I am trying to read and update the SACL properties of a folder in a domain machine from the domain controller.
I came across this link but I don't know how to use the IADs::Get
to get the object of the folder from the active directory.
I am struggling to find the ldap query to get the folder, I searched all over the internet but I couldn't find a single example for this use case.
Can anyone help me with an example or a reference?
CodePudding user response:
Do you want Using ADSI Functions to Bind Directly to an Object? Also have a look at ADsOpenObject.
CodePudding user response:
IADs::Get
is only for objects in Active Directory itself. You can't use it for files on a file system.
To modify permissions a file on a remote computer, you treat it pretty much the same as a file on the local system. You can use GetNamedSecurityInfo
, where pObjectName
would be the path to the file in the format of \\server\share\directory\file.txt
and ObjectType
is SE_FILE_OBJECT
.
The credentials being used to run your program will need to already have rights to access that file on the remote system.
Some more reading here: File Security and Access Rights