EventWaitHandleSecurity.RemoveAuditRule(EventWaitHandleAuditRule) Method

Reference

Definition

Namespace:: System.Security.AccessControl

Assembly:: System.Threading.AccessControl.dll

Assembly:: mscorlib.dll

Package:: System.Threading.AccessControl v6.0.0

Package:: System.Threading.AccessControl v7.0.0

Package:: System.Threading.AccessControl v8.0.0

Package:: System.Threading.AccessControl v9.0.0-preview.2.24128.5

Source:: EventWaitHandleSecurity.cs

Source:: EventWaitHandleSecurity.cs

Source:: EventWaitHandleSecurity.cs

Important

Some information relates to prerelease product that may be substantially modified before it’s released. Microsoft makes no warranties, express or implied, with respect to the information provided here.

Searches for an audit rule with the same user as the specified rule, and with compatible inheritance and propagation flags; if a compatible rule is found, the rights contained in the specified rule are removed from it.

public:
 bool RemoveAuditRule(System::Security::AccessControl::EventWaitHandleAuditRule ^ rule);

public bool RemoveAuditRule (System.Security.AccessControl.EventWaitHandleAuditRule rule);

override this.RemoveAuditRule : System.Security.AccessControl.EventWaitHandleAuditRule -> bool

Public Function RemoveAuditRule (rule As EventWaitHandleAuditRule) As Boolean

Parameters

rule: EventWaitHandleAuditRule

An EventWaitHandleAuditRule that specifies the user to search for and a set of inheritance and propagation flags that a matching rule, if found, must be compatible with. Specifies the rights to remove from the compatible rule, if found.

Returns

Boolean

true if a compatible rule is found; otherwise, false.

Exceptions

ArgumentNullException

rule is null.

Remarks

The current EventWaitHandleSecurity is searched for an audit rule that has the same user as rule. If no such rule is found, no action is taken, and the method returns false. If matching rules are found, their inheritance and compatibility flags are checked for compatibility with the flags specified in rule. If no compatible rule is found, no action is taken, and the method returns false. If a rule with compatible flags is found, the rights specified in rule are removed from the compatible rule, and the method returns true. If rule specifies rights not contained in the compatible rule, no action is taken with respect to those rights. If all rights are removed from the compatible rule, the entire rule is removed from the current EventWaitHandleSecurity object.

Important

Although you can specify inheritance and propagation flags for event audit rules, by creating them with the AuditRuleFactory method, this is not recommended. Inheritance and propagation have no meaning for named events, and they make the maintenance of audit rules more complicated.

Applies to