Getting Information From an ACL
Windows NT version 4.0 provides several functions for retrieving
access-control information from an ACL. These include functions for determining the access
rights that an ACL grants or audits for a specified trustee. A trustee can be a
user account, group account, or a logon account for a program such as a Windows
NT service. Other functions enable you to extract ACE information from an ACL.
The
GetEffectiveRightsFromAcl function enables you to determine the effective access rights that a DACL
grants to a specified trustee. The trustee's effective access rights are the
access rights that the ACL grants to the trustee or to any groups of which the
trustee is a member.
GetEffectiveRightsFromAcl checks all access-allowed and access-denied ACEs in the ACL to determine the
effective rights for the trustee.
The
GetAuditedPermissionsFromAcl function enables you to check a SACL to determine the audited access rights
for a specified trustee. The audited rights indicate the types of access
attempts that cause the system to generate an audit record in the system event log.
The function returns two access masks: one containing the access rights monitored
for failed access attempts, and another containing the access rights monitored
for successful access.
GetAuditedPermissionsFromAcl checks all system-audit ACEs in the ACL. The returned access masks indicate
the rights that the ACL audits for the trustee or for any groups of which the
trustee is a member.
The
GetExplicitEntriesFromAcl function retrieves an array of
EXPLICIT_ACCESS structures that describe the ACEs in an ACL. This can be useful when you are
copying ACE information from one ACL to another. For example, you can call
GetExplicitEntriesFromAcl to get information about the ACEs in one ACL. Then pass the returned
EXPLICIT_ACCESS structures in a call to the
SetEntriesInAcl function to create equivalent ACEs in the new ACL.
You can use the
GetAce function to copy an ACE from an existing ACL. This can be useful if you are
using the low-level access control functions to build an ACL. For more
information, see
Low-Level Access Control Functions.
- Software for developers
-
Delphi Components
.Net Components
Software for Android Developers
- More information resources
-
MegaDetailed.Net
Unix Manual Pages
Delphi Examples
- Databases for Amazon shops developers
-
Amazon Categories Database
Browse Nodes Database
