IAzApplicationGroup::AddNonMemberName method (azroles.h)

The AddNonMemberName method adds the specified account name to the list of accounts that are refused membership in the application group.

Syntax

HRESULT AddNonMemberName(
  [in]           BSTR    bstrProp,
  [in, optional] VARIANT varReserved
);

Parameters

[in] bstrProp

String that contains the SID to add to the list of accounts that are refused membership in the application group. The account name must be in user principal name (UPN) format (for example, someone@example.com). The LookupAccountName function is called to retrieve the domain.

[in, optional] varReserved

Reserved for future use.

Return value

If the method succeeds, it will return S_OK. Any other HRESULT value indicates that the operation failed.

Remarks

The application group will never have an account added using this method as a member, even if that account is specified directly or indirectly by the Members property.

Denying membership to an account in an application group does not prevent that account from being assigned to a role through a different application group, nor from being granted permission to a resource through assignment to any other role.

To view the list of account names of accounts that are refused membership in this application group, use the NonMembersName property.

You must call the Submit method to persist any changes made by this method.

Requirements

Requirement Value
Minimum supported client Windows Vista [desktop apps only]
Minimum supported server Windows Server 2003 [desktop apps only]
Target Platform Windows
Header azroles.h
Library Azroles.lib
DLL Azroles.dll
Redistributable Windows Server 2003 Administration Tools Pack on Windows XP

See also

Members

NonMembersName

Submit