Used in a DACL to allow access rights to a trustee. Used in a discretionary access control list (DACL) to deny access rights to a trustee. The following table lists the three ACE types supported by all securable objects.
A set of bit flags that determine whether child containers or objects can inherit the ACE from the primary object to which the ACL is attached. An access mask that specifies the access rights controlled by the ACE. A security identifier (SID) that identifies the trustee to which the ACE applies. The other three types are Object-specific ACEs supported by directory service objects.Īll types of ACEs contain the following access control information: There are six types of ACEs, three of which are supported by all securable objects. For information about adding, removing, or changing the ACEs in an object's ACLs, see Modifying the ACLs of an Object in C++. Each ACE controls or monitors access to an object by a specified trustee. 
An access control entry (ACE) is an element in an access control list (ACL).
0 kommentar(er)
