I want to create a window service, which give user(s) rights to network folder means for one user it may be read option and for second write option or directory listing.
I am in testing phase, so created a console application. Its work for my local folder. But when I change the code and work for shareable network folder of my colleague and assign right to his local user like Naveen\Bhavesh (not global user like network service, local service, everyone etc), the above error throw.
I refer this link which is same I want, but the solution not understandable. So can any body help to correct this code.
Also please not, I am working on LAN, not on active directory, but actually this is for client, who use active-directory and later implement this code there. So also give suggestion related to AD.
This is my code
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Threading.Tasks;
using System.IO;
using System.Security.AccessControl;
namespace WindowUserRights
{
class Program
{
static void Main(string[] args)
{
//The below commented code is related to my pc and its working fine as I want.
//// Specify the directory you want to manipulate.
//string path = @"D:\\Project\\E\\Exercise\\WindowUserRights\\MyDir";
//string user1Read = "AJAYENDRA\\ASPNET";
//string user2Write = "AJAYENDRA\\Guest";
//string user3Write = "AJAYENDRA\\ReportUser";
//The below code is related to a shared folder of network pc and its gives the error when access the user.
// Specify the directory you want to manipulate.
string path = @"\\NAVEEN\Jobs";
string user1Read = "NAVEEN\\Bhavesh";
string user2Write = "NAVEEN\\Guest";
try
{
//string DirectoryName = path + "TestDirectory";
string DirectoryName = "";
DirectoryName = CheckAndCreateDirectory(path + "\\JobNo_user1Read_" + DateTime.Now.ToString("yyyyMMddHHmmssfff")); //check directory and create if does not exist;
// Add the access control entry to the directory.
Console.WriteLine("Adding access control entry for " + DirectoryName + " to user :- " + user1Read);
AddDirectorySecurity(DirectoryName, user1Read, FileSystemRights.Modify, AccessControlType.Allow);
DirectoryName = CheckAndCreateDirectory(path + "\\JobNo_user2Write_" + DateTime.Now.ToString("yyyyMMddHHmmssfff")); //check directory and create if does not exist;
Console.WriteLine("Adding access control entry for " + DirectoryName + " to user :- " + user2Write);
AddDirectorySecurity(DirectoryName, user2Write, FileSystemRights.ListDirectory, AccessControlType.Allow);
Console.WriteLine("Done.");
}
catch (Exception e)
{
Console.WriteLine(e);
}
Console.ReadLine();
}
//Check and create a directory, if does not exist.
public static string CheckAndCreateDirectory(string path)
{
// Specify the directory you want to manipulate.
//string path = @"D:\\Project\\E\\Exercise\\WindowUserRights\\MyDir";
try
{
// Determine whether the directory exists.
if (Directory.Exists(path))
{
Console.WriteLine("That path exists already.");
return "";
}
// Try to create the directory.
DirectoryInfo di = Directory.CreateDirectory(path);
Console.WriteLine("The directory was created successfully at {0}.", Directory.GetCreationTime(path));
}
catch (Exception e)
{
Console.WriteLine("The process failed: {0}", e.ToString());
throw e;
}
//finally { }
return path;
}
// Adds an ACL entry on the specified directory for the specified account.
public static void AddDirectorySecurity(string FileName, string Account, FileSystemRights Rights, AccessControlType ControlType)
{
// Create a new DirectoryInfo object.
DirectoryInfo dInfo = new DirectoryInfo(FileName);
// Get a DirectorySecurity object that represents the
// current security settings.
DirectorySecurity dSecurity = dInfo.GetAccessControl();
//the below line throw the error "some or all identity references could not be translated"
// Add the FileSystemAccessRule to the security settings.
dSecurity.AddAccessRule(new FileSystemAccessRule(Account,
Rights,
ControlType));
// Set the new access settings.
dInfo.SetAccessControl(dSecurity);
}
}
}
