<xsd:element name="fileauditedpermissions_item" substitutionGroup="system_characteristics:item">
<xsd:annotation>
<xsd:documentation>This item stores the audited access rights of a file that a system access control list (SACL) structure grants to a specified trustee. The trustee's audited access rights are determined checking all access control entries (ACEs) in the SACL. For help with this test see the GetAuditedPermissionsFromAcl() api.</xsd:documentation>
<xsd:appinfo>
<item_name>File Audited Permissions Item</item_name>
<extends>itemType</extends>
<valid_sections>message, object, data</valid_sections>
<example>
</example>
</xsd:appinfo>
</xsd:annotation>
<xsd:complexType>
<xsd:complexContent>
<xsd:extension base="system_characteristics:itemType">
<xsd:sequence>
<xsd:element name="object" minOccurs="1" maxOccurs="1">
<xsd:complexType>
<xsd:complexContent>
<xsd:extension base="system_characteristics:objectType">
<xsd:sequence>
<xsd:element name="path" type="system_characteristics:objectStringType" minOccurs="1" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>This element specifies the absolute path to a file on the machine from which the DACL was retrieved.</xsd:documentation>
<xsd:appinfo>
<parent_item>File Audited Permissions Item</parent_item>
<cardinality>1</cardinality>
<content>none</content>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="trustee_name" type="system_characteristics:objectStringType" minOccurs="1" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>This element specifies the trustee name associated with this particular SACL. A trustee can be a user, group, or program (such as a Windows service)</xsd:documentation>
<xsd:appinfo>
<parent_item>File Audited Permissions Item</parent_item>
<cardinality>1</cardinality>
<content>string</content>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
</xsd:sequence>
</xsd:extension>
</xsd:complexContent>
</xsd:complexType>
</xsd:element>
<xsd:element name="data" minOccurs="0" maxOccurs="1">
<xsd:complexType>
<xsd:complexContent>
<xsd:extension base="system_characteristics:dataType">
<xsd:sequence>
<xsd:element name="trustee_domain" type="system_characteristics:dataStringType" minOccurs="1" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>The domain of the specified trustee name.</xsd:documentation>
<xsd:appinfo>
<parent_item>File Audited Permissions Item</parent_item>
<cardinality>1</cardinality>
<content>string</content>
<valid_datatypes>string</valid_datatypes>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="trustee_sid" type="system_characteristics:dataStringType" minOccurs="1" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>The security identifier (SID) of the specified trustee name.</xsd:documentation>
<xsd:appinfo>
<parent_item>File Audited Permissions Item</parent_item>
<cardinality>1</cardinality>
<content>string</content>
<valid_datatypes>string</valid_datatypes>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="standard_delete" type="windows:dataAuditType" minOccurs="1" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>
</xsd:documentation>
<xsd:appinfo>
<parent_item>File Audited Permissions Item</parent_item>
<cardinality>1</cardinality>
<content>string</content>
<valid_datatypes>string</valid_datatypes>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="standard_read_control" type="windows:dataAuditType" minOccurs="1" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>
</xsd:documentation>
<xsd:appinfo>
<parent_item>File Audited Permissions Item</parent_item>
<cardinality>1</cardinality>
<content>string</content>
<valid_datatypes>string</valid_datatypes>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="standard_write_dac" type="windows:dataAuditType" minOccurs="1" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>
</xsd:documentation>
<xsd:appinfo>
<parent_item>File Audited Permissions Item</parent_item>
<cardinality>1</cardinality>
<content>string</content>
<valid_datatypes>string</valid_datatypes>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="standard_write_owner" type="windows:dataAuditType" minOccurs="1" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>
</xsd:documentation>
<xsd:appinfo>
<parent_item>File Audited Permissions Item</parent_item>
<cardinality>1</cardinality>
<content>string</content>
<valid_datatypes>string</valid_datatypes>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="standard_synchronize" type="windows:dataAuditType" minOccurs="1" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>
</xsd:documentation>
<xsd:appinfo>
<parent_item>File Audited Permissions Item</parent_item>
<cardinality>1</cardinality>
<content>string</content>
<valid_datatypes>string</valid_datatypes>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="access_system_security" type="windows:dataAuditType" minOccurs="1" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>
</xsd:documentation>
<xsd:appinfo>
<parent_item>File Audited Permissions Item</parent_item>
<cardinality>1</cardinality>
<content>string</content>
<valid_datatypes>string</valid_datatypes>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="generic_read" type="windows:dataAuditType" minOccurs="1" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>
</xsd:documentation>
<xsd:appinfo>
<parent_item>File Audited Permissions Item</parent_item>
<cardinality>1</cardinality>
<content>string</content>
<valid_datatypes>string</valid_datatypes>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="generic_write" type="windows:dataAuditType" minOccurs="1" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>
</xsd:documentation>
<xsd:appinfo>
<parent_item>File Audited Permissions Item</parent_item>
<cardinality>1</cardinality>
<content>string</content>
<valid_datatypes>string</valid_datatypes>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="generic_execute" type="windows:dataAuditType" minOccurs="1" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>
</xsd:documentation>
<xsd:appinfo>
<parent_item>File Audited Permissions Item</parent_item>
<cardinality>1</cardinality>
<content>string</content>
<valid_datatypes>string</valid_datatypes>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="generic_all" type="windows:dataAuditType" minOccurs="1" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>
</xsd:documentation>
<xsd:appinfo>
<parent_item>File Audited Permissions Item</parent_item>
<cardinality>1</cardinality>
<content>string</content>
<valid_datatypes>string</valid_datatypes>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="file_read_data" type="windows:dataAuditType" minOccurs="1" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>
</xsd:documentation>
<xsd:appinfo>
<parent_item>File Audited Permissions Item</parent_item>
<cardinality>1</cardinality>
<content>string</content>
<valid_datatypes>string</valid_datatypes>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="file_write_data" type="windows:dataAuditType" minOccurs="1" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>
</xsd:documentation>
<xsd:appinfo>
<parent_item>File Audited Permissions Item</parent_item>
<cardinality>1</cardinality>
<content>string</content>
<valid_datatypes>string</valid_datatypes>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="file_append_data" type="windows:dataAuditType" minOccurs="1" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>
</xsd:documentation>
<xsd:appinfo>
<parent_item>File Audited Permissions Item</parent_item>
<cardinality>1</cardinality>
<content>string</content>
<valid_datatypes>string</valid_datatypes>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="file_read_ea" type="windows:dataAuditType" minOccurs="1" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>
</xsd:documentation>
<xsd:appinfo>
<parent_item>File Audited Permissions Item</parent_item>
<cardinality>1</cardinality>
<content>string</content>
<valid_datatypes>string</valid_datatypes>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="file_write_ea" type="windows:dataAuditType" minOccurs="1" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>
</xsd:documentation>
<xsd:appinfo>
<parent_item>File Audited Permissions Item</parent_item>
<cardinality>1</cardinality>
<content>string</content>
<valid_datatypes>string</valid_datatypes>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="file_execute" type="windows:dataAuditType" minOccurs="1" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>
</xsd:documentation>
<xsd:appinfo>
<parent_item>File Audited Permissions Item</parent_item>
<cardinality>1</cardinality>
<content>string</content>
<valid_datatypes>string</valid_datatypes>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="file_delete_child" type="windows:dataAuditType" minOccurs="1" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>
</xsd:documentation>
<xsd:appinfo>
<parent_item>File Audited Permissions Item</parent_item>
<cardinality>1</cardinality>
<content>string</content>
<valid_datatypes>string</valid_datatypes>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="file_read_attributes" type="windows:dataAuditType" minOccurs="1" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>
</xsd:documentation>
<xsd:appinfo>
<parent_item>File Audited Permissions Item</parent_item>
<cardinality>1</cardinality>
<content>string</content>
<valid_datatypes>string</valid_datatypes>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="file_write_attributes" type="windows:dataAuditType" minOccurs="1" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>
</xsd:documentation>
<xsd:appinfo>
<parent_item>File Audited Permissions Item</parent_item>
<cardinality>1</cardinality>
<content>string</content>
<valid_datatypes>string</valid_datatypes>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
</xsd:sequence>
</xsd:extension>
</xsd:complexContent>
</xsd:complexType>
</xsd:element>
</xsd:sequence>
</xsd:extension>
</xsd:complexContent>
</xsd:complexType>
</xsd:element>
|
XSD Schema Diagram:
