Apply an inheritable ACE, at any point in the directory
hierarchy, such that an ACE is inherited by objects down the tree.
An object can inherit an ACE from its parent container. For more
information, see Inheritance and
Delegation of Administration.
Specify an ACE in the default DACL in the schema, if you have
the necessary access rights. Every object class definition in the
schema includes a default security descriptor that can have a
default DACL. For more information, see Default Security
In addition the DACL of an existing object can be modified. You