Answers
Mar 18, 2009 - 07:38 AM
use this for web
1: SPSite site = null;
2: SPWeb web = null;
3: site = new SPSite("http://server:100/sites/DevSite/");
4: web = site.OpenWeb();
5: SPRoleAssignment roleAssignment = new SPRoleAssignment("domain\\user","alias@domain.com","Nishand","Simple Test For You!");
6: SPRoleDefinition roleDefinition = web.RoleDefinitions.GetByType(SPRoleType.Contributor);
7: roleAssignment.RoleDefinitionBindings.Add(roleDefinition);
8: web.RoleAssignments.Add(roleAssignment);
and this for win32
Build the sample application
To run the following sample application, you must have the ADsSecurity.dll file and the ADsSecurity.dll file installed. These files are included with the software development kit (SDK) for Active Directory Service Interfaces 2.5. To download the SDK for Active Directory Service Interfaces 2.5, visit the following Microsoft Web site:
http://www.microsoft.com/technet/arch... (http://www.microsoft.com/technet/arch...)
Note To run the sample application, you must have administrative credentials on the computer.
To build the sample application, follow these steps:
1. Start Microsoft Visual Studio .NET or Microsoft Visual Studio 2005.
2. On the File menu, click New, and then click Project.
3. In Visual C# Projects, click Windows Application under Templates.
Note In Visual Studio 2005, Visual C# Projects is changed to Visual C#.
4. In the Name box, type NTFSPermissions, and then click OK.
5. Add a Button control to the Form1 form.
6. On the Project menu, click Add Reference.
7. Click the COM tab, click to select the following items, and then click OK:
* Active DS Type Library
* ADsSecurity 2.5 Type Library
8. Right-click the Form1 form, and then click View Code.
9. Add the following using statements to the top of the source code in the Form1 form.
using ADSSECURITYLib;
using ActiveDs;
10. Add the following method to the Form1 class.
public void SetPermissions(String vPath, String UserName )
{
ADsSecurity objADsSec;
SecurityDescriptor objSecDes;
AccessControlList objDAcl;
AccessControlEntry objAce1;
AccessControlEntry objAce2;
Object objSIdHex;
ADsSID objSId;
objADsSec = new ADsSecurityClass();
objSecDes = (SecurityDescriptor) (objADsSec.GetSecurityDescriptor("FILE://" + vPath));
objDAcl = (AccessControlList)objSecDes.DiscretionaryAcl;
objSId = new ADsSIDClass();
objSId.SetAs((int)ADSSECURITYLib.ADS_SID_FORMAT.ADS_SID_SAM, UserName.ToString());
objSIdHex = objSId.GetAs((int)ADSSECURITYLib.ADS_SID_FORMAT.ADS_SID_SDDL);
// Add a new access control entry (ACE) object (objAce) so that the user has Full Control permissions on NTFS file system files.
objAce1 = new AccessControlEntryClass();
objAce1.Trustee = (objSIdHex).ToString();
objAce1.AccessMask = (int)ActiveDs.ADS_RIGHTS_ENUM.ADS_RIGHT_GENERIC_ALL;
objAce1.AceType = (int)ActiveDs.ADS_ACETYPE_ENUM.ADS_ACETYPE_ACCESS_ALLOWED;
objAce1.AceFlags = (int)ActiveDs.ADS_ACEFLAG_ENUM.ADS_ACEFLAG_INHERIT_ACE | (int)ActiveDs.ADS_ACEFLAG_ENUM.ADS_ACEFLAG_INHERIT_ONLY_ACE | 1;
objDAcl.AddAce(objAce1);
// Add a new access control entry object (objAce) so that the user has Full Control permissions on NTFS file system folders.
objAce2 = new AccessControlEntryClass();
objAce2.Trustee = (objSIdHex).ToString();
objAce2.AccessMask = (int)ActiveDs.ADS_RIGHTS_ENUM.ADS_RIGHT_GENERIC_ALL;
objAce2.AceType = (int)ActiveDs.ADS_ACETYPE_ENUM.ADS_ACETYPE_ACCESS_ALLOWED;
objAce2.AceFlags = (int)ActiveDs.ADS_ACEFLAG_ENUM.ADS_ACEFLAG_INHERIT_ACE | 1;
objDAcl.AddAce(objAce2);
objSecDes.DiscretionaryAcl = objDAcl;
// Set permissions on the NTFS file system folder.
objADsSec.SetSecurityDescriptor(objSecDes,"FILE://" + vPath);
}
11. Click the Form1.cs [Design] tab to switch back to design mode.
12. Double-click button1. Replace the button1_Click event code with the following code.
private void button1_Click(object sender, System.EventArgs e)
{
try
{
// Set to your domain name.
// Set to the user account.
SetPermissions("C:\\Test", "\\");
MessageBox.Show("Full Access control granted.");
}
catch (Exception ex)
{
MessageBox.Show(ex.Message);
}
}
Note Replace with the domain name. Replace with the name of the user to whom you want to grant permissions.
13. On the Build menu, click Build Solution.
Back to the top
Test the sample application
1. Create a folder in the drive C root folder. Name the folder Test.
2. In Windows Explorer, right-click the Test folder, and then click Properties.
3. In the Test Properties dialog box, click the Security tab.
4. Select the domain account for which you are running this test. If the account is not listed, click Add, and then add the domain account to the list.
5. Under Permissions, click to clear the Full Control check box to restrict the permissions on the Test folder for this user. Then, click OK.
6. Run the NTFSPermission.exe application. By default, Form1 is displayed.
7. Click button1. You receive the following message:
Full Access control granted.
8. Click OK to close the message box.
9. Close the form to quit the application.
10. In Windows Explorer, open the C:\ folder.
11. Right-click the Test folder, and then click Properties.
12. In the Test Properties dialog box, click the Security tab.
13. Select the domain account for which you are running this test, and then verify the permissions on the Test folder.
The specified user now has Full Control permissions on the Test folder.
Ask me if need. This is NTFS only I cn't guarantee correct work with FAT
1: SPSite site = null;
2: SPWeb web = null;
3: site = new SPSite("http://server:100/sites/DevSite/");
4: web = site.OpenWeb();
5: SPRoleAssignment roleAssignment = new SPRoleAssignment("domain\\user","alias@domain.com","Nishand","Simple Test For You!");
6: SPRoleDefinition roleDefinition = web.RoleDefinitions.GetByType(SPRoleType.Contributor);
7: roleAssignment.RoleDefinitionBindings.Add(roleDefinition);
8: web.RoleAssignments.Add(roleAssignment);
and this for win32
Build the sample application
To run the following sample application, you must have the ADsSecurity.dll file and the ADsSecurity.dll file installed. These files are included with the software development kit (SDK) for Active Directory Service Interfaces 2.5. To download the SDK for Active Directory Service Interfaces 2.5, visit the following Microsoft Web site:
http://www.microsoft.com/technet/arch... (http://www.microsoft.com/technet/arch...)
Note To run the sample application, you must have administrative credentials on the computer.
To build the sample application, follow these steps:
1. Start Microsoft Visual Studio .NET or Microsoft Visual Studio 2005.
2. On the File menu, click New, and then click Project.
3. In Visual C# Projects, click Windows Application under Templates.
Note In Visual Studio 2005, Visual C# Projects is changed to Visual C#.
4. In the Name box, type NTFSPermissions, and then click OK.
5. Add a Button control to the Form1 form.
6. On the Project menu, click Add Reference.
7. Click the COM tab, click to select the following items, and then click OK:
* Active DS Type Library
* ADsSecurity 2.5 Type Library
8. Right-click the Form1 form, and then click View Code.
9. Add the following using statements to the top of the source code in the Form1 form.
using ADSSECURITYLib;
using ActiveDs;
10. Add the following method to the Form1 class.
public void SetPermissions(String vPath, String UserName )
{
ADsSecurity objADsSec;
SecurityDescriptor objSecDes;
AccessControlList objDAcl;
AccessControlEntry objAce1;
AccessControlEntry objAce2;
Object objSIdHex;
ADsSID objSId;
objADsSec = new ADsSecurityClass();
objSecDes = (SecurityDescriptor) (objADsSec.GetSecurityDescriptor("FILE://" + vPath));
objDAcl = (AccessControlList)objSecDes.DiscretionaryAcl;
objSId = new ADsSIDClass();
objSId.SetAs((int)ADSSECURITYLib.ADS_SID_FORMAT.ADS_SID_SAM, UserName.ToString());
objSIdHex = objSId.GetAs((int)ADSSECURITYLib.ADS_SID_FORMAT.ADS_SID_SDDL);
// Add a new access control entry (ACE) object (objAce) so that the user has Full Control permissions on NTFS file system files.
objAce1 = new AccessControlEntryClass();
objAce1.Trustee = (objSIdHex).ToString();
objAce1.AccessMask = (int)ActiveDs.ADS_RIGHTS_ENUM.ADS_RIGHT_GENERIC_ALL;
objAce1.AceType = (int)ActiveDs.ADS_ACETYPE_ENUM.ADS_ACETYPE_ACCESS_ALLOWED;
objAce1.AceFlags = (int)ActiveDs.ADS_ACEFLAG_ENUM.ADS_ACEFLAG_INHERIT_ACE | (int)ActiveDs.ADS_ACEFLAG_ENUM.ADS_ACEFLAG_INHERIT_ONLY_ACE | 1;
objDAcl.AddAce(objAce1);
// Add a new access control entry object (objAce) so that the user has Full Control permissions on NTFS file system folders.
objAce2 = new AccessControlEntryClass();
objAce2.Trustee = (objSIdHex).ToString();
objAce2.AccessMask = (int)ActiveDs.ADS_RIGHTS_ENUM.ADS_RIGHT_GENERIC_ALL;
objAce2.AceType = (int)ActiveDs.ADS_ACETYPE_ENUM.ADS_ACETYPE_ACCESS_ALLOWED;
objAce2.AceFlags = (int)ActiveDs.ADS_ACEFLAG_ENUM.ADS_ACEFLAG_INHERIT_ACE | 1;
objDAcl.AddAce(objAce2);
objSecDes.DiscretionaryAcl = objDAcl;
// Set permissions on the NTFS file system folder.
objADsSec.SetSecurityDescriptor(objSecDes,"FILE://" + vPath);
}
11. Click the Form1.cs [Design] tab to switch back to design mode.
12. Double-click button1. Replace the button1_Click event code with the following code.
private void button1_Click(object sender, System.EventArgs e)
{
try
{
// Set
// Set
SetPermissions("C:\\Test", "
MessageBox.Show("Full Access control granted.");
}
catch (Exception ex)
{
MessageBox.Show(ex.Message);
}
}
Note Replace
13. On the Build menu, click Build Solution.
Back to the top
Test the sample application
1. Create a folder in the drive C root folder. Name the folder Test.
2. In Windows Explorer, right-click the Test folder, and then click Properties.
3. In the Test Properties dialog box, click the Security tab.
4. Select the domain account for which you are running this test. If the account is not listed, click Add, and then add the domain account to the list.
5. Under Permissions, click to clear the Full Control check box to restrict the permissions on the Test folder for this user. Then, click OK.
6. Run the NTFSPermission.exe application. By default, Form1 is displayed.
7. Click button1. You receive the following message:
Full Access control granted.
8. Click OK to close the message box.
9. Close the form to quit the application.
10. In Windows Explorer, open the C:\ folder.
11. Right-click the Test folder, and then click Properties.
12. In the Test Properties dialog box, click the Security tab.
13. Select the domain account for which you are running this test, and then verify the permissions on the Test folder.
The specified user now has Full Control permissions on the Test folder.
Ask me if need. This is NTFS only I cn't guarantee correct work with FAT
Mar 18, 2009 - 08:45 AM
Thanks ddrakon.
The web part you posted, does that have anything to do with giving access to a specific folder? I don't exactly understand what it does.
Anyway, I found an easier way of accomplishing it:
string directoryPath = "C:\\Inetpub\\vhosts\\mydomain.com\\httpdocs\\Temp";
DirectoryInfo directory = new DirectoryInfo(directoryPath);
DirectorySecurity dSecurity = directory.GetAccessControl();
FileSystemAccessRule accessRule = new FileSystemAccessRule("ASPNET", FileSystemRights.Modify, InheritanceFlags.None | InheritanceFlags.ContainerInherit | InheritanceFlags.ObjectInherit, PropagationFlags.None, AccessControlType.Allow);
dSecurity.SetAccessRule(accessRule);
directory.SetAccessControl(dSecurity);
The web part you posted, does that have anything to do with giving access to a specific folder? I don't exactly understand what it does.
Anyway, I found an easier way of accomplishing it:
string directoryPath = "C:\\Inetpub\\vhosts\\mydomain.com\\httpdocs\\Temp";
DirectoryInfo directory = new DirectoryInfo(directoryPath);
DirectorySecurity dSecurity = directory.GetAccessControl();
FileSystemAccessRule accessRule = new FileSystemAccessRule("ASPNET", FileSystemRights.Modify, InheritanceFlags.None | InheritanceFlags.ContainerInherit | InheritanceFlags.ObjectInherit, PropagationFlags.None, AccessControlType.Allow);
dSecurity.SetAccessRule(accessRule);
directory.SetAccessControl(dSecurity);
Add New Comment