DSInternals/Src/DSInternals.SAM/Interop/Enums/SamDomainAccessMask.cs

using System;

namespace DSInternals.SAM.Interop
{
    /// <summary>
    /// Domain Access Mask
    /// <para>These are the specific values available to describe the access control on a domain object.</para>
    /// <see>http://msdn.microsoft.com/en-us/library/cc245522.aspx</see>
    /// </summary>
    [Flags]
    public enum SamDomainAccessMask : uint
    {
        /// <summary>
        /// Specifies access control to read password policy.
        /// </summary>
        ReadPasswordParameters = 0x00000001U,
        /// <summary>
        /// Specifies access control to write password policy.
        /// </summary>
        WritePasswordParameters = 0x00000002U,
        /// <summary>
        /// Specifies access control to read attributes not related to password policy.
        /// </summary>
        ReadOtherParameters = 0x00000004U,
        /// <summary>
        /// Specifies access control to write attributes not related to password policy.
        /// </summary>
        WriteOtherParameters = 0x00000008U,
        /// <summary>
        /// Specifies access control to create a user object.
        /// </summary>
        CreateUser = 0x00000010U,
        /// <summary>
        /// Specifies access control to create a group object.
        /// </summary>
        CreateGroup = 0x00000020U,
        /// <summary>
        /// Specifies access control to create an alias object.
        /// </summary>
        CreateAlias = 0x00000040U,
        /// <summary>
        /// Specifies access control to read the alias membership of a set of SIDs.
        /// </summary>
        GetAliasMembership = 0x00000080U,
        /// <summary>
        /// Specifies access control to enumerate objects.
        /// </summary>
        ListAccounts = 0x00000100U,
        /// <summary>
        /// Specifies access control to look up objects by name and SID.
        /// </summary>
        Lookup = 0x00000200U,
        /// <summary>
        /// Specifies access control to various administrative operations on the server.
        /// </summary>
        AdministerServer = 0x00000400U,
        /// <summary>
        /// The specified accesses for a GENERIC_ALL request.
        /// </summary>
        AllAccess = 0x000F07FFU,
        /// <summary>
        /// The specified accesses for a GENERIC_READ request.
        /// </summary>
        Read = 0x00020084U,
        /// <summary>
        /// The specified accesses for a GENERIC_WRITE request.
        /// </summary>
        Write = 0x0002047AU,
        /// <summary>
        /// The specified accesses for a GENERIC_EXECUTE request.
        /// </summary>
        Execute = 0x00020301U,
        /// <summary>
        /// Indicates that the caller is requesting the most access possible to the object.
        /// </summary>
        MaximumAllowed = 0x02000000U,
        /// <summary>
        /// Specifies access to the system security portion of the security descriptor.
        /// </summary>
        AccessSystemSecurity = 0x01000000U,
        /// <summary>
        /// Specifies the ability to update the Owner field of the security descriptor.
        /// </summary>
        WriteOwner = 0x00080000U,
        /// <summary>
        /// Specifies the ability to update the discretionary access control list (DACL) of the security descriptor.
        /// </summary>
        WriteDacl = 0x00040000U,
        /// <summary>
        /// Specifies the ability to read the security descriptor.
        /// </summary>
        ReadControl = 0x00020000U,
        /// <summary>
        /// Specifies the ability to delete the object.
        /// </summary>
        Delete = 0x00010000U
    }
}