Security.Principal.GroupSecurityIdentifierAttributes


Attributes that can be associated with a group's SecurityIdentifier.

These values map to the group attributes documented on http://msdn.microsoft.com/en-us/library/aa379624.aspx


None No attributes are set on the group SID.
Mandatory The group cannot have its Enabled bit removed. This maps to the SEGROUPMANDATORY attribute.
EnabledByDefault The group is enabled by default. This maps to the SEGROUPENABLEDBYDEFAULT attribute.
Enabled The group is enabled for use in access checks. This maps to the SEGROUPENABLED attribute.
Owner The token that the group is pulled from is the owner of the group. This maps to the SEGROUPOWNER attribute.
DenyOnly The group can only be used to match deny ACEs, and will not match allow ACEs. This maps to the SEGROUPUSEFORDENY_ONLY attribute.
Integrity The group is used to set the integrity level of the token. This maps to the SEGROUPINTEGRITY attribute.
IntegrityEnabled The group is used to set the integrity level of the token. This maps to the SEGROUPINTEGRITY_ENABLED attribute.
Resource The group is domain-local. This maps to the SEGROUPRESOURCE attribute.
LogOnIdentifier The group identifies the logon session of the token. This maps to the SEGROUPLOGON_ID attribute.

Last edited Jun 3, 2009 at 8:30 PM by shawnfa, version 2

Comments

No comments yet.