using (DirectoryEntry computers = new DirectoryEntry(GrpAccpath, LDAPUser, LDAPPassword)) { computers.Options.SecurityMasks = System.DirectoryServices.SecurityMasks.Owner | System.DirectoryServices.SecurityMasks.Group | System.DirectoryServices.SecurityMasks.Dacl | System.DirectoryServices.SecurityMasks.Sacl; foreach (DirectoryEntry computer in computers.Children) { if (computer.Name == "CN=" + ComputerAccountID) { for (i = 0; i < strArry.Length; i++) { ActiveDirectorySecurity sdc = computer.ObjectSecurity; // NTAccount Account = new NTAccount("Everyone"); try { NTAccount Account = new NTAccount("Domain Admins"); SecurityIdentifier Sid = (SecurityIdentifier)Account.Translate(typeof(SecurityIdentifier)); ActiveDirectoryAccessRule rule = new ActiveDirectoryAccessRule(Sid, ActiveDirectoryRights.ExtendedRight | ActiveDirectoryRights.GenericRead | ActiveDirectoryRights.CreateChild | ActiveDirectoryRights.GenericWrite | ActiveDirectoryRights.AccessSystemSecurity | ActiveDirectoryRights.Delete | ActiveDirectoryRights.DeleteChild | ActiveDirectoryRights.DeleteTree | ActiveDirectoryRights.GenericAll | ActiveDirectoryRights.GenericExecute | ActiveDirectoryRights.GenericRead | ActiveDirectoryRights.GenericWrite | ActiveDirectoryRights.ListChildren | ActiveDirectoryRights.ListObject | ActiveDirectoryRights.ReadControl | ActiveDirectoryRights.ReadProperty | ActiveDirectoryRights.Self | ActiveDirectoryRights.Synchronize | ActiveDirectoryRights.WriteDacl | ActiveDirectoryRights.WriteDacl | ActiveDirectoryRights.WriteOwner | ActiveDirectoryRights.WriteProperty, AccessControlType.Allow); AccessControlType.Allow); if (Enable == true) sdc.AddAccessRule(rule); else sdc.RemoveAccessRule(rule); computer.CommitChanges(); } catch (Exception Ex) { Logger.LogInfo(" Group Not Found : " + Ex.ToString() + strArry[i]); } } break; }
ActiveDirectoryRights.ExtendedRight | ActiveDirectoryRights.GenericRead | ActiveDirectoryRights.CreateChild | ActiveDirectoryRights.GenericWrite | ActiveDirectoryRights.AccessSystemSecurity | ActiveDirectoryRights.Delete | ActiveDirectoryRights.DeleteChild | ActiveDirectoryRights.DeleteTree | ActiveDirectoryRights.GenericAll | ActiveDirectoryRights.GenericExecute | ActiveDirectoryRights.GenericRead | ActiveDirectoryRights.GenericWrite | ActiveDirectoryRights.ListChildren | ActiveDirectoryRights.ListObject | ActiveDirectoryRights.ReadControl | ActiveDirectoryRights.ReadProperty | ActiveDirectoryRights.Self | ActiveDirectoryRights.Synchronize | ActiveDirectoryRights.WriteDacl | ActiveDirectoryRights.WriteDacl | ActiveDirectoryRights.WriteOwner | ActiveDirectoryRights.WriteProperty
var
This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)