Prev Next

SetEntriesInAccessList info  Overview  Group

[This is a preview of an interface that may appear in future releases of Windows.]

The SetEntriesInAccessList function creates a new access-control list by merging specified access-control information into an existing access-control list. You can specify access-control information for an object or for a specified property on an object.

DWORD SetEntriesInAccessList(

    ULONG cEntries,

// Number of entries in the entry list

    PACTRL_ACCESS_ENTRY pAccessEntryList,

// array of access-control entry information

    ACCESS_MODE AccessMode,

// merge, replace, or revoke trustee access

    LPCTSTR lpProperty,

// GUID string of a property

    PACTRL_ACCESS pOldList,

// pointer to the old access-control list

    PACTRL_ACCESS *ppNewList

// receives a pointer to the new list

   );

Parameters

cEntries
Specifies the number of entries in the pAccessEntryList array.
pAccessEntryList
Pointer to an array of ACTRL_ACCESS_ENTRY structures. Each entry in the array specifies access-control information for a trustee.
AccessMode
A flag that indicates how to combine the new entries in the pAccessEntryList array with the existing entries in the pOldList access-control list. This parameter can be one of the following values from the ACCESS_MODE enumeration.

Value

Meaning

GRANT_ACCESS

Adds the new entries to the front of the access-control list. Existing entries are not removed from the list.

REVOKE_ACCESS

Remove from the existing list all explicit entries for trustees specified in the pAccessEntryList array.

SET_ACCESS

Adds the new entries to the front of the access-control list. Existing entries for the same trustees are removed from the list.

lpProperty
Pointer to a null-terminated string that specifies the GUID of a property on the object. You can use the UuidToString function to generate a string representation of a property GUID. The function creates the ppNewList access-control list with an ACTRL_PROPERTY_ENTRY structure containing the specified access-control information. The lpProperty member of this structure is set to the value specified by the lpProperty parameter. If this parameter is NULL, the access-control information applies to the object; otherwise, it applies to the specified property.
pOldList
Pointer to an existing ACTRL_ACCESS structure containing the access-control list to be modified.
ppNewList
Pointer to a variable that receives a pointer to an ACTRL_ACCESS structure containing the new access-control list. Call the LocalFree function to free the returned buffer.

Return Values

If the function succeeds, the return value is ERROR_SUCCESS.

If the function fails, the return value can be one of the following error codes.

Value

Meaning

ERROR_NOT_ENOUGH_MEMORY

A memory allocation failed

ERROR_INVALID_PARAMETER

An invalid parameter was specified.

Remarks

Currently, the import library for the SetEntriesInAccessList function is ACCSRC.LIB. This is temporary. Eventually, the import library will be ADVAPI32.LIB. Meanwhile, any source code that links with the ACCSRC.LIB library must call the AccProvInit macro as follows:

    DWORD dwErrcode;



    AccProvInit(dwErrcode);

    if(dwErrcode != ERROR_SUCCESS)

    {

         // Consider this an error...

    }

 

See Also

SetEntriesInAuditList