Error 1307: Adding File Permissions to NTFS using System.Management Object in ASP.NET

From: Ben Dewey (bdewey01_at_hotmail.com)
Date: 05/06/04

• Next message: RF: "Re: IDE-induced coding error?"
• Previous message: Ed Courtenay: "Re: New Form"
• Next in thread: Willy Denoyette [MVP]: "Re: Error 1307: Adding File Permissions to NTFS using System.Management Object in ASP.NET"
• Reply: Willy Denoyette [MVP]: "Re: Error 1307: Adding File Permissions to NTFS using System.Management Object in ASP.NET"
• Messages sorted by: [ date ] [ thread ]

Date: 6 May 2004 06:43:33 -0700

Project:
----------------------------

I am creating a HTTPS File Transfer App using ASP.NET and C#. I am
utilizing ActiveDirectory and windows security to manage the
permissions. Why reinvent the wheel, right? Everything so far is
working well with the Active Directory. The problem I am having is
with adding File Permissions to a directory. I am currently using
some code courtesy of "Willy Denoyette [MVP]"

Problem:
----------------------------

When I try to add user permissions to a specific folder using the same
code in a sample console app it works correctly. When I execute the
code from ASP.NET I get a return code of 1307, everytime.

Which means - 1307 This security ID may not be assigned as the owner
of this object. (http://www.hiteksoftware.com/mize/Knowledge/articles/049.htm).

Can anyone tell me why this is happening? Willy?

Environment:
----------------------------

I am developing with Framework 1.1 and Windows XP. The users are
coming from AD on a Windows 2003 Server.

I have given ASPNET object full access to the folder C:\test. I have
also give ASPNET object full access to Root/CIMV2 in
CompMgmt.msc/Services and Apps/WMI Control

Code:
----------------------------
The DsSettings Object is just a simple class tht contains the Login
and Path information for LDAP.

public bool GrantPermission(string username, string domain, DsSettings
settings)
                {
                        try
                        {

                                byte[] bSid = (byte[])DsWrapper.GetUser(username,
settings).DsEntry.Properties["objectSID"].Value;
                                ManagementObject LogicalFileSecuritySetting = new
ManagementObject( new ManagementPath(
@"ROOT\CIMV2:Win32_LogicalFileSecuritySetting.Path='c:\\test'") );
                                ManagementBaseObject outParams;
                                outParams = LogicalFileSecuritySetting.InvokeMethod("GetSecurityDescriptor",
null, null);
                                
                                ManagementBaseObject Descriptor =
((ManagementBaseObject)(outParams.Properties["Descriptor"].Value));
                                ManagementBaseObject[] DACLObject = ( ( ManagementBaseObject[] )(
Descriptor.Properties["DACL"].Value ) );

                                ManagementObject newTrusteeUser = ( new ManagementClass(
@"ROOT\CIMV2:Win32_Trustee" ) ).CreateInstance();
                                newTrusteeUser["Domain"] = domain;
                                newTrusteeUser["Name"] = username;
                                newTrusteeUser["SID"] = bSid;
                                
                                ManagementObject newACEUser = ( new ManagementClass(
@"ROOT\CIMV2:Win32_Ace" ) ).CreateInstance();
                                newACEUser["Trustee"] = newTrusteeUser;
                                newACEUser["AceFlags"] = 3;
                                newACEUser["AceType"] = 0;
                                newACEUser["AccessMask"] = 2032127;// Full Access Mask
                                ManagementBaseObject[] DACLObjectNew = new ManagementBaseObject[]
{newACEUser};
                                Descriptor.Properties["DACL"].Value = DACLObjectNew;
                                ManagementBaseObject inParams = null;
                                inParams = LogicalFileSecuritySetting.GetMethodParameters("SetSecurityDescriptor");
                                inParams["Descriptor"] = Descriptor;
                                outParams = LogicalFileSecuritySetting.InvokeMethod("SetSecurityDescriptor",
inParams, null);

                                // This line is where I get a result back of 1307 in ASP.NET
                                uint result= (uint)(outParams.Properties["ReturnValue"].Value);

                                LogicalFileSecuritySetting.Dispose();
                                return true;
                        }
                        catch(Exception exp)
                        {
                                throw exp;
                        }
                }

Logs:
----------------------------
C:\WINDOWS\system32\WBEM\Logs\Framework.log
----------------------------
Unable to locate Shell Process, Impersonation failed. 05/06/2004
09:39:06.093 thread:1916 [d:\xpsp1\admin\wmi\wbem\providers\win32provider\common\implogonuser.cpp.179]
Shell Name Explorer.exe in Registry not found in process
list. 05/06/2004 09:39:06.203 thread:2540 [d:\xpsp1\admin\wmi\wbem\providers\win32provider\common\implogonuser.cpp.163]
Unable to locate Shell Process, Impersonation failed. 05/06/2004
09:39:06.203 thread:2540 [d:\xpsp1\admin\wmi\wbem\providers\win32provider\common\implogonuser.cpp.179]
Shell Name Explorer.exe in Registry not found in process
list. 05/06/2004 09:39:07.968 thread:1916 [d:\xpsp1\admin\wmi\wbem\providers\win32provider\common\implogonuser.cpp.163]
Unable to locate Shell Process, Impersonation failed. 05/06/2004
09:39:07.984 thread:1916 [d:\xpsp1\admin\wmi\wbem\providers\win32provider\common\implogonuser.cpp.179]
Shell Name Explorer.exe in Registry not found in process
list. 05/06/2004 09:39:07.984 thread:1916 [d:\xpsp1\admin\wmi\wbem\providers\win32provider\common\implogonuser.cpp.163]
Unable to locate Shell Process, Impersonation failed. 05/06/2004
09:39:08.000 thread:1916 [d:\xpsp1\admin\wmi\wbem\providers\win32provider\common\implogonuser.cpp.179]
Shell Name Explorer.exe in Registry not found in process
list. 05/06/2004 09:39:08.093 thread:1916 [d:\xpsp1\admin\wmi\wbem\providers\win32provider\common\implogonuser.cpp.163]
Unable to locate Shell Process, Impersonation failed. 05/06/2004
09:39:08.093 thread:1916 [d:\xpsp1\admin\wmi\wbem\providers\win32provider\common\implogonuser.cpp.179]
Shell Name Explorer.exe in Registry not found in process
list. 05/06/2004 09:39:08.203 thread:2540 [d:\xpsp1\admin\wmi\wbem\providers\win32provider\common\implogonuser.cpp.163]
Unable to locate Shell Process, Impersonation failed. 05/06/2004
09:39:08.203 thread:2540 [d:\xpsp1\admin\wmi\wbem\providers\win32provider\common\implogonuser.cpp.179]
Shell Name Explorer.exe in Registry not found in process
list. 05/06/2004 09:39:08.218 thread:2540 [d:\xpsp1\admin\wmi\wbem\providers\win32provider\common\implogonuser.cpp.163]
Unable to locate Shell Process, Impersonation failed. 05/06/2004
09:39:08.218 thread:2540 [d:\xpsp1\admin\wmi\wbem\providers\win32provider\common\implogonuser.cpp.179]
Shell Name Explorer.exe in Registry not found in process
list. 05/06/2004 09:39:08.312 thread:2540 [d:\xpsp1\admin\wmi\wbem\providers\win32provider\common\implogonuser.cpp.163]
Unable to locate Shell Process, Impersonation failed. 05/06/2004
09:39:08.312 thread:2540 [d:\xpsp1\admin\wmi\wbem\providers\win32provider\common\implogonuser.cpp.179]

• Next message: RF: "Re: IDE-induced coding error?"
• Previous message: Ed Courtenay: "Re: New Form"
• Next in thread: Willy Denoyette [MVP]: "Re: Error 1307: Adding File Permissions to NTFS using System.Management Object in ASP.NET"
• Reply: Willy Denoyette [MVP]: "Re: Error 1307: Adding File Permissions to NTFS using System.Management Object in ASP.NET"
• Messages sorted by: [ date ] [ thread ]

• Windows
• Science
• Usenet

• Archive
• About
• Privacy
• Search
• Imprint