RegistryAuditRule Class

Represents a set of access rights to be audited for a user or group. This class cannot be inherited.

Namespace:  System.Security.AccessControl
Assembly:  mscorlib (in mscorlib.dll)

public ref class RegistryAuditRule sealed : public AuditRule

The RegistryAuditRule type exposes the following members.

  NameDescription
Public methodRegistryAuditRule(IdentityReference, RegistryRights, InheritanceFlags, PropagationFlags, AuditFlags)Initializes a new instance of the RegistryAuditRule class, specifying the user or group to audit, the rights to audit, whether to take inheritance into account, and whether to audit success, failure, or both.
Public methodRegistryAuditRule(String, RegistryRights, InheritanceFlags, PropagationFlags, AuditFlags)Initializes a new instance of the RegistryAuditRule class, specifying the name of the user or group to audit, the rights to audit, whether to take inheritance into account, and whether to audit success, failure, or both.
Top

  NameDescription
Protected propertyAccessMaskGets the access mask for this rule. (Inherited from AuthorizationRule.)
Public propertyAuditFlagsGets the audit flags for this audit rule. (Inherited from AuditRule.)
Public propertyIdentityReferenceGets the IdentityReference to which this rule applies. (Inherited from AuthorizationRule.)
Public propertyInheritanceFlagsGets the value of flags that determine how this rule is inherited by child objects. (Inherited from AuthorizationRule.)
Public propertyIsInheritedGets a value indicating whether this rule is explicitly set or is inherited from a parent container object. (Inherited from AuthorizationRule.)
Public propertyPropagationFlagsGets the value of the propagation flags, which determine how inheritance of this rule is propagated to child objects. This property is significant only when the value of the InheritanceFlags enumeration is not None. (Inherited from AuthorizationRule.)
Public propertyRegistryRightsGets the access rights affected by the audit rule.
Top

  NameDescription
Public methodEquals(Object)Determines whether the specified object is equal to the current object. (Inherited from Object.)
Public methodGetHashCodeServes as the default hash function. (Inherited from Object.)
Public methodGetTypeGets the Type of the current instance. (Inherited from Object.)
Public methodToStringReturns a string that represents the current object. (Inherited from Object.)
Top

The RegistryAuditRule class is one of a set of classes that the .NET Framework provides for managing Windows access control security on registry keys. For an overview of these classes and their relationship to the underlying Windows access control structures, see RegistrySecurity.

NoteNote

Windows access control security can only be applied to registry keys. It cannot be applied to individual key/value pairs stored in a key.

To get a list of the audit rules currently applied to a registry key, use the RegistryKey::GetAccessControl method to get a RegistrySecurity object, and then use its GetAuditRules method to obtain a collection of RegistryAuditRule objects.

RegistryAuditRule objects do not map one-to-one with access control entries in the underlying discretionary access control list (DACL). When you get the set of all audit rules for a registry key, the set contains the minimum number of rules currently required to express all the access control entries.

NoteNote

The underlying access control entries change as you apply and remove rules. The information in rules is merged if possible, to maintain the smallest number of access control entries. Thus, when you read the current list of rules, it might not look exactly like the list of all the rules you have added.

Use RegistryAuditRule objects to specify access rights to be audited for a user or group. To apply a rule to a registry key, use the RegistryKey::GetAccessControl method to get the RegistrySecurity object. Modify the RegistrySecurity object by using its methods to add the rule, and then use the RegistryKey::SetAccessControl method to reattach the security object.

Important noteImportant

Changes you make to a RegistrySecurity object do not affect the access levels of the registry key until you call the RegistryKey::SetAccessControl method to assign the altered security object to the registry key.

RegistryAuditRule objects are immutable. Security for a registry key is modified by using the methods of the RegistrySecurity class to add or remove rules; as you do this, the underlying access control entries are modified.

.NET Framework

Supported in: 4.5.2, 4.5.1, 4.5, 4, 3.5, 3.0, 2.0

.NET Framework Client Profile

Supported in: 4, 3.5 SP1

Windows 8.1, Windows Server 2012 R2, Windows 8, Windows Server 2012, Windows 7, Windows Vista SP2, Windows Server 2008 (Server Core Role not supported), Windows Server 2008 R2 (Server Core Role supported with SP1 or later; Itanium not supported)

The .NET Framework does not support all versions of every platform. For a list of the supported versions, see .NET Framework System Requirements.

Any public static (Shared in Visual Basic) members of this type are thread safe. Any instance members are not guaranteed to be thread safe.
Was this page helpful?
(1500 characters remaining)
Thank you for your feedback
Show:
© 2014 Microsoft