C# windows forms app change permissions on MDB file

I have a windows application written in C#. I use InstallAware as the packager and all seems to go well on install. I have an access database file as the data store of the application which is stored in the Program Data section of the users machine which allows full write capabilities etc. My problem is that i cannot get the permissions i apply to the file to stay after the install.

Once installed, the program auto-starts and queries user for info which is written to the application no problem. The Security permissions on the file are set to Full Control for everyone on install correctly. The problem happens once the application is closed and restarted. The database file then has the permissions stripped to only read & execute and read for the Users group.

I have to physically go in and add the write permission and all runs fine after that but i do not want to have end users doing this.

Can someone help me with code to assign permissions to all users or users for at LEAST read/write?

Thanks in advance!

Winston SmithDeveloperAsked:
Who is Participating?
rawinnlnx9Connect With a Mentor Commented:
This post here explains exactly how to do this. Please read the reply that is Green as it is the answer:

davesgonebananasConnect With a Mentor Commented:
The ProgramData or CommonApplicationData special folder is used for system wide application specific data and AFAIK normal users have read permissions to this folder by default.

You can change permissions using ICACLS or in C# using the code below:
Todd GerbertIT ConsultantCommented:
I would guess that your MDB's access control list may contain Everyone:FullControl, but does not specify to ignore inherited permissions.  Or, your application is deleting & recreating the file - in which case the new one would inherit permissions from the containing folder.

I'm not familiar with InstallAware - how are you setting the permissions at install?
Winston SmithDeveloperAuthor Commented:
Used a combination of code form your posts. Thanks for the help. Below is the code i used if anyone else is stuck on this
Winston SmithDeveloperAuthor Commented:
private void Whatever(){
//grab the currently logged in user
string nametext = WindowsIdentity.GetCurrent().Name;

AddDirectorySecurity(DBFile, @nametext, FileSystemRights.ReadAndExecute, AccessControlType.Allow);
 AddDirectorySecurity(DBFile, @nametext, FileSystemRights.Write, AccessControlType.Allow);

 // Adds an ACL entry on the specified directory for the specified account.
        public static void AddDirectorySecurity(string FileName, string Account, FileSystemRights Rights, AccessControlType ControlType)
            // Create a new DirectoryInfo object.
            DirectoryInfo dInfo = new DirectoryInfo(FileName);

            // Get a DirectorySecurity object that represents the 
            // current security settings.
            DirectorySecurity dSecurity = dInfo.GetAccessControl();

            // Add the FileSystemAccessRule to the security settings. 
            dSecurity.AddAccessRule(new FileSystemAccessRule(Account,

            // Set the new access settings.


Open in new window

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.