无法将远程服务器中定义的安全组添加到同一服务器的文件夹权限。 "Some or all identity reference could not be translated"
Cannot add security group defined in remote server to folder permissions of same server. "Some or all identity reference could not be translated"
我正在尝试将远程服务器中定义的用户帐户组添加到远程服务器中的文件夹。
public static void SetFolderPermission(string folderPath,string account)
{
var directoryInfo = new DirectoryInfo(folderPath);
var directorySecurity = directoryInfo.GetAccessControl();
var fileSystemRule = new FileSystemAccessRule(account,
FileSystemRights.Read,
InheritanceFlags.ObjectInherit |
InheritanceFlags.ContainerInherit,
PropagationFlags.None,
AccessControlType.Allow);
directorySecurity.AddAccessRule(fileSystemRule);
directoryInfo.SetAccessControl(directorySecurity);
}
我可以使用 domainname\accountname 添加帐户,但我无法添加在远程服务器中定义的本地帐户组。
我可以通过将主体上下文更改为服务器来解决。
public void SetFolderPermission(string folderPath,string account,string server)
{
var directoryInfo = new DirectoryInfo(folderPath);
var directorySecurity = directoryInfo.GetAccessControl();
PrincipalContext pt = new PrincipalContext(ContextType.Machine, server);
using (GroupPrincipal val = GroupPrincipal.FindByIdentity(pt, account))
{
FileSystemAccessRule fileSystemRule = new FileSystemAccessRule(val.Sid,
FileSystemRights.Read,
InheritanceFlags.ObjectInherit |
InheritanceFlags.ContainerInherit,
PropagationFlags.None,
AccessControlType.Allow);//var
directorySecurity.AddAccessRule(fileSystemRule);
directoryInfo.SetAccessControl(directorySecurity);
MessageBox.Show("done");
}
}
我正在尝试将远程服务器中定义的用户帐户组添加到远程服务器中的文件夹。
public static void SetFolderPermission(string folderPath,string account)
{
var directoryInfo = new DirectoryInfo(folderPath);
var directorySecurity = directoryInfo.GetAccessControl();
var fileSystemRule = new FileSystemAccessRule(account,
FileSystemRights.Read,
InheritanceFlags.ObjectInherit |
InheritanceFlags.ContainerInherit,
PropagationFlags.None,
AccessControlType.Allow);
directorySecurity.AddAccessRule(fileSystemRule);
directoryInfo.SetAccessControl(directorySecurity);
}
我可以使用 domainname\accountname 添加帐户,但我无法添加在远程服务器中定义的本地帐户组。
我可以通过将主体上下文更改为服务器来解决。
public void SetFolderPermission(string folderPath,string account,string server)
{
var directoryInfo = new DirectoryInfo(folderPath);
var directorySecurity = directoryInfo.GetAccessControl();
PrincipalContext pt = new PrincipalContext(ContextType.Machine, server);
using (GroupPrincipal val = GroupPrincipal.FindByIdentity(pt, account))
{
FileSystemAccessRule fileSystemRule = new FileSystemAccessRule(val.Sid,
FileSystemRights.Read,
InheritanceFlags.ObjectInherit |
InheritanceFlags.ContainerInherit,
PropagationFlags.None,
AccessControlType.Allow);//var
directorySecurity.AddAccessRule(fileSystemRule);
directoryInfo.SetAccessControl(directorySecurity);
MessageBox.Show("done");
}
}