selang Reference Guideselang Commandsselang Commands in the Native Windows Environment › xaudit- Command—Remove System Access Control List

Previous Topic: xaudit Command—Modify System Access Control List

Next Topic: selang Commands in the Policy Model Environment

xaudit- Command—Remove System Access Control List

The xaudit‑ command removes entries from the SACL, and is valid for resource types FILE, PRINTER, REGKEY, DISK, COM, or SHARE.

This command has the following format:

xaudit‑ className, resourceName \
     [gid(groupName)] \
     [uid(userName)]
className

Specifies the name of the resource type to which the resource belongs.

gid(groupName)

Specifies the groups or groups whose access to the resource is being audited. When specifying more than one group, separate the names with spaces or commas.

resourceName

Specifies the name of the resource record whose system access control list (SACL) is being removed.

uid(userName)

Specifies the user whose access to the resource is being audited. When specifying more than one user, separate the user names with spaces or commas. To specify all users who are defined in the Windows NT database, specify an asterisk (*) for userName.

More information:

xaudit Command—Modify System Access Control List