here is the code I am using to add the Ace
VB Code:
Public Function SetSecurityShare() As Long
Dim oSec As New ADsSecurity
Dim oSd As IADsSecurityDescriptor
Dim oDacl As IADsAccessControlList
Dim oNewAce As New AccessControlEntry
Dim oRemAce As AccessControlEntry
Dim strUserName As String
Dim strHome As String
Dim strProfile As String
Dim strServer As String
Dim strPath As String
'Retrieve relevant values
strUserName = mvarpUserNm
strServer = mvarpServer
strHome = mvarpHome & "\" & strUserName
strProfile = mvarpProfile & "\" & strUserName & ".Profile"
strPath = "FILE://" & strHome
'initialise the Security objects
Set oSd = oSec.GetSecurityDescriptor(strPath)
Set oDacl = oSd.DiscretionaryAcl
Set oRemAce = New AccessControlEntry
'create the new Ace
oNewAce.Trustee = mvarpServer & "\Administrator"
oNewAce.AccessMask = ADS_RIGHT_GENERIC_ALL Or ADS_RIGHT_GENERIC_WRITE Or ADS_RIGHT_GENERIC_EXECUTE _
Or ADS_RIGHT_GENERIC_READ
'the values above set the permission level for the ACE
oNewAce.AceType = ADS_ACETYPE_ACCESS_ALLOWED
'oRemAce.AceType = ADS_ACETYPE_ACCESS_ALLOWED
oDacl.AddAce newAce
'oRemAce.Trustee = "Everyone"
'oDacl.RemoveAce remAce
oSd.DiscretionaryAcl = oDacl
oSec.SetSecurityDescriptor oSd
End Function
As I mentioned earlier this code does work but doesnt seem to set the totally correctly