Platform SDK: Active Directory, ADSI, and Directory Services

IADsAccessControlList Property Methods

The property methods of the IADsAccessControlList interface get or set the properties described in the following table. For more information, see Interface Property Methods.

Properties in Vtable Order

Property Description
AclRevision

[Visual Basic]
Access: Read/Write
Data Type: LONG

[C++]
HRESULT get_AclRevision
([out] LONG *lnAclRevision);


HRESULT put_AclRevision
([in] LONG lnAclRevision);

The revision level of an access-control list. This value should be ACL_REVISION. All ACEs in an ACL must be at the same revision level.
AceCount

[Visual Basic]
Access: Read/Write
Data Type: LONG

[C++]
HRESULT get AceCount
([out] LONG *lnAceCount);


HRESULT put AceCount
([in] LONG lnAceCount);

The number of access control entries in the access-control list.

Example Code [Visual Basic]

The following Visual Basic® code snippet displays the number of ACEs in an ACL.

Set x = GetObject("LDAP://OU=Sales,DC=Fabrikam,DC=com")
Set sd = x.Get("ntSecurityDescriptor")
Set Dacl = sd.DiscretionaryAcl
Debug.Print Dacl.AceCount

Example Code [C++]

The following C++ code snippet displays the number of ACEs in an ACL.

IADs *pObj;
LPWSTR guestPath = L""LDAP://OU=Sales,DC=Fabrikam,DC=com";
LPWSTR user = L"Power User";
LPWSTR passwd = L"Top Secret";

HRESULT hr;

hr = ADsOpenObject(guestPath,user,passwd,1,IID_IADs,(void**)&pObj);
if(FAILED(hr)) {
    printf("hr = %x\n",hr);
    return hr;
}
else {
    BSTR bstr;
    pObj->get_Class(&bstr);
    printf("Object class: %S\n",bstr);
    SysFreeString(bstr);
}

VARIANT var;
VariantInit(&var);
hr = pObj->Get(L"ntSecurityDescriptor",&var);
pObj->Release();

if(FAILED(hr)) {
    printf("Get ntSD: hr = %x\n",hr);
    return hr;
}

IADsSecurityDescriptor *psd;
hr = V_DISPATCH(&var)->QueryInterface(IID_IADsSecurityDescriptor,
                                      (void**)&psd);

if(FAILED(hr)) {
    printf("DISP: hr = %x\n",hr);
    return hr;
}

IDispatch *pDisp;
hr = psd->get_DiscretionaryAcl(&pDisp);
VariantClear(&var);

if(FAILED(hr)) {
    printf("get_DACL : hr = %x\n",hr);
    return hr;
}

IADsAccessControlList *pAcl;
hr = pDisp->QueryInterface(IID_IADsAccessControlList,(void**)&pAcl);
pDisp->Release();

if(FAILED(hr)) {
    printf("QI ACL: hr = %x\n",hr);
    return hr;
}

long count;
hr = pAcl->get_AceCount(&count);
if(FAILED(hr)) {
    printf("Count: hr = %x\n",hr);
    return hr;
}

printf("AceCount = %d\n",count);

pAcl->Release();
return hr;

See Also

IEnumVARIANT, IADsAccessControlEntry, IADsSecurityDescriptor