ActiveDirectorySecurity Class

Definition

Uses the object security layer of the managed ACL library to wrap access control functionality for directory objects.

public ref class ActiveDirectorySecurity : System::Security::AccessControl::DirectoryObjectSecurity
public class ActiveDirectorySecurity : System.Security.AccessControl.DirectoryObjectSecurity
type ActiveDirectorySecurity = class
    inherit DirectoryObjectSecurity
Public Class ActiveDirectorySecurity
Inherits DirectoryObjectSecurity
Inheritance

Constructors

ActiveDirectorySecurity()

Initializes a new instance of the ActiveDirectorySecurity class.

Properties

AccessRightType

Gets the Type object that represents an access right for this object.

AccessRulesModified

Gets or sets a Boolean value that specifies whether the access rules associated with this ObjectSecurity object have been modified.

(Inherited from ObjectSecurity)
AccessRuleType

Gets the Type that represents an access rule for this object.

AreAccessRulesCanonical

Gets a Boolean value that specifies whether the access rules associated with this ObjectSecurity object are in canonical order.

(Inherited from ObjectSecurity)
AreAccessRulesProtected

Gets a Boolean value that specifies whether the Discretionary Access Control List (DACL) associated with this ObjectSecurity object is protected.

(Inherited from ObjectSecurity)
AreAuditRulesCanonical

Gets a Boolean value that specifies whether the audit rules associated with this ObjectSecurity object are in canonical order.

(Inherited from ObjectSecurity)
AreAuditRulesProtected

Gets a Boolean value that specifies whether the System Access Control List (SACL) associated with this ObjectSecurity object is protected.

(Inherited from ObjectSecurity)
AuditRulesModified

Gets or sets a Boolean value that specifies whether the audit rules associated with this ObjectSecurity object have been modified.

(Inherited from ObjectSecurity)
AuditRuleType

Gets the Type that represents an audit rule for this object.

GroupModified

Gets or sets a Boolean value that specifies whether the group associated with the securable object has been modified.

(Inherited from ObjectSecurity)
IsContainer

Gets a Boolean value that specifies whether this ObjectSecurity object is a container object.

(Inherited from ObjectSecurity)
IsDS

Gets a Boolean value that specifies whether this ObjectSecurity object is a directory object.

(Inherited from ObjectSecurity)
OwnerModified

Gets or sets a Boolean value that specifies whether the owner of the securable object has been modified.

(Inherited from ObjectSecurity)
SecurityDescriptor

Gets the security descriptor for this instance.

(Inherited from ObjectSecurity)

Methods

AccessRuleFactory(IdentityReference, Int32, Boolean, InheritanceFlags, PropagationFlags, AccessControlType)

Creates an AccessRule object with the specified values.

AccessRuleFactory(IdentityReference, Int32, Boolean, InheritanceFlags, PropagationFlags, AccessControlType, Guid, Guid)

Creates an AccessRule object with the specified values.

AddAccessRule(ActiveDirectoryAccessRule)

Adds an access rule to the DACL of an object.

AddAccessRule(ObjectAccessRule)

Adds the specified access rule to the Discretionary Access Control List (DACL) associated with this DirectoryObjectSecurity object.

(Inherited from DirectoryObjectSecurity)
AddAuditRule(ActiveDirectoryAuditRule)

Adds an audit rule to the SACL of an object.

AddAuditRule(ObjectAuditRule)

Adds the specified audit rule to the System Access Control List (SACL) associated with this DirectoryObjectSecurity object.

(Inherited from DirectoryObjectSecurity)
AuditRuleFactory(IdentityReference, Int32, Boolean, InheritanceFlags, PropagationFlags, AuditFlags)

Creates an AuditRule object with the specified values.

AuditRuleFactory(IdentityReference, Int32, Boolean, InheritanceFlags, PropagationFlags, AuditFlags, Guid, Guid)

Creates an AuditRule object with the specified values.

Equals(Object)

Determines whether the specified object is equal to the current object.

(Inherited from Object)
GetAccessRules(Boolean, Boolean, Type)

Gets a collection of the access rules associated with the specified security identifier.

(Inherited from DirectoryObjectSecurity)
GetAuditRules(Boolean, Boolean, Type)

Gets a collection of the audit rules associated with the specified security identifier.

(Inherited from DirectoryObjectSecurity)
GetGroup(Type)

Gets the primary group associated with the specified owner.

(Inherited from ObjectSecurity)
GetHashCode()

Serves as the default hash function.

(Inherited from Object)
GetOwner(Type)

Gets the owner associated with the specified primary group.

(Inherited from ObjectSecurity)
GetSecurityDescriptorBinaryForm()

Returns an array of byte values that represents the security descriptor information for this ObjectSecurity object.

(Inherited from ObjectSecurity)
GetSecurityDescriptorSddlForm(AccessControlSections)

Returns the Security Descriptor Definition Language (SDDL) representation of the specified sections of the security descriptor associated with this ObjectSecurity object.

(Inherited from ObjectSecurity)
GetType()

Gets the Type of the current instance.

(Inherited from Object)
MemberwiseClone()

Creates a shallow copy of the current Object.

(Inherited from Object)
ModifyAccess(AccessControlModification, AccessRule, Boolean)

Applies the specified modification to the Discretionary Access Control List (DACL) associated with this DirectoryObjectSecurity object.

(Inherited from DirectoryObjectSecurity)
ModifyAccessRule(AccessControlModification, AccessRule, Boolean)

Applies the specified modification to the specified AccessRule.

ModifyAudit(AccessControlModification, AuditRule, Boolean)

Applies the specified modification to the System Access Control List (SACL) associated with this DirectoryObjectSecurity object.

(Inherited from DirectoryObjectSecurity)
ModifyAuditRule(AccessControlModification, AuditRule, Boolean)

Applies the specified modification to the specified AuditRule.

Persist(Boolean, String, AccessControlSections)

Saves the specified sections of the security descriptor associated with this ObjectSecurity object to permanent storage. We recommend that the values of the includeSections parameters passed to the constructor and persist methods be identical.

(Inherited from ObjectSecurity)
Persist(SafeHandle, AccessControlSections)

Saves the specified sections of the security descriptor associated with this ObjectSecurity object to permanent storage. We recommend that the values of the includeSections parameters passed to the constructor and persist methods be identical.

(Inherited from ObjectSecurity)
Persist(String, AccessControlSections)

Saves the specified sections of the security descriptor associated with this ObjectSecurity object to permanent storage. We recommend that the values of the includeSections parameters passed to the constructor and persist methods be identical.

(Inherited from ObjectSecurity)
PurgeAccessRules(IdentityReference)

Removes all access rules associated with the specified IdentityReference.

PurgeAuditRules(IdentityReference)

Removes all audit rules associated with the specified IdentityReference.

ReadLock()

Locks this ObjectSecurity object for read access.

(Inherited from ObjectSecurity)
ReadUnlock()

Unlocks this ObjectSecurity object for read access.

(Inherited from ObjectSecurity)
RemoveAccess(IdentityReference, AccessControlType)

Removes all access rules that have the specified IdentityReference object and AccessControlType object from the DACL of an object.

RemoveAccessRule(ActiveDirectoryAccessRule)

Removes all access rules that contain the same security identifier and access mask as the specified access rule from the DACL of an object.

RemoveAccessRule(ObjectAccessRule)

Removes access rules that contain the same security identifier and access mask as the specified access rule from the Discretionary Access Control List (DACL) associated with this DirectoryObjectSecurity object.

(Inherited from DirectoryObjectSecurity)
RemoveAccessRuleAll(ObjectAccessRule)

Removes all access rules that have the same security identifier as the specified access rule from the Discretionary Access Control List (DACL) associated with this DirectoryObjectSecurity object.

(Inherited from DirectoryObjectSecurity)
RemoveAccessRuleSpecific(ActiveDirectoryAccessRule)

Removes all access rules that exactly match the specified access rule from the DACL of an object.

RemoveAccessRuleSpecific(ObjectAccessRule)

Removes all access rules that exactly match the specified access rule from the Discretionary Access Control List (DACL) associated with this DirectoryObjectSecurity object.

(Inherited from DirectoryObjectSecurity)
RemoveAudit(IdentityReference)

Removes all audit rules that have the specified IdentityReference object from the SACL of an object.

RemoveAuditRule(ActiveDirectoryAuditRule)

Removes all audit rules that contain the same security identifier and access mask as the specified audit rule from the System Access Control List (SACL) of an object.

RemoveAuditRule(ObjectAuditRule)

Removes audit rules that contain the same security identifier and access mask as the specified audit rule from the System Access Control List (SACL) associated with this CommonObjectSecurity object.

(Inherited from DirectoryObjectSecurity)
RemoveAuditRuleAll(ObjectAuditRule)

Removes all audit rules that have the same security identifier as the specified audit rule from the System Access Control List (SACL) associated with this DirectoryObjectSecurity object.

(Inherited from DirectoryObjectSecurity)
RemoveAuditRuleSpecific(ActiveDirectoryAuditRule)

Removes all audit rules that exactly match the specified audit rule from the SACL of an object.

RemoveAuditRuleSpecific(ObjectAuditRule)

Removes all audit rules that exactly match the specified audit rule from the System Access Control List (SACL) associated with this DirectoryObjectSecurity object.

(Inherited from DirectoryObjectSecurity)
ResetAccessRule(ActiveDirectoryAccessRule)

Searches an object's DACL for all access rules that contain a security identifier (SID) that matches the SID specified in the rule object, and replaces all of those access rules with the access rules that are contained in the rule object.

ResetAccessRule(ObjectAccessRule)

Removes all access rules in the Discretionary Access Control List (DACL) associated with this DirectoryObjectSecurity object and then adds the specified access rule.

(Inherited from DirectoryObjectSecurity)
SetAccessRule(ActiveDirectoryAccessRule)

Searches an object's DACL for all access rules that contain a security identifier (SID) that matches the SID specified in the rule object, and an access control type (Allow or Deny) that matches the type specified in the rule object, and replaces all of those access rules with the access rules that are contained in the rule object.

SetAccessRule(ObjectAccessRule)

Removes all access rules that contain the same security identifier and qualifier as the specified access rule in the Discretionary Access Control List (DACL) associated with this DirectoryObjectSecurity object and then adds the specified access rule.

(Inherited from DirectoryObjectSecurity)
SetAccessRuleProtection(Boolean, Boolean)

Sets or removes protection of the access rules associated with this ObjectSecurity object. Protected access rules cannot be modified by parent objects through inheritance.

(Inherited from ObjectSecurity)
SetAuditRule(ActiveDirectoryAuditRule)

Replaces all audit rules that contain the same security identifier as the specified audit rule in the SACL of an object with the specified audit rule.

SetAuditRule(ObjectAuditRule)

Removes all audit rules that contain the same security identifier and qualifier as the specified audit rule in the System Access Control List (SACL) associated with this DirectoryObjectSecurity object and then adds the specified audit rule.

(Inherited from DirectoryObjectSecurity)
SetAuditRuleProtection(Boolean, Boolean)

Sets or removes protection of the audit rules associated with this ObjectSecurity object. Protected audit rules cannot be modified by parent objects through inheritance.

(Inherited from ObjectSecurity)
SetGroup(IdentityReference)

Sets the primary group for the security descriptor associated with this ObjectSecurity object.

(Inherited from ObjectSecurity)
SetOwner(IdentityReference)

Sets the owner for the security descriptor associated with this ObjectSecurity object.

(Inherited from ObjectSecurity)
SetSecurityDescriptorBinaryForm(Byte[])

Sets the security descriptor for this ObjectSecurity object from the specified array of byte values.

(Inherited from ObjectSecurity)
SetSecurityDescriptorBinaryForm(Byte[], AccessControlSections)

Sets the specified sections of the security descriptor for this ObjectSecurity object from the specified array of byte values.

(Inherited from ObjectSecurity)
SetSecurityDescriptorSddlForm(String)

Sets the security descriptor for this ObjectSecurity object from the specified Security Descriptor Definition Language (SDDL) string.

(Inherited from ObjectSecurity)
SetSecurityDescriptorSddlForm(String, AccessControlSections)

Sets the specified sections of the security descriptor for this ObjectSecurity object from the specified Security Descriptor Definition Language (SDDL) string.

(Inherited from ObjectSecurity)
ToString()

Returns a string that represents the current object.

(Inherited from Object)
WriteLock()

Locks this ObjectSecurity object for write access.

(Inherited from ObjectSecurity)
WriteUnlock()

Unlocks this ObjectSecurity object for write access.

(Inherited from ObjectSecurity)

Applies to

See also