EventWaitHandleSecurity.AuditRuleFactory Method
Definition
Important
Some information relates to prerelease product that may be substantially modified before it’s released. Microsoft makes no warranties, express or implied, with respect to the information provided here.
Creates a new audit rule, specifying the user the rule applies to, the access rights to audit, and the outcome that triggers the audit rule.
public:
override System::Security::AccessControl::AuditRule ^ AuditRuleFactory(System::Security::Principal::IdentityReference ^ identityReference, int accessMask, bool isInherited, System::Security::AccessControl::InheritanceFlags inheritanceFlags, System::Security::AccessControl::PropagationFlags propagationFlags, System::Security::AccessControl::AuditFlags flags);public override System.Security.AccessControl.AuditRule AuditRuleFactory (System.Security.Principal.IdentityReference identityReference, int accessMask, bool isInherited, System.Security.AccessControl.InheritanceFlags inheritanceFlags, System.Security.AccessControl.PropagationFlags propagationFlags, System.Security.AccessControl.AuditFlags flags);override this.AuditRuleFactory : System.Security.Principal.IdentityReference * int * bool * System.Security.AccessControl.InheritanceFlags * System.Security.AccessControl.PropagationFlags * System.Security.AccessControl.AuditFlags -> System.Security.AccessControl.AuditRulePublic Overrides Function AuditRuleFactory (identityReference As IdentityReference, accessMask As Integer, isInherited As Boolean, inheritanceFlags As InheritanceFlags, propagationFlags As PropagationFlags, flags As AuditFlags) As AuditRuleParameters
- identityReference
- IdentityReference
An IdentityReference that identifies the user or group the rule applies to.
- accessMask
- Int32
A bitwise combination of EventWaitHandleRights values specifying the access rights to audit, cast to an integer.
- isInherited
- Boolean
Meaningless for named wait handles, because they have no hierarchy.
- inheritanceFlags
- InheritanceFlags
Meaningless for named wait handles, because they have no hierarchy.
- propagationFlags
- PropagationFlags
Meaningless for named wait handles, because they have no hierarchy.
- flags
- AuditFlags
A bitwise combination of AuditFlags values specifying whether to audit successful access, failed access, or both.
Returns
An EventWaitHandleAuditRule object representing the specified audit rule for the specified user. The return type of the method is the base class, AuditRule, but the return value can be cast safely to the derived class.
Exceptions
accessMask, inheritanceFlags, propagationFlags, or flags specifies an invalid value.
identityReference is neither of type SecurityIdentifier, nor of a type such as NTAccount that can be converted to type SecurityIdentifier.
Remarks
The recommended way to create audit rules is to use the constructors of the EventWaitHandleAuditRule class.
Note
Although inheritance and propagation flags are meaningless for named events, it is still possible to specify them. This is not recommended, because it needlessly complicates the maintenance of rules, for example by interfering with the combination of rules that would otherwise be compatible.
Applies to
Feedback
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.
Submit and view feedback for