Results 1 to 2 of 2

Thread: NTFS Folder Security (Windows 2000) *Resolved*

  1. #1

    Thread Starter
    Fanatic Member rudvs2's Avatar
    Join Date
    Mar 2001
    Location
    NZ
    Posts
    935

    NTFS Folder Security (Windows 2000) *Resolved*

    Okay chaps

    I know how to add a user to a folders Descritionary Ace list in win 2k using code thats no hassle

    Where I am running into problems is that I want to add the person with full control

    It does seem to do this. But only in the advanced properties

    If you just right click the folder select security an error box appears wanring that the permissions are not set correctly when you click okay it shows the new User i have added but none of the check boxes specifiying security permissions are checked

    If you then click on advanced it says that this user does have full control???

    What I need help on is setting the correct properties to check the approiate check boxes in the default Security tab.

    Has anyone done this before??
    Last edited by rudvs2; Oct 31st, 2001 at 04:58 PM.

  2. #2

    Thread Starter
    Fanatic Member rudvs2's Avatar
    Join Date
    Mar 2001
    Location
    NZ
    Posts
    935
    here is the code I am using to add the Ace

    VB Code:
    1. Public Function SetSecurityShare() As Long
    2. Dim oSec As New ADsSecurity
    3. Dim oSd As IADsSecurityDescriptor
    4. Dim oDacl As IADsAccessControlList
    5. Dim oNewAce As New AccessControlEntry
    6. Dim oRemAce As AccessControlEntry
    7. Dim strUserName As String
    8. Dim strHome As String
    9. Dim strProfile As String
    10. Dim strServer As String
    11. Dim strPath As String
    12.  
    13.  
    14. 'Retrieve relevant values
    15. strUserName = mvarpUserNm
    16. strServer = mvarpServer
    17. strHome = mvarpHome & "\" & strUserName
    18. strProfile = mvarpProfile & "\" & strUserName & ".Profile"
    19. strPath = "FILE://" & strHome
    20.  
    21. 'initialise the Security objects
    22. Set oSd = oSec.GetSecurityDescriptor(strPath)
    23. Set oDacl = oSd.DiscretionaryAcl
    24. Set oRemAce = New AccessControlEntry
    25.  
    26. 'create the new Ace
    27. oNewAce.Trustee = mvarpServer & "\Administrator"
    28. oNewAce.AccessMask = ADS_RIGHT_GENERIC_ALL Or ADS_RIGHT_GENERIC_WRITE Or ADS_RIGHT_GENERIC_EXECUTE _
    29. Or ADS_RIGHT_GENERIC_READ
    30. 'the values above set the permission level for the ACE
    31.  
    32. oNewAce.AceType = ADS_ACETYPE_ACCESS_ALLOWED
    33. 'oRemAce.AceType = ADS_ACETYPE_ACCESS_ALLOWED
    34. oDacl.AddAce newAce
    35. 'oRemAce.Trustee = "Everyone"
    36. 'oDacl.RemoveAce remAce
    37. oSd.DiscretionaryAcl = oDacl
    38. oSec.SetSecurityDescriptor oSd
    39.  
    40.  
    41. End Function

    As I mentioned earlier this code does work but doesnt seem to set the totally correctly

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  



Click Here to Expand Forum to Full Width