ActiveDirectoryRights Enum

Definition

The ActiveDirectoryRights enumeration specifies the access rights that are assigned to an Active Directory Domain Services object.

This enumeration supports a bitwise combination of its member values.

public enum class ActiveDirectoryRights
[System.Flags]
public enum ActiveDirectoryRights
[<System.Flags>]
type ActiveDirectoryRights = 
Public Enum ActiveDirectoryRights
Inheritance
ActiveDirectoryRights
Attributes

Fields

AccessSystemSecurity 16777216

The right to get or set the SACL in the object security descriptor.

CreateChild 1

The right to create children of the object.

Delete 65536

The right to delete the object.

DeleteChild 2

The right to delete children of the object.

DeleteTree 64

The right to delete all children of this object, regardless of the permissions of the children.

ExtendedRight 256

A customized control access right. For a list of possible extended rights, see the Extended Rights article. For more information about extended rights, see the Control Access Rights article.

GenericAll 983551

The right to create or delete children, delete a subtree, read and write properties, examine children and the object itself, add and remove the object from the directory, and read or write with an extended right.

GenericExecute 131076

The right to read permissions on, and list the contents of, a container object.

GenericRead 131220

The right to read permissions on this object, read all the properties on this object, list this object name when the parent container is listed, and list the contents of this object if it is a container.

GenericWrite 131112

The right to read permissions on this object, write all the properties on this object, and perform all validated writes to this object.

ListChildren 4

The right to list children of this object. For more information about this right, see the Controlling Object Visibility article.

ListObject 128

The right to list a particular object. For more information about this right, see the Controlling Object Visibility article.

ReadControl 131072

The right to read data from the security descriptor of the object, not including the data in the SACL.

ReadProperty 16

The right to read properties of the object.

Self 8

The right to perform an operation that is controlled by a validated write access right.

Synchronize 1048576

The right to use the object for synchronization. This right enables a thread to wait until that object is in the signaled state.

WriteDacl 262144

The right to modify the DACL in the object security descriptor.

WriteOwner 524288

The right to assume ownership of the object. The user must be an object trustee. The user cannot transfer the ownership to other users.

WriteProperty 32

The right to write properties of the object.

Applies to

See also