Expand|Select|Wrap|Line Numbers
- Public Sub fixacl(ByVal grouppath As String)
- Dim oSecurityDescriptor As New ActiveDs.SecurityDescriptor
- Dim dacl As New ActiveDs.AccessControlList
- Dim ace As New ActiveDs.AccessControlEntry
- Dim group As New DirectoryServices.DirectoryEntry(grouppath)
- 'On Error Resume Next
- oSecurityDescriptor = group.Properties("ntSecurityDescriptor").Value
- dacl = oSecurityDescriptor.DiscretionaryAcl
- lblStat.Text = "Setting groups ACL"
- lblStat.BackColor = Color.Yellow
- lblStat.Update()
- For Each ace In dacl
- If ace.Trustee = "ABC\Domain Admins" _
- Or ace.Trustee = "BUILTIN\Account Operators" _
- Or ace.Trustee = "BUILTIN\Windows Authorization Access Group" _
- Or ace.Trustee = "ABC\grpname" Then
- dacl.RemoveAce(ace)
- End If
- Next
- group.Properties("ntSecurityDescriptor").Value = dacl
- group.CommitChanges()
- End Sub
An unhandled exception of type 'System.Runtime.InteropServices.COMException' occurred in system.directoryservices.dll
Additional information: One or more input parameters are invalid
Anyone have any ideas on this? i've never worked with programming of ACL's before so this is new to me. and i cannot seem to find anything to help me out with this.