BREAK ON
; The folder named "images" must exist on the C:\ drive.

$wmiFileSecSetting = GetObject("winmgmts:Win32_LogicalFileSecuritySetting.path='c:\\Temp'")
$objMethod = $wmiFileSecSetting.Methods_.Item("GetSecurityDescriptor")
$objRegOut = $wmiFileSecSetting.ExecMethod_($objMethod.Name)
IF @Error <> 0
	? "GetSecurityDescriptor failed" + @CRLF + @Error + @CRLF + @SError
	QUIT 1
ELSE
	? "GetSecurityDescriptor succeeded"
ENDIF
$wmiSecurityDescriptor = $objRegOut.Descriptor

; Retrieve the DACL array of Win32_ACE objects.
$DACL = $wmiSecurityDescriptor.DACL
FOR EACH $wmiAce IN $DACL
	? "Access Mask: " + $wmiAce.AccessMask
	? "ACE Type: " + $wmiAce.AceType
; Get Win32_Trustee object from ACE 
	$Trustee = $wmiAce.Trustee
	? "Trustee Domain: " + $Trustee.Domain
	? "Trustee Name: " + $Trustee.Name
	? "Trustee SID: " + $Trustee.SIDString
NEXT