SMS_SecuredObject Server WMI Class
Applies To: System Center 2012 Configuration Manager, System Center 2012 Configuration Manager SP1, System Center 2012 R2 Configuration Manager
The SMS_SecuredObject Windows Management Instrumentation (WMI) class is an SMS Provider server class, in Configuration Manager, that represents a secured object.
The following syntax is simplified from Managed Object Format (MOF) code and includes all inherited properties.
Syntax
Class SMS_SecuredObject : SMS_BaseClass
{
UInt32 AvailableClassPermissions;
UInt32 AvailableInstancePermissions;
UInt32 DefaultClassPermissions;
UInt32 DefaultInstancePermissions;
UInt32 ObjectKey
String ObjectName;
};
Methods
The following table lists methods in SMS_SecuredObject.
Method |
Description |
---|---|
GetCollectionsWithResourcePermissions Method in Class SMS_SecuredObject |
Gets the list of collection identifiers for the collections to which the user has the specified permissions. |
Refreshes the information stored about the user's Windows group membership. |
|
Determines whether a user has permissions for an object. |
Properties
AvailableClassPermissions
Data type: UInt32Access type: Read-only
Qualifiers: [bits]
Set of available global permissions that can be set for the specified class. Possible values are listed below. The default value is 0.
0
READ
1
MODIFY
2
DELETE
3
DISTRIBUTE
4
Not used
5
REMOTE_CONTROL
6
ADVERTISE
7
MODIFY_RESOURCE
8
ADMINISTER
9
DELETE_RESOURCE
10
CREATE
11
VIEW_COLL_FILE
12
READ_RESOURCE
13
DELEGATE
14
METER
15
MANAGESQLCOMMAND
16
MANAGESTATUSFILTER
17
MANAGEFOLDER
18
NETWORKACCESS
19
IMPORTMACHINE
20
CREATETSMEDIA
21
MODIFYCOLLECTIONSETTING
22
MANAGEOSDCERTIFICATE
23
RECOVERUSERSTATE
AvailableInstancePermissions
Data type: UInt32Access type: Read-only
Qualifiers: [bits]
Set of available permissions that can be set for an instance of the specified class. Possible values are listed below. The default value is 0.
0
READ
1
MODIFY
2
DELETE
3
DISTRIBUTE
4
Not used
5
REMOTE_CONTROL
6
ADVERTISE
7
MODIFY_RESOURCE
8
ADMINISTER
9
DELETE_RESOURCE
10
CREATE
11
VIEW_COLL_FILE
12
READ_RESOURCE
13
DELEGATE
14
METER
15
MANAGESQLCOMMAND
16
MANAGESTATUSFILTER
17
MANAGEFOLDER
18
NETWORKACCESS
19
IMPORTMACHINE
20
CREATETSMEDIA
21
MODIFYCOLLECTIONSETTING
22
MANAGEOSDCERTIFICATE
23
RECOVERUSERSTATE
DefaultClassPermissions
Data type: UInt32Access type: Read/Write
Qualifiers: [bits]
Set of default permissions that all users and groups are granted for the specified class. Possible values are listed below. The default value is 0.
0
READ
1
MODIFY
2
DELETE
3
DISTRIBUTE
4
Not used
5
REMOTE_CONTROL
6
ADVERTISE
7
MODIFY_RESOURCE
8
ADMINISTER
9
DELETE_RESOURCE
10
CREATE
11
VIEW_COLL_FILE
12
READ_RESOURCE
13
DELEGATE
14
METER
15
MANAGESQLCOMMAND
16
MANAGESTATUSFILTER
17
MANAGEFOLDER
18
NETWORKACCESS
19
IMPORTMACHINE
20
CREATETSMEDIA
21
MODIFYCOLLECTIONSETTING
22
MANAGEOSDCERTIFICATE
23
RECOVERUSERSTATE
24
MANAGEBMC
25
VIEWBMC
DefaultInstancePermissions
Data type: UInt32Access type: Read/Write
Qualifiers: [bits]
Set of default instance permissions that all users and groups are granted for the specified class. Possible values are listed below. The default value is 0.
0
READ
1
MODIFY
2
DELETE
3
DISTRIBUTE
4
Not used
5
REMOTE_CONTROL
6
ADVERTISE
7
MODIFY_RESOURCE
8
ADMINISTER
9
DELETE_RESOURCE
10
CREATE
11
VIEW_COLL_FILE
12
READ_RESOURCE
13
DELEGATE
14
METER
15
MANAGESQLCOMMAND
16
MANAGESTATUSFILTER
17
MANAGEFOLDER
18
NETWORKACCESS
19
IMPORTMACHINE
20
CREATETSMEDIA
21
MODIFYCOLLECTIONSETTING
22
MANAGEOSDCERTIFICATE
23
RECOVERUSERSTATE
24
MANAGEBMC
25
VIEWBMC
ObjectKey
Data type: UInt32Access type: Read/Write
Qualifiers: [key]
Numeric key that describes the type of secured object being specified. Possible values are listed below. The default value is 0.
1
2
3
4
5
(Not used)
6
7
8
9
10
SMS_ApplicableUpdatesSummaryEx Server WMI Class
11
14
15
16
17
18
19
20
21
22
23
24
25
ObjectName
Data type: StringAccess type: Read/Write
Qualifiers: none
Class name of the secured object.
Remarks
There are no special class qualifiers for this class. For more information about both the class qualifiers and the property qualifiers included in the Properties section, see Configuration Manager Class and Property Qualifiers.
The Configuration Manager objects that can be secured are defined by the ObjectKey property.
The DELEGATE permission applies to all objects listed in ObjectKey except SMS_StatusMessage.
METER only applies to the SMS_Site object and allows the targeting of metering rules to a site.
Manage SQL commands and Manage Status Filter only apply to SMS_Site. These permissions allow management of SQL commands and status filter rules, respectively. Because both of these permissions can allow arbitrary code to run with elevated privileges, they require special credentials.
For more information about SMS Provider rights, see Classes and Instances for Object Security in Configuration Manager.
Requirements
Runtime Requirements
For more information, see Configuration Manager Server Runtime Requirements.
Development Requirements
For more information, see Configuration Manager Server Development Requirements.