Directory Services

IADsAccessControlList::CopyAccessList

The IADsAccessControlList::CopyAccessList method copies every access control entry (ACE) in the access-control list (ACL) to the caller's process space.

HRESULT CopyAccessList( 
  IDispatch** ppAccessControlList
);

Parameters

ppAccessControlList
[out] Address of an IDispatch interface pointer to an ACL as the copy of the original access list. If this parameter is NULL on return, no copies of the ACL could be made.

Return Values

This method returns the standard return values.

For more information about other return values, see ADSI Error Codes.

Return Code Description
S_OK All ACE elements copied successfully.
E_INVALIDARG The argument supplied is invalid.
OUTOFMEMORY No memory could be allocated for the new ACL.
E_FAIL The operation failed.

Remarks

The caller must call Release on the copy of ACEs through their IDispatch pointers.

Example Code [Visual Basic]

The following code example shows how to copy an ACL from one ADSI object to another.

Dim x As IADs
Dim sd As IADsSecurityDescriptor
Dim Dacl As IADsAccessControlList
Dim CopyDacl As IADsAccessControlList
 
' Get the ACL from one object.
Set x = GetObject("LDAP://OU=Sales, DC=activeD,DC=mydomain,DC=fabrikam,DC=com")
Set sd = x.Get("ntSecurityDescriptor")
Set Dacl = sd.DiscretionaryAcl
Set CopyDacl = Dacl.CopyAccessList()
 
' Copy the ACL to another object in the Directory.
Set x = GetObject("LDAP://OU=Sales, DC=Fabrikam,DC=com")
Set sd = x.Get("ntSecurityDescriptor")
sd.DiscretionaryAcl = CopyDacl
x.Put "ntSecurityDescriptor", Array(sd)
x.SetInfo

Cleanup:
	If (Err.Number<>0) Then
		MsgBox("An error has occurred. " & Err.Number)
	End If
	Set x = Nothing
	Set sd = Nothing
	Set Dacl = Nothing
	Set CopyDacl = Nothing

Example Code [C++]

The following code example copies the ACL from the source object to the target object.

HRESULT CopyACL(IADs *pSource, IADs *pTarget)
{
	IADsSecurityDescriptor *pSourceSD = NULL;
	IADsSecurityDescriptor *pTargetSD = NULL; 
	IDispatch *pDisp = NULL;

	HRESULT hr = S_OK;
	VARIANT varSource, varTarget;

	VariantInit(&varSource);
	VariantInit(&varTarget);

	if((pSource==NULL) || (pTarget==NULL))
	{
		return E_FAIL;
}

	hr = pSource->Get(CComBSTR("ntSecurityDescriptor"), &varSource);
	if(FAILED(hr))
	{
		goto Cleanup;
}

	hr = pTarget->Get(CComBSTR("ntSecurityDescriptor"), &varTarget);
	if(FAILED(hr))
	{
		goto Cleanup;
}

	hr = V_DISPATCH(&varSource)->QueryInterface(IID_IADsSecurityDescriptor,
					(void**)&pSourceSD);
	if(FAILED(hr))
	{
		goto Cleanup;
}

	hr = V_DISPATCH(&varTarget)->QueryInterface(IID_IADsSecurityDescriptor,
					(void**)&pTargetSD);
	if(FAILED(hr))
	{
		goto Cleanup;
}

	hr = pSourceSD->get_DiscretionaryAcl(&pDisp);
	if(FAILED(hr))
	{
		goto Cleanup;
}

	hr = pTargetSD->put_DiscretionaryAcl(pDisp);
	if(FAILED(hr))
	{
		goto Cleanup;
}

	hr = pTarget->SetInfo();
	
Cleanup:
	VariantClear(&varSource);
	VariantClear(&varTarget);
	if(pSourceSD) 
	{
		pSourceSD->Release();
}
	if(pTargetSD) 
	{
		pTargetSD->Release();
}
	if(pDisp) 
	{
		pDisp->Release();
}
	return hr;
}

Requirements

Client: Included in Windows XP and Windows 2000 Professional.
Server: Included in Windows Server 2003 and Windows 2000 Server.
Redistributable: Requires Active Directory Client Extension on Windows NT 4.0 SP6a and Windows 95/98/Me.
Header: Declared in Iads.h.

See Also

IADsAccessControlEntry, IADsSecurityDescriptor