Windows apps
Collapse the table of content
Expand the table of content
Information
Switch
Switch
The topic you requested is included in another documentation set. For convenience, it's displayed below. Choose Switch to see the topic in its original location.

EventWaitHandleSecurity::AuditRuleFactory Method (IdentityReference^, Int32, Boolean, InheritanceFlags, PropagationFlags, AuditFlags)

.NET Framework (current version)
 

Creates a new audit rule, specifying the user the rule applies to, the access rights to audit, and the outcome that triggers the audit rule.

Namespace:   System.Security.AccessControl
Assembly:  mscorlib (in mscorlib.dll)

C#
C++
F#
VB
Copy 
public:
virtual AuditRule^ AuditRuleFactory(
	IdentityReference^ identityReference,
	int accessMask,
	bool isInherited,
	InheritanceFlags inheritanceFlags,
	PropagationFlags propagationFlags,
	AuditFlags flags
) override

Parameters

identityReference
Type: System.Security.Principal::IdentityReference^

An IdentityReference that identifies the user or group the rule applies to.

accessMask
Type: System::Int32

A bitwise combination of EventWaitHandleRights values specifying the access rights to audit, cast to an integer.

isInherited
Type: System::Boolean

Meaningless for named wait handles, because they have no hierarchy.

inheritanceFlags
Type: System.Security.AccessControl::InheritanceFlags

Meaningless for named wait handles, because they have no hierarchy.

propagationFlags
Type: System.Security.AccessControl::PropagationFlags

Meaningless for named wait handles, because they have no hierarchy.

flags
Type: System.Security.AccessControl::AuditFlags

A bitwise combination of AuditFlags values specifying whether to audit successful access, failed access, or both.

Return Value

Type: System.Security.AccessControl::AuditRule^

An EventWaitHandleAuditRule object representing the specified audit rule for the specified user. The return type of the method is the base class, AuditRule, but the return value can be cast safely to the derived class.

Exception Condition
ArgumentOutOfRangeException

accessMask, inheritanceFlags, propagationFlags, or flags specifies an invalid value.

ArgumentNullException

identityReference is null.

-or-

accessMask is zero.

ArgumentException

identityReference is neither of type SecurityIdentifier, nor of a type such as NTAccount that can be converted to type SecurityIdentifier.

The recommended way to create audit rules is to use the constructors of the EventWaitHandleAuditRule class.

System_CAPS_noteNote

Although inheritance and propagation flags are meaningless for named events, it is still possible to specify them. This is not recommended, because it needlessly complicates the maintenance of rules, for example by interfering with the combination of rules that would otherwise be compatible.

.NET Framework
Available since 2.0
Return to top
Show:
© 2017 Microsoft