Solved

VB.NET 2010 Adding permissions to a folder

Posted on 2013-01-07
3
633 Views
Last Modified: 2013-01-08
Hi all,

I am in need of assistance. I am currently trying to write a tool to help move my work network from Novell file system to NTFS. I am using System.Security.AccessControl to add NTFS permissions to folders. I am following this example per Microsoft:

http://msdn.microsoft.com/en-us/library/d49cww7f.aspx?cs-save-lang=1&cs-lang=vb#code-snippet-2

The problem I'm running into is after my program has created the folder and applied the security rights they are showing up as "special permissions".

How do I just make them the normal rights which show up in the main permissions window if this makes sense?


Thanks
0
Comment
Question by:WTarlton
  • 3
3 Comments
 

Author Comment

by:WTarlton
ID: 38752227
Not sure whats going on with this but for some reason when I pick "ReadAndExecute" rights it adds it normally but under "list folder contents".

Im guessing that there are a few more attributes assigned to "ReadAndExecute" and then what I am trying to assign so it has to convert it into "special"
0
 

Accepted Solution

by:
WTarlton earned 0 total points
ID: 38755139
0
 

Author Comment

by:WTarlton
ID: 38755153
Here is the code just incase:


    Friend Enum DirectoryPermission
        Full
        Modify
        AllExceptModifyAndFull
        ReadAndExecute
        ListContents
        Read
        Write
        None
    End Enum

 Private Sub SetDirectoryPermissions(ByVal Directory As String, ByVal Permissions As DirectoryPermission, Optional ByVal Domain As String = Nothing, Optional ByVal User As String = Nothing)
        ' Get the ACL for the directory just created
        Dim oACL As Security.AccessControl.DirectorySecurity = IO.Directory.GetAccessControl(IO.Path.GetDirectoryName(Directory), Security.AccessControl.AccessControlSections.Access)

        Dim oUserSid As Security.Principal.SecurityIdentifier
        If Not IsNothing(Domain) AndAlso Not IsNothing(User) Then
            oUserSid = New Security.Principal.NTAccount(Domain, User).Translate(GetType(Security.Principal.SecurityIdentifier))
        ElseIf Not IsNothing(User) Then
            oUserSid = New Security.Principal.NTAccount(User).Translate(GetType(Security.Principal.SecurityIdentifier))
        Else
            ' Create a security Identifier for the BUILTIN\Users group to be passed to the new access rule
            oUserSid = New Security.Principal.SecurityIdentifier(Security.Principal.WellKnownSidType.BuiltinUsersSid, Nothing)
        End If

        Dim lRights As Long
        Dim lInheritance As Long
        Select Case Permissions
            Case DirectoryPermission.Full
                lRights = Security.AccessControl.FileSystemRights.FullControl
                lInheritance = Security.AccessControl.InheritanceFlags.ContainerInherit Or Security.AccessControl.InheritanceFlags.ObjectInherit
            Case DirectoryPermission.Modify
                lRights = Security.AccessControl.FileSystemRights.Modify Or Security.AccessControl.FileSystemRights.Synchronize
                lInheritance = Security.AccessControl.InheritanceFlags.ContainerInherit Or Security.AccessControl.InheritanceFlags.ObjectInherit
            Case DirectoryPermission.ReadAndExecute
                lRights = Security.AccessControl.FileSystemRights.ReadAndExecute Or Security.AccessControl.FileSystemRights.Synchronize
                lInheritance = Security.AccessControl.InheritanceFlags.ContainerInherit Or Security.AccessControl.InheritanceFlags.ObjectInherit
            Case DirectoryPermission.AllExceptModifyAndFull
                lRights = Security.AccessControl.FileSystemRights.Write Or Security.AccessControl.FileSystemRights.ReadAndExecute Or Security.AccessControl.FileSystemRights.Synchronize
                lInheritance = Security.AccessControl.InheritanceFlags.ContainerInherit Or Security.AccessControl.InheritanceFlags.ObjectInherit
            Case DirectoryPermission.ListContents
                lRights = Security.AccessControl.FileSystemRights.ReadAndExecute Or Security.AccessControl.FileSystemRights.Synchronize
                lInheritance = Security.AccessControl.InheritanceFlags.ContainerInherit
            Case DirectoryPermission.Read
                lRights = Security.AccessControl.FileSystemRights.Read Or Security.AccessControl.FileSystemRights.Synchronize
                lInheritance = Security.AccessControl.InheritanceFlags.ContainerInherit Or Security.AccessControl.InheritanceFlags.ObjectInherit
            Case DirectoryPermission.Write
                lRights = Security.AccessControl.FileSystemRights.Write Or Security.AccessControl.FileSystemRights.Synchronize
                lInheritance = Security.AccessControl.InheritanceFlags.ContainerInherit Or Security.AccessControl.InheritanceFlags.ObjectInherit
            Case Else
                ' No rights
                lRights = 0
                lInheritance = 0
        End Select

        ' Create the rule that needs to be added to the ACL
        Dim oRule As New Security.AccessControl.FileSystemAccessRule(oUserSid,
                                                                     lRights,
                                                                     lInheritance,
                                                                     Security.AccessControl.PropagationFlags.None,
                                                                     Security.AccessControl.AccessControlType.Allow)

        ' Add the new rule to our ACL
        oACL.AddAccessRule(oRule)

        ' Update the directory to include the new rules created
        System.IO.Directory.SetAccessControl(Directory, oACL)
0

Featured Post

DevOps Toolchain Recommendations

Read this Gartner Research Note and discover how your IT organization can automate and optimize DevOps processes using a toolchain architecture.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article describes relatively difficult and non-obvious issues that are likely to arise when creating COM class in Visual Studio and deploying it by professional MSI-authoring tools. It is assumed that the reader is already familiar with the cla…
For those of you who don't follow the news, or just happen to live under rocks, Microsoft Research released a beta SDK (http://www.microsoft.com/en-us/download/details.aspx?id=27876) for the Xbox 360 Kinect. If you don't know what a Kinect is (http:…
This is Part 3 in a 3-part series on Experts Exchange to discuss error handling in VBA code written for Excel. Part 1 of this series discussed basic error handling code using VBA. http://www.experts-exchange.com/videos/1478/Excel-Error-Handlin…
Internet Business Fax to Email Made Easy - With eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, fr…

920 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now