The Security property is no longer available for use as of Windows Server 2012.

Data typeByte array
Access Read/write (see Remarks)
MaximumNone (but see Maximum Property Size.)



This property is not supported.

Windows Server 2003:  

Stores the security descriptor of a file share. Use the Security Descriptor property instead. The following table summarizes the attributes of the Security property.


Although the property value is read/write, the underlying security descriptor can be changed only through the Access Control or Network Management APIs.

To change the value of the Security property.

  • Retrieve the value of the property.
  • Assign the value to a SECURITY_DESCRIPTOR structure.
  • Pass the value to any Access Control or Network Management API function that will change the discretionary access control list (DACL) of the descriptor, such as SetSecurityDescriptorDacl or NetShareSetInfo.
  • Once the value has been modified, update the Security property.
  • Take the File Share resource offline and bring it back online to activate the new security settings.

Note  When you use Cluster Administrator to create a new File Share resource, permissions for the "Everyone" group for that file share are set to read-only by default. However, if you use cluster.exe or the Cluster API to create the File Share resource, permissions for the "Everyone" group for that file share are set to full control by default. You can modify this property as previously described to change the default permissions.


Minimum supported client

None supported

Minimum supported server

Windows Server 2003 Enterprise, Windows Server 2003 Datacenter

End of server support

Windows Server 2003 Datacenter, Windows Server 2003 Enterprise

See also

File Share Private Properties
Access Control
Network Management
Security Descriptor