GenericMapping defines a mapping from generic access rights to specific access rights. You can define how to map such generic rights to specific rights.

This mapping will be used to replace possible generic rights in a desired access mask (supplied to (Jw)IsAccessAllowed) and security descriptor (more specific: the AccessMask property of all ACEs) before it is applied to AccessCheck. If you do not intend to use generic access rights in a desired access mask and security descriptor you can set this value to nil. However, AccessCheck will fail if such a generic access right is found because the generic access bits are not touched. 

By default this value uses TJwNullMapping which maps all generic rights to 0. I.e. it prevents access to a resource if the desired access mask only contains generic access rights (So only specific access rights take effect). On the other hand, generic access rights have no effect in the DACL. They do not grant any access since they are 0. 

COM does not use generic access rights and thus does not define such a generic mapping. In fact it currently only supports COM_RIGHTS_EXECUTE (being more precisely: the implementation of IAccessControl does support it).

TJwServerAccessControl Properties