public static Boolean RemoveAccRuleFromUnknownUser(string dir)
{
DirectoryInfo dInfo = new DirectoryInfo(dir);
DirectorySecurity dSecurity = dInfo.GetAccessControl();
try
{
foreach (FileSystemAccessRule user in dSecurity.GetAccessRules(true, true, typeof(System.Security.Principal.NTAccount)))
{
//LibraryLogging.Debug("directory ACE user: {0}", user.IdentityReference.Value);
if (user.IdentityReference.Value.StartsWith("S-1-5-21-"))
{
LibraryLogging.Debug("delete unknown directory ACE from {0} in {1}", user.IdentityReference.Value, dir);
dSecurity.RemoveAccessRule(user);
}
}
}
catch (Exception ex)
{
LibraryLogging.Error("unable to RemoveAccRuleFromUnknownUser for {0} error {1}", dir, ex.Message);
return false;
}
return true;
}