ACCESS_MODE
[New
- Windows NT]
The ACCESS_MODE
enumeration type contains values that indicate how the access rights in an EXPLICIT_ACCESS
structure apply to the trustee. Functions such as SetEntriesInAcl and GetExplicitEntriesFromAcl
use these values to set or retrieve information in an access-control entry (ACE).
typedef enum _ACCESS_MODE
{
NOT_USED_ACCESS = 0,
GRANT_ACCESS,
SET_ACCESS,
DENY_ACCESS,
REVOKE_ACCESS,
SET_AUDIT_SUCCESS,
SET_AUDIT_FAILURE
} ACCESS_MODE;
|
Enumerator |
Meaning |
|
GRANT_ACCESS |
An input
flag that creates an ACCESS_ALLOWED_ACE. The new ACE combines
the specified rights with any existing allowed or denied rights of the
trustee. |
|
SET_ACCESS |
Indicates
an ACCESS_ALLOWED_ACE that allows the specified rights. On input,
this flag discards any existing access-control information for the trustee. |
|
DENY_ACCESS |
Indicates
an ACCESS_DENIED_ACE that denies the specified rights. On input,
this flag denies the specified rights in addition to any currently denied
rights of the trustee. It also modifies or deletes any existing ACCESS_ALLOWED_ACE
for the trustee that allows the specified rights. |
|
REVOKE_ACCESS |
An input
flag that removes all existing ACCESS_DENIED_ACE, ACCESS_ALLOWED_ACE,
or SYSTEM_AUDIT_ACEs for the specified trustee. |
|
SET_AUDIT_SUCCESS |
Indicates a
SYSTEM_AUDIT_ACE that generates audit messages for successful attempts
to use the specified access rights. You can combine this value with
SET_AUDIT_FAILURE. On input,
this flag combines the specified rights with any existing audited access
rights for the trustee. |
|
SET_AUDIT_FAILURE |
Indicates a
SYSTEM_AUDIT_ACE that generates audit messages for failed attempts to
use the specified access rights. You can combine this value with
SET_AUDIT_SUCCESS. On input,
this flag combines the specified rights with any existing audited access
rights for the trustee. |
See Also