Hello there,
I am trying to write a VB.NET code to get the advanced security settings for a given Active Directory object (more specifically user ).

I have managed to write the following code that will list the access rules associated with an object. However, the ActiveDirectoryRights property displays generic rights (such as ReadProperty, WriteProperty). It provides no detailed permissions. By detailed permissions I mean those get listed when you click the Security tab then >> Advanced then >> Edit.

How is it possible to write a code in .NET to read/update those detailed permissions?

Any help is greatly appreciated.


------------------------------------------------------------------------------
Dim col1 As System.Security.AccessControl.AuthorizationRuleCol lection

Dim rule1 As ActiveDirectoryAccessRule

Dim acl1 As New System.DirectoryServices.DirectoryEntry(LDAP://stc.corp/CN=TestUser,OU=Users,OU=MyOU,DC=MyDomain,DC=com )

col1 = acl1.ObjectSecurity.GetAccessRules(True, True, GetType(System.Security.Principal.NTAccount))

For Each rule1 In col1

' Code to read the following properties :

' rule1.IdentityReference.Value

' rule1.PropagationFlags

' rule1.ActiveDirectoryRights.ToString

' rule1.IsInherited

' rule1.InheritedObjectType.ToString

Next

------------------------------------------------------------------------------