Hello Folks!
I try to create a new group in C# after checking if that group already exists.. works great! Now I want to add the "authenticated users" to that group but that won`t work for me..
Before I start I need an directoryentry for my machine:
System.DirectoryServices.DirectoryEntry localMachine =
new DirectoryEntry("WinNT://" + Environment.MachineName + ",computer");
First I search for my created group
System.DirectoryServices.DirectoryEntry groupEntry = localMachine.Children.Find("myCreatedGroup", "group");
I could add any account that is on the system via groupEntry.Invoke("Add", new object[] { anyUsersGroup.Path.ToString() })but authenticated users is something special and cannot be found with the method I use to find other account or groups:
System.DirectoryServices.DirectoryEntry authUsersGroup =
localMachine.Children.Find("NT authority\authenticated users", "group OR user OR whatever");
I could search for the authenticated users and get the security identifier with the sid (yes this is a wellknown sid and does not have to be searched for but it works anyway)
NTAccount f = new NTAccount("authenticated users");
SecurityIdentifier s = SecurityIdentifier)f.Translate(typeof(SecurityIdentifier));
String sidString = s.ToString();
But I am only allowed to add normal strings to the DirectoryEntity Child and no security identifiers (do I have to write thate the SID string doiesn`t work here either?)
Can please someone take a look at that... I think I´m missing something here.. thanks very much in advance!
Marc
PS: I use C# of the .Net Framework 2.0.. hope this is everything you need