private static ActiveDirectoryAccessRule FindAce(ActiveDirectoryAccessRule ace, ActiveDirectorySecurity acl, bool includeInherited, bool subsetInsteadOfSuperset) { AuthorizationRuleCollection accessRules = acl.GetAccessRules(true, includeInherited, typeof(SecurityIdentifier)); foreach (object obj in accessRules) { ActiveDirectoryAccessRule activeDirectoryAccessRule = (ActiveDirectoryAccessRule)obj; if (DirectoryCommon.AceMatches(ace, activeDirectoryAccessRule, subsetInsteadOfSuperset)) { return(activeDirectoryAccessRule); } } return(null); }
public static int CountAce(ActiveDirectoryAccessRule ace, ActiveDirectorySecurity acl) { int num = 0; AuthorizationRuleCollection accessRules = acl.GetAccessRules(true, false, typeof(SecurityIdentifier)); foreach (object obj in accessRules) { ActiveDirectoryAccessRule ace2 = (ActiveDirectoryAccessRule)obj; if (DirectoryCommon.AceMatches(ace, ace2, false)) { num++; } } return(num); }
public static void RemoveAccessRule(ActiveDirectorySecurity acl, ActiveDirectoryAccessRule ace) { if (!acl.RemoveAccessRule(ace)) { AuthorizationRuleCollection accessRules = acl.GetAccessRules(true, false, typeof(SecurityIdentifier)); foreach (object obj in accessRules) { ActiveDirectoryAccessRule activeDirectoryAccessRule = (ActiveDirectoryAccessRule)obj; if (DirectoryCommon.AceMatches(ace, activeDirectoryAccessRule, false)) { if ((~(ace.ActiveDirectoryRights != (ActiveDirectoryRights)0) & activeDirectoryAccessRule.ActiveDirectoryRights) == (ActiveDirectoryRights)0) { acl.RemoveAccessRuleSpecific(activeDirectoryAccessRule); } else { ActiveDirectoryAccessRule rule = new ActiveDirectoryAccessRule(activeDirectoryAccessRule.IdentityReference, ~ace.ActiveDirectoryRights & activeDirectoryAccessRule.ActiveDirectoryRights, activeDirectoryAccessRule.AccessControlType, activeDirectoryAccessRule.ObjectType, activeDirectoryAccessRule.InheritanceType, activeDirectoryAccessRule.InheritedObjectType); acl.RemoveAccessRuleSpecific(activeDirectoryAccessRule); acl.AddAccessRule(rule); } } } } }