Here's my discovery for today. DotNet 2.0 is great in that you can set permissions on folders and files programmatically. So I've got a routine that assigns permissions that looks like the following, and I'm happy with it and it's working well.
Well, now I want to use the routine to add a permission on a folder to the "users" group that's built in to windows. What happens when I try? A nasty IdentityNotMappedException exception. How could this happen? I know the account exists, and I know (or at least I think I know) that it's spelled correctly. (JLYNDS\Users).
Many minutes of fruitless googling ensues until...at last...eureka! I find the answer. Since "users" belongs to that special class of group, the "built in" group, instead of using machine name\group name as the account, I need to use the word "builtin" as in "builtin\Users".
Who woulda thunk it?
Private Sub AddDirectorySecurity( _
ByVal sDirName As String, _
ByVal sAccount As String, _
ByVal oRights As FileSystemRights, _
ByVal oControlType As AccessControlType)
Dim oDir As DirectorySecurity = Directory.GetAccessControl(sDirName)
oDir.AddAccessRule(New FileSystemAccessRule(sAccount, FileSystemRights.FullControl, AccessControlType.Allow))
Directory.SetAccessControl(sDirName, oDir)
End Sub
Well, now I want to use the routine to add a permission on a folder to the "users" group that's built in to windows. What happens when I try? A nasty IdentityNotMappedException exception. How could this happen? I know the account exists, and I know (or at least I think I know) that it's spelled correctly. (JLYNDS\Users).
Many minutes of fruitless googling ensues until...at last...eureka! I find the answer. Since "users" belongs to that special class of group, the "built in" group, instead of using machine name\group name as the account, I need to use the word "builtin" as in "builtin\Users".
Who woulda thunk it?
0 Comments:
Post a Comment
<< Home