Setting Access Rights on the Entire Object
Certain permissions can be set only for an entire object, such as Delete and List Contents. Operation-specific permissions, such as the Read permission, can also be set for entire object so that they apply to an entire object.
The following procedure can be used to set permissions for an entire object.
To set permissions for an entire object
- Set IADsAccessControlEntry.AceType to ADS_ACETYPE_ACCESS_ALLOWED or ADS_ACETYPE_ACCESS_DENIED.
- Set IADsAccessControlEntry.ObjectType and IADsAccessControlEntry.InheritedObjectType to NULL.
For more information about how to create an ACE, see Setting Access Rights on an Object.
For more information and a code example that can be used to set an ACE, see Example Code for Setting an ACE on a Directory Object.
Feedback
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.
Submit and view feedback for