[This is preliminary documentation and subject to change]

AdminACL

The AdminACL property contains a Microsoft Windows discretionary access control list (DACL) that can be used to control access to any metabase subtree. This property can be used to grant read access, restricted write access, or unrestricted write access.

Bitmask Values

ConstantValueDescription
MD_ACR_READ0x00000001Enable read access to all properties.
MD_ACR_WRITE0x00000002Enable write access to all properties.
MD_ACR_ENUM_KEYS0x00000008Enable key enumeration.
MD_ACR_RESTRICTED_WRITE0x00000020See Remarks, following this table.
MD_ACR_UNSECURE_PROPS_READ0x00000080Enable read access to properties that do not have the METADATA_SECURE attribute set.
MD_ACR_WRITE_DAC0x00040000Enable write access to AdminACL for security descriptor creator.

Remarks

MD_ACR_RESTRICTED_WRITE enables write access to the following properties:

AdminACLAppIsolated
PathAccessFlags
AnonymousUserNameAnonymousUserPass
MaxBandwidthMaxBandwidthBlocked
SecureBindingsServerBindings
Attribute NameAttribute Value
Data TypeNTACL
AttributesINHERIT | SECURE | REFERENCE
Default Valuenull
MetaFlagsExCACHE_PROPERTY_MODIFIED
User TypeIIS_MD_UT_SERVER
StartingNumber
EndingNumber
ID6027

Access Locations

This property is accessible at the following locations:

Metabase PathIIS Admin Object Type
/LM/MSFTPSVC/InfoIIsFtpInfo
/LM/MSFTPSVC/1IIsFtpServer
/LM/MSFTPSVC/Info/Templates/Public FTP SiteIIsFtpServer
/LM/MSFTPSVCIIsFtpService
/LM/LoggingIIsLogModules
/LM/NNTPSVC/1IIsNntpServer
/LM/NNTPSVCIIsNntpService
/LM/W3SVC/InfoIIsWebInfo
/LM/W3SVC/1IIsWebServer
/LM/W3SVC/2IIsWebServer
/LM/W3SVC/Info/Templates/Public Web SiteIIsWebServer
/LM/W3SVC/Info/Templates/Secure Web SiteIIsWebServer
/LM/W3SVCIIsWebService

IIS Admin Base Object Information

The following table lists additional information required only for code that uses the IIS Admin Base Object.

Metabase identifier
MD_ADMIN_ACL
Data typeNTACL
User typeIIS_MD_UT_SERVER

© 1997-2001 Microsoft Corporation. All rights reserved.