locked
FileSystemSecurity.GetAccessRules does not return all rules RRS feed

  • Question

  • Hi,

    I'm trying to find files and directories with an ACE that points to an already deleted user. In Windows Explorer, in the file properties windows, on the security tab, that user's SID is shown because the name cannot be resolved anymore. Though it's correctly listed.

    There is this piece of code:

    sec = file.GetAccessControl()                                    ''File being a System.IO.FileSystemInfo object
    rules = sec.GetAccessRules(True, True, _TypeSecurityIdentifier)  ''_TypeSecurityIdentifier = GetType(System.Security.Principal.SecurityIdentifier)

    At runtime, 'file' points to one of the concerned files. In Windows Explorer, four access rules are listed.

    My problem is: The 'rules' collection above returns only three of them. The one referring to the deleted user is not included. Why? What can I do to make GetAccessRules return all existing rules? Intentionally specifying the SecurityIdentifier type as the 3rd argument instead of the NTAccount type obviously doesn't help.

    Thanks


    Armin

    Monday, August 17, 2020 4:46 PM

Answers

  • Accidently I passed the security information of the containing directory, not of the file in question. So the problem was within the caller of the function containing the code in my first post.


    Armin


    Tuesday, August 18, 2020 1:38 AM

All replies

  • Problem solved. The cause is too embarrassing to mention. (as to be expected it was not a problem of the GetAccessRules function...)

    Armin

    Monday, August 17, 2020 6:16 PM
  • Hi Armin Zingler,

    I'm glad to hear that you have solved your problem.

    Could you share your solution and mark it as answer ? It will help other members to find the solution quickly if they face a similar issue.

    Best Regards,

    Xingyu Zhao


    MSDN Community Support
    Please remember to click "Mark as Answer" the responses that resolved your issue, and to click "Unmark as Answer" if not. This can be beneficial to other community members reading this thread. If you have any compliments or complaints to MSDN Support, feel free to contact MSDNFSF@microsoft.com.

    Tuesday, August 18, 2020 1:30 AM
  • Accidently I passed the security information of the containing directory, not of the file in question. So the problem was within the caller of the function containing the code in my first post.


    Armin


    Tuesday, August 18, 2020 1:38 AM