Hi, All,
I wrote a function to share a folder to individual user account with
WMI.
When I call it :
ShareFolder("c:\\test", "Test", "Shared by Riven", 8,
Environment.MachineName, "Administrator");
The folder will be shared, but nobody has permission to access it.
(The share permissions list of this folder is empty)
Could you help me?
Thanks!
private void ShareFolder(string path, string name, string description,
int maxAllowed, string domain, string account)
{
//==0. Create Win32_Trustee
ManagementObject trustee = new ManagementClass(new
ManagementPath("Win32_Trustee"), null);
trustee["Domain"] = null;
trustee["Name"] = account;
string strSid = this.GetSID(domain, account);
//==1. Create win32_ace
ManagementObject ACE = new ManagementClass(new
ManagementPath("Win32_Ace"), null);
ACE["AccessMask"] = AccessMasks.Modify;
ACE["AceFlags"] = AceFlags.OBJECT_INHERIT_ACE |
AceFlags.CONTAINER_INHERIT_ACE;
ACE["AceType"] = AceType.Allow;
ACE["Trustee"] = trustee;
//==2. Create Win32_SecurityDescriptor
ManagementObject secDescriptor = new ManagementClass(new
ManagementPath("Win32_SecurityDescriptor"), null);
secDescriptor["ControlFlags"] = 4; //SE_DACL_PRESENT
secDescriptor["DACL"] = new object[] { ACE };
//==3. Using Win32_Share
ManagementClass classObj = new ManagementClass(new
ManagementPath("Win32_Share"), null);
ManagementBaseObject inParams =
classObj.GetMethodParameters("Create");
inParams["Access"] = secDescriptor;
inParams["Description"] = description;
inParams["MaximumAllowed"] = maxAllowed;
inParams["Name"] = name;
//inParams["Password"] = ""; //default is no password
inParams["Path"] = path;
inParams["Type"] = 0; //0: Disk Drive, 1: Print
Queue ,2: Device , 3: IPC
ManagementBaseObject outParams =
classObj.InvokeMethod("Create", inParams, null);
uint ret =
(uint)(outParams.Properties["ReturnValue"].Value);
}
public string GetSID(string domain, string username)
{
string result = null;
ManagementScope scope = new ManagementScope("root\\cimv2");
string queryString = string.Format("SELECT SID FROM
Win32_UserAccount WHERE Domain=\"{0}\" AND Name=\"{1}\"", domain,
username);
SelectQuery userQuery = new SelectQuery(queryString);
ManagementObjectSearcher userSearcher = new
ManagementObjectSearcher(scope, userQuery);
ManagementObjectCollection queryCollection =
userSearcher.Get();
foreach (ManagementObject userAccount in queryCollection)
{
result = (string)userAccount["SID"];
}
if (result == null)
{
throw new Exception("Can't fine user info!");
}
return result;
}
[Flags()]
public enum AccessMasks : int
{
ListDirectory = 0x1,
AddFile = 0x2,
AddSubdirectory = 0x4,
ReadExtendedAttributes = 0x8,
WriteExtendedAttributes = 0x10,
Traverse = 0x20,
DeleteChild = 0x40,
ReadAttributes = 0x80,
WriteAttributes = 0x100,
Delete = 0x10000,
ReadControl = 0x20000,
WriteDac = 0x40000,
WriteOwner = 0x80000,
Synchronize = 0x100000,
Read = ListDirectory | ReadExtendedAttributes | ReadAttributes
| ReadControl | Synchronize,
ReadAndExecute = Read | Traverse,
Write = AddFile | AddSubdirectory | WriteExtendedAttributes |
WriteAttributes | Synchronize,
Modify = Read | Write | Delete | Traverse,
FullControl = DeleteChild | WriteDac | WriteOwner | Modify
}
[Flags()]
public enum AceType : byte
{
Allow = 0,// Access Allowed
Denied = 1,// Access Denied
Audit = 2
}
[Flags()]
public enum AceFlags : byte
{
OBJECT_INHERIT_ACE = 0x1,
CONTAINER_INHERIT_ACE = 0x2,
NO_PROPAGATE_INHERIT_ACE = 0x4,
INHERIT_ONLY_ACE = 0x8,
INHERITED_ACE = 0x10
}