Access Control List in C# 2.0:
Algorithm:
Input:
1. LDAP path of the Object
2. Credentials => UserName and Password
Output:
List all the permissions assigned on the give object
Algorithm:
1. Bind to the object using the credentials ==> Use DirectoryEntry class for this
2. Get the security information from the object ==> Use ActiveDirectorySecurity class for this
3. Get the Security Descriptor from the security information ==> In SDDL format (basically its a string format)
4. Get all the access rules, access control entries ==> Use AuthorizationRuleCollection class for this
5. For each rule, resolve the SID and object-Type
6. Display all the entries to the user.
Original Link: http://www.codeproject.com/useritems/ADPermissions.asp
To set the NTFS permission of certain file or folder, you may just use WMI
to invoke Win32_LogicalFileSecuritySetting.SetSecurityDescri ptor method to
get this done. There is a sample at:
http://groups.google.com/groups?hl=...8&selm=%23kHUtC
fcCHA.2004%40tkmsftngp12&rnum=2
Also, you may COM interop ADsSecurity.dll, then use SetSecurityDescriptor
method to achieve this. Please refer to:
"HOW TO: Programmatically Set NTFS File System Folder Permissions by Using
Microsoft Visual Basic .NET"
http://support.microsoft.com/defaul...kb;en-us;818362
Yes, WMI may be somewhat slow of retrieving NTFS permissions. You may try
to COM interop ADsSecurity.dll to see if it improves your performance. I
think the article above provides you enough information to get this done.
Also, you may have a try of P/invoke GetSecurityInfo API.
Original Link: http://www.thescripts.com/forum/thread243033.html
还有测试用户对于特定文件的访问权限的:
Testing file access rights in .NET 2.0