Directory Rights Enum
Some information relates to prerelease product that may be substantially modified before it’s released. Microsoft makes no warranties, express or implied, with respect to the information provided here.
The ActiveDirectoryRights enumeration specifies the access rights that are assigned to an Active Directory Domain Services object.
This enumeration supports a bitwise combination of its member values.
public enum class ActiveDirectoryRights
[System.Flags] public enum ActiveDirectoryRights
[<System.Flags>] type ActiveDirectoryRights =
Public Enum ActiveDirectoryRights
The right to get or set the SACL in the object security descriptor.
The right to create children of the object.
The right to delete the object.
The right to delete children of the object.
The right to delete all children of this object, regardless of the permissions of the children.
A customized control access right. For a list of possible extended rights, see the Extended Rights article. For more information about extended rights, see the Control Access Rights article.
The right to create or delete children, delete a subtree, read and write properties, examine children and the object itself, add and remove the object from the directory, and read or write with an extended right.
The right to read permissions on, and list the contents of, a container object.
The right to read permissions on this object, read all the properties on this object, list this object name when the parent container is listed, and list the contents of this object if it is a container.
The right to read permissions on this object, write all the properties on this object, and perform all validated writes to this object.
The right to list children of this object. For more information about this right, see the Controlling Object Visibility article.
The right to list a particular object. For more information about this right, see the Controlling Object Visibility article.
The right to read data from the security descriptor of the object, not including the data in the SACL.
The right to read properties of the object.
The right to perform an operation that is controlled by a validated write access right.
The right to use the object for synchronization. This right enables a thread to wait until that object is in the signaled state.
The right to modify the DACL in the object security descriptor.
The right to assume ownership of the object. The user must be an object trustee. The user cannot transfer the ownership to other users.
The right to write properties of the object.