Was this page helpful?
Your feedback about this content is important. Let us know what you think.
Additional feedback?
1500 characters remaining
Export (0) Print
Expand All

Namespace Access Rights Constants

WMI has security constants used for namespace access checking by __SystemSecurity::GetCallerAccessRights. For security information about access control lists (ACLs, DACLs, or SACLs), see Access Control Lists (ACLs) and Standard Access Rights. These constants are defined in the WBEM_SECURITY_FLAGS enumeration.

Constant/valueDescription
WBEM_ENABLE
1 (0x1)

Enables the account and grants the user read permissions. This is a default access right for all users and corresponds to the Enable Account permission on the Security tab of the WMI Control. For more information, see Setting Namespace Security with the WMI Control.

WBEM_METHOD_EXECUTE
2 (0x2)

Allows the execution of methods. Providers can perform additional access checks. This is a default access right for all users and corresponds to the Execute Methods permission on the Security tab of the WMI Control.

WBEM_FULL_WRITE_REP
4 (0x4)

Allows a user account to write to classes in the WMI repository as well as instances. A user cannot write to system classes. Only members of the Administrators group have this permission. WBEM_FULL_WRITE_REP corresponds to the Full Write permission on the Security tab of the WMI Control.

WBEM_PARTIAL_WRITE_REP
8 (0x8)

Allows you to write data to instances only, not classes. A user cannot write classes to the WMI repository. Only members of the Administrators group have this right. WBEM_PARTIAL_WRITE_REP corresponds to the Partial Write permission on the Security tab of the WMI Control.

WBEM_WRITE_PROVIDER
16 (0x10)

Allows writing classes and instances to providers. Note that providers can do additional access checks when impersonating a user. This is a default access right for all users and corresponds to the Provider Write permission on the Security tab of the WMI Control.

WBEM_REMOTE_ACCESS
32 (0x20)

Allows a user account to remotely perform any operations allowed by the permissions described above. Only members of the Administrators group have this right. WBEM_REMOTE_ACCESS corresponds to the Remote Enable permission on the Security tab of the WMI Control.

Requirements

Minimum supported client

Windows Vista

Minimum supported server

Windows Server 2003

Header

Wbemcli.h

See also

WMI Security Constants
Securing WMI Namespaces
Access to WMI Namespaces
WMI Security Descriptor Objects
Changing Access Security on Securable Objects

 

 

Show:
© 2015 Microsoft