Removing NTFS Folder Permissions On Win2000 In .NET Without using WMI

[Bamse]

look for a library called <ADsSecurity.dll> in
msdn.microsoft.com/google.com;

this will do your job (add/edit/remove permissions on security objects (like
users/folders/files/printers) )
and it's usable from .NET too:

string _udir = rootFolder + folder;
ADsSecurity _adSec = new ADsSecurity();

IADsSecurityDescriptor _sd =
(IADsSecurityDescriptor)_adSec.GetSecurityDescriptor("FILE://"+_udir );
IADsAccessControlList _dacl =
(IADsAccessControlList)_sd.DiscretionaryAcl;

_sd.Control =
(int)ActiveDs.ADS_SD_CONTROL_ENUM.ADS_SD_CONTROL_SE_DACL_PROTECTED;

ActiveDs.AccessControlEntry _ace3 = new ActiveDs.AccessControlEntry();
_ace3.Trustee = <YOUR_USER_NAME>;

//_ace3.Trustee="Internet Guest Account";
_ace3.AccessMask =
(int)ActiveDs.ADS_RIGHTS_ENUM.ADS_RIGHT_GENERIC_EXECUTE
|(int)ActiveDs.ADS_RIGHTS_ENUM.ADS_RIGHT_GENERIC_READ
|(int)ActiveDs.ADS_RIGHTS_ENUM.ADS_RIGHT_READ_CONTROL
|(int)ActiveDs.ADS_RIGHTS_ENUM.ADS_RIGHT_SYNCHRONIZE
|(int)ActiveDs.ADS_RIGHTS_ENUM.ADS_RIGHT_GENERIC_WRITE
|(int)ActiveDs.ADS_RIGHTS_ENUM.ADS_RIGHT_GENERIC_EXECUTE;

_ace3.AceType =
(int)ActiveDs.ADS_ACETYPE_ENUM.ADS_ACETYPE_ACCESS_ALLOWED;
_ace3.AceFlags =
(int)ActiveDs.ADS_ACEFLAG_ENUM.ADS_ACEFLAG_INHERIT_ACE|1;

_dacl.AddAce(_ace3);

//

_sd.DiscretionaryAcl = _dacl;
_adSec.SetSecurityDescriptor(_sd,"FILE://"+ _udir);

HTH,
Daniel

 

[Ram]

Hey,
I'v managed to find a way of adding NTFS permissions to a certain folder,
But the problem is, the folder has a couple of inherited permissions which I
want to delete.
How can I remove the folder's NTFS permissions WITHOUT using WMI or special
XP features?
Thanks ahead!

--Ram

 

[Guest]

Ram, my dilemna is somewhat the same. Please see "Converting Win32 API to VB.Net". I feel that the solution is easiest with the Win32 API, however I am not able to get it to work completely. Hence, the post for help on this site. Good luck!