Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
The SamrSetSecurityObject method sets the access control on a server, ___domain, user, group, or alias object.
-
long SamrSetSecurityObject( [in] SAMPR_HANDLE ObjectHandle, [in] SECURITY_INFORMATION SecurityInformation, [in] PSAMPR_SR_SECURITY_DESCRIPTOR SecurityDescriptor );
ObjectHandle: An RPC context handle, as specified in section 2.2.7.2, representing a server, ___domain, user, group, or alias object.
SecurityInformation: A bit field that indicates the fields of SecurityDescriptor that are requested to be set.
-
The SECURITY_INFORMATION type is defined in [MS-DTYP] section 2.4.7. The following bits are valid; all other bits MUST be zero when sent and ignored on receipt. If none of the bits below are present, the server MUST return STATUS_INVALID_PARAMETER.
-
Value
Meaning
OWNER_SECURITY_INFORMATION
0x00000001
Refers to the Owner member of the security descriptor.
GROUP_SECURITY_INFORMATION
0x00000002
Refers to the Group member of the security descriptor.
DACL_SECURITY_INFORMATION
0x00000004
Refers to the DACL of the security descriptor.
SACL_SECURITY_INFORMATION
0x00000008
Refers to the system access control list (SACL) of the security descriptor.
SecurityDescriptor: A security descriptor expressing access that is specific to the ObjectHandle.
This protocol asks the RPC runtime, via the strict_context_handle attribute, to reject the use of context handles created by a method of a different RPC interface than this one, as specified in [MS-RPCE] section 3.
Message processing for this method is specified in the following two sections.