Active Directory Accesing the Windows System File RRS feed

  • Question

  • User-645516142 posted

    Someone know if it's possible to access the Windows System File through Active Directory in .NET, and how to do it? What I want to do is a application that allow users to access through the web to the Active Directory Server and after a autentification process allow them to access to de Windows System Files.
    What I have found on Internet are examples about getting a list of users and computers, but nothing about getting a list of the files that a user can access on the AD Server.
    If anyone knows what I have to do or point me on the right direction, it will be much appreciated.

    Saturday, February 25, 2006 5:52 PM

All replies

  • User1354132231 posted
    Sorry, you are looking in the wrong direction.  AD has nothing to do with the file system.  The only interaction that AD provides with files is that once you access a file, it holds a security descriptor (DACL) that has some access information that can (but doesn't have to) hold a SID for a domain account.  No other domain information is on there and AD is not used for it.

    You would need to iterate each file in the system and the SID associated on the DACL to determine who can access what.  This does not directly involve AD.  Once you had the SID on the DACL, you could conceivably lookup the SID (again, I would not directly use LDAP services) to put that name into a user friendly format (e.g. LookupAccountSid).
    Monday, February 27, 2006 10:16 AM