3

I have a folder structure on a (Server 2003 SP2) file server and I need to delete it using C#. I can't do that because I get System.UnauthorizedAccessException: Access to the path '\\xyz\blah\...' is denied. (where the path points to a sub-folder) because the permissions on the sub-folder are incorrect. So, I've been trying to take ownership of the files and this fails with System.UnauthorizedAccessException: and now I'm stuck.

Detail

I have an admin tool used by users with minimal privs. They need to delete folders and files to which they don't have access, so I wrote a UI which calls a web service. The web service runs under an AppPool with a domain account which is (now) a member of Administrators on the file server, so it should have access to delete the files and folders. But some of the folders have incorrect permissions. For example, when I log onto the file server with an account in Administrators and open the security tab for the folder, I see: enter image description here

And for these folders my code doesn't work.

I've given the appPool account 'Take ownership of files or other objects' on the web server using Local Security Policy. Other posts (e.g. this one) have pointed out that you need to explicitly enable SeTakeOwnershipPrivilege in code and recommended Process Privileges which I'm using in my web service:

using (new PrivilegeEnabler(process, Privilege.TakeOwnership))
{
    System.Diagnostics.Debug.WriteLine(String.Format(
        "Privilege:TakeOwnership status: {0}.",
        process.GetPrivilegeState(Privilege.TakeOwnership)));

    SetFolderOwnerToCurrentUser(folderName, groupName);
}

When I run this, I see:

Privilege:TakeOwnership status: Enabled.

(Before adding the priv via LSP, I was seeing Privilege:TakeOwnership status: Removed.)

In SetFolderOwnerToCurrentUser if I just use

var directorySecurity = new System.Security.AccessControl.DirectorySecurity();  
directorySecurity.SetOwner(WindowsIdentity.GetCurrent().User);
System.IO.Directory.SetAccessControl(folderPath, directorySecurity);

I also get System.UnauthorizedAccessException: Access to the path '\\fs\blah' is denied. Again, it's the sub-folder it's complaining about.

Community
  • 1
  • 1
user2871239
  • 1,499
  • 2
  • 11
  • 27

0 Answers0