I have the following code, that should remove the access of users from a certain folder. Unfortunately it doesn't (the access rule remains in place). No exception is thrown.
AuthorizationRuleCollection arc = ds.GetAccessRules(true, true, typeof(NTAccount));
foreach (FileSystemAccessRule ar in arc)
{
if (ar.IdentityReference is NTAccount)
{
NTAccount account = ar.IdentityReference as NTAccount;
if (!AdminUsers.Contains(account.Value) &&
ownerAccount != account.Value)
{
ds.RemoveAccessRule(ar);
WriteLog("Removed rule for: " + account);
}
}
}
outputDirectory.SetAccessControl(ds);
I can see from my logs that the RemoveAccessRule was called. Why isn't the rule gone?
Edit: The rule is an inherited rule. Do I need to do something different to remove inherited rules?
Take a look at SetAccessRuleProtection on DirectorySecurity class, from reading it..I would think you'd need..
ds.RemoveAccessRule(ar);
ds.SetAccessRuleProtection(true,false);
play around with it.