We help IT Professionals succeed at work.

How to remove a permission on a Windows Share programatically

108 Views
Last Modified: 2018-11-07
Hi

I have created an application that adds permissions to a Shared Folder on a Window server (this is important as I'm setting permissions on a share and NOT NTFS).

I now need to do the opposite and remove the group 'Everyone' from the Share permission.  I have a piece of code that gets the existing permissions as follows:

 Dim securityDescriptor As ManagementBaseObject = TryCast(securityDescriptorObject.Properties("Descriptor").Value, ManagementBaseObject)
        Dim existingAcessControlEntriesCount As Integer = 0
        Dim accessControlList As ManagementBaseObject() = TryCast(securityDescriptor.Properties("DACL").Value, ManagementBaseObject())

        If accessControlList Is Nothing Then
            accessControlList = New ManagementBaseObject(0) {}
        Else
            existingAcessControlEntriesCount = accessControlList.Length
            Array.Resize(accessControlList, accessControlList.Length + 1)
        End If

As you can see above, I am using an ACL list and I extend it  so that I can then add the new ACL for the group I want to give permissions to.  I now wish to do the opposite and remove an entry from the accessControlList.

Now, I am convinced that if I were to remove one of the existing entries from this accessControlList before committing it back, that would remove a permission for an existing object but I don't know how to enumerate the accessControlList to find the entry I want to remove.

In pseudo-code, this is what I would like to do:

1. Retrieve the existing permissions on the Share (this is done and working as the accessControlList above)
2. Enumerate the accessControlList and find the entry I want to remove (either by name or some other reference)
3. Remove the entry from accessControlList
4. Do the rest of my code (which adds new permissions for other users and groups - this is done and working)
5. Save the entries back to the server with the new set of permissions (this is done and working)

Can someone help me to understand the accessControl, it's contents and properties and how I can find the value I'm looking for and remove it please?  Either c# or VB.NET code would be really helpful.

Thank you.

Paul
Comment
Watch Question

Commented:
This one is on us!
(Get your first solution completely free - no credit card required)
UNLOCK SOLUTION
Unlock the solution to this question.
Join our community and discover your potential

Experts Exchange is the only place where you can interact directly with leading experts in the technology field. Become a member today and access the collective knowledge of thousands of technology experts.

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

OR

Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.