// this method is called by SecurityInfoCCW.GetSecurity // its return is the SecurityDescriptor in binary format // it loads the data from the registry // [loads data from registry to UI] public IntPtr GetSecurity(SecurityInfos requestedInformation, bool wantDefault) { if (requestedInformation == SecurityInfos.DiscretionaryAcl) { StringBuilder securityDescriptorBuilder = new StringBuilder("D:"); System.Collections.ArrayList kerb = new System.Collections.ArrayList(current.KerberosGlobalAcl); System.Collections.ArrayList indexesOfInvalidItems = new System.Collections.ArrayList(); for (int i = 0; i < kerb.Count; i++) { try { string sid = ((new NTAccount((string)kerb[i])).Translate(typeof(SecurityIdentifier))).ToString(); securityDescriptorBuilder.Append("(A;;LCSWRP;;;" + sid + ")"); } catch (ArgumentException) // invalid account, do not consider it { indexesOfInvalidItems.Add(i); } catch (IdentityNotMappedException) { indexesOfInvalidItems.Add(i); } } //remove invalid items based on indexesOfInvalidItems for (int i = indexesOfInvalidItems.Count - 1; i >= 0; i--) { kerb.RemoveAt((int)indexesOfInvalidItems[i]); } // rebuild the ACL, taking care not to leave it null if (kerb.Count <= 0) { current.KerberosGlobalAcl = new string[] { "" }; } else { current.KerberosGlobalAcl = (string[])kerb.ToArray(typeof(string)); } IntPtr securityDescriptor; int size = 0; // call external function for transformig String SecurityDescriptors // into their internal representation #pragma warning suppress 56523 bool ret = SafeNativeMethods.ConvertStringSecurityDescriptorToSecurityDescriptor( securityDescriptorBuilder.ToString(), 1, /* * must be SDDL_REVISION_1 == 1 always */ out securityDescriptor, out size ); if (!ret) { return(IntPtr.Zero); } return(securityDescriptor); } return(IntPtr.Zero); }