Link to home
Start Free TrialLog in
Avatar of Paul May
Paul May

asked on

How to remove a permission on a Windows Share programatically


I have created an application that adds permissions to a Shared Folder on a Window server (this is important as I'm setting permissions on a share and NOT NTFS).

I now need to do the opposite and remove the group 'Everyone' from the Share permission.  I have a piece of code that gets the existing permissions as follows:

 Dim securityDescriptor As ManagementBaseObject = TryCast(securityDescriptorObject.Properties("Descriptor").Value, ManagementBaseObject)
        Dim existingAcessControlEntriesCount As Integer = 0
        Dim accessControlList As ManagementBaseObject() = TryCast(securityDescriptor.Properties("DACL").Value, ManagementBaseObject())

        If accessControlList Is Nothing Then
            accessControlList = New ManagementBaseObject(0) {}
            existingAcessControlEntriesCount = accessControlList.Length
            Array.Resize(accessControlList, accessControlList.Length + 1)
        End If

As you can see above, I am using an ACL list and I extend it  so that I can then add the new ACL for the group I want to give permissions to.  I now wish to do the opposite and remove an entry from the accessControlList.

Now, I am convinced that if I were to remove one of the existing entries from this accessControlList before committing it back, that would remove a permission for an existing object but I don't know how to enumerate the accessControlList to find the entry I want to remove.

In pseudo-code, this is what I would like to do:

1. Retrieve the existing permissions on the Share (this is done and working as the accessControlList above)
2. Enumerate the accessControlList and find the entry I want to remove (either by name or some other reference)
3. Remove the entry from accessControlList
4. Do the rest of my code (which adds new permissions for other users and groups - this is done and working)
5. Save the entries back to the server with the new set of permissions (this is done and working)

Can someone help me to understand the accessControl, it's contents and properties and how I can find the value I'm looking for and remove it please?  Either c# or VB.NET code would be really helpful.

Thank you.

Avatar of Paul May
Paul May

Link to home
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial