using Microsoft.Win32.Security;

private Boolean CreateDir(String strSitePath, String strUserName) {

Boolean bOk;

try {

Directory.CreateDirectory(strSitePath);

SecurityDescriptor secDesc =
SecurityDescriptor.GetFileSecurity(strSitePath,
SECURITY_INFORMATION.DACL_SECURITY_INFORMATION);

Dacl dacl = secDesc.Dacl;

Sid sidUser = new Sid (strUserName);



// allow: folder, subfolder and files

// modify

dacl.AddAce (new AceAccessAllowed (sidUser,
AccessType.GENERIC_WRITE | AccessType.GENERIC_READ |
AccessType.DELETE | AccessType.GENERIC_EXECUTE ,
AceFlags.OBJECT_INHERIT_ACE |
AceFlags.CONTAINER_INHERIT_ACE));

// deny: this folder

// write attribs

// write extended attribs

// delete

// change permissions

// take ownership

DirectoryAccessType DAType =
DirectoryAccessType.FILE_WRITE_ATTRIBUTES |
DirectoryAccessType.FILE_WRITE_EA | DirectoryAccessType.DELETE |
DirectoryAccessType.WRITE_OWNER |
DirectoryAccessType.WRITE_DAC;

AccessType AType = (AccessType)DAType;

dacl.AddAce (new AceAccessDenied (sidUser, AType));



secDesc.SetDacl(dacl);

secDesc.SetFileSecurity(strSitePath,
SECURITY_INFORMATION.DACL_SECURITY_INFORMATION);

bOk = true;

} catch {

bOk = false;

}

return bOk;

} /* CreateDir */