Setting NTFS Permissions with C#
2007-02-08 14:05
369 查看
Setting NTFS Permissions with C#
Today I needed to set NTFS permissions in C# on some newly created directories.No problem I thought, the CLR will have something for it somewhere in Security, so I checked Google in the hopes to find which class to use.
But Google didn't find anything... This amazed me. "Why can't I control NTFS permissions with .NET ?!?"
After looking for an hour or so, I found a GotDotNet User Sample, called 'ACLs in .NET'. Finally I thought, now it's going to be plug in and set rights.
Well this library is great. It makes settings NTFS rights so easy.
But it lacks a bit in documentation. Therefore I'm providing some of the code I used with it, it could help you. (or it could show my possibly bad coding style, as far as my knowledge goes for know, it should be fine)
Reference the dll, and use it.
using Microsoft.Win32.Security;
Here's a method to add a dir, and set NTFS permissions on it for a given user:
private Boolean CreateDir(String strSitePath, String strUserName) {
Boolean bOk;
try {
Directory.CreateDirectory(strSitePath);
SecurityDescriptor secDesc = SecurityDescriptor.GetFileSecurity(strSitePath, SECURITY_INFORMATION.DACL_SECURITY_INFORMATION);
Dacl dacl = secDesc.Dacl;
Sid sidUser = new Sid (strUserName);
// allow: folder, subfolder and files
// modify
dacl.AddAce (new AceAccessAllowed (sidUser, AccessType.GENERIC_WRITE | AccessType.GENERIC_READ | AccessType.DELETE | AccessType.GENERIC_EXECUTE , AceFlags.OBJECT_INHERIT_ACE | AceFlags.CONTAINER_INHERIT_ACE));
// deny: this folder
// write attribs
// write extended attribs
// delete
// change permissions
// take ownership
DirectoryAccessType DAType = DirectoryAccessType.FILE_WRITE_ATTRIBUTES | DirectoryAccessType.FILE_WRITE_EA | DirectoryAccessType.DELETE | DirectoryAccessType.WRITE_OWNER | DirectoryAccessType.WRITE_DAC;
AccessType AType = (AccessType)DAType;
dacl.AddAce (new AceAccessDenied (sidUser, AType));
secDesc.SetDacl(dacl);
secDesc.SetFileSecurity(strSitePath, SECURITY_INFORMATION.DACL_SECURITY_INFORMATION);
bOk = true;
} catch {
bOk = false;
}
return bOk;
} /* CreateDir */
The AceFlags determine the level of inheritance on the object.
And the DirectoryAccessType is used to create a AccessType with some permissions not in the AccessType enum.
I hope this is useful.
相关文章推荐
- Setting NTFS Permissions with C#[
- Setting NTFS Permissions with C#
- Setting NTFS Permissions with C#
- Setting NTFS Permissions with C#[转]
- C#http访问提示Insufficient permissions for setting the configuration section 'defaultProxy'
- Setting up NUnit for C# Unit Testing with Visual Studio C# Express 2008
- Azure Function & AWS Function With C#
- C#通过WMI设置NTFS目录共享和目录安全
- setting an array element with a sequence
- [C#开发] SQLite with Entity Framework Code First
- Setting up Neutron-dhcp-agent & Dnsmasq on Two Node Neutron GRE+OVS F20 Cluster to launch VMs with M
- C# Task ContinueWith的实现
- setting up your robot with tf(二)
- 【解决方法】You must rebuild it with bitcode enabled (Xcode setting ENABLE_BITCODE)
- Trackback with C#
- ASP.net with C#学习个人谈
- 搭建world wind WMS server(For world wind c# with LandSAT&SRTM30)之client配置
- {sharepoint} Setting List Item Permissions Programatically in sharepoint
- Timer Objects in Windows Services with C#.NET
- ATL项目编译注册dll的时候报权限错误:error MSB8011: Failed to register output. Please try enabling Per-user Redirection or register the component from a command prompt with elevated permissions.