Win32_SecuritySettingAccess class

The Win32_SecuritySettingAccess abstract association WMI class specifies the rights granted and denied to a trustee for a given object. This class is modeled after EXPLICIT_ACCESS.

The following syntax is simplified from Managed Object Format (MOF) code and includes all of the inherited properties. Properties and methods are in alphabetic order, not MOF order.

Syntax

[abstract, Association, UUID("{8502C587-5FBB-11D2-AAC1-006008C78BC7}"), AMENDMENT]
class Win32_SecuritySettingAccess
{
  uint32                    AccessMask;
  string                    GuidInheritedObjectType;
  string                    GuidObjectType;
  uint32                    Inheritance;
  Win32_SecuritySetting REF SecuritySetting;
  Win32_SID             REF Trustee;
  uint32                    Type;
};

Members

The Win32_SecuritySettingAccess class has these types of members:

Properties

The Win32_SecuritySettingAccess class has these properties.

AccessMask
Data type: uint32
Access type: Read-only

Bit flags specifying what permissions are affected.

FILE_READ_DATA (file) FILE_LIST_DIRECTORY (directory) (0 (0x0))

Grants the right to read data from the file. For a directory, this value grants the right to list the contents of the directory.

FILE_WRITE_DATA (file) FILE_ADD_FILE (directory) (1 (0x1))

Grants the right to write data to the file. For a directory, this value grants the right to create a file in the directory.

FILE_APPEND_DATA (file) FILE_ADD_SUBDIRECTORY (4 (0x4))

Grants the right to append data to the file. For a directory, this value grants the right to create a subdirectory.

FILE_READ_EA (8 (0x8))

Grants the right to read extended attributes.

FILE_WRITE_EA (16 (0x10))

Grants the right to write extended attributes.

FILE_EXECUTE (file) FILE_TRAVERSE (directory) (32 (0x20))

Grants the right to execute a file. For a directory, the directory can be traversed.

FILE_DELETE_CHILD (64 (0x40))

Grants the right to delete a directory and all of the files it contains (its children), even if the files are read-only.

FILE_READ_ATTRIBUTES (128 (0x80))

Grants the right to read file attributes.

FILE_WRITE_ATTRIBUTES (256 (0x100))

Grants the right to change file attributes.

DELETE (65536 (0x10000))

Grants delete access.

READ_CONTROL (131072 (0x20000))

Grants read access to the security descriptor and owner.

WRITE_DAC (262144 (0x40000))

Grants write access to the discretionary access control list (DACL).

WRITE_OWNER (524288 (0x80000))

Assigns the write owner.

SYNCHRONIZE (1048576 (0x100000))

Synchronizes access and allows a process to wait for an object to enter the signaled state.

GuidInheritedObjectType
Data type: string
Access type: Read-only

Globally unique identifier (GUID) of the type of object from which this object inherits.

GuidObjectType
Data type: string
Access type: Read-only

GUID of the type of object to which the security settings are applied.

Inheritance
Data type: uint32
Access type: Read-only

Bit flags specifying how the access rights are inherited.

SecuritySetting
Data type: Win32_SecuritySetting
Access type: Read-only
Qualifiers: key

Reference to the instance representing the security settings of an object.

Trustee
Data type: Win32_SID
Access type: Read-only
Qualifiers: key

Reference to the instance representing the trustee for this access entry.

Type
Data type: uint32
Access type: Read-only

Type of access specified for the trustee.

Set (0)

Deny (1)

Requirements

Minimum supported client

Windows Vista

Minimum supported server

Windows Server 2008

Namespace

Root\CIMV2

MOF

Secrcw32.mof

DLL

CIMWin32.dll

See also

Operating System Classes

 

 

Show: