Adding an ACE To an Existing ACL
Topic Last Modified: 2006-06-11
The following example adds an access control entry (ACE) to an existing access control list (ACL).
Example
Visual Basic
'//////////////////////////////////////////////////////////////////////
' Function AddAce
'
' Purpose: Adds an ACE to an existing ACL.
' Input: dacl Access Control List (Object)
' TrusteeName Name of Trustee to add (String)
' gAccessMask AccessMask (String)
' gAceType AceType ()
' gAceFlags AceFlags ()
' gFlags Flags ()
' gObjectType ObjectType ()
' gInheritedObjectType InheritedObjectType ()
'
' Output: None
'
' Note: In order for this example to function correctly, it may be necessary to include
' references to the following libraries: Active DS Type Library, Microsoft CDO for
' Exchange Management Library, Microsoft Cluster Service Automation Classes,
' Microsoft CDO for Windows 2000 Library.
'//////////////////////////////////////////////////////////////////////
Function AddAce(ByRef objDacl, _
ByRef szTrusteeName, _
ByRef gAccessMask, _
ByRef gAceType, _
ByRef gAceFlags, _
ByRef gFlags, _
ByRef gObjectType, _
ByRef gInheritedObjectType)
Dim Ace1 As Variant
On Error Resume Next
' Add New Ace for Apply Policy.
Set Ace1 = CreateObject("AccessControlEntry")
Ace1.AccessMask = gAccessMask
Ace1.AceType = gAceType
Ace1.AceFlags = gAceFlags
Ace1.Flags = gFlags
Ace1.Trustee = szTrusteeName
' Check to See whether ObjectType needs to be set.
If CStr(gObjectType) <> "0" Then
Ace1.ObjectType = gObjectType
End If
' Check to See whether InheritedObjectType needs to be set.
If CStr(gInheritedObjectType) <> "0" Then
Ace1.InheritedObjectType = gInheritedObjectType
End If
objDacl.AddAce Ace1
' Clean up.
Set Ace1 = Nothing
End Function