2.5.3.1.4 GetCentralizedAccessPolicy
A support function, GetCentralizedAccessPolicy, determines if there is a central access policy and, if so, returns it based on the policy SID in the SACL. If no policy matches the policy SID, the function returns an implementation-specific local recovery policy.<94>
-
CentralizedAccessPolicy GetCentralizedAccessPolicy( ACL Sacl) -- -- On entry -- Sacl is the Sacl from the security descriptor used for Access Check. -- -- Returns -- NULL - there is no policy -- The policy from the configuration if one exists and matches the scoped SID -- The default (recovery) policy if none match the scoped SID -- Dim SID CentralizedAccessPolicySid Dim CentralAccessPolicy CentralizedAccessPolicy IF No central access policy is present in the configuration THEN return NULL END IF IF SACL is not NULL THEN CALL GetScopedPolicySid(SACL) returning CentralizedAccessPolicySid IF CentralizedAccessPolicySid is not NULL THEN Get CentralizedAccessPolicy using CentralizedAccessPolicySid IF CentralizedAccessPolicy is NULL THEN Set CentralizedAccessPolicy to RecoveryCentralizedAccessPolicy END IF END IF END IF return CentralizedAccessPolicy END-SUBROUTINE