|
Ha! True... again... this sample script is the end result of a lot of doodling. The %temp% was an attempt at using the ADSSecurity.dll method as outlined in this script chunk:
Break On
$Security = CreateObject("ADsSecurity")
$SecurityDescriptor = $Security.GetSecurityDescriptor("%temp%")
For Each $ACE in $SecurityDescriptor.DiscretionaryACL
?"Name="$ACE.Trustee
?"Type="$ACE.AceType
?"Mask="$ACE.AccessMask
Next
Exit 1
that was posted a few years ago... Any reference to the standard way of VB method of calling a security descriptor seems to not work. What I read was that kix could not pull the reference because the security descriptor is an entire object and not just an array. Hmmph!
I use this code in VB and it works just fine without pulling from xcacls, etc...
On Error Resume Next
' The folder named "images" must exist on the C:\ drive.
Set wmiFileSecSetting = GetObject ("winmgmts:Win32_LogicalFileSecuritySetting.path='c:\\images'")
RetVal = wmiFileSecSetting.GetSecurityDescriptor(wmiSecurityDescriptor)
If Err <> 0 Then
WScript.Echo "GetSecurityDescriptor failed" & VBCRLF & Err.Number & VBCRLF & Err.Description
WScript.Quit
Else
WScript.Echo "GetSecurityDescriptor succeeded"
End If
' Retrieve the DACL array of Win32_ACE objects.
DACL = wmiSecurityDescriptor.DACL
For Each wmiAce in DACL
wscript.echo "Access Mask: " & wmiAce.AccessMask
wscript.echo "ACE Type: " & wmiAce.AceType
' Get Win32_Trustee object from ACE
Set Trustee = wmiAce.Trustee
wscript.echo "Trustee Domain: " & Trustee.Domain
wscript.echo "Trustee Name: " & Trustee.Name
wscript.echo "Trustee SID: " & Trustee.SIDString
Next
The only problem is.. all the other code (treeview, output, etc... ) is already coded in kixtart and kixforms.
| 
