(1500 characters remaining)
Thank you for your feedback
Show:
© 2014 Microsoft. All rights reserved.