Plz help me on programmatically set NTFS file system folder permissions
-
i have programmatically set NTFS file system folder permissions by using Active Directory Service Interfaces in Microsoft Visual C#.the problem is that i give permissions through Mohana//administrator(Domin/User) to (C:\\Test) Folder. the program works but when i right click the test folder goto Security Tab it create another user (BUILTIN//BUILTIN)and give All permition to it. i want all permission to administrator. Plz help me. ...code.... using System; using System.Security; using ADSSECURITYLib; using ActiveDs; namespace SecurityFolder { public class clsSecurity { public clsSecurity() { } public void preformAction() { // Set to your domain name. // Set to the user account. SetPermissions("C:\\Test","MOHANA\\administrator"); Console.WriteLine ("Full Access control granted."); } public void SetPermissions(string vPath, String UserName ) { ADsSecurity objADsSec; SecurityDescriptor objSecDes; AccessControlList objDAcl; AccessControlEntry objAce1; AccessControlEntry objAce2; Object objSIdHex; ADsSID objSId; string mes; objADsSec = new ADsSecurityClass(); objSecDes = (SecurityDescriptor)(objADsSec.GetSecurityDescriptor("FILE://"+vPath)); //objSecDes=(SecurityDescriptor)objADsSec.GetSecurityDescriptor(vPath); objDAcl = (AccessControlList)objSecDes.DiscretionaryAcl; objSId = new ADsSIDClass(); objSId.SetAs((int)ADSSECURITYLib.ADS_SID_FORMAT.ADS_SID_SAM, UserName.ToString()); objSIdHex = objSId.GetAs((int)ADSSECURITYLib.ADS_SID_FORMAT.ADS_SID_SDDL); // Add a new access control entry (ACE) object (objAce) so that the user has Full Control permissions on NTFS file system files. objAce1 = new AccessControlEntryClass(); objAce1.Trustee = System.Convert.ToString (objSIdHex); objAce1.AccessMask = (int)ActiveDs.ADS_RIGHTS_ENUM.ADS_RIGHT_GENERIC_ALL; objAce1.AceType = (int)ActiveDs.ADS_ACETYPE_ENUM.ADS_ACETYPE_ACCESS_ALLOWED; objAce1.AceFlags = (int)ActiveDs.ADS_ACEFLAG_ENUM.ADS_ACEFLAG_INHERIT_ACE | (int)ActiveDs.ADS_ACEFLAG_ENUM.ADS_ACEFLAG_INHERIT_ONLY_ACE | 1; objDAcl.AddAce(objAce1); // Add a new access control entry object (objAce) so that the user has Full Control permissions on NTFS file system folders. objAce2 = new AccessControlEntryClass(); objAce2.Trustee = System.Convert.ToString (objSIdHex); objAce2.AccessMask = (int)ActiveDs.ADS_RIGHTS_ENUM.ADS_RIGHT_GENERIC_ALL; objAce2.AceType = (int)ActiveDs.
-
i have programmatically set NTFS file system folder permissions by using Active Directory Service Interfaces in Microsoft Visual C#.the problem is that i give permissions through Mohana//administrator(Domin/User) to (C:\\Test) Folder. the program works but when i right click the test folder goto Security Tab it create another user (BUILTIN//BUILTIN)and give All permition to it. i want all permission to administrator. Plz help me. ...code.... using System; using System.Security; using ADSSECURITYLib; using ActiveDs; namespace SecurityFolder { public class clsSecurity { public clsSecurity() { } public void preformAction() { // Set to your domain name. // Set to the user account. SetPermissions("C:\\Test","MOHANA\\administrator"); Console.WriteLine ("Full Access control granted."); } public void SetPermissions(string vPath, String UserName ) { ADsSecurity objADsSec; SecurityDescriptor objSecDes; AccessControlList objDAcl; AccessControlEntry objAce1; AccessControlEntry objAce2; Object objSIdHex; ADsSID objSId; string mes; objADsSec = new ADsSecurityClass(); objSecDes = (SecurityDescriptor)(objADsSec.GetSecurityDescriptor("FILE://"+vPath)); //objSecDes=(SecurityDescriptor)objADsSec.GetSecurityDescriptor(vPath); objDAcl = (AccessControlList)objSecDes.DiscretionaryAcl; objSId = new ADsSIDClass(); objSId.SetAs((int)ADSSECURITYLib.ADS_SID_FORMAT.ADS_SID_SAM, UserName.ToString()); objSIdHex = objSId.GetAs((int)ADSSECURITYLib.ADS_SID_FORMAT.ADS_SID_SDDL); // Add a new access control entry (ACE) object (objAce) so that the user has Full Control permissions on NTFS file system files. objAce1 = new AccessControlEntryClass(); objAce1.Trustee = System.Convert.ToString (objSIdHex); objAce1.AccessMask = (int)ActiveDs.ADS_RIGHTS_ENUM.ADS_RIGHT_GENERIC_ALL; objAce1.AceType = (int)ActiveDs.ADS_ACETYPE_ENUM.ADS_ACETYPE_ACCESS_ALLOWED; objAce1.AceFlags = (int)ActiveDs.ADS_ACEFLAG_ENUM.ADS_ACEFLAG_INHERIT_ACE | (int)ActiveDs.ADS_ACEFLAG_ENUM.ADS_ACEFLAG_INHERIT_ONLY_ACE | 1; objDAcl.AddAce(objAce1); // Add a new access control entry object (objAce) so that the user has Full Control permissions on NTFS file system folders. objAce2 = new AccessControlEntryClass(); objAce2.Trustee = System.Convert.ToString (objSIdHex); objAce2.AccessMask = (int)ActiveDs.ADS_RIGHTS_ENUM.ADS_RIGHT_GENERIC_ALL; objAce2.AceType = (int)ActiveDs.
DirectoryInfo di = new DirectoryInfo("C:\\TestDir");
DirectorySecurity dc = new DirectorySecurity();
FileSystemAccessRule ar = new FileSystemAccessRule("Administrator",FileSystemRights.FullControl,AccessControlType.Allow);
dc.AddAccessRule(ar);
di.Create(dc);