Directory Services

Checking a Control Access Right in an Object's ACL

To check a control access right on an object's ACL, use the AccessCheckByTypeResultList function. To use this function, an application requires a pointer to the SECURITY_DESCRIPTOR for the object instead of an IADsSecurityDescriptor interface to an ADSI security descriptor COM object.

If using ADSI, use the following steps to check access for an controlled access right on an object: