Reputation: 205

c# Grant user access to network folder using ad service account

I want to grant full access / revoke access to network share folders (I could work with it as a mapped drive as well) using active directory admin account.

How can I File.GetAccessControl, .RemoveAccessRule and .AddAccessRule as active directory admin service account who is at the same time an admin of the network share folders?

Upvotes: 0

Answers (1)

Falanor

Reputation: 206

Here is a snippet I used to do this.

    private void EditAccess(List<string> userlist, string folder)
    {

        foreach (string user in userlist)
        {

            var AccessRule = new FileSystemAccessRule(user, FileSystemRights.FullControl,
                InheritanceFlags.None,
                PropagationFlags.NoPropagateInherit,
                AccessControlType.Allow);

            DirectoryInfo rootFolder = new DirectoryInfo(folder);
            DirectorySecurity rootSec = rootFolder.GetAccessControl(AccessControlSections.Access);

            bool Result;

            rootSec.ModifyAccessRule(AccessControlModification.Set, AccessRule, out Result);

            InheritanceFlags iFlags = InheritanceFlags.ContainerInherit | InheritanceFlags.ObjectInherit;
            AccessRule = new FileSystemAccessRule(user, FileSystemRights.FullControl, iFlags, PropagationFlags.InheritOnly, AccessControlType.Allow);
            rootSec.ModifyAccessRule(AccessControlModification.Add, AccessRule, out Result);

            rootFolder.SetAccessControl(rootSec);


        }
    }

Upvotes: 2

c# Grant user access to network folder using ad service account

Answers (1)

Related Questions