AccessRule`1 Represents a combination of a user's identity, an access mask, and an access control type (allow or deny). An AccessRule`1 object also contains information about the how the rule is inherited by child objects and how that inheritance is propagated.

 AceEnumerator Provides the ability to iterate through the access control entries (ACEs) in an access control list (ACL).

 AuditRule`1 Represents a combination of a user's identity and an access mask.

 AuthorizationRuleCollection Represents a collection of objects.

 CommonAce Represents an access control entry (ACE).

 CommonSecurityDescriptor Represents a security descriptor. A security descriptor includes an owner, a primary group, a Discretionary Access Control List (DACL), and a System Access Control List (SACL).

 CompoundAce Represents a compound Access Control Entry (ACE).

 CustomAce Represents an Access Control Entry (ACE) that is not defined by one of the members of the enumeration.

 DiscretionaryAcl Represents a Discretionary Access Control List (DACL).

 ObjectAce Controls access to Directory Services objects. This class represents an Access Control Entry (ACE) associated with a directory object.

 PrivilegeNotHeldException The exception that is thrown when a method in the namespace attempts to enable a privilege that it does not have.

 RawAcl Represents an Access Control List (ACL).

 RawSecurityDescriptor Represents a security descriptor. A security descriptor includes an owner, a primary group, a Discretionary Access Control List (DACL), and a System Access Control List (SACL).

 SystemAcl Represents a System Access Control List (SACL).

 AccessControlActions Specifies the actions that are permitted for securable objects.

 AccessControlModification Specifies the type of access control modification to perform. This enumeration is used by methods of the class and its descendents.

 AccessControlSections Specifies which sections of a security descriptor to save or load.

 AccessControlType Specifies whether an object is used to allow or deny access. These values are not flags, and they cannot be combined.

 AceFlags Specifies the inheritance and auditing behavior of an access control entry (ACE).

 AceQualifier Specifies the function of an access control entry (ACE).

 AceType Defines the available access control entry (ACE) types.

 AuditFlags Specifies the conditions for auditing attempts to access a securable object.

 CompoundAceType Specifies the type of a object.

 ControlFlags These flags affect the security descriptor behavior.

 InheritanceFlags Inheritance flags specify the semantics of inheritance for access control entries (ACEs).

 ObjectAceFlags Specifies the presence of object types for Access Control Entries (ACEs).

 PropagationFlags Specifies how Access Control Entries (ACEs) are propagated to child objects. These flags are significant only if inheritance flags are present.

 ResourceType Specifies the defined native object types.

 SecurityInfos Specifies the section of a security descriptor to be queried or set.

 AccessRule Represents a combination of a user's identity, an access mask, and an access control type (allow or deny). An object also contains information about the how the rule is inherited by child objects and how that inheritance is propagated.

 AuditRule Represents a combination of a user's identity and an access mask. An object also contains information about how the rule is inherited by child objects, how that inheritance is propagated, and for what conditions it is audited.

 AuthorizationRule Determines access to securable objects. The derived classes and offer specializations for access and audit functionality.

 CommonAcl Represents an access control list (ACL) and is the base class for the and classes.

 CommonObjectSecurity Controls access to objects without direct manipulation of access control lists (ACLs). This class is the abstract base class for the class.

 GenericAce Represents an Access Control Entry (ACE), and is the base class for all other ACE classes.

 GenericAcl Represents an access control list (ACL) and is the base class for the , , , and classes.

 GenericSecurityDescriptor Represents a security descriptor. A security descriptor includes an owner, a primary group, a Discretionary Access Control List (DACL), and a System Access Control List (SACL).

 KnownAce Encapsulates all Access Control Entry (ACE) types currently defined by Microsoft Corporation. All objects contain a 32-bit access mask and a object.

 NativeObjectSecurity Provides the ability to control access to native objects without direct manipulation of Access Control Lists (ACLs). Native object types are defined by the enumeration.

 ObjectAccessRule Represents a combination of a user's identity, an access mask, and an access control type (allow or deny). An object also contains information about the type of object to which the rule applies, the type of child object that can inherit the rule, how the rule is inherited by child objects, and how that inheritance is propagated.

 ObjectAuditRule Represents a combination of a user's identity, an access mask, and audit conditions. An object also contains information about the type of object to which the rule applies, the type of child object that can inherit the rule, how the rule is inherited by child objects, and how that inheritance is propagated.

 ObjectSecurity Provides the ability to control access to objects without direct manipulation of Access Control Lists (ACLs). This class is the abstract base class for the and classes.

 ObjectSecurity`1 Provides the ability to control access to objects without direct manipulation of Access Control Lists (ACLs); also grants the ability to type-cast access rights.

 QualifiedAce Represents an Access Control Entry (ACE) that contains a qualifier. The qualifier, represented by an object, specifies whether the ACE allows access, denies access, causes system audits, or causes system alarms. The class is the abstract base class for the and classes.