Three options:
1.Use System.Director yServices when running XP or higher.
As a sample, following retrieves a DACL from a registry key.
using System;
using System.Director yServices;
using System.Runtime. InteropServices ;
// Use ADsSecurityUtil ityClass available on XP and higher (activeds.dll)
// Interop Assembly created with tlbimp.exe from activeds.tlb,
// or by setting a reference to the typelib from within the IDE
using activedsnet;
class Tester {
public static void Main() {
// Local registry object
string regPath = @"HKEY_LOCAL_MA CHINE\SOFTWARE\ Microsoft";
SecurityDescrip tor sd = null;
AccessControlLi st dacl = null;
ADsSecurityUtil ityClass asu = new ADsSecurityUtil ityClass();
// Get DACL Group and OWNER info
asu.SecurityMas k = (int)(ADS_SECUR ITY_INFO_ENUM.A DS_SECURITY_INF O_DACL) |
(int)(ADS_SECUR ITY_INFO_ENUM.A DS_SECURITY_INF O_GROUP)|
(int)(ADS_SECUR ITY_INFO_ENUM.A DS_SECURITY_INF O_OWNER);
try {
sd = asu.GetSecurity Descriptor(regP ath,
(int)ADS_PATHTY PE_ENUM.ADS_PAT H_REGISTRY,
(int)ADS_SD_FOR MAT_ENUM.ADS_SD _FORMAT_IID) as SecurityDescrip tor;
}
catch(COMExcept ion ce)
{
// Be sure logon user has access to local/remote system
Console.WriteLi ne(ce.Message);
return;
}
// Get DACL from SD
dacl = sd.Discretionar yAcl as AccessControlLi st;
if (dacl != null) {
Console.WriteLi ne("Control: {0}", sd.Control);
Console.WriteLi ne("Owner: {0}", sd.Owner);
Console.WriteLi ne("Group: {0}", sd.Group);
Console.WriteLi ne("Revision: {0}", sd.Revision);
DumpDacl(dacl);
}
}
static void DumpDacl(IADsAc cessControlList dacl)
{
IADsAccessContr olEntry ace = null;
Console.WriteLi ne("------- No. of ACE's {0}-----------", dacl.AceCount);
foreach(object ac in dacl) {
ace = ac as IADsAccessContr olEntry;
Console.WriteLi ne("Access : {0}", Enum.Format(typ eof(ADS_RIGHTS_ ENUM),
ace.AccessMask, "F"));
Console.WriteLi ne(ace.Trustee) ;
Console.WriteLi ne("ACE flags {0}",
Enum.Format(typ eof(ADS_ACEFLAG _ENUM),ace.AceF lags, "x"));
Console.WriteLi ne("ACE type: {0}",
((ADS_ACETYPE_E NUM)ace.AceType ).ToString());
Console.WriteLi ne("----------------");
}
}
}
//--------------
2. Use System.Manageme nt on W2K or higher
3. Use PInvoke interop to use Win32 API's.
Willy.
"Ashok" <as******@hotma il.com> wrote in message
news:11******** **************@ f14g2000cwb.goo glegroups.com.. .
Hello
I need to programmaticall y change the permissions (ACL) on a specific
registry key in a .NET app. Is there a way to do this in .NET?
Thanks for the help,
Ashok