What we're looking for is a simple (to you!) function which takes the LDAP distinguished name of a person, and a folder we've already created, and sets the owner on that directory to that person.
So a very basic function specification might be:
public function setOwnerOnDir(dirName as String, ldapUserName as String) as integer
? ? ' yadda yadda yadda
end function
where the return value could be zero (for success) or the MS error number associated with the failure (for instance).
We're looking for the only dependancy to be on the dot-net framework v2, so it pretty much has to stand alone.
I'm hoping that there's someone out there completely familiar with Directory ACL's within AD/dot Net - who would find this very straightfoward.
Best regards,
---* Bill
[login to view URL]
## Deliverables
Our tool - The Federated Identity and Resource Manager (FirM) for Domino and Active directory - currently is able to create new users in Active Directory, and to create user home and profile folders on file servers.?
However, we have to use the Microsoft Resource Toolkit tool "[login to view URL]" in order to set the ownership of the directory. Whilst a free tool, it does create a burden on our customers to install it.
We'd like to be able to actually set the ownership on the directory ourselves, from our current 'windows service' - this is written in Visual Basic using Visual Studio 2005, and the dot-net framework v2. This service runs on each file server, and so the directory (and share) that gets created is local to the machine. The service is running as LocalAdmin and either is a domain admin (on a DC) or has elevated permissions and is able to control users+groups (on a member server)