OBJECTS_AND_SID structure (accctrl.h)

The OBJECTS_AND_SID structure contains a security identifier (SID) that identifies a trustee and GUIDs that identify the object types of an object-specific access control entry (ACE).

Syntax

typedef struct _OBJECTS_AND_SID {
  DWORD ObjectsPresent;
  GUID  ObjectTypeGuid;
  GUID  InheritedObjectTypeGuid;
  SID   *pSid;
} OBJECTS_AND_SID, *POBJECTS_AND_SID;

Members

ObjectsPresent

Indicates whether the ObjectTypeGuid and InheritedObjectTypeGuid members contain GUIDs. This parameter can be a combination of the following values.

Value Meaning
ACE_OBJECT_TYPE_PRESENT
0x1
The ObjectTypeGuid member contains a GUID.
ACE_INHERITED_OBJECT_TYPE_PRESENT
0x2
The InheritedObjectTypeGuid member contains a GUID.

ObjectTypeGuid

A GUID structure that identifies the type of object, property set, or property protected by the ACE. If this ACE is inherited, the GUID identifies the type of object, property set, or property protected by the inherited ACE. This GUID must be a valid schema identifier in the Active Directory schema.

If the ACE_OBJECT_TYPE_PRESENT bit is not set in the ObjectsPresent member, the ObjectTypeGuid member is ignored, and the ACE protects the object to which the ACL is assigned.

InheritedObjectTypeGuid

A GUID structure that identifies the type of object that can inherit the ACE. This GUID must be a valid schema identifier in the Active Directory schema.

If the ACE_INHERITED_OBJECT_TYPE_PRESENT bit is not set in the ObjectsPresent member, the InheritedObjectTypeGuid member is ignored, and all types of child objects can inherit the ACE. Otherwise, only the specified object type can inherit the ACE. In either case, inheritance is also controlled by the inheritance flags in the ACE_HEADER structure as well as by any protection against inheritance placed on the child objects.

pSid

A pointer to the SID of the trustee to whom the ACE applies.

Remarks

The ptstrName member of a TRUSTEE structure can be a pointer to an OBJECTS_AND_SID structure. This enables functions such as SetEntriesInAcl and GetExplicitEntriesFromAcl to store object-specific ACE information in the Trustee member of an EXPLICIT_ACCESS structure.

When you use this structure in a call to SetEntriesInAcl, ObjectTypeGuid and InheritedObjectTypeGuid must be valid schema identifiers in the Active Directory schema. The system does not verify the GUIDs; they are used as is.

Requirements

Requirement Value
Minimum supported client Windows XP [desktop apps only]
Minimum supported server Windows Server 2003 [desktop apps only]
Header accctrl.h

See also

ACE_HEADER

EXPLICIT_ACCESS

GUID

GetExplicitEntriesFromAcl

OBJECTS_AND_NAME

SetEntriesInAcl

TRUSTEE