P
Phil Hey
I am trying to set permissions on a folder programmatically, and have
success fully used the code below for knowledge base article 266461 : How
To: Programmatically Set NTFS File System Folder Permissions Using Microsoft
Visual Basic . NET
However I need to set the permissions to Read Only rather than Full Control,
can any one help me with this.
Dim objADsSec As ADsSecurity
Dim objSecDes As SecurityDescriptor
Dim objDAcl As AccessControlList
Dim objAce As Object
Dim objAce1 As AccessControlEntry
Dim objAce2 As AccessControlEntry
Dim objSId As ADsSID
Dim objSIdHex As Object
objADsSec = New ADsSecurity
objSecDes = CType(objADsSec.GetSecurityDescriptor("FILE://" & vPath),
SecurityDescriptor)
objDAcl = CType(objSecDes.DiscretionaryAcl, AccessControlList)
objSId = New ADsSID
objSId.SetAs(ADSSECURITYLib.ADS_SID_FORMAT.ADS_SID_SAM, CStr(UserName))
objSIdHex = objSId.GetAs(ADSSECURITYLib.ADS_SID_FORMAT.ADS_SID_SDDL)
' Add a new objAce so that the User has Full Control on NTFS Files.
objAce1 = New AccessControlEntry
objAce1.Trustee = CStr(objSIdHex)
objAce1.AccessMask = ActiveDs.ADS_RIGHTS_ENUM.ADS_RIGHT_GENERIC_ALL
objAce1.AceType = ActiveDs.ADS_ACETYPE_ENUM.ADS_ACETYPE_ACCESS_ALLOWED
objAce1.AceFlags = ActiveDs.ADS_ACEFLAG_ENUM.ADS_ACEFLAG_INHERIT_ACE Or
ActiveDs.ADS_ACEFLAG_ENUM.ADS_ACEFLAG_INHERIT_ONLY_ACE Or 1
objDAcl.AddAce(objAce1)
' Add a new objAce so that the User has Full Control on NTFS Folders.
objAce2 = New AccessControlEntry
objAce2.Trustee = CStr(objSIdHex)
objAce2.AccessMask = ActiveDs.ADS_RIGHTS_ENUM.ADS_RIGHT_GENERIC_ALL
objAce2.AceType = ActiveDs.ADS_ACETYPE_ENUM.ADS_ACETYPE_ACCESS_ALLOWED
objAce2.AceFlags = ActiveDs.ADS_ACEFLAG_ENUM.ADS_ACEFLAG_INHERIT_ACE Or 1
objDAcl.AddAce(objAce2)
objSecDes.DiscretionaryAcl = objDAcl
' Set Permissions on the NTFS folder.
objADsSec.SetSecurityDescriptor(objSecDes)
Thanks
Phil
success fully used the code below for knowledge base article 266461 : How
To: Programmatically Set NTFS File System Folder Permissions Using Microsoft
Visual Basic . NET
However I need to set the permissions to Read Only rather than Full Control,
can any one help me with this.
Dim objADsSec As ADsSecurity
Dim objSecDes As SecurityDescriptor
Dim objDAcl As AccessControlList
Dim objAce As Object
Dim objAce1 As AccessControlEntry
Dim objAce2 As AccessControlEntry
Dim objSId As ADsSID
Dim objSIdHex As Object
objADsSec = New ADsSecurity
objSecDes = CType(objADsSec.GetSecurityDescriptor("FILE://" & vPath),
SecurityDescriptor)
objDAcl = CType(objSecDes.DiscretionaryAcl, AccessControlList)
objSId = New ADsSID
objSId.SetAs(ADSSECURITYLib.ADS_SID_FORMAT.ADS_SID_SAM, CStr(UserName))
objSIdHex = objSId.GetAs(ADSSECURITYLib.ADS_SID_FORMAT.ADS_SID_SDDL)
' Add a new objAce so that the User has Full Control on NTFS Files.
objAce1 = New AccessControlEntry
objAce1.Trustee = CStr(objSIdHex)
objAce1.AccessMask = ActiveDs.ADS_RIGHTS_ENUM.ADS_RIGHT_GENERIC_ALL
objAce1.AceType = ActiveDs.ADS_ACETYPE_ENUM.ADS_ACETYPE_ACCESS_ALLOWED
objAce1.AceFlags = ActiveDs.ADS_ACEFLAG_ENUM.ADS_ACEFLAG_INHERIT_ACE Or
ActiveDs.ADS_ACEFLAG_ENUM.ADS_ACEFLAG_INHERIT_ONLY_ACE Or 1
objDAcl.AddAce(objAce1)
' Add a new objAce so that the User has Full Control on NTFS Folders.
objAce2 = New AccessControlEntry
objAce2.Trustee = CStr(objSIdHex)
objAce2.AccessMask = ActiveDs.ADS_RIGHTS_ENUM.ADS_RIGHT_GENERIC_ALL
objAce2.AceType = ActiveDs.ADS_ACETYPE_ENUM.ADS_ACETYPE_ACCESS_ALLOWED
objAce2.AceFlags = ActiveDs.ADS_ACEFLAG_ENUM.ADS_ACEFLAG_INHERIT_ACE Or 1
objDAcl.AddAce(objAce2)
objSecDes.DiscretionaryAcl = objDAcl
' Set Permissions on the NTFS folder.
objADsSec.SetSecurityDescriptor(objSecDes)
Thanks
Phil