472,146 Members | 1,434 Online
Bytes | Software Development & Data Engineering Community
Post +

Home Posts Topics Members FAQ

Join Bytes to post your question to a community of 472,146 software developers and data experts.

Add and Remove Folder Permissions in VB.Net


I'm using WMI to set and remove folderpermissions and it sems to work
fine, sometimes. I start by having the folderpermissons manuly set to
Everyone and Everone has full rights. When I'm setting and removing
permissons on a mapped folder in the network it works fine but when
doing the same thing on a folder om my harddrive Everyone does not get
Does anyone have any idea how to fix this or how to set and remove
folderpermissons in another way.
Here is the code I'm using:
'Path to folder to change permissions for

Dim mp As New ManagementPath()

'mp.Server = "servername"

'mp.NamespacePath = "root\cimv2"

mp.RelativePath =
"\\MASCHINENAME\root\CIMV2:Win32_LogicalFileSecuri tySetting.Path=""PATHTOFOLDER"""
'"Win32_LogicalFileSecuritySetting.Path='" +
path.Replace("\", "\\") + "'"
Dim objFile As New ManagementObject(mp)

Dim options As New InvokeMethodOptions(Nothing, New
TimeSpan(0, 0, 0, 5))

Dim outparams As ManagementBaseObject =
objFile.InvokeMethod("GetSecurityDescriptor", Nothing, options)

Dim securityDescriptor As ManagementBaseObject =

lblMessage.Text += "Got SD...<br>"

Dim dacl As ManagementBaseObject() =

Dim oldACE As ManagementBaseObject

Dim trustee As ManagementBaseObject

lblMessage.Text += "Print old DACL<br>"

For Each oldACE In dacl

trustee = CType(oldACE("Trustee"),

lblMessage.Text += trustee("Name").ToString() & " " &
oldACE("AccessMask").ToString() & " " & oldACE("AceType").ToString() &


Dim win32Trustee As New ManagementClass("Win32_Trustee")

'Create Trustee for User

Dim newTrusteeUser As ManagementObject =

Dim UserAcct As String = "LDAP string to user in
AD (without LDAP://)"

Dim UserNamePath As String = "LDAP://" & UserAcct

Dim dirEnt As New DirectoryEntry(UserNamePath)

Dim UserName As String =

Dim UserSid As Byte() = dirEnt.Properties("objectsid")(0)


newTrusteeUser("Name") = UserName

newTrusteeUser("SID") = UserSid

newTrusteeUser("SIDLength") = UserSid.Length

'Create ACE for User

Dim win32Ace As New ManagementClass("Win32_ACE")

Dim newACEUser As ManagementObject =

newACEUser("Trustee") = newTrusteeUser

newACEUser("AceFlags") = 3

newACEUser("AceType") = 0

newACEUser("AccessMask") = 1179817

'Create Trustee for Domain Admin

Dim newTrusteeAdmin As ManagementObject =

Dim AdminAcct As String ="LDAP string to Domain Admins in
AD (without LDAP://)"

Dim AdminNamePath As String = "LDAP://" & AdminAcct

dirEnt = New DirectoryEntry(AdminNamePath)

Dim AdminName As String =

Dim adminSid As Byte() = dirEnt.Properties("objectsid")(0)


newTrusteeAdmin("Name") = AdminName

newTrusteeAdmin("SID") = adminSid

newTrusteeAdmin("SIDLength") = adminSid.Length

'Create ACE for Domain Admins

Dim newACEAdmin As ManagementObject =

newACEAdmin("Trustee") = newTrusteeAdmin

newACEAdmin("AceFlags") = 3

newACEAdmin("AceType") = 0

newACEAdmin("AccessMask") = 2032127

'set new dacl

Dim newAces() As ManagementBaseObject = New
ManagementBaseObject() {newACEUser, newACEAdmin}

securityDescriptor("DACL") = newAces

'call method, set sd

Dim args1() As Object = {securityDescriptor}

Dim retval As UInt32 =
objFile.InvokeMethod("SetSecurityDescriptor", args1)

lblMessage.Text += "<br>SetSecurityDescriptor ReturnStatus
= " & System.Convert.ToInt32(retval)
Catch ex As Exception

lblMessage.Text = "Setting permission failed: " &

End Try

End Sub
Nov 20 '05 #1
0 3513

This discussion thread is closed

Replies have been disabled for this discussion.

Similar topics

reply views Thread by Andrew Crowe | last post: by
7 posts views Thread by Kim Lots | last post: by
1 post views Thread by Codex Twin | last post: by
6 posts views Thread by Jeff | last post: by
2 posts views Thread by skinnybloke | last post: by
6 posts views Thread by Andy Fish | last post: by
reply views Thread by leo001 | last post: by

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.