Class AccessControlParameters
Parameters of access control logic that is pwerformed every time PDS decides whether or not to allow password read or reset.
Inheritance
Namespace: AdmPwd.Types
Assembly: AdmPwd.PDSWrapper.dll
Syntax
public class AccessControlParameters : ObjectConstructors
AccessControlParameters(bool, bool, bool, SecurityIdentifier[])
Default constructor
Declaration
public AccessControlParameters(bool honorAllExtended, bool honorFullControl, bool honorRemoteLocalGroups, SecurityIdentifier[] mandatoryGroups)Parameters
| Type | Name | Description |
|---|---|---|
| bool | honorAllExtended | Whether or not 'All Extended Rights' shall allow password read or reset |
| bool | honorFullControl | Whether or not 'Full Control' shall allow password read or reset |
| bool | honorRemoteLocalGroups | Whether to consider membership in local groups from computer domain during access check |
| System.Security.Principal.SecurityIdentifier[] | mandatoryGroups | SIDs of mandatory groups that caller must be member of |
Fields
MandatoryGroups
SIDs of mandatory groups that caller must be member of so as password reads/resets are allowed
Declaration
public readonly SecurityIdentifier[] MandatoryGroupsField Value
| Type | Description |
|---|---|
| System.Security.Principal.SecurityIdentifier[] |
Properties
HonorAllExtendedRights
Whether or not 'All Extended Rights' shall allow password read or reset
Declaration
public bool HonorAllExtendedRights { get; }Property Value
| Type | Description |
|---|---|
| bool |
HonorFullControl
Whether or not 'Full Control' shall allow password read or reset
Declaration
public bool HonorFullControl { get; }Property Value
| Type | Description |
|---|---|
| bool |
HonorLocalGroupsFromRemoteComputerDomain
Whether to include local group membership from user's domain (when it's different from PDS domain) to consideration when prforming access check.
Declaration
public bool HonorLocalGroupsFromRemoteComputerDomain { get; }Property Value
| Type | Description |
|---|---|
| bool |