SetAccessRule Method (ActiveDirectoryAccessRule)
Collapse the table of content
Expand the table of content

ActiveDirectorySecurity.SetAccessRule Method (ActiveDirectoryAccessRule)

 

Searches an object's DACL for all access rules that contain a security identifier (SID) that matches the SID specified in the rule object, and an access control type (Allow or Deny) that matches the type specified in the rule object, and replaces all of those access rules with the access rules that are contained in the rule object.

Namespace:   System.DirectoryServices
Assembly:  System.DirectoryServices (in System.DirectoryServices.dll)

public void SetAccessRule(
	ActiveDirectoryAccessRule rule
)

Parameters

rule
Type: System.DirectoryServices.ActiveDirectoryAccessRule

The ActiveDirectoryAccessRule object to which this operation applies.

When SetAccessRule is used to replace all access rules that match a particular SID and access control type (Allow or Deny) in an object's DACL, all rules in that DACL with an SID and type that match the SID and access control type contained in the rule object are replaced. Using this method, the developer can replace any Allow rules for that SID on that object without affecting existing Deny rules, or replace all Deny rules for that SID on that object without affecting existing Allow rules. To replace all rules for that object pertaining to the specified SID, regardless of type, use ResetAccessRule instead.

.NET Framework
Available since 2.0
Return to top
Show:
© 2016 Microsoft