<xsd:element name="regkeyauditedpermissions_item" substitutionGroup="system_characteristics:item">
<xsd:annotation>
<xsd:documentation>This item stores the audited access rights of a registry key that a system access control list (SACL) structure grants to a specified trustee. The trustee's audited access rights are determined checking all access control entries (ACEs) in the SACL. For help with this test see the GetAuditedPermissionsFromAcl() api.</xsd:documentation>
<xsd:appinfo>
<item_name>Regkey Audited Permissions Item</item_name>
<extends>itemType</extends>
<valid_sections>message, object, data</valid_sections>
<example>
</example>
</xsd:appinfo>
</xsd:annotation>
<xsd:complexType>
<xsd:complexContent>
<xsd:extension base="system_characteristics:itemType">
<xsd:sequence>
<xsd:element name="object" minOccurs="1" maxOccurs="1">
<xsd:complexType>
<xsd:complexContent>
<xsd:extension base="system_characteristics:objectType">
<xsd:sequence>
<xsd:element name="hive" type="windows:objectHiveType" minOccurs="1" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>This element specifies the hive of a registry key on the machine from which the SACL was retrieved.</xsd:documentation>
<xsd:appinfo>
<parent_item>Regkey Audited Permissions Item</parent_item>
<cardinality>1</cardinality>
<content>string</content>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="key" type="system_characteristics:objectStringType" minOccurs="1" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>This element specifies a registry key on the machine from which the SACL was retrieved. Note that the hive portion of the string should not be inclueded, as this data should be found under the hive element.</xsd:documentation>
<xsd:appinfo>
<parent_item>Regkey Audited Permissions Item</parent_item>
<cardinality>1</cardinality>
<content>string</content>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="trustee_name" type="system_characteristics:objectStringType" minOccurs="1" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>This element specifies the trustee name associated with this particular SACL. A trustee can be a user, group, or program (such as a Windows service)</xsd:documentation>
<xsd:appinfo>
<parent_item>Regkey Audited Permissions Item</parent_item>
<cardinality>1</cardinality>
<content>string</content>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
</xsd:sequence>
</xsd:extension>
</xsd:complexContent>
</xsd:complexType>
</xsd:element>
<xsd:element name="data" minOccurs="0" maxOccurs="1">
<xsd:complexType>
<xsd:complexContent>
<xsd:extension base="system_characteristics:dataType">
<xsd:sequence>
<xsd:element name="trustee_domain" type="system_characteristics:dataStringType" minOccurs="1" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>The domain of the specified trustee name.</xsd:documentation>
<xsd:appinfo>
<parent_item>Regkey Audited Permissions Item</parent_item>
<cardinality>1</cardinality>
<content>string</content>
<valid_datatypes>string</valid_datatypes>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="trustee_sid" type="system_characteristics:dataStringType" minOccurs="1" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>The security identifier (SID) of the specified trustee name.</xsd:documentation>
<xsd:appinfo>
<parent_item>Regkey Audited Permissions Item</parent_item>
<cardinality>1</cardinality>
<content>string</content>
<valid_datatypes>string</valid_datatypes>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="standard_delete" type="windows:dataAuditType" minOccurs="1" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>
</xsd:documentation>
<xsd:appinfo>
<parent_item>Regkey Audited Permissions Item</parent_item>
<cardinality>1</cardinality>
<content>string</content>
<valid_datatypes>string</valid_datatypes>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="standard_read_control" type="windows:dataAuditType" minOccurs="1" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>
</xsd:documentation>
<xsd:appinfo>
<parent_item>Regkey Audited Permissions Item</parent_item>
<cardinality>1</cardinality>
<content>string</content>
<valid_datatypes>string</valid_datatypes>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="standard_write_dac" type="windows:dataAuditType" minOccurs="1" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>
</xsd:documentation>
<xsd:appinfo>
<parent_item>Regkey Audited Permissions Item</parent_item>
<cardinality>1</cardinality>
<content>string</content>
<valid_datatypes>string</valid_datatypes>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="standard_write_owner" type="windows:dataAuditType" minOccurs="1" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>
</xsd:documentation>
<xsd:appinfo>
<parent_item>Regkey Audited Permissions Item</parent_item>
<cardinality>1</cardinality>
<content>string</content>
<valid_datatypes>string</valid_datatypes>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="standard_synchronize" type="windows:dataAuditType" minOccurs="1" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>
</xsd:documentation>
<xsd:appinfo>
<parent_item>Regkey Audited Permissions Item</parent_item>
<cardinality>1</cardinality>
<content>string</content>
<valid_datatypes>string</valid_datatypes>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="access_system_security" type="windows:dataAuditType" minOccurs="1" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>
</xsd:documentation>
<xsd:appinfo>
<parent_item>Regkey Audited Permissions Item</parent_item>
<cardinality>1</cardinality>
<content>string</content>
<valid_datatypes>string</valid_datatypes>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="generic_read" type="windows:dataAuditType" minOccurs="1" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>
</xsd:documentation>
<xsd:appinfo>
<parent_item>Regkey Audited Permissions Item</parent_item>
<cardinality>1</cardinality>
<content>string</content>
<valid_datatypes>string</valid_datatypes>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="generic_write" type="windows:dataAuditType" minOccurs="1" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>
</xsd:documentation>
<xsd:appinfo>
<parent_item>Regkey Audited Permissions Item</parent_item>
<cardinality>1</cardinality>
<content>string</content>
<valid_datatypes>string</valid_datatypes>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="generic_execute" type="windows:dataAuditType" minOccurs="1" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>
</xsd:documentation>
<xsd:appinfo>
<parent_item>Regkey Audited Permissions Item</parent_item>
<cardinality>1</cardinality>
<content>string</content>
<valid_datatypes>string</valid_datatypes>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="generic_all" type="windows:dataAuditType" minOccurs="1" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>
</xsd:documentation>
<xsd:appinfo>
<parent_item>Regkey Audited Permissions Item</parent_item>
<cardinality>1</cardinality>
<content>string</content>
<valid_datatypes>string</valid_datatypes>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="key_query_value" type="windows:dataAuditType" minOccurs="1" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>
</xsd:documentation>
<xsd:appinfo>
<parent_item>Regkey Audited Permissions Item</parent_item>
<cardinality>1</cardinality>
<content>string</content>
<valid_datatypes>string</valid_datatypes>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="key_set_value" type="windows:dataAuditType" minOccurs="1" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>
</xsd:documentation>
<xsd:appinfo>
<parent_item>Regkey Audited Permissions Item</parent_item>
<cardinality>1</cardinality>
<content>string</content>
<valid_datatypes>string</valid_datatypes>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="key_create_sub_key" type="windows:dataAuditType" minOccurs="1" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>
</xsd:documentation>
<xsd:appinfo>
<parent_item>Regkey Audited Permissions Item</parent_item>
<cardinality>1</cardinality>
<content>string</content>
<valid_datatypes>string</valid_datatypes>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="key_enumerate_sub_keys" type="windows:dataAuditType" minOccurs="1" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>
</xsd:documentation>
<xsd:appinfo>
<parent_item>Regkey Audited Permissions Item</parent_item>
<cardinality>1</cardinality>
<content>string</content>
<valid_datatypes>string</valid_datatypes>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="key_notify" type="windows:dataAuditType" minOccurs="1" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>
</xsd:documentation>
<xsd:appinfo>
<parent_item>Regkey Audited Permissions Item</parent_item>
<cardinality>1</cardinality>
<content>string</content>
<valid_datatypes>string</valid_datatypes>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="key_create_link" type="windows:dataAuditType" minOccurs="1" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>
</xsd:documentation>
<xsd:appinfo>
<parent_item>Regkey Audited Permissions Item</parent_item>
<cardinality>1</cardinality>
<content>string</content>
<valid_datatypes>string</valid_datatypes>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="key_wow64_64key" type="windows:dataAuditType" minOccurs="1" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>
</xsd:documentation>
<xsd:appinfo>
<parent_item>Regkey Audited Permissions Item</parent_item>
<cardinality>1</cardinality>
<content>string</content>
<valid_datatypes>string</valid_datatypes>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="key_wow64_32key" type="windows:dataAuditType" minOccurs="1" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>
</xsd:documentation>
<xsd:appinfo>
<parent_item>Regkey Audited Permissions Item</parent_item>
<cardinality>1</cardinality>
<content>string</content>
<valid_datatypes>string</valid_datatypes>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="key_wow64_res" type="windows:dataAuditType" minOccurs="1" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>
</xsd:documentation>
<xsd:appinfo>
<parent_item>Regkey Audited Permissions Item</parent_item>
<cardinality>1</cardinality>
<content>string</content>
<valid_datatypes>string</valid_datatypes>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
</xsd:sequence>
</xsd:extension>
</xsd:complexContent>
</xsd:complexType>
</xsd:element>
</xsd:sequence>
</xsd:extension>
</xsd:complexContent>
</xsd:complexType>
</xsd:element>
|
XSD Schema Diagram:
