Microsoft Internet Security and
Acceleration Server 2000
FpcDomainArrayObjAccessRights
The FpcDomainArrayObjAccessRights enumerated type defines
the access rights for an array object. These access rights are
mapped to Active Directory access rights.
The right to read information from the security descriptor of
the object, not including the information in the SACL.
fpcDomainArrayObjRight_Write_Dac
The right to modify the discretionary access-control list
(DACL) in the object's security descriptor.
fpcDomainArrayObjRight_Write_Owner
The right to assume ownership of the object. The user must be a
trustee of the object. The user cannot transfer the ownership to
other users.
fpcDomainArrayObjRight_Synchronize
The right to use the object for synchronization. This enables a
thread to wait until the object is in the signaled state.
fpcDomainArrayObjRight_Access_System_Security
The right to get or set the SACL in the object's security
descriptor.
fpcDomainArrayObjRight_Generic_Read
The right to read from the security descriptor, examine the
object as well as its children, and read all properties.
fpcDomainArrayObjRight_Generic_Write
The right to write all the properties and write to the DACL.
The user can add and remove the object to and from the
directory.
fpcDomainArrayObjRight_Generic_Execute
The right to list children of this object.
fpcDomainArrayObjRight_Generic_All
The right to create or delete children, delete a subtree, read
and write properties, examine children and the object itself, add
and remove the object from the directory, and read or write with an
extended right.
fpcDomainArrayObjRight_Create_Child
The right to create children of the object. The
ObjectType member of an access control entry (ACE) can
contain a GUID that identifies the type of child object whose
creation is being controlled. If ObjectType does not contain
a GUID, the ACE controls the creation of all child object
types.
fpcDomainArrayObjRight_Delete_Child
The right to delete children of the object. The
ObjectType member of an ACE can contain a GUID that
identifies a type of child object whose deletion is being
controlled. If ObjectType does not contain a GUID, the ACE
controls the deletion of all child object types.
fpcDomainArrayObjRight_List_Childred
The right to list children of this object.
fpcDomainArrayObjRight_Self
The right to modify the group membership of a group
object.
fpcDomainArrayObjRight_Read_Prop
The right to read properties of the object. The
ObjectType member of an ACE can contain a GUID that
identifies a property set or property. If ObjectType does
not contain a GUID, the ACE controls the right to read all of the
object's properties.
fpcDomainArrayObjRight_Write_Prop
The right to write properties of the object. The
ObjectType member of an ACE can contain a GUID that
identifies a property set or property. If ObjectType does
not contain a GUID, the ACE controls the right to write all of the
object's properties.
fpcDomainArrayObjRight_Delete_Tree
The right to delete all children of this object, regardless of
the permission on the children.
fpcDomainArrayObjRight_List_Object
The right to list a particular object. If the user is not
granted such a right, the object is hidden from the user.
fpcDomainArrayObjRight_Control_Access
The right to perform an operation controlled by an extended
access right. The ObjectType member of an ACE can contain a
GUID that identifies the extended right. If ObjectType does
not contain a GUID, the ACE controls the right to perform all
extended right operations associated with the object.