2.2.26 MQENTACCESSMASK

The MQENTACCESSMASK bitfield enumeration values can be used to set the value of an ACCESS_MASK structure ([MS-DTYP] section 2.4.3), which is used to constrain the permissions for an Enterprise.

 typedef  enum 
 {
   MQSEC_CREATE_USER = 0x00000001,
   MQSEC_CREATE_SITE = 0x00000002,
   MQSEC_CREATE_CN = 0x00000004,
   MQSEC_SET_ENTERPRISE_PROPERTIES = 0x00000010,
   MQSEC_GET_ENTERPRISE_PROPERTIES = 0x00000020,
   MQSEC_DELETE_ENTERPRISE = 0x00010000,
   MQSEC_GET_ENTERPRISE_PERMISSIONS = 0x00020000,
   MQSEC_CHANGE_ENTERPRISE_PERMISSIONS = 0x00040000,
   MQSEC_TAKE_ENTERPRISE_OWNERSHIP = 0x00080000,
   MQSEC_ENTERPRISE_GENERIC_READ = (MQSEC_CREATE_USER    + MQSEC_GET_ENTERPRISE_PROPERTIES    + MQSEC_GET_ENTERPRISE_PERMISSIONS),
   MQSEC_ENTERPRISE_GENERIC_WRITE = (MQSEC_CREATE_USER    + MQSEC_GET_ENTERPRISE_PROPERTIES    + MQSEC_GET_ENTERPRISE_PERMISSIONS    + MQSEC_CREATE_SITE    + MQSEC_CREATE_CN),
   MQSEC_ENTERPRISE_GENERIC_ALL = (MQSEC_CREATE_USER    + MQSEC_CREATE_CN    + MQSEC_CREATE_SITE    + MQSEC_SET_ENTERPRISE_PROPERTIES    + MQSEC_GET_ENTERPRISE_PROPERTIES    + MQSEC_DELETE_ENTERPRISE    + MQSEC_GET_ENTERPRISE_PERMISSIONS    + MQSEC_CHANGE_ENTERPRISE_PERMISSIONS    + MQSEC_TAKE_ENTERPRISE_OWNERSHIP)
 } MQENTACCESSMASK;

MQSEC_CREATE_USER:  Specifies the permission required by a security principal to add a user to the enterprise.

MQSEC_CREATE_SITE:  Specifies the permission required by a security principal to create a site in the enterprise.

MQSEC_CREATE_CN:  Specifies the permission required by a security principal to create a connected network in the enterprise.

MQSEC_SET_ENTERPRISE_PROPERTIES:  Specifies the permission required by a security principal to modify properties of the enterprise.

MQSEC_GET_ENTERPRISE_PROPERTIES:  Specifies the permission required by a security principal to read properties of the enterprise.

MQSEC_DELETE_ENTERPRISE:  Specifies the permission required by a security principal to delete the enterprise.

MQSEC_GET_ENTERPRISE_PERMISSIONS:  Specifies the permission required by a security principal to read permissions for the enterprise.

MQSEC_CHANGE_ENTERPRISE_PERMISSIONS:  Specifies the permission required by a security principal to modify permissions for the enterprise.

MQSEC_TAKE_ENTERPRISE_OWNERSHIP:  Specifies the permission required by a security principal to modify the owner of the enterprise.

MQSEC_ENTERPRISE_GENERIC_READ:  Specifies the permission required by a security principal to read the properties and permissions for the enterprise, and create users.

MQSEC_ENTERPRISE_GENERIC_WRITE:  Specifies the permission required by a security principal to read properties and permissions, and to add users, connected networks, and sites to the enterprise.

MQSEC_ENTERPRISE_GENERIC_ALL:  Specifies the permission required by a security principal to perform all of the operations listed previously.