ACCESS_MODE Enumeration

The ACCESS_MODE enumeration contains values that indicate how the access rights in an EXPLICIT_ACCESS structure apply to the trustee. Functions such as SetEntriesInAcl and GetExplicitEntriesFromAcl use these values to set or retrieve information in an access control entry (ACE).

Syntax

typedef enum _ACCESS_MODE {
  NOT_USED_ACCESS,
  GRANT_ACCESS,
  SET_ACCESS,
  DENY_ACCESS,
  REVOKE_ACCESS,
  SET_AUDIT_SUCCESS,
  SET_AUDIT_FAILURE
} ACCESS_MODE;

Constants

NOT_USED_ACCESS Value not used.
GRANT_ACCESS Indicates an ACCESS_ALLOWED_ACE structure. The new ACE combines the specified rights with any existing allowed or denied rights of the trustee.
SET_ACCESS Indicates an ACCESS_ALLOWED_ACEstructure that allows the specified rights.

On input, this value discards any existing access control information for the trustee.

DENY_ACCESS Indicates an ACCESS_DENIED_ACEstructure that denies the specified rights.

On input, this value denies the specified rights in addition to any currently denied rights of the trustee.

REVOKE_ACCESS Indicates that all existing ACCESS_ALLOWED_ACE or SYSTEM_AUDIT_ACE structures for the specified trustee are removed.
SET_AUDIT_SUCCESS Indicates a SYSTEM_AUDIT_ACEstructure that generates audit messages for successful attempts to use the specified access rights.

On input, this value combines the specified rights with any existing audited access rights for the trustee.

SET_AUDIT_FAILURE Indicates a SYSTEM_AUDIT_ACEstructure that generates audit messages for failed attempts to use the specified access rights.

On input, this value combines the specified rights with any existing audited access rights for the trustee.

Requirements

   
Minimum supported client Windows XP [desktop apps only]
Minimum supported server Windows Server 2003 [desktop apps only]
Header accctrl.h

See Also

ACCESS_ALLOWED_ACE

ACCESS_DENIED_ACE

ACE

Access Control

Authorization Enumerations

EXPLICIT_ACCESS

GetExplicitEntriesFromAcl

SYSTEM_AUDIT_ACE

SetEntriesInAcl