The GetExplicitEntriesFromAcl function retrieves an array of EXPLICIT_ACCESS structures that describe the access-control entries (ACEs) in an access-control list (ACL).
DWORD GetExplicitEntriesFromAcl(
PACL pacl, // pointer to the ACL from which to get entries
PULONG pcCountOfExplicitEntries,
// receives number of entries in the list
PEXPLICIT_ACCESS *pListOfExplicitEntries
// receives pointer to list of entries
);
If the function succeeds, the return value is ERROR_SUCCESS.
If the function fails, the return value is a nonzero error code defined in WINERROR.H.
Each entry in the array of EXPLICIT_ACCESS structures describes access control information from an ACE for a trustee. A trustee can be a user, group, or program (such as a Win32 service).
Each EXPLICIT_ACCESS structure specifies a set of access rights and an access mode flag that indicates whether the ACE allows, denies, or audits the specified rights.
For a discretionary ACL (DACL), the access mode flag can be one of the following values from the ACCESS_MODE enumeration.
Value | Meaning |
---|---|
SET_ACCESS | Indicates that an access-allowed ACE for the trustee allows the specified access rights. |
DENY_ACCESS | Indicates that an access-denied ACE for the trustee denies the specified access rights. |
For a system ACL (SACL), the access mode flag can be a combination of the following values from the ACCESS_MODE enumeration.
Value | Meaning |
---|---|
SET_AUDIT_SUCCESS | Indicates that a system-audit ACE for the trustee generates audit messages for successful attempts to use the specified access rights. |
SET_AUDIT_FAILURE | Indicates that a system-audit ACE for the trustee generates audit messages for failed attempts to use the specified access rights. |
Windows NT: Requires version 4.0 or later.
Windows: Unsupported.
Windows CE: Unsupported.
Header: Declared in aclapi.h.
Import Library: Use advapi32.lib.
Unicode: Implemented as Unicode and ANSI versions on Windows NT.
Windows NT 4.0 Access Control Overview, Windows NT 4.0 Access-Control Functions, ACCESS_ALLOWED_ACE, ACCESS_DENIED_ACE, ACE, ACL, EXPLICIT_ACCESS, LocalFree, SYSTEM_AUDIT_ACE