B
Bamse
look for a library called <ADsSecurity.dll> in
msdn.microsoft.com/google.com;
this will do your job (add/edit/remove permissions on security objects (like
users/folders/files/printers) )
and it's usable from .NET too:
string _udir = rootFolder + folder;
ADsSecurity _adSec = new ADsSecurity();
IADsSecurityDescriptor _sd =
(IADsSecurityDescriptor)_adSec.GetSecurityDescriptor("FILE://"+_udir );
IADsAccessControlList _dacl =
(IADsAccessControlList)_sd.DiscretionaryAcl;
_sd.Control =
(int)ActiveDs.ADS_SD_CONTROL_ENUM.ADS_SD_CONTROL_SE_DACL_PROTECTED;
ActiveDs.AccessControlEntry _ace3 = new ActiveDs.AccessControlEntry();
_ace3.Trustee = <YOUR_USER_NAME>;
//_ace3.Trustee="Internet Guest Account";
_ace3.AccessMask =
(int)ActiveDs.ADS_RIGHTS_ENUM.ADS_RIGHT_GENERIC_EXECUTE
|(int)ActiveDs.ADS_RIGHTS_ENUM.ADS_RIGHT_GENERIC_READ
|(int)ActiveDs.ADS_RIGHTS_ENUM.ADS_RIGHT_READ_CONTROL
|(int)ActiveDs.ADS_RIGHTS_ENUM.ADS_RIGHT_SYNCHRONIZE
|(int)ActiveDs.ADS_RIGHTS_ENUM.ADS_RIGHT_GENERIC_WRITE
|(int)ActiveDs.ADS_RIGHTS_ENUM.ADS_RIGHT_GENERIC_EXECUTE;
_ace3.AceType =
(int)ActiveDs.ADS_ACETYPE_ENUM.ADS_ACETYPE_ACCESS_ALLOWED;
_ace3.AceFlags =
(int)ActiveDs.ADS_ACEFLAG_ENUM.ADS_ACEFLAG_INHERIT_ACE|1;
_dacl.AddAce(_ace3);
//
_sd.DiscretionaryAcl = _dacl;
_adSec.SetSecurityDescriptor(_sd,"FILE://"+ _udir);
HTH,
Daniel
msdn.microsoft.com/google.com;
this will do your job (add/edit/remove permissions on security objects (like
users/folders/files/printers) )
and it's usable from .NET too:
string _udir = rootFolder + folder;
ADsSecurity _adSec = new ADsSecurity();
IADsSecurityDescriptor _sd =
(IADsSecurityDescriptor)_adSec.GetSecurityDescriptor("FILE://"+_udir );
IADsAccessControlList _dacl =
(IADsAccessControlList)_sd.DiscretionaryAcl;
_sd.Control =
(int)ActiveDs.ADS_SD_CONTROL_ENUM.ADS_SD_CONTROL_SE_DACL_PROTECTED;
ActiveDs.AccessControlEntry _ace3 = new ActiveDs.AccessControlEntry();
_ace3.Trustee = <YOUR_USER_NAME>;
//_ace3.Trustee="Internet Guest Account";
_ace3.AccessMask =
(int)ActiveDs.ADS_RIGHTS_ENUM.ADS_RIGHT_GENERIC_EXECUTE
|(int)ActiveDs.ADS_RIGHTS_ENUM.ADS_RIGHT_GENERIC_READ
|(int)ActiveDs.ADS_RIGHTS_ENUM.ADS_RIGHT_READ_CONTROL
|(int)ActiveDs.ADS_RIGHTS_ENUM.ADS_RIGHT_SYNCHRONIZE
|(int)ActiveDs.ADS_RIGHTS_ENUM.ADS_RIGHT_GENERIC_WRITE
|(int)ActiveDs.ADS_RIGHTS_ENUM.ADS_RIGHT_GENERIC_EXECUTE;
_ace3.AceType =
(int)ActiveDs.ADS_ACETYPE_ENUM.ADS_ACETYPE_ACCESS_ALLOWED;
_ace3.AceFlags =
(int)ActiveDs.ADS_ACEFLAG_ENUM.ADS_ACEFLAG_INHERIT_ACE|1;
_dacl.AddAce(_ace3);
//
_sd.DiscretionaryAcl = _dacl;
_adSec.SetSecurityDescriptor(_sd,"FILE://"+ _udir);
HTH,
Daniel