开发者

How can I check to see if the current user can create / delete virtual directories in IIS?

How to tell if the current user is an IIS Manager or a Server Administrator?

We have installers that fail开发者_开发知识库 at the end of an Add/Remove because the user doesn't have sufficient prividgles to create or delete virtual directories.

Before getting into the meat and potatoes of the install/uninstall operation, is there anyway to check can the user create or delete cirtual directories.

Is there a Permissions Directory we can look up and check for the current user, or something similar?

Thanks

BW


I found this on Code Project, and it does what I need.

The crux of it is the System.IO.FileInfo.GetAccessControl().GetAccessRules method to get the ACL for the folder.

Snippet

System.IO.FileInfo fi = new System.IO.FileInfo(_path);
AuthorizationRuleCollection acl = fi.GetAccessControl().GetAccessRules(true, true, typeof(SecurityIdentifier));
for (int i = 0; i < acl.Count; i++) {
    System.Security.AccessControl.FileSystemAccessRule rule = (System.Security.AccessControl.FileSystemAccessRule)acl[i];
    if (_principal.User.Equals(rule.IdentityReference)) {
        if (System.Security.AccessControl.AccessControlType.Deny.Equals.                                (rule.AccessControlType)) {
            if (contains(FileSystemRights.AppendData,rule)) 
                _denyAppendData = true;


You'd need to check the ACL on the folder to see if they have permissions or not. You could basically use something like this to grab the path:

http://forums.asp.net/p/1436196/3254626.aspx/1?Re+Retrieve+physical+path+of+an+IIS+Application+Virtual+Directory+

Then check the ACL.

Bail on the install if they don't have it.


If the user is added to '' group, he has access to create virtual directory in IIS

if (IISversion == 6)
     IIS_WPG - check for user in this group
else
     IIS_IUSRS - check for user in this group
0

上一篇:

下一篇:

精彩评论

暂无评论...
验证码 换一张
取 消

最新问答

问答排行榜