RegistryAuditRule RegistryAuditRule RegistryAuditRule Constructors

Definition

Overloads

RegistryAuditRule(IdentityReference, RegistryRights, InheritanceFlags, PropagationFlags, AuditFlags) RegistryAuditRule(IdentityReference, RegistryRights, InheritanceFlags, PropagationFlags, AuditFlags) RegistryAuditRule(IdentityReference, RegistryRights, InheritanceFlags, PropagationFlags, AuditFlags)

Initializes a new instance of the RegistryAuditRule class, specifying the user or group to audit, the rights to audit, whether to take inheritance into account, and whether to audit success, failure, or both.

RegistryAuditRule(String, RegistryRights, InheritanceFlags, PropagationFlags, AuditFlags) RegistryAuditRule(String, RegistryRights, InheritanceFlags, PropagationFlags, AuditFlags) RegistryAuditRule(String, RegistryRights, InheritanceFlags, PropagationFlags, AuditFlags)

Initializes a new instance of the RegistryAuditRule class, specifying the name of the user or group to audit, the rights to audit, whether to take inheritance into account, and whether to audit success, failure, or both.

RegistryAuditRule(IdentityReference, RegistryRights, InheritanceFlags, PropagationFlags, AuditFlags) RegistryAuditRule(IdentityReference, RegistryRights, InheritanceFlags, PropagationFlags, AuditFlags) RegistryAuditRule(IdentityReference, RegistryRights, InheritanceFlags, PropagationFlags, AuditFlags)

Initializes a new instance of the RegistryAuditRule class, specifying the user or group to audit, the rights to audit, whether to take inheritance into account, and whether to audit success, failure, or both.

public:
 RegistryAuditRule(System::Security::Principal::IdentityReference ^ identity, System::Security::AccessControl::RegistryRights registryRights, System::Security::AccessControl::InheritanceFlags inheritanceFlags, System::Security::AccessControl::PropagationFlags propagationFlags, System::Security::AccessControl::AuditFlags flags);
public RegistryAuditRule (System.Security.Principal.IdentityReference identity, System.Security.AccessControl.RegistryRights registryRights, System.Security.AccessControl.InheritanceFlags inheritanceFlags, System.Security.AccessControl.PropagationFlags propagationFlags, System.Security.AccessControl.AuditFlags flags);
new System.Security.AccessControl.RegistryAuditRule : System.Security.Principal.IdentityReference * System.Security.AccessControl.RegistryRights * System.Security.AccessControl.InheritanceFlags * System.Security.AccessControl.PropagationFlags * System.Security.AccessControl.AuditFlags -> System.Security.AccessControl.RegistryAuditRule

Parameters

identity
IdentityReference IdentityReference IdentityReference

The user or group the rule applies to. Must be of type SecurityIdentifier or a type such as NTAccount that can be converted to type SecurityIdentifier.

registryRights
RegistryRights RegistryRights RegistryRights

A bitwise combination of RegistryRights values specifying the kinds of access to audit.

inheritanceFlags
InheritanceFlags InheritanceFlags InheritanceFlags

A bitwise combination of InheritanceFlags values specifying whether the audit rule applies to subkeys of the current key.

propagationFlags
PropagationFlags PropagationFlags PropagationFlags

A bitwise combination of PropagationFlags values that affect the way an inherited audit rule is propagated to subkeys of the current key.

flags
AuditFlags AuditFlags AuditFlags

A bitwise combination of AuditFlags values specifying whether to audit success, failure, or both.

Exceptions

eventRights specifies an invalid value.

-or-

flags specifies an invalid value.

-or-

inheritanceFlags specifies an invalid value.

-or-

propagationFlags specifies an invalid value.

identity is null.

-or-

registryRights is zero.

identity is neither of type SecurityIdentifier nor of a type such as NTAccount that can be converted to type SecurityIdentifier.

Remarks

All registry keys are containers, so the only inheritance flag that is meaningful for registry keys is the InheritanceFlags.ContainerInherit flag. If this flag is not specified, the propagation flags are ignored, and only the immediate key is affected. If the flag is present, the rule is propagated as shown in the following table. The table assumes there is a subkey S with child subkey CS and grandchild subkey GS. That is, the path for the grandchild subkey is S\CS\GS.

Propagation flags S CS GS
None X X X
NoPropagateInherit X X
InheritOnly X X
NoPropagateInherit, InheritOnly X

The pattern for the grandchild subkey governs all subkeys contained by the grandchild subkey.

For example, if the ContainerInherit flag is specified for inheritanceFlags and the InheritOnly propagation flag is specified for propagationFlags, this rule does not apply to the immediate subkey, but does apply to all its immediate child subkeys and to all subkeys they contain.

Note

Although you can specify the InheritanceFlags.ObjectInherit flag for inheritanceFlags, there is no point in doing so. For the purposes of access control, the name/value pairs in a subkey are not separate objects. The access rights to name/value pairs are controlled by the rights of the subkey. Furthermore, since all subkeys are containers (that is, they can contain other subkeys), they are not affected by the ObjectInherit flag. Finally, specifying the ObjectInherit flag needlessly complicates the maintenance of rules, because it interferes with the normal combination of compatible rules.

RegistryAuditRule(String, RegistryRights, InheritanceFlags, PropagationFlags, AuditFlags) RegistryAuditRule(String, RegistryRights, InheritanceFlags, PropagationFlags, AuditFlags) RegistryAuditRule(String, RegistryRights, InheritanceFlags, PropagationFlags, AuditFlags)

Initializes a new instance of the RegistryAuditRule class, specifying the name of the user or group to audit, the rights to audit, whether to take inheritance into account, and whether to audit success, failure, or both.

public:
 RegistryAuditRule(System::String ^ identity, System::Security::AccessControl::RegistryRights registryRights, System::Security::AccessControl::InheritanceFlags inheritanceFlags, System::Security::AccessControl::PropagationFlags propagationFlags, System::Security::AccessControl::AuditFlags flags);
public RegistryAuditRule (string identity, System.Security.AccessControl.RegistryRights registryRights, System.Security.AccessControl.InheritanceFlags inheritanceFlags, System.Security.AccessControl.PropagationFlags propagationFlags, System.Security.AccessControl.AuditFlags flags);
new System.Security.AccessControl.RegistryAuditRule : string * System.Security.AccessControl.RegistryRights * System.Security.AccessControl.InheritanceFlags * System.Security.AccessControl.PropagationFlags * System.Security.AccessControl.AuditFlags -> System.Security.AccessControl.RegistryAuditRule

Parameters

identity
String String String

The name of the user or group the rule applies to.

registryRights
RegistryRights RegistryRights RegistryRights

A bitwise combination of RegistryRights values specifying the kinds of access to audit.

inheritanceFlags
InheritanceFlags InheritanceFlags InheritanceFlags

A combination of InheritanceFlags flags that specifies whether the audit rule applies to subkeys of the current key.

propagationFlags
PropagationFlags PropagationFlags PropagationFlags

A combination of PropagationFlags flags that affect the way an inherited audit rule is propagated to subkeys of the current key.

flags
AuditFlags AuditFlags AuditFlags

A bitwise combination of AuditFlags values specifying whether to audit success, failure, or both.

Exceptions

eventRights specifies an invalid value.

-or-

flags specifies an invalid value.

-or-

inheritanceFlags specifies an invalid value.

-or-

propagationFlags specifies an invalid value.

identity is null.

-or-

identity is a zero-length string.

-or-

identity is longer than 512 characters.

Remarks

All registry keys are containers, so the only inheritance flag that is meaningful for registry keys is the InheritanceFlags.ContainerInherit flag. If this flag is not specified, the propagation flags are ignored, and only the immediate key is affected. If the flag is present, the rule is propagated as shown in the following table. The table assumes there is a subkey S with child subkey CS and grandchild subkey GS. That is, the path for the grandchild subkey is S\CS\GS.

Propagation flags S CS GS
None X X X
NoPropagateInherit X X
InheritOnly X X
NoPropagateInherit, InheritOnly X

The pattern for the grandchild subkey governs all subkeys contained by the grandchild subkey.

For example, if the ContainerInherit flag is specified for inheritanceFlags and the InheritOnly propagation flag is specified for propagationFlags, this rule does not apply to the immediate subkey, but does apply to all its immediate child subkeys and to all subkeys they contain.

Note

Although you can specify the InheritanceFlags.ObjectInherit flag for inheritanceFlags, there is no point in doing so. For the purposes of access control, the name/value pairs in a subkey are not separate objects. The access rights to name/value pairs are controlled by the rights of the subkey. Furthermore, since all subkeys are containers (that is, they can contain other subkeys), they are not affected by the ObjectInherit flag. Finally, specifying the ObjectInherit flag needlessly complicates the maintenance of rules, because it interferes with the normal combination of compatible rules.

This constructor is equivalent to creating an NTAccount object, by passing identity to the NTAccount.NTAccount(String) constructor, and passing the newly created NTAccount object to the RegistryAuditRule(IdentityReference, RegistryRights, InheritanceFlags, PropagationFlags, AuditFlags) constructor.

Applies to