使用DirectoryServices给文件添加访问权限
using System;
using System.Collections;
using ActiveDs;
namespace PardesiServices.FixFilePermission
{
class FileSecurity
{
[STAThread]
static void Main(string[] args)
{
string strFile = @"D:\mmcInst.log";
try
{
ADsSecurityUtilityClass secuUtil = new ADsSecurityUtilityClass();
object ob = secuUtil.GetSecurityDescriptor(
strFile,
(int)ActiveDs.ADS_PATHTYPE_ENUM.ADS_PATH_FILE,
(int)ActiveDs.ADS_SD_FORMAT_ENUM.ADS_SD_FORMAT_IID);
if (null != ob)
{
ActiveDs.IADsSecurityDescriptor sd =
(IADsSecurityDescriptor)ob;
ActiveDs.IADsAccessControlList obDacl =
(ActiveDs.IADsAccessControlList)sd.DiscretionaryAcl;
bool bAddAce = true;
IEnumerator obAceEnum = obDacl.GetEnumerator();
while (obAceEnum.MoveNext())
{
IADsAccessControlEntry obAce =
(IADsAccessControlEntry)obAceEnum.Current;
Console.WriteLine("Trustee: {0}", obAce.Trustee);
// Check if "ASPNET" account is trustee of ACE or not.
if (obAce.Trustee.IndexOf("ASPNET") != -1)
{
// Check if this is a ALOWED Ace or not.
if (obAce.AceType ==
(int)ADS_ACETYPE_ENUM.ADS_ACETYPE_ACCESS_ALLOWED)
{
bAddAce = false;
}
}
}
// If bAddAce flag is set, then we will add it.
if (bAddAce)
{
AccessControlEntryClass obNewAce =
new AccessControlEntryClass();
obNewAce.AceType =
(int)ADS_ACETYPE_ENUM.ADS_ACETYPE_ACCESS_ALLOWED;
obNewAce.Trustee = @"ASPNET";
obNewAce.AccessMask = -1;
obDacl.AddAce(obNewAce);
sd.DiscretionaryAcl = obDacl;
secuUtil.SetSecurityDescriptor(
strFile,
(int)ADS_PATHTYPE_ENUM.ADS_PATH_FILE,
sd,
(int)ADS_SD_FORMAT_ENUM.ADS_SD_FORMAT_IID);
}
}
}
catch (Exception ex)
{
Console.WriteLine(ex.Message);
}
}
}
}
using System.Collections;
using ActiveDs;
namespace PardesiServices.FixFilePermission
{
class FileSecurity
{
[STAThread]
static void Main(string[] args)
{
string strFile = @"D:\mmcInst.log";
try
{
ADsSecurityUtilityClass secuUtil = new ADsSecurityUtilityClass();
object ob = secuUtil.GetSecurityDescriptor(
strFile,
(int)ActiveDs.ADS_PATHTYPE_ENUM.ADS_PATH_FILE,
(int)ActiveDs.ADS_SD_FORMAT_ENUM.ADS_SD_FORMAT_IID);
if (null != ob)
{
ActiveDs.IADsSecurityDescriptor sd =
(IADsSecurityDescriptor)ob;
ActiveDs.IADsAccessControlList obDacl =
(ActiveDs.IADsAccessControlList)sd.DiscretionaryAcl;
bool bAddAce = true;
IEnumerator obAceEnum = obDacl.GetEnumerator();
while (obAceEnum.MoveNext())
{
IADsAccessControlEntry obAce =
(IADsAccessControlEntry)obAceEnum.Current;
Console.WriteLine("Trustee: {0}", obAce.Trustee);
// Check if "ASPNET" account is trustee of ACE or not.
if (obAce.Trustee.IndexOf("ASPNET") != -1)
{
// Check if this is a ALOWED Ace or not.
if (obAce.AceType ==
(int)ADS_ACETYPE_ENUM.ADS_ACETYPE_ACCESS_ALLOWED)
{
bAddAce = false;
}
}
}
// If bAddAce flag is set, then we will add it.
if (bAddAce)
{
AccessControlEntryClass obNewAce =
new AccessControlEntryClass();
obNewAce.AceType =
(int)ADS_ACETYPE_ENUM.ADS_ACETYPE_ACCESS_ALLOWED;
obNewAce.Trustee = @"ASPNET";
obNewAce.AccessMask = -1;
obDacl.AddAce(obNewAce);
sd.DiscretionaryAcl = obDacl;
secuUtil.SetSecurityDescriptor(
strFile,
(int)ADS_PATHTYPE_ENUM.ADS_PATH_FILE,
sd,
(int)ADS_SD_FORMAT_ENUM.ADS_SD_FORMAT_IID);
}
}
}
catch (Exception ex)
{
Console.WriteLine(ex.Message);
}
}
}
}
 
                    
                     
                    
                 
                    
                 
                
            
         
         浙公网安备 33010602011771号
浙公网安备 33010602011771号