Hi, Everyone!
I have this code that will get the group permissions of a file and folders.
Now my problem is that groups queried in the system are redundant.
Here's output of the code.
BUILTIN\Users - Modify, Synchronize
NT SERVICE\TrustedInstaller - FullControl
NT SERVICE\TrustedInstaller - FullControl
NT AUTHORITY\SYSTEM - FullControl
NT AUTHORITY\SYSTEM - FullControl
BUILTIN\Administrators - FullControl
BUILTIN\Users - ReadAndExecute, Synchronize
BUILTIN\Users - ReadAndExecute, Synchronize
CREATOR OWNER - FullControl
My expected output:
BUILTIN\Users - Modify, Synchronize
BUILTIN\Users - ReadAndExecute, Synchronize
NT SECVICE\TrustedInstaller - FullControl
NT AUTHORITY\SYSTEM - FullControl
BUILTIN\Administrators - FullControl
CREATOR OWNER - FullControl
I got the some of the codes from the blog: Permissions Not Included In .NET AccessRule.FileSystemRights Enum « Cjwdev
Can someone help me on this?
Thank you.
Regards,
Jeff
I have this code that will get the group permissions of a file and folders.
Now my problem is that groups queried in the system are redundant.
Here's output of the code.
BUILTIN\Users - Modify, Synchronize
NT SERVICE\TrustedInstaller - FullControl
NT SERVICE\TrustedInstaller - FullControl
NT AUTHORITY\SYSTEM - FullControl
NT AUTHORITY\SYSTEM - FullControl
BUILTIN\Administrators - FullControl
BUILTIN\Users - ReadAndExecute, Synchronize
BUILTIN\Users - ReadAndExecute, Synchronize
CREATOR OWNER - FullControl
My expected output:
BUILTIN\Users - Modify, Synchronize
BUILTIN\Users - ReadAndExecute, Synchronize
NT SECVICE\TrustedInstaller - FullControl
NT AUTHORITY\SYSTEM - FullControl
BUILTIN\Administrators - FullControl
CREATOR OWNER - FullControl
VB.NET:
Imports System.Security.AccessControl
Imports Microsoft.Win32
Class MainWindow
Public Enum GenericRights As Integer
GENERIC_READ = &H80000000
GENERIC_WRITE = &H40000000
GENERIC_EXECUTE = &H20000000
GENERIC_ALL = &H10000000
End Enum
Public Enum MappedGenericRights As Integer
FILE_GENERIC_EXECUTE = FileSystemRights.ExecuteFile Or FileSystemRights.ReadPermissions Or FileSystemRights.ReadAttributes Or FileSystemRights.Synchronize
FILE_GENERIC_READ = FileSystemRights.ReadAttributes Or FileSystemRights.ReadData Or FileSystemRights.ReadExtendedAttributes Or FileSystemRights.ReadPermissions Or FileSystemRights.Synchronize
FILE_GENERIC_WRITE = FileSystemRights.AppendData Or FileSystemRights.WriteAttributes Or FileSystemRights.WriteData Or FileSystemRights.WriteExtendedAttributes Or FileSystemRights.ReadPermissions Or FileSystemRights.Synchronize
FILE_GENERIC_ALL = FileSystemRights.FullControl
End Enum
Public Shared Function MapGenericRightsToFileSystemRights(ByVal OriginalRights As FileSystemRights) As FileSystemRights
Dim MappedRights As FileSystemRights = Nothing
If CBool(OriginalRights And GenericRights.GENERIC_EXECUTE) Then
MappedRights = CType(MappedRights Or MappedGenericRights.FILE_GENERIC_EXECUTE, FileSystemRights)
End If
If CBool(OriginalRights And GenericRights.GENERIC_READ) Then
MappedRights = CType(MappedRights Or MappedGenericRights.FILE_GENERIC_READ, FileSystemRights)
End If
If CBool(OriginalRights And GenericRights.GENERIC_WRITE) Then
MappedRights = CType(MappedRights Or MappedGenericRights.FILE_GENERIC_WRITE, FileSystemRights)
End If
If CBool(OriginalRights And GenericRights.GENERIC_ALL) Then
MappedRights = CType(MappedRights Or MappedGenericRights.FILE_GENERIC_ALL, FileSystemRights)
End If
Return MappedRights
End Function
Private Sub btnSubmit_Click(ByVal sender As System.Object, ByVal e As System.Windows.RoutedEventArgs) Handles btnSubmit.Click
txtDirPath.Text = "C:\Program Files\TestFolder"
txtFilePath.Text = "C:\Program Files\TestFolder\TestFile.txt"
Dim Folder As New IO.DirectoryInfo(txtDirPath.Text)
Dim File As New IO.FileInfo(txtFilePath.Text)
For Each Rule As Security.AccessControl.FileSystemAccessRule In Folder.GetAccessControl(Security.AccessControl.AccessControlSections.Access).GetAccessRules(True, True, GetType(Security.Principal.NTAccount))
Dim FullPermissions As FileSystemRights = Rule.FileSystemRights
FullPermissions = FullPermissions Or MapGenericRightsToFileSystemRights(FullPermissions)
FullPermissions = CType(FullPermissions << 8, FileSystemRights)
FullPermissions = CType(FullPermissions >> 8, FileSystemRights)
lstSecurity.Items.Add(Rule.IdentityReference.Value & " - " & FullPermissions.ToString)
Next
For Each Rule As Security.AccessControl.FileSystemAccessRule In File.GetAccessControl(Security.AccessControl.AccessControlSections.Access).GetAccessRules(True, True, GetType(Security.Principal.NTAccount))
Dim FullPermissions As FileSystemRights = Rule.FileSystemRights
FullPermissions = FullPermissions Or MapGenericRightsToFileSystemRights(FullPermissions)
FullPermissions = CType(FullPermissions << 8, FileSystemRights)
FullPermissions = CType(FullPermissions >> 8, FileSystemRights)
lstFileSecurity.Items.Add(Rule.IdentityReference.Value & " - " & FullPermissions.ToString)
Next
End Sub
End ClassI got the some of the codes from the blog: Permissions Not Included In .NET AccessRule.FileSystemRights Enum « Cjwdev
Can someone help me on this?
Thank you.
Regards,
Jeff
