[Webinar] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 530
  • Last Modified:

Reset folder permissions to inherited permissions only

Hello experts, I've been trying to write a program that, as part of it, will reset permissions on all subfolders of a given folder back to what's inherited from the root folder only (all explicitly defined permissions removed and inheritance turned on).  So for example, given the following structure:

Server
 +- Share
       +- FolderA
             +- FolderAA
             +- FolderAB
             |    +- FolderABA
             +- FolderAC
                  +- FolderACA
                  +- FolderACB
                  +- FolderACC

If you give the program the location of FolderA, it'll go into FolderAA, FolderAB, FolderAC and all their subfolders (ABA, ACA, ACB, ACC) and reset the permissions to only what they've inherited from FolderA (leaving FolderA's permissions alone).  I've already got the code to get the folder in question (as a string), as well as all the subfolders (in a recursive function, also as a string).  I just can't seem to wrap my head around the access APIs in the amount of spare time I have.  I'm hoping someone can help me out here with a code sample for doing this, and hopefully with some sort of brief description of what it does.

Not sure if the problem description makes sense or is in enough detail, if you need more info, let me know.  Thanks!
0
HatchIT
Asked:
HatchIT
  • 5
  • 5
1 Solution
 
Bob LearnedCommented:
What version of .NET do you have?

Bob
0
 
HatchITAuthor Commented:
Sorry for the delay, work kept me too busy yesterday to get online and check this.

Not sure which you mean, but I assume you want Visual Studio .NET 2003?  Otherwise, I have .NET framework 1.1 and 2.0 installed on the PC as well.
0
 
Bob LearnedCommented:
2005 (2.0) has the classes, but 2003 (1.1) doesn't.

Bob
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
HatchITAuthor Commented:
What about the BuildExplicitAccessWithName and SetNamedSecurityInfo functions?  Is there a way to do it with those (and one in other related APIs)?
0
 
HatchITAuthor Commented:
Does anyone know anything about those functions and can help me out?
0
 
Bob LearnedCommented:
Here is a class that calls CACLS to set path security (including sub-folders):

<Flags()> _
Public Enum UserRights
  ' SetPermissions
  None
  Change
  Execute
  Full
  Read
  SpecialFileAppendData
  SpecialFileDeleteChild
  SpecialFileExecute
  SpecialFileReadData
  SpecialReadAttributes
  SpecialReadExtendedAttributes
  SpecialWriteAttributes
  SpecialWriteData
  SpecialWriteExtendedAttributes
  Write
End Enum 'UserRights

Public Class SetSecurityPermissions

  Public Shared Function SetSecurityPermissions(ByVal path As String, _
   ByVal user As String, ByVal rights As UserRights, ByVal includeSubFolders As Boolean) As String

    '/E - Edit ACL instead of replacing it
    '/T - Include subdirectories
    '/P - Replace specified user's access rights:  
    ' N=None, R=Read, W=Write, C=Change, F=Full

    Dim p As Process = New Process

    p.StartInfo.FileName = "CACLS"

    Dim arguments As String = path

    If includeSubFolders Then
      arguments &= " /T"
    End If

    arguments &= " /E /P " & user & ":" & rights.ToString().Substring(0, 1)

    p.StartInfo.Arguments = arguments

    p.StartInfo.RedirectStandardInput = True
    p.StartInfo.RedirectStandardOutput = True
    p.StartInfo.RedirectStandardError = True
    p.StartInfo.UseShellExecute = False
    p.StartInfo.WindowStyle = ProcessWindowStyle.Hidden
    p.StartInfo.CreateNoWindow = True

    p.Start()
    p.WaitForExit(1000)

    Dim errorMessage As String = p.StandardError.ReadToEnd()

    If errorMessage.Length > 0 Then
      Throw New Exception(errorMessage)
    End If

    Return p.StandardOutput.ReadToEnd()

    If Not p Is Nothing Then
      p.Dispose()
      p = Nothing
    End If

  End Function   'SetSecurityPermissions

End Class

Bob
0
 
HatchITAuthor Commented:
Yeah, but I'm not looking to add a user to the permissions; I'm looking to a) remove all explicitly defined permissions from the folder, and b) make sure inheritance is turned on for the folder.  If I'm reading it correctly, what you've given is a way to explicitly add a user to the permission list.  I don't see any way to set inheritance from your sample?  Or am I missing something?
0
 
Bob LearnedCommented:
Yeah, inheritance is a little different.  I don't believe that you can use CACLS to set inheritance.  I'll have to look closer.

Bob
0
 
Bob LearnedCommented:
0
 
HatchITAuthor Commented:
Sorry for the delay, I was off on holidays for 5 weeks and forgot to keep an eye on this.  :-/

It looks like the link above is what I was looking for.  Now I just need to read through it all.  :-P  Thanks for your help!
0

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

  • 5
  • 5
Tackle projects and never again get stuck behind a technical roadblock.
Join Now