ObjectSecurity.SetAccessRuleProtection(Boolean, Boolean) Method
Definition
Important
Some information relates to prerelease product that may be substantially modified before it’s released. Microsoft makes no warranties, express or implied, with respect to the information provided here.
Sets or removes protection of the access rules associated with this ObjectSecurity object. Protected access rules cannot be modified by parent objects through inheritance.
public:
void SetAccessRuleProtection(bool isProtected, bool preserveInheritance);public void SetAccessRuleProtection (bool isProtected, bool preserveInheritance);member this.SetAccessRuleProtection : bool * bool -> unitPublic Sub SetAccessRuleProtection (isProtected As Boolean, preserveInheritance As Boolean)Parameters
- isProtected
- Boolean
true to protect the access rules associated with this ObjectSecurity object from inheritance; false to allow inheritance.
- preserveInheritance
- Boolean
true to preserve inherited access rules; false to remove inherited access rules. This parameter is ignored if isProtected is false.
Exceptions
This method attempts to remove inherited rules from a non-canonical Discretionary Access Control List (DACL).
Remarks
When you call the method with isProtected=true and preserveInheritance=true, you need to walk the new ACL of the object and check for DENY type ACEs.
For a canonically sorted DACL, the DENY ACEs must appear in the front of the DACL.
For more information on the canonical ordering of ACLs, see Order of ACEs in a DACL.
Applies to
Feedback
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.
Submit and view feedback for