Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

Removed Users Inherited Group from Folder

Posted on 2013-01-15
10
Medium Priority
?
443 Views
Last Modified: 2013-01-20
Hi all,

I have a folder that I create on my local machine and I want it to inherit from the parent, in general. The one group I do not want it to inherit is the built in USERS group.

How can I remove that USERS group from that directory using C#?

The RemoveAccessRule and PurgeAccessRule does not seem to be working.

I know if I manually go in the Security permissions of the folder I can delete the Users group but how can I do that programmatically?

Any assisstance on this would be greatly appreciated.
0
Comment
Question by:davism
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 4
10 Comments
 
LVL 1

Author Comment

by:davism
ID: 38780873
By the way, I am initially creating the folder with:

objDirectorySecurity.SetAccessRuleProtection(true, true);

I want the inherited permissions BUT I want to remove the BUILTIN\USERS. As mentioned I am able to do it manually but how can I do it programmatically?

Any information would be greatly appreciated.
0
 
LVL 9

Accepted Solution

by:
shorvath earned 600 total points
ID: 38782194
0
 
LVL 23

Expert Comment

by:Roopesh Reddy
ID: 38782744
0
VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

 
LVL 1

Author Comment

by:davism
ID: 38783317
roopershreddy,

Yeah, I tried that one. But it didn't work. If you look at the text it states this also:

"The above code will also not work for rules that are inherited.  This is an issue irrelevant of whether it is a local or remote machine.  Inherited rules are not modified by the access rule methods. Instead you have to explicitly remove the inheritance from the file/folder and then you can use the security object to remove the group."

shorvath,

I am looking more into that on what you posted. I wanted to remove the users group from like the "Level 1" in which case "Level 2" and "Level 3" will have everything propogated down from "Level 1".  I thought I already tried that with the SetProtection that I mentioned BUT I will look at it again and see. Maybe I did something wrong. I'm not sure.  I will let you know though ASAP.

If anybody have other findings please let me know.

Thanks
0
 
LVL 23

Expert Comment

by:Roopesh Reddy
ID: 38783694
0
 
LVL 1

Author Comment

by:davism
ID: 38784454
roopeshreddy,

Yeah I saw that one too.  One of the issues with that is the 64-bit - it doesn't work on 64-bit. But I'm not entirely sure of the type of system running this.

One of the things, I thought about and it seems akin or a common theme from what I have seen is to:

1) Save off the inherited permissions from the parent folder in a collection or like a collection.
2) Create the folder with the objDirectorySecurity.SetAccessRuleProtection(true, false);
3) Add the apprioriate rules for the user onto that folder.
4) Iterate through the collection and apply the permissions for the rules with the necessary inheritance and propogation for the account back onto the folder WITH EXCEPTION of the BUILTIN\Users.

The end result should be that have the necessary rights for the folder.

It seems the common theme here is to save off and then reapply the inherited permissions.

That all seem like an approach to take or is there something that you all think I should be aware of?

Thanks
0
 
LVL 23

Assisted Solution

by:Roopesh Reddy
Roopesh Reddy earned 900 total points
ID: 38788189
Hi,

Your solution  looks good for me! Did you tried that solution?

With that, we have good control to the groups added to the folder!

Hope it helps u...
0
 
LVL 1

Author Comment

by:davism
ID: 38789563
I so much apologize. Boy, when it rains it pours!!!

I had coded to take the steps as I mentioned. The I went to debug and suddenly I got the message:

Unable to load DLL 'webengine.dll'. The specified module could not be found.

This just happened out of the blue and my VS 2010 does not work with any web service creation now. Works on others like web sites and GUI's but not web services. I understand that with 2010 a web service is a WCF but you can still create own as a ASP.NET web service if you use .net 3.5.

My VS2008 works fine with the creation of a web service and .net 3.5 but my VS 2010 does not.

I'm not sure what's going on and I've been spending the day trying to fix it so I can test the thought I have.

I will let you know ASAP on the results. By the way, if you have any idea on the error that I'm getting please shed some light because I have tried so much to no avail.

Thanks
0
 
LVL 23

Expert Comment

by:Roopesh Reddy
ID: 38793708
Hi,

Try Repairing your VS 2010!

Hope it helps u...
0
 
LVL 1

Author Closing Comment

by:davism
ID: 38799878
It looks like what I mentioned on the steps is doing exactly what I wanted! Thank you both for the information. It made me think a little more and ultimately on the steps I mentioned I need to do and confirmed by you. Thanks!

With respect to the issue; it is not solved but I had to end up changing the VS 2010 to use the .NET 4 framework for the project. Why it suddenly had to change when it was previously using .NET 2.0 is still a mystery. And I will likely open another question related to VS 2010 and the OS for that.

Again, thanks for the information and confirmation on this issue with the ACL's.

Thanks!
0

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Exception Handling is in the core of any application that is able to dignify its name. In this article, I'll guide you through the process of writing a DRY (Don't Repeat Yourself) Exception Handling mechanism, using Aspect Oriented Programming.
Performance in games development is paramount: every microsecond counts to be able to do everything in less than 33ms (aiming at 16ms). C# foreach statement is one of the worst performance killers, and here I explain why.
In this video you will find out how to export Office 365 mailboxes using the built in eDiscovery tool. Bear in mind that although this method might be useful in some cases, using PST files as Office 365 backup is troublesome in a long run (more on t…
Visualize your data even better in Access queries. Given a date and a value, this lesson shows how to compare that value with the previous value, calculate the difference, and display a circle if the value is the same, an up triangle if it increased…
Suggested Courses

609 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question