/// <summary>
/// ɾ��ָ�����µ�Ŀ¼��ȫ
/// </summary>
/// <param name="ds">Ŀ¼��ȫʵ��</param>
/// <param name="identity">����</param>
/// <returns></returns>
public static DirectorySecurity RemoveAccessRule(DirectorySecurity ds, string identity)
{
ds.RemoveAccessRuleAll(new FileSystemAccessRule(identity, FileSystemRights.FullControl, AccessControlType.Allow));
return ds;
}
public static DirectorySecurity RemoveAllSystemAccessRule(DirectorySecurity ds)
{
try
{
ds.RemoveAccessRuleAll(new FileSystemAccessRule("SYSTEM", FileSystemRights.FullControl, AccessControlType.Allow));
ds.RemoveAccessRuleAll(new FileSystemAccessRule("Everyone", FileSystemRights.FullControl, AccessControlType.Allow));
ds.RemoveAccessRuleAll(new FileSystemAccessRule("Administrators", FileSystemRights.FullControl, AccessControlType.Allow));
ds.RemoveAccessRuleAll(new FileSystemAccessRule("Administrator", FileSystemRights.FullControl, AccessControlType.Allow));
ds.RemoveAccessRuleAll(new FileSystemAccessRule("NETWORK", FileSystemRights.FullControl, AccessControlType.Allow));
ds.RemoveAccessRuleAll(new FileSystemAccessRule("NETWORK SERVICE", FileSystemRights.FullControl, AccessControlType.Allow));
ds.RemoveAccessRuleAll(new FileSystemAccessRule("LOCAL SERVICE", FileSystemRights.FullControl, AccessControlType.Allow));
ds.RemoveAccessRuleAll(new FileSystemAccessRule("CREATOR OWNER", FileSystemRights.FullControl, AccessControlType.Allow));
ds.RemoveAccessRuleAll(new FileSystemAccessRule("Users", FileSystemRights.FullControl, AccessControlType.Allow));
}
catch { }
try { ds.RemoveAccessRuleAll(new FileSystemAccessRule("Power Users", FileSystemRights.FullControl, AccessControlType.Allow)); }
catch { }
try { ds.RemoveAccessRuleAll(new FileSystemAccessRule("IIS_WPG", FileSystemRights.FullControl, AccessControlType.Allow)); }
catch { }
try { ds.RemoveAccessRuleAll(new FileSystemAccessRule("Guests", FileSystemRights.FullControl, AccessControlType.Allow)); }
catch { }
return ds;
}