VB.NET 2010 Adding permissions to a folder

Hi all,

I am in need of assistance. I am currently trying to write a tool to help move my work network from Novell file system to NTFS. I am using System.Security.AccessControl to add NTFS permissions to folders. I am following this example per Microsoft:

http://msdn.microsoft.com/en-us/library/d49cww7f.aspx?cs-save-lang=1&cs-lang=vb#code-snippet-2

The problem I'm running into is after my program has created the folder and applied the security rights they are showing up as "special permissions".

How do I just make them the normal rights which show up in the main permissions window if this makes sense?


Thanks
WTarltonAsked:
Who is Participating?
 
WTarltonAuthor Commented:
Not sure whats going on with this but for some reason when I pick "ReadAndExecute" rights it adds it normally but under "list folder contents".

Im guessing that there are a few more attributes assigned to "ReadAndExecute" and then what I am trying to assign so it has to convert it into "special"
0
 
WTarltonAuthor Commented:
Here is the code just incase:


    Friend Enum DirectoryPermission
        Full
        Modify
        AllExceptModifyAndFull
        ReadAndExecute
        ListContents
        Read
        Write
        None
    End Enum

 Private Sub SetDirectoryPermissions(ByVal Directory As String, ByVal Permissions As DirectoryPermission, Optional ByVal Domain As String = Nothing, Optional ByVal User As String = Nothing)
        ' Get the ACL for the directory just created
        Dim oACL As Security.AccessControl.DirectorySecurity = IO.Directory.GetAccessControl(IO.Path.GetDirectoryName(Directory), Security.AccessControl.AccessControlSections.Access)

        Dim oUserSid As Security.Principal.SecurityIdentifier
        If Not IsNothing(Domain) AndAlso Not IsNothing(User) Then
            oUserSid = New Security.Principal.NTAccount(Domain, User).Translate(GetType(Security.Principal.SecurityIdentifier))
        ElseIf Not IsNothing(User) Then
            oUserSid = New Security.Principal.NTAccount(User).Translate(GetType(Security.Principal.SecurityIdentifier))
        Else
            ' Create a security Identifier for the BUILTIN\Users group to be passed to the new access rule
            oUserSid = New Security.Principal.SecurityIdentifier(Security.Principal.WellKnownSidType.BuiltinUsersSid, Nothing)
        End If

        Dim lRights As Long
        Dim lInheritance As Long
        Select Case Permissions
            Case DirectoryPermission.Full
                lRights = Security.AccessControl.FileSystemRights.FullControl
                lInheritance = Security.AccessControl.InheritanceFlags.ContainerInherit Or Security.AccessControl.InheritanceFlags.ObjectInherit
            Case DirectoryPermission.Modify
                lRights = Security.AccessControl.FileSystemRights.Modify Or Security.AccessControl.FileSystemRights.Synchronize
                lInheritance = Security.AccessControl.InheritanceFlags.ContainerInherit Or Security.AccessControl.InheritanceFlags.ObjectInherit
            Case DirectoryPermission.ReadAndExecute
                lRights = Security.AccessControl.FileSystemRights.ReadAndExecute Or Security.AccessControl.FileSystemRights.Synchronize
                lInheritance = Security.AccessControl.InheritanceFlags.ContainerInherit Or Security.AccessControl.InheritanceFlags.ObjectInherit
            Case DirectoryPermission.AllExceptModifyAndFull
                lRights = Security.AccessControl.FileSystemRights.Write Or Security.AccessControl.FileSystemRights.ReadAndExecute Or Security.AccessControl.FileSystemRights.Synchronize
                lInheritance = Security.AccessControl.InheritanceFlags.ContainerInherit Or Security.AccessControl.InheritanceFlags.ObjectInherit
            Case DirectoryPermission.ListContents
                lRights = Security.AccessControl.FileSystemRights.ReadAndExecute Or Security.AccessControl.FileSystemRights.Synchronize
                lInheritance = Security.AccessControl.InheritanceFlags.ContainerInherit
            Case DirectoryPermission.Read
                lRights = Security.AccessControl.FileSystemRights.Read Or Security.AccessControl.FileSystemRights.Synchronize
                lInheritance = Security.AccessControl.InheritanceFlags.ContainerInherit Or Security.AccessControl.InheritanceFlags.ObjectInherit
            Case DirectoryPermission.Write
                lRights = Security.AccessControl.FileSystemRights.Write Or Security.AccessControl.FileSystemRights.Synchronize
                lInheritance = Security.AccessControl.InheritanceFlags.ContainerInherit Or Security.AccessControl.InheritanceFlags.ObjectInherit
            Case Else
                ' No rights
                lRights = 0
                lInheritance = 0
        End Select

        ' Create the rule that needs to be added to the ACL
        Dim oRule As New Security.AccessControl.FileSystemAccessRule(oUserSid,
                                                                     lRights,
                                                                     lInheritance,
                                                                     Security.AccessControl.PropagationFlags.None,
                                                                     Security.AccessControl.AccessControlType.Allow)

        ' Add the new rule to our ACL
        oACL.AddAccessRule(oRule)

        ' Update the directory to include the new rules created
        System.IO.Directory.SetAccessControl(Directory, oACL)
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.