Edit

Share via


RegistrySecurity.AccessRuleFactory Method

Definition

Creates a new access control rule for the specified user, with the specified access rights, access control, and flags.

public:
 override System::Security::AccessControl::AccessRule ^ AccessRuleFactory(System::Security::Principal::IdentityReference ^ identityReference, int accessMask, bool isInherited, System::Security::AccessControl::InheritanceFlags inheritanceFlags, System::Security::AccessControl::PropagationFlags propagationFlags, System::Security::AccessControl::AccessControlType type);
public override System.Security.AccessControl.AccessRule AccessRuleFactory (System.Security.Principal.IdentityReference identityReference, int accessMask, bool isInherited, System.Security.AccessControl.InheritanceFlags inheritanceFlags, System.Security.AccessControl.PropagationFlags propagationFlags, System.Security.AccessControl.AccessControlType type);
override this.AccessRuleFactory : System.Security.Principal.IdentityReference * int * bool * System.Security.AccessControl.InheritanceFlags * System.Security.AccessControl.PropagationFlags * System.Security.AccessControl.AccessControlType -> System.Security.AccessControl.AccessRule
Public Overrides Function AccessRuleFactory (identityReference As IdentityReference, accessMask As Integer, isInherited As Boolean, inheritanceFlags As InheritanceFlags, propagationFlags As PropagationFlags, type As AccessControlType) As AccessRule

Parameters

identityReference
IdentityReference

An IdentityReference that identifies the user or group the rule applies to.

accessMask
Int32

A bitwise combination of RegistryRights values specifying the access rights to allow or deny, cast to an integer.

isInherited
Boolean

A Boolean value specifying whether the rule is inherited.

inheritanceFlags
InheritanceFlags

A bitwise combination of InheritanceFlags values specifying how the rule is inherited by subkeys.

propagationFlags
PropagationFlags

A bitwise combination of PropagationFlags values that modify the way the rule is inherited by subkeys. Meaningless if the value of inheritanceFlags is None.

type
AccessControlType

One of the AccessControlType values specifying whether the rights are allowed or denied.

Returns

A RegistryAccessRule object representing the specified rights for the specified user.

Exceptions

accessMask, inheritanceFlags, propagationFlags, or type specifies an invalid value.

identityReference is null.

-or-

accessMask is zero.

identityReference is neither of type SecurityIdentifier, nor of a type such as NTAccount that can be converted to type SecurityIdentifier.

Remarks

The recommended way to create access control rules is to use the constructors of the RegistryAccessRule class.

Note

Although you can specify the InheritanceFlags.ObjectInherit flag, there is no point in doing so. For the purposes of access control, the name/value pairs in a subkey are not separate objects. The access rights to name/value pairs are controlled by the rights of the subkey. Furthermore, since all subkeys are containers (that is, they can contain other subkeys), they are not affected by the ObjectInherit flag. Finally, specifying the ObjectInherit flag needlessly complicates the maintenance of rules, because it interferes with the normal combination of compatible rules.

Applies to