The following security rule sets access rights to objects that belong to
example.com for the Windows user account named
<Entry AccounType="1" Account="domainuser1" SidStr="S-1-5-21-821798554-1223697094-3523996037-1043" Path="[HTTPD_VHOSTS_D]" SubPath="example.com" AceFlags="FilesOnly" AccessMask="Read" EntryFlags="0x140" Tag="DomainUser" Tag2="" />
Because the name
domainuser1 is not a standard system account name,
it has to be resolved in the system (hence,
SidStr attribute is defined to improve Plesk stability. The
HTTPD_VHOSTS_D component path in the
Path attribute specifies
the common part of the path to the domain root folder where the
example.com folder is located. The
SubPath attribute sets the
specific domain root folder to which the rule will be applied.
AceFlags="FilesOnly" specifies that, according to this rule, an ACE
with permission defined by
AccessMask="Read" will be created and
added only to the
example.com folder and all files contained within
EntryFlags="0x140" enables (i) creation of the domain
root folder (which is necessary during domain creation) and (ii) strict
enforcement of the access permissions defined by the
AccessMask="Read" permission mask.
the security rule as pertaining to a domain hosting account and is used
by Plesk to properly organize the processing of security metadata.