0

我想为使用 C#(.NET 4.0)的特定用户组的 AD(Active Directory,Windows Server 2008 R2)OU设置List Content和选项。List Object

我设法根据MicrosoftgPOptions设置and属性,但我没有找到如何设置and的示例。设置其他两个属性的工作方式如下所示:gPLinkList ContentList Object

[...]

byte[] binaryForm = new byte[ groupPrincipal.Sid.BinaryLength ];
groupPrincipal.Sid.GetBinaryForm( binaryForm, 0 );
IdentityReference identityReference =
    new SecurityIdentifier( binaryForm, 0 );
PropertyAccessRule propertyAccessRule =
    new PropertyAccessRule(
        identityReference,
        AccessControlType.Allow,
        PropertyAccess.Read,
        new Guid( "...value provided by MSDN link..." ) );
...
// ouEntry is of type DirectoryEntry
ouEntry.ObjectSecurity.AddAccessRule( propertyAccessRule );
ouEntry.CommitChanges();

...
// Same for gPLink with the corresponding GUID

请询问您是否需要更多信息。

4

1 回答 1

0

List content并且List object必须有所不同:

...
ActiveDirectoryAccessRule activeDirectoryAccessRule =
    new ActiveDirectoryAccessRule(
        identityReference,
        ActiveDirectoryRights.ListChildren | ActiveDirectoryRights.ListObject,
        AccessControlType.Allow,
        ActiveDirectorySecurityInheritance.None );
...

ActiveDirectoryAccessRule必须将其添加到上述问题中的相应内容中DirectoryEntry

于 2013-01-16T14:05:02.800 回答