RegistrySecurity.RemoveAuditRule(RegistryAuditRule) Method

Definition

Searches for an audit control rule with the same user as the specified rule, and with compatible inheritance and propagation flags; if a compatible rule is found, the rights contained in the specified rule are removed from it.

public:
 bool RemoveAuditRule(System::Security::AccessControl::RegistryAuditRule ^ rule);
public bool RemoveAuditRule (System.Security.AccessControl.RegistryAuditRule rule);
override this.RemoveAuditRule : System.Security.AccessControl.RegistryAuditRule -> bool
Public Function RemoveAuditRule (rule As RegistryAuditRule) As Boolean

Parameters

rule
RegistryAuditRule

A RegistryAuditRule that specifies the user to search for, and a set of inheritance and propagation flags that a matching rule, if found, must be compatible with. Specifies the rights to remove from the compatible rule, if found.

Returns

true if a compatible rule is found; otherwise, false.

Exceptions

rule is null.

Remarks

The current RegistrySecurity is searched for an audit rule that has the same user as rule. If no such rule is found, no action is taken, and the method returns false. If matching rules are found, their inheritance and compatibility flags are checked for compatibility with the flags specified in rule. If no compatible rule is found, no action is taken, and the method returns false. If a rule with compatible flags is found, the rights specified in rule are removed from the compatible rule, and the method returns true. If rule specifies rights not contained in the compatible rule, no action is taken with respect to those rights. If all rights are removed from the compatible rule, the entire rule is removed from the current RegistrySecurity object.

Applies to