Deleting an ACE From an ACL

Topic Last Modified: 2006-06-11

The following example deletes an access control entry (ACE) from an access control list (ACL).

Example

Visual Basic

'//////////////////////////////////////////////////////////////////////
'
' Function DeleteAce
' Purpose: Delete an Access Control Entry (ACE) from an Access Control List (ACL).
' Input:       dacl            Access Control List (Object)
'              TrusteeName     Name of the Trustee you want to delete
'
' Output:  None
'
' Note:  In order for this example to function correctly, it may be necessary to include
' references to the following libraries: Active DS Type Library, Microsoft CDO for
' Exchange Management Library, Microsoft Cluster Service Automation Classes,
' Microsoft CDO for Windows 2000 Library.
'//////////////////////////////////////////////////////////////////////
Function DeleteAce(ByRef objDacl, _
                   ByRef szTrusteeName)

    Dim objOACE

    On Error Resume Next

    ' Create a temp ACE Object.
    Set objOACE = CreateObject("AccessControlEntry")

        ' Recurse through the ACL.

        For Each objOACE In objDacl

            ' Find the Trustee you are looking to delete.
            If (Trim(LCase(objOACE.Trustee)) = Trim(LCase(szTrusteeName))) Then

                ' Delete the ACE from the ACL
                objDacl.RemoveAce (objOACE)
            End If

    ' Clean up.
    Set objOACE = Nothing
End Function