private static ActiveDirectoryAccessRule FindAce(ActiveDirectoryAccessRule ace, ActiveDirectorySecurity acl, bool includeInherited, bool subsetInsteadOfSuperset)
{
AuthorizationRuleCollection accessRules = acl.GetAccessRules(true, includeInherited, typeof(SecurityIdentifier));
foreach (object obj in accessRules)
{
ActiveDirectoryAccessRule activeDirectoryAccessRule = (ActiveDirectoryAccessRule)obj;
if (DirectoryCommon.AceMatches(ace, activeDirectoryAccessRule, subsetInsteadOfSuperset))
{
return(activeDirectoryAccessRule);
}
}
return(null);
}
public static int CountAce(ActiveDirectoryAccessRule ace, ActiveDirectorySecurity acl)
{
int num = 0;
AuthorizationRuleCollection accessRules = acl.GetAccessRules(true, false, typeof(SecurityIdentifier));
foreach (object obj in accessRules)
{
ActiveDirectoryAccessRule ace2 = (ActiveDirectoryAccessRule)obj;
if (DirectoryCommon.AceMatches(ace, ace2, false))
{
num++;
}
}
return(num);
}
public static void RemoveAccessRule(ActiveDirectorySecurity acl, ActiveDirectoryAccessRule ace)
{
if (!acl.RemoveAccessRule(ace))
{
AuthorizationRuleCollection accessRules = acl.GetAccessRules(true, false, typeof(SecurityIdentifier));
foreach (object obj in accessRules)
{
ActiveDirectoryAccessRule activeDirectoryAccessRule = (ActiveDirectoryAccessRule)obj;
if (DirectoryCommon.AceMatches(ace, activeDirectoryAccessRule, false))
{
if ((~(ace.ActiveDirectoryRights != (ActiveDirectoryRights)0) & activeDirectoryAccessRule.ActiveDirectoryRights) == (ActiveDirectoryRights)0)
{
acl.RemoveAccessRuleSpecific(activeDirectoryAccessRule);
}
else
{
ActiveDirectoryAccessRule rule = new ActiveDirectoryAccessRule(activeDirectoryAccessRule.IdentityReference, ~ace.ActiveDirectoryRights & activeDirectoryAccessRule.ActiveDirectoryRights, activeDirectoryAccessRule.AccessControlType, activeDirectoryAccessRule.ObjectType, activeDirectoryAccessRule.InheritanceType, activeDirectoryAccessRule.InheritedObjectType);
acl.RemoveAccessRuleSpecific(activeDirectoryAccessRule);
acl.AddAccessRule(rule);
}
}
}
}
}
