• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 526
  • Last Modified:

Creating and Mapping HomeDirectory Through Code- Active Directory

Hi all,

I have tried doing this is both C# and VB.net and am running into the same problems for both of them.

I have a program that creates a new user and also creates the users home directory. The problem is, is that the user is not getting the correct permissions to the drive. When I look at the permissions compared to the permissions given if i were to do this from the AD snapin they look exactly the same to me.

If i go into the user and reapply the homedrive mapping it works perfectly. I look at the folders security and It creates a new account (same username as I am creating with code) that has the exact same permissions that I am assigning.

My question is, has anyone else ran into this AND does anyone have a solution? Ill post the code up for my C# program in case anyone can see what I am missing.

Thanks in advance.
public static void CreateDir(String strSitePath, String strUserName)
        {            
            try
            {
 
                Directory.CreateDirectory(strSitePath);
 
                SecurityDescriptor secDesc = SecurityDescriptor.GetFileSecurity(strSitePath, SECURITY_INFORMATION.DACL_SECURITY_INFORMATION);
 
                Dacl dacl = secDesc.Dacl;
 
                Sid sidUser = new Sid(strUserName);
 
                dacl.AddAce(new AceAccessAllowed(sidUser, AccessType.GENERIC_ALL, Microsoft.Win32.Security.AceFlags.OBJECT_INHERIT_ACE | Microsoft.Win32.Security.AceFlags.CONTAINER_INHERIT_ACE));
 
                secDesc.SetDacl(dacl);
 
                secDesc.SetFileSecurity(strSitePath, SECURITY_INFORMATION.DACL_SECURITY_INFORMATION);                
 
            }
            catch
            {
                MessageBox.Show("Didnt work");
 
            }

Open in new window

0
cepacs
Asked:
cepacs
  • 2
2 Solutions
 
PakaCommented:
You're probably running into permission inheritance issues (or share permission issues).  Have you seen:

http://support.microsoft.com/kb/817009

0
 
cepacsAuthor Commented:
I have that set already. Its almost as if the permissions do not actually get applied. They show up where they should be, but they do not take effect.
0
 
cepacsAuthor Commented:
For anyone interested I ended up going with vb.net here is the code


Private Sub createFolderFC(ByVal path As String, ByVal firstName As String, ByVal lastName As String)
        Directory.CreateDirectory(path)
        Dim dirInfo As New DirectoryInfo(path)
        Dim dirSecurity As DirectorySecurity = dirInfo.GetAccessControl()        
        Dim DE As DirectoryEntry = New DirectoryEntry()
        Dim sidBin() As Byte = DirectCast(DE.Properties("objectSid").Value, Byte())
        Dim sid As New SecurityIdentifier(sidBin, 0)
        'MessageBox.Show(DE.Properties("objectSid").Value.ToString())
        dirSecurity.AddAccessRule(New FileSystemAccessRule(sid, FileSystemRights.FullControl, InheritanceFlags.ContainerInherit Or InheritanceFlags.ObjectInherit, PropagationFlags.InheritOnly, AccessControlType.Allow))
        dirSecurity.AddAccessRule(New FileSystemAccessRule(sid, FileSystemRights.FullControl, InheritanceFlags.ObjectInherit Or InheritanceFlags.ContainerInherit, PropagationFlags.InheritOnly, AccessControlType.Allow))
        dirSecurity.AddAccessRule(New FileSystemAccessRule(sid, FileSystemRights.FullControl, AccessControlType.Allow))
        dirInfo.SetAccessControl(dirSecurity)
    End Sub

Open in new window

0

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now