2.2.1.1 Common ACCESS_MASK Values
These values specify an access control that is applicable to all object types used by this protocol. These values can appear in the Mask field of an access control entry (ACE) or in methods to obtain a handle, for example, SamrConnect5. For more information, see [MS-DTYP] section 2.4.3. Values that are not listed have no meaning in this protocol.
|
Constant/value |
Description |
|---|---|
|
DELETE 0x00010000 |
Specifies access to the ability to delete the object. |
|
READ_CONTROL 0x00020000 |
Specifies access to the ability to read the security descriptor. |
|
WRITE_DAC 0x00040000 |
Specifies access to the ability to update the discretionary access control list (DACL) of the security descriptor. |
|
WRITE_OWNER 0x00080000 |
Specifies access to the ability to update the Owner field of the security descriptor. |
|
ACCESS_SYSTEM_SECURITY 0x01000000 |
Specifies access to the system security portion of the security descriptor. |
|
MAXIMUM_ALLOWED 0x02000000 |
Indicates that the caller is requesting the maximum access permissions possible to the object. |