ActiveDirectorySecurity.SetAccessRule(ActiveDirectoryAccessRule) Method
Definition
Important
Some information relates to prerelease product that may be substantially modified before it’s released. Microsoft makes no warranties, express or implied, with respect to the information provided here.
Searches an object's DACL for all access rules that contain a security identifier (SID) that matches the SID specified in the rule object, and an access control type (Allow or Deny) that matches the type specified in the rule object, and replaces all of those access rules with the access rules that are contained in the rule object.
public:
void SetAccessRule(System::DirectoryServices::ActiveDirectoryAccessRule ^ rule);public void SetAccessRule (System.DirectoryServices.ActiveDirectoryAccessRule rule);override this.SetAccessRule : System.DirectoryServices.ActiveDirectoryAccessRule -> unitPublic Sub SetAccessRule (rule As ActiveDirectoryAccessRule)Parameters
The ActiveDirectoryAccessRule object to which this operation applies.
Remarks
When SetAccessRule is used to replace all access rules that match a particular SID and access control type (Allow or Deny) in an object's DACL, all rules in that DACL with an SID and type that match the SID and access control type contained in the rule object are replaced. Using this method, the developer can replace any Allow rules for that SID on that object without affecting existing Deny rules, or replace all Deny rules for that SID on that object without affecting existing Allow rules. To replace all rules for that object pertaining to the specified SID, regardless of type, use ResetAccessRule instead.
