Hi,
I think I was the original "inspiration" for this lovely piece of code as I was trying to figure out how to do it myself
Anyway, I've finally had time to go back to the application I was creating that needed this code and I've hit a snag.
It works brilliantly if the permissions you are trying to set are for a pre-existing user. However, my application creates a user in AD, creates the folders and then tries to share them and set the permissions. Fairly often, this fails because AD replication hasn't taken place yet and I get the error thrown by this bit of code
Is there anyway of using the user's SID instead of the domain\username? This would mean you don't have to wait for replicationCode:If SetEntriesResult = ERROR_NONE_MAPPED Then Throw New ApplicationException("The account " & FullAccountName & " could not be mapped to a security identifier (SID). " & _ "Check that the account name is correct and that the domain where the account is held is contactable. The share has not been created") ElseIf SetEntriesResult <> 0 Then Throw New ApplicationException("The account " & FullAccountName & " could not be added to the ACL as the follow error was encountered: " & SetEntriesResult & ". The share has not been created") End If
Reply With Quote