Access Control List and Security Descriptor

Y

Yosh

How do you validate a user that is currently logged in against a Security
Descriptor to see if they have access to an object?

Hope this makes sense.

Thanks,

Yosh
 
W

Willy Denoyette [MVP]

Yosh said:
How do you validate a user that is currently logged in against a Security
Descriptor to see if they have access to an object?

Hope this makes sense.

Thanks,

Yosh
Click to expand...

By accessing the object in a try/catch blok, an exception will be thrown if
there is an access violation.

Willy.
 
J

John Vottero

Yosh said:
How do you validate a user that is currently logged in against a Security
Descriptor to see if they have access to an object?

Hope this makes sense.
Click to expand...

You get the user's security token from
System.Security.Principal.WindowsIdentity. You have to use P/Invoke to call
DuplicateToken to get a token with a SecurityImpersonationLevel of
SecurityIdentification and then you use P/Invoke to call AccessCheck or one
of its variants.

That's the 100,000 foot description.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Need help with named mutex shared between asp.net and .net win app. 5
Windows 10 Insufficient disk space to fix volume bitmap. 5
Problem with upgrade to 2003 (in Addprep) 1
Two folders same name??? 6
restoring Local Security Policy settings to default values 2
Setting permissions on a folder using WMI 0
adprep /forestprep error 1
Security descriptor for an OU in Active directory 2

Top