This topic has not yet been rated - Rate this topic

RegistryAuditRule Constructor (String, RegistryRights, InheritanceFlags, PropagationFlags, AuditFlags)

Initializes a new instance of the RegistryAuditRule class, specifying the name of the user or group to audit, the rights to audit, whether to take inheritance into account, and whether to audit success, failure, or both.

Namespace:  System.Security.AccessControl
Assembly:  mscorlib (in mscorlib.dll)
public RegistryAuditRule(
	string identity,
	RegistryRights registryRights,
	InheritanceFlags inheritanceFlags,
	PropagationFlags propagationFlags,
	AuditFlags flags


Type: System.String

The name of the user or group the rule applies to.

Type: System.Security.AccessControl.RegistryRights

A bitwise combination of RegistryRights values specifying the kinds of access to audit.

Type: System.Security.AccessControl.InheritanceFlags

A combination of InheritanceFlags flags that specifies whether the audit rule applies to subkeys of the current key.

Type: System.Security.AccessControl.PropagationFlags

A combination of PropagationFlags flags that affect the way an inherited audit rule is propagated to subkeys of the current key.

Type: System.Security.AccessControl.AuditFlags

A bitwise combination of AuditFlags values specifying whether to audit success, failure, or both.


eventRights specifies an invalid value.


flags specifies an invalid value.


inheritanceFlags specifies an invalid value.


propagationFlags specifies an invalid value.


registryRights is zero.


identity is null.


identity is a zero-length string.


identity is longer than 512 characters.

All registry keys are containers, so the only inheritance flag that is meaningful for registry keys is the InheritanceFlags.ContainerInherit flag. If this flag is not specified, the propagation flags are ignored, and only the immediate key is affected. If the flag is present, the rule is propagated as shown in the following table. The table assumes there is a subkey S with child subkey CS and grandchild subkey GS. That is, the path for the grandchild subkey is S\CS\GS.

The pattern for the grandchild subkey governs all subkeys contained by the grandchild subkey.

For example, if the ContainerInherit flag is specified for inheritanceFlags and the InheritOnly propagation flag is specified for propagationFlags, this rule does not apply to the immediate subkey, but does apply to all its immediate child subkeys and to all subkeys they contain.


Although you can specify the InheritanceFlags.ObjectInherit flag for inheritanceFlags, there is no point in doing so. For the purposes of access control, the name/value pairs in a subkey are not separate objects. The access rights to name/value pairs are controlled by the rights of the subkey. Furthermore, since all subkeys are containers (that is, they can contain other subkeys), they are not affected by the ObjectInherit flag. Finally, specifying the ObjectInherit flag needlessly complicates the maintenance of rules, because it interferes with the normal combination of compatible rules.

This constructor is equivalent to creating an NTAccount object, by passing identity to the NTAccount.NTAccount(String) constructor, and passing the newly created NTAccount object to the RegistryAuditRule(IdentityReference, RegistryRights, InheritanceFlags, PropagationFlags, AuditFlags) constructor.

.NET Framework

Supported in: 4.5.1, 4.5, 4, 3.5, 3.0, 2.0

.NET Framework Client Profile

Supported in: 4, 3.5 SP1

Windows Phone 8.1, Windows Phone 8, Windows 8.1, Windows Server 2012 R2, Windows 8, Windows Server 2012, Windows 7, Windows Vista SP2, Windows Server 2008 (Server Core Role not supported), Windows Server 2008 R2 (Server Core Role supported with SP1 or later; Itanium not supported)

The .NET Framework does not support all versions of every platform. For a list of the supported versions, see .NET Framework System Requirements.

Did you find this helpful?
(1500 characters remaining)
Thank you for your feedback
© 2014 Microsoft. All rights reserved.