FileSystemAccessRule: everyone group

Tuesday, May 29, 2007 3:46 PMvistapolar

0
I am developping an installer class and I want to set specific permissions for all users. I know that this is possible with a code like this:

Dim dirSec As New DirectorySecurity

dirSec = Directory.GetAccessControl(dirPath)

dirSec.AddAccessRule(New FileSystemAccessRule("Everyone", FileSystemRights.FullControl, InheritanceFlags.ContainerInherit Or InheritanceFlags.ObjectInherit, PropagationFlags.InheritOnly, AccessControlType.Allow))

Directory.SetAccessControl(dirPath, dirSec)

Unhopefully I need this code to be valid for computers with different InstalledUICulture. For instance I know that in German it is sufficient to replace "Everyone" with "Jeder". Is it possible to call a method that permits to generalize the code for every language of the operating system?

Thanks in advance
- Reply
- Quote

All Replies

Friday, January 18, 2008 1:50 PMsatankidneypie

1
This will give you the "Everyone" string that you require for each version of the OS e.g. English, German etc.

System.Security.Principal.SecurityIdentifier sid = new System.Security.Principal.SecurityIdentifier(System.Security.Principal.WellKnownSidType.WorldSid, null);
System.Security.Principal.NTAccount acct = sid.Translate(typeof(System.Security.Principal.NTAccount)) as System.Security.Principal.NTAccount ;
string strEveryoneAccount = acct.ToString();

try
{

System.Security.AccessControl.FileSecurity sec = System.IO.File.GetAccessControl(FILENAME);

sec.AddAccessRule(new System.Security.AccessControl.FileSystemAccessRule(

strEveryoneAccount,

System.Security.AccessControl.FileSystemRights.FullControl,

System.Security.AccessControl.AccessControlType.Allow));

File.SetAccessControl(FILENAME, sec);
}
catch(UnauthorizedAccessException)
{

// handle permissions problem
}
- Proposed As Answer bycrashSmoke Thursday, March 19, 2009 1:52 PM
- Reply
- Quote
Friday, June 15, 2007 12:00 AMTheArcticOwl

0
Hello !

Use SID strings instead of symbolic names like "Everyone", "BUILTIN\Users" etc.

For "Everyone" SID = "S-1-1-0". You can look it (and other well known SIDs) up in WinNT.h.

AddAccessRule("S-1-1-0", ...,..);

Also - here is a link to a helpful article -- http://support/microsoft.com/kb/243330.

gl
- Reply
- Quote
Thursday, November 06, 2008 1:12 PMcommoduss

0
thank you satankidneypie you saved my life
- Reply
- Quote
Monday, March 09, 2009 6:53 PMSteve_K

0
I am having trouble to get the below translated to VB.NET ... can someone help? TIA!

System.Security.Principal.SecurityIdentifier sid = new System.Security.Principal.SecurityIdentifier(System.Security.Principal.WellKnownSidType.WorldSid, null);
System.Security.Principal.NTAccount acct = sid.Translate(typeof(System.Security.Principal.NTAccount)) as System.Security.Principal.NTAccount ;
string strEveryoneAccount = acct.ToString();
- Reply
- Quote
Tuesday, March 10, 2009 7:47 AMSteve_K

0
Nevermind ... got it:

        Dim sid As New System.Security.Principal.SecurityIdentifier(System.Security.Principal.WellKnownSidType.WorldSid, Nothing)
        Dim acct As System.Security.Principal.NTAccount = TryCast(sid.Translate(GetType(System.Security.Principal.NTAccount)), System.Security.Principal.NTAccount)
        Dim strEveryoneAccount As String = acct.ToString()
- Reply
- Quote
Thursday, March 19, 2009 1:52 PMcrashSmoke

0
Awesomely helpful - thanks dude!!
354 Errors.... must have missed a semi-colon somewhere
- Reply
- Quote