Compartilhar via


AddSecurityEntity Method

Topic Last Modified: 2006-06-13

This method adds a new entity object with specified masks to a DACL object s entity collection.

Applies To

DACL Object

Syntax


objResult  objDACL.AddSecurityEntity(strSIDType, strSID, strNT4Name, strDisplayName, masks, [bInherited]);

Parameters

  • strSIDType
    A string value of one of the security identifier types as listed in the following table.

    Security Identifier Type (SID)

    user

    group

    domain

    alias

    well_known_group

    deleted_account

    invalid

    unknown

    computer

  • strSID
    A string value of the name of the security identifier such as "S-1-1-0".
  • strNT4Name
    A string value of the domain and username of a security principal.
  • strDisplayName
    The display name for the specified trustee such as an "Administrator." This display name is derived from the Windows 2000 Active Directory object for this trustee.
  • masks
    An array of hexadecimal numbers; for example, [0x1fc9ff, 0x2, 0x12089, 0x0, 0x4, 0x0]. This number is the 32-bit access mask for the access control entry (ACE).
  • bInherited
    Optional. A Boolean value to specify that the entity is inherited.

Return Value

An object that returns error codes and descriptions.

Remarks

This method creates a new entity with masks set to 0 and removes any duplicates.

You can use an empty string, "", for the strSID and strSIDType parameters however, a specified SID type results in improved performance in other DACL related function calls. Specifying the SID as an empty string causes the server to search for the SID.

Example

var objResult = objDacl.AddSecurityEntity("","","MYDOMAIN\\JaneC", "Jane Clayton", [0x1fc9ff, 0x2, 0x12089, 0x0, 0x4, 0x0]);
if( 1 == objResult.number) {
    
// 0 means user was added, no errors
// 1 means no error, but the user was not added  - might be a duplicate
}