Active Directory Object Security

Every object in the Active Directory tree has a security configuration specifying who has access to that object and what type of access that person has. This information is provided using three security class interfaces:

  • IADsSecurityDescriptor

  • IADsAccessControlList

  • IADsAccessControlEntry

The three of these objects work together to describe the security configuration of an object. The first object, IADsSecurityDescriptor, describes various general information about the object, such as who the user and group are that own the object. The second object, IADsAccessControlList, is basically a collection of the third object, IADsAccessControlEntry, which describes the types of access that a particular group has ...

Get Developing Secure Applications with Visual Basic now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.