Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
An ACE is an access control entry in an access-control list (ACL).
The following values are the currently defined ACE types.
| Value | Meaning |
|---|---|
| ACCESS_ALLOWED_ACE | Grants specified rights to a user or group. This ACE is stored in a discretionary ACL (DACL). |
| ACCESS_DENIED_ACE | Denies specified rights to a user or group. This ACE is stored in a DACL. |
| SYSTEM_AUDIT_ACE | Specifies what types of access cause system-level audits. This ACE is stored in a system ACL (SACL). |
A fourth ACE structure, SYSTEM_ALARM_ACE, isn't currently supported.
An ACL contains a list of zero or more ACEs. Each ACE controls or monitors access to an object by a specified trustee. Specifically, an ACE:
- Defines access to an object for a specific user or group, or
- Defines the types of access that generate system-administration messages or alarms for a specific user or group.
A security identifier (SID) identifies the user or group.
Each ACE starts with an ACE_HEADER structure. The format of the data following the header varies according to the ACE type specified in the header. This structure must be aligned on a 32-bit boundary.
Requirements: ntifs.h (include ntifs.h)