On XP and higher one can use the DirectoryServices namespace and a little
help from the native ADSI provider's class "ADsSecurityUtilityClass".
Following dumps a SD in hex to the console:
SecurityDescriptor sd = null;
// Use ADsSecurityUtilityClass available on XP and W2K3(add a reference to
activeds.tlb or create an IA)
ADsSecurityUtilityClass asu = new ADsSecurityUtilityClass();
using(DirectoryEntry user = new
DirectoryEntry("LDAP://someDC/CN=administrator,cn=users,DC=celeb,DC=w2kdom,DC=co m")
sd = user.Properties["ntSecurityDescriptor"].Value as SecurityDescriptor;
object sdInHex = asu.ConvertSecurityDescriptor(sd,
(int)ADS_SD_FORMAT_ENUM.ADS_SD_FORMAT_IID,
(int)ADS_SD_FORMAT_ENUM.ADS_SD_FORMAT_HEXSTRING);
Console.WriteLine(sdInHex.ToString());
}
Willy.
"M. Sharma" <msharma@nospamrogers> wrote in message
news:MZ********************@rogers.com...
Hello
How can we store the "security descriptor" property of an AD object in c#?
Is it possible to save it in a text file, so that it can be used to
compare later ?
Is there any other newsgroup where this could be asked ?
Please help
Thanks