473,326 Members | 2,013 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

Join Bytes to post your question to a community of 473,326 software developers and data experts.

ACE order in ACL

Even when I add (or think I do!) a new ACL in the correct order
according to http://support.microsoft.com/default...b;en-us;269159
I still get errors when trying to view the security permissions on
newley created child objects on XP. I've been twekaing the constants
all day with mixed results, but not once have I not got the "The
permissions on xxx are incorrectly ordered..." message, what am I
doing wrong??? Here's my code (what for line breaks)...

Module StartUp
Const defaultAccessMask As ActiveDs.ADS_RIGHTS_ENUM =
ActiveDs.ADS_RIGHTS_ENUM.ADS_RIGHT_GENERIC_READ +
ActiveDs.ADS_RIGHTS_ENUM.ADS_RIGHT_GENERIC_WRITE +
ActiveDs.ADS_RIGHTS_ENUM.ADS_RIGHT_GENERIC_EXECUTE +
ActiveDs.ADS_RIGHTS_ENUM.ADS_RIGHT_DELETE
Const defaultAceFlags As ActiveDs.ADS_ACEFLAG_ENUM =
ActiveDs.ADS_ACEFLAG_ENUM.ADS_ACEFLAG_INHERIT_ACE
Const defaultAceType As ActiveDs.ADS_ACETYPE_ENUM =
ActiveDs.ADS_ACETYPE_ENUM.ADS_ACETYPE_ACCESS_ALLOW ED

Sub Main()
Call PermissionFolder("C:\Program Files\test",
"somedomain\user1234", defaultAccessMask, defaultAceFlags,
defaultAceType)
Call ListACEs("C:\Program Files\test")
End Sub

Sub PermissionFolder(ByVal folderPath As String, ByVal trustee As
String, ByVal accessMask As ActiveDs.ADS_RIGHTS_ENUM, ByVal aceFlags
As ActiveDs.ADS_ACEFLAG_ENUM, ByVal aceType As
ActiveDs.ADS_ACETYPE_ENUM)
Dim adsSecurity As New ActiveDs.ADsSecurityUtilityClass
Dim adsDescriptor As ActiveDs.SecurityDescriptor
Dim folderACL As ActiveDs.AccessControlList
Dim newACE As New ActiveDs.AccessControlEntry

adsDescriptor = adsSecurity.GetSecurityDescriptor(folderPath,
ActiveDs.ADS_PATHTYPE_ENUM.ADS_PATH_FILE,
ActiveDs.ADS_SD_FORMAT_ENUM.ADS_SD_FORMAT_IID)
folderACL = adsDescriptor.DiscretionaryAcl()

newACE.Trustee = trustee
newACE.AccessMask = accessMask
newACE.AceFlags = aceFlags
newACE.AceType = aceType

folderACL.AddAce(newACE)
adsDescriptor.DiscretionaryAcl = OrderACL(folderACL)
adsSecurity.SetSecurityDescriptor(folderPath,
ActiveDs.ADS_PATHTYPE_ENUM.ADS_PATH_FILE, adsDescriptor,
ActiveDs.ADS_SD_FORMAT_ENUM.ADS_SD_FORMAT_IID)
End Sub

Function OrderACL(ByVal dacl As ActiveDs.AccessControlList) As
ActiveDs.AccessControlList
Dim impDenyDACL As New ActiveDs.AccessControlList
Dim impDenyObjectDACL As New ActiveDs.AccessControlList
Dim impAllowDACL As New ActiveDs.AccessControlList
Dim impAllowObjectDACL As New ActiveDs.AccessControlList
Dim inheritedDACL As New ActiveDs.AccessControlList
Dim ace As ActiveDs.AccessControlEntry
Dim returnDACL As New ActiveDs.AccessControlList

For Each ace In dacl

If ace.AceFlags =
ActiveDs.ADS_ACEFLAG_ENUM.ADS_ACEFLAG_INHERITED_AC E Then
inheritedDACL.AddAce(ace)
Else

Select Case ace.AceType
Case
ActiveDs.ADS_ACETYPE_ENUM.ADS_ACETYPE_ACCESS_ALLOW ED
impAllowDACL.AddAce(ace)
Case
ActiveDs.ADS_ACETYPE_ENUM.ADS_ACETYPE_ACCESS_DENIE D
impDenyDACL.AddAce(ace)
Case
ActiveDs.ADS_ACETYPE_ENUM.ADS_ACETYPE_ACCESS_ALLOW ED_OBJECT
impAllowObjectDACL.AddAce(ace)
Case
ActiveDs.ADS_ACETYPE_ENUM.ADS_ACETYPE_ACCESS_DENIE D_OBJECT
impDenyObjectDACL.AddAce(ace)
End Select

End If

Next

For Each ace In impDenyDACL
returnDACL.AddAce(ace)
Next

For Each ace In impDenyObjectDACL
returnDACL.AddAce(ace)
Next

For Each ace In impAllowDACL
returnDACL.AddAce(ace)
Next

For Each ace In impAllowObjectDACL
returnDACL.AddAce(ace)
Next

For Each ace In inheritedDACL
returnDACL.AddAce(ace)
Next

returnDACL.AclRevision = dacl.AclRevision

Return returnDACL
End Function

Sub ListACEs(ByVal folderPath As String)
Dim securityObj As New ActiveDs.ADsSecurityUtilityClass
Dim descriptorObj As ActiveDs.SecurityDescriptor
Dim aclObj As ActiveDs.AccessControlList
Dim aceObj As ActiveDs.AccessControlEntry
Dim aceOutput As String

descriptorObj = securityObj.GetSecurityDescriptor(folderPath,
ActiveDs.ADS_PATHTYPE_ENUM.ADS_PATH_FILE,
ActiveDs.ADS_SD_FORMAT_ENUM.ADS_SD_FORMAT_IID)
aclObj = descriptorObj.DiscretionaryAcl()

For Each aceObj In aclObj
aceOutput = aceOutput & aceObj.Trustee & vbTab &
aceObj.AccessMask & vbTab & aceObj.AceFlags & vbTab & aceObj.AceType &
vbTab & aceObj.InheritedObjectType & vbCrLf
Next

MessageBox.Show(aceOutput)
End Sub
End Module
Nov 21 '05 #1
0 971

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

7
by: svilen | last post by:
hello again. i'm now into using python instead of another language(s) for describing structures of data, including names, structure, type-checks, conversions, value-validations, metadata etc....
9
by: Steven T. Hatton | last post by:
The following works: template <typename T> struct ID3M{ static const T ID; }; template <typename T> const T ID3M<T>::ID = {{1,0,0},{0,1,0},{0,0,1}};
15
by: | last post by:
The data file is a simple Unicode file with lines of text. BCP apparently doesn't guarantee this ordering, and neither does the import tool. I want to be able to load the data either sequentially...
27
by: Abdullah Kauchali | last post by:
Hi folks, Can one rely on the order of keys inserted into an associative Javascript array? For example: var o = new Object(); o = "Adam"; o = "Eve";
8
by: kaosyeti | last post by:
i have a (hopefully) small problem. i have created a system where a user enters customer information into a table through a form. this table has no primary key. there are 9 fields on the form to...
104
by: Beowulf | last post by:
I have the view below and if I use vwRouteReference as the rowsource for a combo box in an MS Access form or run "SELECT * FROM vwRouteReference" in SQL Query Analyzer, the rows don't come through...
13
by: bevanward | last post by:
Hi All I am finding unexpected results when inserted into a newly created table that has a field of datatype int identity (1,1). Basically the order I sort on when inserting into the table is...
3
by: Hartmut Dippon | last post by:
Hi all, I hope somebody can help me with following problem: I have an application where I can drag&drop files/dirs from within explorer onto my form. If multiple files/dirs are selected I...
54
by: Rasjid | last post by:
Hello, I have just joined and this is my first post. I have never been able to resolve the issue of order of evaluation in C/C++ and the related issue of precedence of operators, use of...
25
by: DanicaDear | last post by:
Hello again Bytes...I missed you! First, background: In a hotstick lab, we ship orders every two years. We ship a new order and the customer uses the new box to return the previous year's order....
0
by: DolphinDB | last post by:
Tired of spending countless mintues downsampling your data? Look no further! In this article, you’ll learn how to efficiently downsample 6.48 billion high-frequency records to 61 million...
0
by: ryjfgjl | last post by:
ExcelToDatabase: batch import excel into database automatically...
0
isladogs
by: isladogs | last post by:
The next Access Europe meeting will be on Wednesday 6 Mar 2024 starting at 18:00 UK time (6PM UTC) and finishing at about 19:15 (7.15PM). In this month's session, we are pleased to welcome back...
0
by: Vimpel783 | last post by:
Hello! Guys, I found this code on the Internet, but I need to modify it a little. It works well, the problem is this: Data is sent from only one cell, in this case B5, but it is necessary that data...
0
by: jfyes | last post by:
As a hardware engineer, after seeing that CEIWEI recently released a new tool for Modbus RTU Over TCP/UDP filtering and monitoring, I actively went to its official website to take a look. It turned...
1
by: PapaRatzi | last post by:
Hello, I am teaching myself MS Access forms design and Visual Basic. I've created a table to capture a list of Top 30 singles and forms to capture new entries. The final step is a form (unbound)...
1
by: Defcon1945 | last post by:
I'm trying to learn Python using Pycharm but import shutil doesn't work
1
by: Shællîpôpï 09 | last post by:
If u are using a keypad phone, how do u turn on JavaScript, to access features like WhatsApp, Facebook, Instagram....
0
isladogs
by: isladogs | last post by:
The next Access Europe User Group meeting will be on Wednesday 3 Apr 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM). In this session, we are pleased to welcome former...

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.