ActiveDirectorySecurity 类

定义

使用托管 ACL 库的对象安全层来包装目录对象的访问控制功能。Uses the object security layer of the managed ACL library to wrap access control functionality for directory objects.

public ref class ActiveDirectorySecurity : System::Security::AccessControl::DirectoryObjectSecurity
public class ActiveDirectorySecurity : System.Security.AccessControl.DirectoryObjectSecurity
type ActiveDirectorySecurity = class
    inherit DirectoryObjectSecurity
Public Class ActiveDirectorySecurity
Inherits DirectoryObjectSecurity
继承

构造函数

ActiveDirectorySecurity()

初始化 ActiveDirectorySecurity 类的新实例。Initializes a new instance of the ActiveDirectorySecurity class.

属性

AccessRightType

获取 Type 对象,它表示此对象的访问权限。Gets the Type object that represents an access right for this object.

AccessRulesModified

获取或设置一个布尔值,该值指定是否已修改与此 ObjectSecurity 对象关联的访问规则。Gets or sets a Boolean value that specifies whether the access rules associated with this ObjectSecurity object have been modified.

(继承自 ObjectSecurity)
AccessRuleType

获取表示此对象访问规则的 TypeGets the Type that represents an access rule for this object.

AreAccessRulesCanonical

获取一个布尔值,该值指定与此 ObjectSecurity 对象关联的访问规则是否处于规范顺序。Gets a Boolean value that specifies whether the access rules associated with this ObjectSecurity object are in canonical order.

(继承自 ObjectSecurity)
AreAccessRulesProtected

获取一个布尔值,用于指定与 ObjectSecurity 对象关联的自定义访问控制列表 (DACL) 是否受到保护。Gets a Boolean value that specifies whether the Discretionary Access Control List (DACL) associated with this ObjectSecurity object is protected.

(继承自 ObjectSecurity)
AreAuditRulesCanonical

获取一个布尔值,该值指定与此 ObjectSecurity 对象关联的审核规则是否处于规范顺序。Gets a Boolean value that specifies whether the audit rules associated with this ObjectSecurity object are in canonical order.

(继承自 ObjectSecurity)
AreAuditRulesProtected

获取一个布尔值,该值指定与此 ObjectSecurity 对象关联的系统访问控制列表 (SACL) 是否受保护。Gets a Boolean value that specifies whether the System Access Control List (SACL) associated with this ObjectSecurity object is protected.

(继承自 ObjectSecurity)
AuditRulesModified

获取或设置一个布尔值,该值指定是否已修改与此 ObjectSecurity 对象关联的审核规则。Gets or sets a Boolean value that specifies whether the audit rules associated with this ObjectSecurity object have been modified.

(继承自 ObjectSecurity)
AuditRuleType

获取表示此对象审核规则的 TypeGets the Type that represents an audit rule for this object.

GroupModified

获取或设置一个布尔值,该值指定是否已修改与安全对象相关联的组。Gets or sets a Boolean value that specifies whether the group associated with the securable object has been modified.

(继承自 ObjectSecurity)
IsContainer

获取一个指定此 ObjectSecurity 对象是否是容器对象的布尔值。Gets a Boolean value that specifies whether this ObjectSecurity object is a container object.

(继承自 ObjectSecurity)
IsDS

获取一个布尔值,该值指定此 ObjectSecurity 对象是否是目录对象。Gets a Boolean value that specifies whether this ObjectSecurity object is a directory object.

(继承自 ObjectSecurity)
OwnerModified

获取或设置一个布尔值,该值指定是否已修改安全对象的所有者。Gets or sets a Boolean value that specifies whether the owner of the securable object has been modified.

(继承自 ObjectSecurity)
SecurityDescriptor

获取此实例的安全说明符。Gets the security descriptor for this instance.

(继承自 ObjectSecurity)

方法

AccessRuleFactory(IdentityReference, Int32, Boolean, InheritanceFlags, PropagationFlags, AccessControlType)

创建具有指定值的 AccessRule 对象。Creates an AccessRule object with the specified values.

AccessRuleFactory(IdentityReference, Int32, Boolean, InheritanceFlags, PropagationFlags, AccessControlType, Guid, Guid)

创建具有指定值的 AccessRule 对象。Creates an AccessRule object with the specified values.

AddAccessRule(ActiveDirectoryAccessRule)

向对象的 DACL 添加访问规则。Adds an access rule to the DACL of an object.

AddAccessRule(ObjectAccessRule)

将指定的访问规则添加到与此 DirectoryObjectSecurity 对象关联的自由访问控制列表 (DACL)。Adds the specified access rule to the Discretionary Access Control List (DACL) associated with this DirectoryObjectSecurity object.

(继承自 DirectoryObjectSecurity)
AddAuditRule(ActiveDirectoryAuditRule)

向对象的 SACL 添加访问规则。Adds an audit rule to the SACL of an object.

AddAuditRule(ObjectAuditRule)

将指定的审核规则添加到与该 DirectoryObjectSecurity 对象关联的系统访问控制列表 (SACL)。Adds the specified audit rule to the System Access Control List (SACL) associated with this DirectoryObjectSecurity object.

(继承自 DirectoryObjectSecurity)
AuditRuleFactory(IdentityReference, Int32, Boolean, InheritanceFlags, PropagationFlags, AuditFlags)

创建具有指定值的 AuditRule 对象。Creates an AuditRule object with the specified values.

AuditRuleFactory(IdentityReference, Int32, Boolean, InheritanceFlags, PropagationFlags, AuditFlags, Guid, Guid)

创建具有指定值的 AuditRule 对象。Creates an AuditRule object with the specified values.

Equals(Object)

确定指定对象是否等于当前对象。Determines whether the specified object is equal to the current object.

(继承自 Object)
GetAccessRules(Boolean, Boolean, Type)

获取与指定的安全性标识符关联的访问规则的集合。Gets a collection of the access rules associated with the specified security identifier.

(继承自 DirectoryObjectSecurity)
GetAuditRules(Boolean, Boolean, Type)

获取与指定的安全性标识符关联的审核规则的集合。Gets a collection of the audit rules associated with the specified security identifier.

(继承自 DirectoryObjectSecurity)
GetGroup(Type)

获取与指定所有者关联的主要组。Gets the primary group associated with the specified owner.

(继承自 ObjectSecurity)
GetHashCode()

用作默认哈希函数。Serves as the default hash function.

(继承自 Object)
GetOwner(Type)

获取与指定主要组关联的所有者。Gets the owner associated with the specified primary group.

(继承自 ObjectSecurity)
GetSecurityDescriptorBinaryForm()

返回表示此 ObjectSecurity 对象的安全描述符信息的字节值数组。Returns an array of byte values that represents the security descriptor information for this ObjectSecurity object.

(继承自 ObjectSecurity)
GetSecurityDescriptorSddlForm(AccessControlSections)

返回与此 ObjectSecurity 对象关联的安全描述符的指定部分的安全描述符定义语言 (SDDL) 表示形式。Returns the Security Descriptor Definition Language (SDDL) representation of the specified sections of the security descriptor associated with this ObjectSecurity object.

(继承自 ObjectSecurity)
GetType()

获取当前实例的 TypeGets the Type of the current instance.

(继承自 Object)
MemberwiseClone()

创建当前 Object 的浅表副本。Creates a shallow copy of the current Object.

(继承自 Object)
ModifyAccess(AccessControlModification, AccessRule, Boolean)

将指定的修改应用到与此 DirectoryObjectSecurity 对象关联的自由访问控制列表 (DACL) 中。Applies the specified modification to the Discretionary Access Control List (DACL) associated with this DirectoryObjectSecurity object.

(继承自 DirectoryObjectSecurity)
ModifyAccessRule(AccessControlModification, AccessRule, Boolean)

将指定修改应用到指定的 AccessRuleApplies the specified modification to the specified AccessRule.

ModifyAudit(AccessControlModification, AuditRule, Boolean)

将指定的修改应用到与此 DirectoryObjectSecurity 对象关联的系统访问控制列表 (SACL) 中。Applies the specified modification to the System Access Control List (SACL) associated with this DirectoryObjectSecurity object.

(继承自 DirectoryObjectSecurity)
ModifyAuditRule(AccessControlModification, AuditRule, Boolean)

将指定修改应用到指定的 AuditRuleApplies the specified modification to the specified AuditRule.

Persist(Boolean, String, AccessControlSections)

将与此 ObjectSecurity 对象关联的安全描述符的指定部分保存到永久存储中。Saves the specified sections of the security descriptor associated with this ObjectSecurity object to permanent storage. 我们建议传递给构造函数和 persist 方法的 includeSections 参数的值应完全相同。We recommend that the values of the includeSections parameters passed to the constructor and persist methods be identical.

(继承自 ObjectSecurity)
Persist(SafeHandle, AccessControlSections)

将与此 ObjectSecurity 对象关联的安全描述符的指定部分保存到永久存储中。Saves the specified sections of the security descriptor associated with this ObjectSecurity object to permanent storage. 我们建议传递给构造函数和 persist 方法的 includeSections 参数的值应完全相同。We recommend that the values of the includeSections parameters passed to the constructor and persist methods be identical.

(继承自 ObjectSecurity)
Persist(String, AccessControlSections)

将与此 ObjectSecurity 对象关联的安全描述符的指定部分保存到永久存储中。Saves the specified sections of the security descriptor associated with this ObjectSecurity object to permanent storage. 我们建议传递给构造函数和 persist 方法的 includeSections 参数的值应完全相同。We recommend that the values of the includeSections parameters passed to the constructor and persist methods be identical.

(继承自 ObjectSecurity)
PurgeAccessRules(IdentityReference)

删除与指定 IdentityReference 关联的所有访问规则。Removes all access rules associated with the specified IdentityReference.

PurgeAuditRules(IdentityReference)

删除与指定 IdentityReference 关联的所有审核规则。Removes all audit rules associated with the specified IdentityReference.

ReadLock()

为读取访问锁定此 ObjectSecurity 对象。Locks this ObjectSecurity object for read access.

(继承自 ObjectSecurity)
ReadUnlock()

解锁此 ObjectSecurity 对象以进行读取访问。Unlocks this ObjectSecurity object for read access.

(继承自 ObjectSecurity)
RemoveAccess(IdentityReference, AccessControlType)

从对象的 DACL 中移除所有具有指定 IdentityReference 对象和 AccessControlType 对象的访问规则。Removes all access rules that have the specified IdentityReference object and AccessControlType object from the DACL of an object.

RemoveAccessRule(ActiveDirectoryAccessRule)

从对象的 DACL 中移除包含安全标识符和访问掩码(其与指定访问规则中的相同)的所有访问规则。Removes all access rules that contain the same security identifier and access mask as the specified access rule from the DACL of an object.

RemoveAccessRule(ObjectAccessRule)

从与此 DirectoryObjectSecurity 对象关联的自由访问控制列表 (DACL) 中移除与指定的访问规则具有相同安全性标识符和访问掩码的访问规则。Removes access rules that contain the same security identifier and access mask as the specified access rule from the Discretionary Access Control List (DACL) associated with this DirectoryObjectSecurity object.

(继承自 DirectoryObjectSecurity)
RemoveAccessRuleAll(ObjectAccessRule)

从与此 DirectoryObjectSecurity 对象关联的自由访问控制列表 (DACL) 中移除与指定的访问规则具有相同安全性标识符的所有访问规则。Removes all access rules that have the same security identifier as the specified access rule from the Discretionary Access Control List (DACL) associated with this DirectoryObjectSecurity object.

(继承自 DirectoryObjectSecurity)
RemoveAccessRuleSpecific(ActiveDirectoryAccessRule)

从对象的 DACL 中移除所有与指定访问规则完全匹配的访问规则。Removes all access rules that exactly match the specified access rule from the DACL of an object.

RemoveAccessRuleSpecific(ObjectAccessRule)

从与此 DirectoryObjectSecurity 对象关联的自由访问控制列表 (DACL) 中移除与指定的访问规则完全匹配的所有访问规则。Removes all access rules that exactly match the specified access rule from the Discretionary Access Control List (DACL) associated with this DirectoryObjectSecurity object.

(继承自 DirectoryObjectSecurity)
RemoveAudit(IdentityReference)

从对象的 SACL 中移除所有具有指定 IdentityReference 对象的审核规则。Removes all audit rules that have the specified IdentityReference object from the SACL of an object.

RemoveAuditRule(ActiveDirectoryAuditRule)

从对象的系统访问控制列表 (SACL) 中移除包含安全标识符和访问掩码(其与指定审核规则中的相同)的所有审核规则。Removes all audit rules that contain the same security identifier and access mask as the specified audit rule from the System Access Control List (SACL) of an object.

RemoveAuditRule(ObjectAuditRule)

从与此 CommonObjectSecurity 对象关联的系统访问控制列表 (SACL) 中移除与指定的审核规则具有相同安全性标识符和访问掩码的审核规则。Removes audit rules that contain the same security identifier and access mask as the specified audit rule from the System Access Control List (SACL) associated with this CommonObjectSecurity object.

(继承自 DirectoryObjectSecurity)
RemoveAuditRuleAll(ObjectAuditRule)

从与此 DirectoryObjectSecurity 对象关联的系统访问控制列表 (SACL) 中移除与指定的审核规则具有相同安全性标识符的所有审核规则。Removes all audit rules that have the same security identifier as the specified audit rule from the System Access Control List (SACL) associated with this DirectoryObjectSecurity object.

(继承自 DirectoryObjectSecurity)
RemoveAuditRuleSpecific(ActiveDirectoryAuditRule)

从对象的 SACL 中移除所有与指定审核规则完全匹配的审核规则。Removes all audit rules that exactly match the specified audit rule from the SACL of an object.

RemoveAuditRuleSpecific(ObjectAuditRule)

从与此 DirectoryObjectSecurity 对象关联的系统访问控制列表 (SACL) 中移除与指定的审核规则完全匹配的所有审核规则。Removes all audit rules that exactly match the specified audit rule from the System Access Control List (SACL) associated with this DirectoryObjectSecurity object.

(继承自 DirectoryObjectSecurity)
ResetAccessRule(ActiveDirectoryAccessRule)

在对象的 DACL 中搜索所有所包含的安全标识符 (SID) 与 rule 对象中指定的 SID 相匹配的访问规则,并将所有这些访问规则替换为 rule 对象中包含的访问规则。Searches an object's DACL for all access rules that contain a security identifier (SID) that matches the SID specified in the rule object, and replaces all of those access rules with the access rules that are contained in the rule object.

ResetAccessRule(ObjectAccessRule)

从与此 DirectoryObjectSecurity 对象关联的自由访问控制列表 (DACL) 中移除所有访问规则,然后添加指定的访问规则。Removes all access rules in the Discretionary Access Control List (DACL) associated with this DirectoryObjectSecurity object and then adds the specified access rule.

(继承自 DirectoryObjectSecurity)
SetAccessRule(ActiveDirectoryAccessRule)

在对象的 DACL 中搜索所有所包含的安全标识符 (SID) 与 rule 对象中指定的 SID 相匹配且访问控制类型(“允许”或“拒绝”)与 rule 对象中指定的类型相匹配的访问规则,并将所有这些访问规则替换为 rule 对象中包含的访问规则。Searches an object's DACL for all access rules that contain a security identifier (SID) that matches the SID specified in the rule object, and an access control type (Allow or Deny) that matches the type specified in the rule object, and replaces all of those access rules with the access rules that are contained in the rule object.

SetAccessRule(ObjectAccessRule)

从与此 DirectoryObjectSecurity 对象关联的自由访问控制列表 (DACL) 中移除与指定的访问规则具有相同安全性标识符和限定符的所有访问规则,然后添加指定的访问规则。Removes all access rules that contain the same security identifier and qualifier as the specified access rule in the Discretionary Access Control List (DACL) associated with this DirectoryObjectSecurity object and then adds the specified access rule.

(继承自 DirectoryObjectSecurity)
SetAccessRuleProtection(Boolean, Boolean)

设置或删除与此 ObjectSecurity 对象相关联的访问规则保护。Sets or removes protection of the access rules associated with this ObjectSecurity object. 父级对象不能通过继承来修改受保护的访问规则。Protected access rules cannot be modified by parent objects through inheritance.

(继承自 ObjectSecurity)
SetAuditRule(ActiveDirectoryAuditRule)

将所有安全标识符与对象的 SACL 中指定审核规则相同的审核规则替换为指定的审核规则。Replaces all audit rules that contain the same security identifier as the specified audit rule in the SACL of an object with the specified audit rule.

SetAuditRule(ObjectAuditRule)

从与此 DirectoryObjectSecurity 对象关联的系统访问控制列表 (SACL) 中移除与指定的审核规则具有相同的安全性标识符和限定符所有审核规则,然后添加指定的审核规则。Removes all audit rules that contain the same security identifier and qualifier as the specified audit rule in the System Access Control List (SACL) associated with this DirectoryObjectSecurity object and then adds the specified audit rule.

(继承自 DirectoryObjectSecurity)
SetAuditRuleProtection(Boolean, Boolean)

设置或删除与此 ObjectSecurity 对象相关联的审核规则保护。Sets or removes protection of the audit rules associated with this ObjectSecurity object. 不能由通过继承的父级对象修改受保护的审核规则。Protected audit rules cannot be modified by parent objects through inheritance.

(继承自 ObjectSecurity)
SetGroup(IdentityReference)

设置与此 ObjectSecurity 对象关联的安全描述符的主要组。Sets the primary group for the security descriptor associated with this ObjectSecurity object.

(继承自 ObjectSecurity)
SetOwner(IdentityReference)

设置与此 ObjectSecurity 对象关联的安全描述符的所有者。Sets the owner for the security descriptor associated with this ObjectSecurity object.

(继承自 ObjectSecurity)
SetSecurityDescriptorBinaryForm(Byte[])

根据指定的字节值数组设置此 ObjectSecurity 对象的安全描述符。Sets the security descriptor for this ObjectSecurity object from the specified array of byte values.

(继承自 ObjectSecurity)
SetSecurityDescriptorBinaryForm(Byte[], AccessControlSections)

根据指定的字节值数组设置此 ObjectSecurity 对象的安全描述符的指定部分。Sets the specified sections of the security descriptor for this ObjectSecurity object from the specified array of byte values.

(继承自 ObjectSecurity)
SetSecurityDescriptorSddlForm(String)

根据指定的安全描述符定义语言 (SDDL) 字符串设置此 ObjectSecurity 对象的安全描述符。Sets the security descriptor for this ObjectSecurity object from the specified Security Descriptor Definition Language (SDDL) string.

(继承自 ObjectSecurity)
SetSecurityDescriptorSddlForm(String, AccessControlSections)

根据指定的安全描述符定义语言 (SDDL) 字符串设置此 ObjectSecurity 对象的安全描述符的指定部分。Sets the specified sections of the security descriptor for this ObjectSecurity object from the specified Security Descriptor Definition Language (SDDL) string.

(继承自 ObjectSecurity)
ToString()

返回表示当前对象的字符串。Returns a string that represents the current object.

(继承自 Object)
WriteLock()

锁定此 ObjectSecurity 对象以进行写访问。Locks this ObjectSecurity object for write access.

(继承自 ObjectSecurity)
WriteUnlock()

解锁此 ObjectSecurity 对象以进行写入访问。Unlocks this ObjectSecurity object for write access.

(继承自 ObjectSecurity)

适用于

另请参阅