here is the code I am using to add the Ace
VB Code:
Public Function SetSecurityShare() As Long Dim oSec As New ADsSecurity Dim oSd As IADsSecurityDescriptor Dim oDacl As IADsAccessControlList Dim oNewAce As New AccessControlEntry Dim oRemAce As AccessControlEntry Dim strUserName As String Dim strHome As String Dim strProfile As String Dim strServer As String Dim strPath As String 'Retrieve relevant values strUserName = mvarpUserNm strServer = mvarpServer strHome = mvarpHome & "\" & strUserName strProfile = mvarpProfile & "\" & strUserName & ".Profile" strPath = "FILE://" & strHome 'initialise the Security objects Set oSd = oSec.GetSecurityDescriptor(strPath) Set oDacl = oSd.DiscretionaryAcl Set oRemAce = New AccessControlEntry 'create the new Ace oNewAce.Trustee = mvarpServer & "\Administrator" oNewAce.AccessMask = ADS_RIGHT_GENERIC_ALL Or ADS_RIGHT_GENERIC_WRITE Or ADS_RIGHT_GENERIC_EXECUTE _ Or ADS_RIGHT_GENERIC_READ 'the values above set the permission level for the ACE oNewAce.AceType = ADS_ACETYPE_ACCESS_ALLOWED 'oRemAce.AceType = ADS_ACETYPE_ACCESS_ALLOWED oDacl.AddAce newAce 'oRemAce.Trustee = "Everyone" 'oDacl.RemoveAce remAce oSd.DiscretionaryAcl = oDacl oSec.SetSecurityDescriptor oSd End Function
As I mentioned earlier this code does work but doesnt seem to set the totally correctly




Reply With Quote