here is the code I am using to add the Ace

VB Code:
  1. Public Function SetSecurityShare() As Long
  2. Dim oSec As New ADsSecurity
  3. Dim oSd As IADsSecurityDescriptor
  4. Dim oDacl As IADsAccessControlList
  5. Dim oNewAce As New AccessControlEntry
  6. Dim oRemAce As AccessControlEntry
  7. Dim strUserName As String
  8. Dim strHome As String
  9. Dim strProfile As String
  10. Dim strServer As String
  11. Dim strPath As String
  12.  
  13.  
  14. 'Retrieve relevant values
  15. strUserName = mvarpUserNm
  16. strServer = mvarpServer
  17. strHome = mvarpHome & "\" & strUserName
  18. strProfile = mvarpProfile & "\" & strUserName & ".Profile"
  19. strPath = "FILE://" & strHome
  20.  
  21. 'initialise the Security objects
  22. Set oSd = oSec.GetSecurityDescriptor(strPath)
  23. Set oDacl = oSd.DiscretionaryAcl
  24. Set oRemAce = New AccessControlEntry
  25.  
  26. 'create the new Ace
  27. oNewAce.Trustee = mvarpServer & "\Administrator"
  28. oNewAce.AccessMask = ADS_RIGHT_GENERIC_ALL Or ADS_RIGHT_GENERIC_WRITE Or ADS_RIGHT_GENERIC_EXECUTE _
  29. Or ADS_RIGHT_GENERIC_READ
  30. 'the values above set the permission level for the ACE
  31.  
  32. oNewAce.AceType = ADS_ACETYPE_ACCESS_ALLOWED
  33. 'oRemAce.AceType = ADS_ACETYPE_ACCESS_ALLOWED
  34. oDacl.AddAce newAce
  35. 'oRemAce.Trustee = "Everyone"
  36. 'oDacl.RemoveAce remAce
  37. oSd.DiscretionaryAcl = oDacl
  38. oSec.SetSecurityDescriptor oSd
  39.  
  40.  
  41. End Function

As I mentioned earlier this code does work but doesnt seem to set the totally correctly