RegistryAuditRule Constructors
Definition
Important
Some information relates to prerelease product that may be substantially modified before it’s released. Microsoft makes no warranties, express or implied, with respect to the information provided here.
Initializes a new instance of the RegistryAuditRule class.
Overloads
| RegistryAuditRule(IdentityReference, RegistryRights, InheritanceFlags, PropagationFlags, AuditFlags) |
Initializes a new instance of the RegistryAuditRule class, specifying the user or group to audit, the rights to audit, whether to take inheritance into account, and whether to audit success, failure, or both. |
| RegistryAuditRule(String, RegistryRights, InheritanceFlags, PropagationFlags, AuditFlags) |
Initializes a new instance of the RegistryAuditRule class, specifying the name of the user or group to audit, the rights to audit, whether to take inheritance into account, and whether to audit success, failure, or both. |
RegistryAuditRule(IdentityReference, RegistryRights, InheritanceFlags, PropagationFlags, AuditFlags)
- Source:
- RegistrySecurity.cs
Initializes a new instance of the RegistryAuditRule class, specifying the user or group to audit, the rights to audit, whether to take inheritance into account, and whether to audit success, failure, or both.
public:
RegistryAuditRule(System::Security::Principal::IdentityReference ^ identity, System::Security::AccessControl::RegistryRights registryRights, System::Security::AccessControl::InheritanceFlags inheritanceFlags, System::Security::AccessControl::PropagationFlags propagationFlags, System::Security::AccessControl::AuditFlags flags);public RegistryAuditRule (System.Security.Principal.IdentityReference identity, System.Security.AccessControl.RegistryRights registryRights, System.Security.AccessControl.InheritanceFlags inheritanceFlags, System.Security.AccessControl.PropagationFlags propagationFlags, System.Security.AccessControl.AuditFlags flags);new System.Security.AccessControl.RegistryAuditRule : System.Security.Principal.IdentityReference * System.Security.AccessControl.RegistryRights * System.Security.AccessControl.InheritanceFlags * System.Security.AccessControl.PropagationFlags * System.Security.AccessControl.AuditFlags -> System.Security.AccessControl.RegistryAuditRulePublic Sub New (identity As IdentityReference, registryRights As RegistryRights, inheritanceFlags As InheritanceFlags, propagationFlags As PropagationFlags, flags As AuditFlags)Parameters
- identity
- IdentityReference
The user or group the rule applies to. Must be of type SecurityIdentifier or a type such as NTAccount that can be converted to type SecurityIdentifier.
- registryRights
- RegistryRights
A bitwise combination of RegistryRights values specifying the kinds of access to audit.
- inheritanceFlags
- InheritanceFlags
A bitwise combination of InheritanceFlags values specifying whether the audit rule applies to subkeys of the current key.
- propagationFlags
- PropagationFlags
A bitwise combination of PropagationFlags values that affect the way an inherited audit rule is propagated to subkeys of the current key.
- flags
- AuditFlags
A bitwise combination of AuditFlags values specifying whether to audit success, failure, or both.
Exceptions
eventRights specifies an invalid value.
-or-
flags specifies an invalid value.
-or-
inheritanceFlags specifies an invalid value.
-or-
propagationFlags specifies an invalid value.
identity is neither of type SecurityIdentifier nor of a type such as NTAccount that can be converted to type SecurityIdentifier.
Remarks
All registry keys are containers, so the only inheritance flag that is meaningful for registry keys is the InheritanceFlags.ContainerInherit flag. If this flag is not specified, the propagation flags are ignored, and only the immediate key is affected. If the flag is present, the rule is propagated as shown in the following table. The table assumes there is a subkey S with child subkey CS and grandchild subkey GS. That is, the path for the grandchild subkey is S\CS\GS.
| Propagation flags | S | CS | GS |
|---|---|---|---|
| None | X | X | X |
| NoPropagateInherit | X | X | |
| InheritOnly | X | X | |
| NoPropagateInherit, InheritOnly | X |
The pattern for the grandchild subkey governs all subkeys contained by the grandchild subkey.
For example, if the ContainerInherit flag is specified for inheritanceFlags and the InheritOnly propagation flag is specified for propagationFlags, this rule does not apply to the immediate subkey, but does apply to all its immediate child subkeys and to all subkeys they contain.
Note
Although you can specify the InheritanceFlags.ObjectInherit flag for inheritanceFlags, there is no point in doing so. For the purposes of access control, the name/value pairs in a subkey are not separate objects. The access rights to name/value pairs are controlled by the rights of the subkey. Furthermore, since all subkeys are containers (that is, they can contain other subkeys), they are not affected by the ObjectInherit flag. Finally, specifying the ObjectInherit flag needlessly complicates the maintenance of rules, because it interferes with the normal combination of compatible rules.
Applies to
RegistryAuditRule(String, RegistryRights, InheritanceFlags, PropagationFlags, AuditFlags)
- Source:
- RegistrySecurity.cs
Initializes a new instance of the RegistryAuditRule class, specifying the name of the user or group to audit, the rights to audit, whether to take inheritance into account, and whether to audit success, failure, or both.
public:
RegistryAuditRule(System::String ^ identity, System::Security::AccessControl::RegistryRights registryRights, System::Security::AccessControl::InheritanceFlags inheritanceFlags, System::Security::AccessControl::PropagationFlags propagationFlags, System::Security::AccessControl::AuditFlags flags);public RegistryAuditRule (string identity, System.Security.AccessControl.RegistryRights registryRights, System.Security.AccessControl.InheritanceFlags inheritanceFlags, System.Security.AccessControl.PropagationFlags propagationFlags, System.Security.AccessControl.AuditFlags flags);new System.Security.AccessControl.RegistryAuditRule : string * System.Security.AccessControl.RegistryRights * System.Security.AccessControl.InheritanceFlags * System.Security.AccessControl.PropagationFlags * System.Security.AccessControl.AuditFlags -> System.Security.AccessControl.RegistryAuditRulePublic Sub New (identity As String, registryRights As RegistryRights, inheritanceFlags As InheritanceFlags, propagationFlags As PropagationFlags, flags As AuditFlags)Parameters
- identity
- String
The name of the user or group the rule applies to.
- registryRights
- RegistryRights
A bitwise combination of RegistryRights values specifying the kinds of access to audit.
- inheritanceFlags
- InheritanceFlags
A combination of InheritanceFlags flags that specifies whether the audit rule applies to subkeys of the current key.
- propagationFlags
- PropagationFlags
A combination of PropagationFlags flags that affect the way an inherited audit rule is propagated to subkeys of the current key.
- flags
- AuditFlags
A bitwise combination of AuditFlags values specifying whether to audit success, failure, or both.
Exceptions
eventRights specifies an invalid value.
-or-
flags specifies an invalid value.
-or-
inheritanceFlags specifies an invalid value.
-or-
propagationFlags specifies an invalid value.
registryRights is zero.
identity is null.
-or-
identity is a zero-length string.
-or-
identity is longer than 512 characters.
Remarks
All registry keys are containers, so the only inheritance flag that is meaningful for registry keys is the InheritanceFlags.ContainerInherit flag. If this flag is not specified, the propagation flags are ignored, and only the immediate key is affected. If the flag is present, the rule is propagated as shown in the following table. The table assumes there is a subkey S with child subkey CS and grandchild subkey GS. That is, the path for the grandchild subkey is S\CS\GS.
| Propagation flags | S | CS | GS |
|---|---|---|---|
| None | X | X | X |
| NoPropagateInherit | X | X | |
| InheritOnly | X | X | |
| NoPropagateInherit, InheritOnly | X |
The pattern for the grandchild subkey governs all subkeys contained by the grandchild subkey.
For example, if the ContainerInherit flag is specified for inheritanceFlags and the InheritOnly propagation flag is specified for propagationFlags, this rule does not apply to the immediate subkey, but does apply to all its immediate child subkeys and to all subkeys they contain.
Note
Although you can specify the InheritanceFlags.ObjectInherit flag for inheritanceFlags, there is no point in doing so. For the purposes of access control, the name/value pairs in a subkey are not separate objects. The access rights to name/value pairs are controlled by the rights of the subkey. Furthermore, since all subkeys are containers (that is, they can contain other subkeys), they are not affected by the ObjectInherit flag. Finally, specifying the ObjectInherit flag needlessly complicates the maintenance of rules, because it interferes with the normal combination of compatible rules.
This constructor is equivalent to creating an NTAccount object, by passing identity to the NTAccount.NTAccount(String) constructor, and passing the newly created NTAccount object to the RegistryAuditRule(IdentityReference, RegistryRights, InheritanceFlags, PropagationFlags, AuditFlags) constructor.
