Was this page helpful?
Your feedback about this content is important. Let us know what you think.
Additional feedback?
1500 characters remaining SamrSetSecurityObject (Opnum 2) SamrSetSecurityObject (Opnum 2)

The SamrSetSecurityObject method sets the access control on a server, domain, user, group, or alias object.

 long SamrSetSecurityObject(
   [in] SAMPR_HANDLE ObjectHandle,
   [in] SECURITY_INFORMATION SecurityInformation,
   [in] PSAMPR_SR_SECURITY_DESCRIPTOR SecurityDescriptor

ObjectHandle: An RPC context handle, as specified in section, representing a server, domain, user, group, or alias object.

SecurityInformation: A bit field that indicates the fields of SecurityDescriptor that are requested to be set.

The SECURITY_INFORMATION type is defined in [MS-DTYP] section 2.4.7. The following bits are valid; all other bits MUST be zero when sent and ignored on receipt. If none of the bits below are present, the server MUST return STATUS_INVALID_PARAMETER.





Refers to the Owner member of the security descriptor.



Refers to the Group member of the security descriptor.



Refers to the DACL of the security descriptor.



Refers to the system access control list (SACL) of the security descriptor.

SecurityDescriptor: A security descriptor expressing access that is specific to the ObjectHandle.

This protocol asks the RPC runtime, via the strict_context_handle attribute, to reject the use of context handles created by a method of a different RPC interface than this one, as specified in [MS-RPCE] section 3.

Message processing for this method is specified in the following two sections.

© 2015 Microsoft