salt.states.win_dacl¶
Windows Object Access Control Lists
- Ensure an ACL is present
- parameters:
name - the path of the object objectType - Registry/File/Directory user - user account or SID for the ace permission - permission for the ace (see module win_acl for available permissions for each objectType) acetype - Allow/Deny propagation - how the ACL should apply to child objects (see module win_acl for available propagation types)
addAcl: win_dacl.present: - name: HKEY_LOCAL_MACHINE\SOFTWARE\mykey - objectType: Registry - user: FakeUser - permission: FullControl - acetype: ALLOW - propagation: KEY&SUBKEYS
- Ensure an ACL does not exist
- parameters:
name - the path of the object objectType - Registry/File/Directory user - user account or SID for the ace permission - permission for the ace (see module win_acl for available permissions for each objectType) acetype - Allow/Deny propagation - how the ACL should apply to child objects (see module win_acl for available propagation types)
removeAcl: win_dacl.absent: - name: HKEY_LOCAL_MACHINE\SOFTWARE\mykey - objectType: Registry - user: FakeUser - permission: FulLControl - acetype: ALLOW - propagation: KEY&SUBKEYS
- Ensure an object is inheriting permissions
- parameters:
name - the path of the object objectType - Registry/File/Directory clear_existing_acl - True/False - when inheritance is enabled, should the existing ACL be kept or cleared out
eInherit: win_dacl.enableinheritance: - name: HKEY_LOCAL_MACHINE\SOFTWARE\mykey - objectType: Registry - clear_existing_acl: True
- Ensure an object is not inheriting permissions
- parameters:
name - the path of the object objectType - Registry/File/Directory copy_inherited_acl - True/False - if inheritance is enabled, should the inherited permissions be copied to the ACL when inheritance is disabled
dInherit: win_dacl.disableinheritance: - name: HKEY_LOCAL_MACHINE\SOFTWARE\mykey - objectType: Registry - copy_inherited_acl: False
- salt.states.win_dacl.absent(name, objectType, user, permission, acetype, propagation)¶
Ensure an ACL does not exist
- salt.states.win_dacl.disinherit(name, objectType, copy_inherited_acl=True)¶
Ensure an object is not inheriting ACLs from its parent
- salt.states.win_dacl.inherit(name, objectType, clear_existing_acl=False)¶
Ensure an object is inheriting ACLs from its parent
- salt.states.win_dacl.present(name, objectType, user, permission, acetype, propagation)¶
Ensure an ACE is present
Generated on October 23, 2024 at 09:06:04 UTC.
You are viewing docs built from a recent snapshot of the master branch. Switch to docs for the latest stable release, 3007.1.
