An ACE is an access-control entry (ACE) in an access-control list (ACL).
Following are the currently defined ACE types:
| ACE type | Structure | ACL Type |
| Access allowed | ACCESS_ALLOWED_ACE | Discretionary |
| Access denied | ACCESS_DENIED_ACE | Discretionary |
| System alarm | SYSTEM_ALARM_ACE | System |
| System audit | SYSTEM_AUDIT_ACE | System |
System-alarm ACEs are not supported in the current version of Windows NT.
Remarks
An ACL contains a list of ACEs. An ACE defines access to an object for a specific user or group or defines the types of access that generate system-administration messages or alarms for a specific user or group. The user or group is identified by a security identifier (SID).
Each ACE starts with an ACE_HEADER structure. The format of the data following the header varies according to the ACE type specified in the header.
See Also
AddAce, ACCESS_ALLOWED_ACE, ACCESS_DENIED_ACE, ACL, SYSTEM_ALARM_ACE, SYSTEM_AUDIT_ACE