I need to know how to set a DACL in a folder using NTFS in order to establish
the permissions for the folder, I have already acomplished this with a share
object but I also want to put security in the folder itself. The following
piece of code shows the way I have given the permissions to the share:
Dim Ace1, Ace2 As Management.ManagementObject
Dim scope As New Management.ManagementScope("\\localhost\root\cimv2 ")
'Set an ACE for the user
Ace1 = SetAce(scope, 2032127, 3, 0, SetTrustee(scope, "user",
UserName,UserSID))
Ace2 = SetAce(scope, 2032127, 3, 0, SetTrustee(scope, "user", "Admins. del
dominio", adminSID))
'Place the aces into a Win32_SecurityDescriptor
Dim secDescriptor As Management.ManagementObject
secDescriptor = New Management.ManagementClass(scope, New
Management.ManagementPath("Win32_SecurityDescripto r"),
Nothing).CreateInstance()
secDescriptor("ControlFlags") = 4
secDescriptor("DACL") = New Management.ManagementObject() {Ace1, Ace2}
Private Function SetTrustee(ByVal scope As Management.ManagementScope, ByVal
domain As String, ByVal name As String, ByVal UserSid As Byte()) As
Management.ManagementObject
Dim wmiTrustee As Management.ManagementObject
wmiTrustee = New Management.ManagementClass(scope, New
Management.ManagementPath("Win32_Trustee"), Nothing).CreateInstance()
wmiTrustee("Domain") = domain
wmiTrustee("Name") = name
wmiTrustee("SID") = UserSid
Return wmiTrustee
End Function
Private Function SetAce(ByVal scope As Management.ManagementScope, ByVal
accessMask As Integer, ByVal aceFlags As Integer, ByVal aceType As Integer,
ByVal wmiTrustee As Management.ManagementObject) As
Management.ManagementObject
Dim wmiAce As Management.ManagementObject
wmiAce = New Management.ManagementClass(scope, New
Management.ManagementPath("Win32_ACE"), Nothing).CreateInstance()
wmiAce("AccessMask") = accessMask
wmiAce("AceFlags") = aceFlags
wmiAce("AceType") = aceType
wmiAce("Trustee") = wmiTrustee
Return wmiAce
End Function