Hi. We have a program that migrates data from one NTFS volume to another NTFS volume over CIFS. The program runs as a service under a specific service account that has Domain Admin permissions.
We call SetFileSecurity and GetLastError is returning error ERROR_INVALID_PRIMARY_GROUP. I'm trying to understand what ERROR_INVALID_PRIMARY_GROUP means? What is the primary group? Here is some pseudo code (I left out the part where we create the file in the destination):
SECURITY_INFORMATION si = OWNER_SECURITY_INFORMATION | GROUP_SECURITY_INFORMATION | DACL_SECURITY_INFORMATION;
if (False(GetFileSecurity(wstrSource, si, pSecDesc, cbBuffer, (LPDWORD) pcbDescDesc)))
{
*peOsErr = GetLastError();
return keReadingFile;
}
si = UNPROTECTED_DACL_SECURITY_INFORMATION | GROUP_SECURITY_INFORMATION | DACL_SECURITY_INFORMATION;
if (False(SetFileSecurity(wstrDestination, si, pSecDesc)))
{
*peOsErr = GetLastError();
return keWritingFile;
}
I do note that the files are not owned by my process. The customer thought that the AD user owner account was disabled in AD but she has since confirmed that it is enabled.
Any help would be appreciated!
Adam