AddConditionalAce function (winbase.h)
The AddConditionalAce function adds a conditional access control entry (ACE) to the specified access control list (ACL). A conditional ACE specifies a logical condition that is evaluated during access checks.
Syntax
BOOL AddConditionalAce(
[in, out] PACL pAcl,
[in] DWORD dwAceRevision,
[in] DWORD AceFlags,
[in] UCHAR AceType,
[in] DWORD AccessMask,
[in] PSID pSid,
[in] PWCHAR ConditionStr,
[out] DWORD *ReturnLength
);
Parameters
[in, out] pAcl
A pointer to an ACL. This function adds an ACE to this ACL.
The value of this parameter cannot be NULL.
[in] dwAceRevision
Specifies the revision level of the ACL being modified. This value can be ACL_REVISION or ACL_REVISION_DS. Use ACL_REVISION_DS if the ACL contains object-specific ACEs.
[in] AceFlags
A set of bit flags that control ACE inheritance. The function sets these flags in the AceFlags member of the ACE_HEADER structure of the new ACE. This parameter can be a combination of the following values.
[in] AceType
The type of the ACE.
This can be one of the following values.
Value | Meaning |
---|---|
|
Access-allowed callback ACE that uses the ACCESS_ALLOWED_CALLBACK_ACE structure. |
|
Access-denied callback ACE that uses the ACCESS_DENIED_CALLBACK_ACE structure. |
|
System audit callback ACE that uses the SYSTEM_AUDIT_CALLBACK_ACE structure. |
[in] AccessMask
Specifies the mask of access rights to be granted to the specified SID.
[in] pSid
A pointer to the SID that represents a user, group, or logon account being granted access.
[in] ConditionStr
A string that specifies the conditional statement to be evaluated for the ACE.
[out] ReturnLength
The size, in bytes, of the ACL. If the buffer specified by the pACL parameter is not of sufficient size, the value of this parameter is the required size.
Return value
If the function succeeds, it returns TRUE.
If the function fails, it returns FALSE. For extended error information, call GetLastError. The following are possible error values.
Return code | Description |
---|---|
|
The new ACE does not fit into the pAcl buffer. |
Requirements
Requirement | Value |
---|---|
Minimum supported client | Windows 7 [desktop apps only] |
Minimum supported server | Windows Server 2008 R2 [desktop apps only] |
Target Platform | Windows |
Header | winbase.h (include Windows.h) |
Library | Advapi32.lib |
DLL | Advapi32.dll |