Information
The topic you requested is included in another documentation set. For convenience, it's displayed below. Choose Switch to see the topic in its original location.

Win32_LogicalFileAuditing class

The Win32_LogicalFileAuditing association WMI class relates the security settings of a file or directory and one member of its system access control list (SACL). You cannot enumerate this class.

The following syntax is simplified from Managed Object Format (MOF) code and includes all of the inherited properties.

Syntax

class Win32_LogicalFileAuditing : Win32_SecuritySettingAuditing
{
  uint32                           AuditedAccessMask;
  string                           GuidInheritedObjectType;
  string                           GuidObjectType;
  uint32                           Inheritance;
  Win32_LogicalFileSecuritySetting REF SecuritySetting;
  Win32_SID                        REF Trustee;
  uint32                           Type;
};

Members

The Win32_LogicalFileAuditing class has these types of members:

Properties

The Win32_LogicalFileAuditing class has these properties.

AuditedAccessMask
Data type: uint32
Access type: Read-only

Bit flags specifying what activities are audited.

ValueMeaning
0

FILE_LIST_DIRECTORY

Grants the right to read data from the file. For a directory, this value grants the right to list the contents of the directory.

1

FILE_ADD_FILE

Grants the right to write data to the file. For a directory, this value grants the right to create a file in the directory.

2

FILE_ADD_SUBDIRECTORY

Grants the right to append data to the file. For a directory, this value grants the right to create a subdirectory.

3

FILE_READ_EA

Grants the right to read extended attributes.

4

FILE_WRITE_EA

Grants the right to write extended attributes.

5

FILE_TRAVERSE

Grants the right to execute a file. For a directory, the directory can be traversed.

6

FILE_DELETE_CHILD

Grants the right to delete a directory and all of the files it contains (its children), even if the files are read-only.

7

FILE_READ_ATTRIBUTES

Grants the right to read file attributes.

8

FILE_WRITE_ATTRIBUTES

Grants the right to change file attributes.

16

DELETE

Grants delete access.

17

READ_CONTROL

Grants read access to the security descriptor and owner.

18

WRITE_DAC

Grants write access to the discretionary access control list (DACL).

19

WRITE_OWNER

Assigns the write owner.

20

SYNCHRONIZE

Synchronizes access and allows a process to wait for an object to enter the signaled state.

 

GuidInheritedObjectType
Data type: string
Access type: Read-only

Globally unique identifier (GUID) of the type of object from which this object inherits.

GuidObjectType
Data type: string
Access type: Read-only

GUID of the type of object to which the security settings are applied.

Inheritance
Data type: uint32
Access type: Read-only

Bit flags specifying how the audit policies are inherited.

SecuritySetting
Data type: Win32_LogicalFileSecuritySetting
Access type: Read-only

Reference to the instance representing the security settings of the file or directory object. This property cannot be enumerated.

Trustee
Data type: Win32_SID
Access type: Read-only

Reference to the instance representing the entry on the object's SACL.

Type
Data type: uint32
Access type: Read-only

Access specified for the trustee.

ValueMeaning
1

Audit success

2

Audit failure

 

Remarks

The Win32_LogicalFileAuditing class is derived from Win32_SecuritySettingAuditing.

Requirements

Minimum supported client

Windows Vista

Minimum supported server

Windows Server 2003

Namespace

\root\CIMV2

MOF

Secrcw32.mof

DLL

CIMWin32.dll

See also

Operating System Classes
WMI Security Descriptor Objects

 

 

Show:
© 2014 Microsoft