Home > OS >  how to use the IADs API in cpp to read and update the SACL properties of a folder in active director
how to use the IADs API in cpp to read and update the SACL properties of a folder in active director

Time:02-21

I am trying to read and update the SACL properties of a folder in a domain machine from the domain controller.
I came across this link but I don't know how to use the IADs::Get to get the object of the folder from the active directory.
I am struggling to find the ldap query to get the folder, I searched all over the internet but I couldn't find a single example for this use case.
Can anyone help me with an example or a reference?

CodePudding user response:

Do you want Using ADSI Functions to Bind Directly to an Object? Also have a look at ADsOpenObject.

CodePudding user response:

IADs::Get is only for objects in Active Directory itself. You can't use it for files on a file system.

To modify permissions a file on a remote computer, you treat it pretty much the same as a file on the local system. You can use GetNamedSecurityInfo, where pObjectName would be the path to the file in the format of \\server\share\directory\file.txt and ObjectType is SE_FILE_OBJECT.

The credentials being used to run your program will need to already have rights to access that file on the remote system.

Some more reading here: File Security and Access Rights

  • Related