当前位置:编程学习 > C#/ASP.NET >>

使用WMI列出Windows中某个目录的用户权限

using System;


using System.Management;


using System.Collections;



class Tester


{



public static void Main()


{


try


{


ManagementPath path = new ManagementPath( );


path.Server = ".";


path.NamespacePath = @"rootcimv2";


path.RelativePath = @"Win32_LogicalFileSecuritySetting.Path=c:\test"; // using tmp as folder name



ManagementObject lfs = new ManagementObject(path);


// Dump all trustees (this includes owner)


foreach (ManagementBaseObject b in lfs.GetRelated())


Console.WriteLine("Trustee: {0} SID [{1}]", b["AccountName"], b["SID"]);


// Get the security descriptor for this object


ManagementBaseObject outParams = lfs.InvokeMethod("GetSecurityDescriptor", null, null);



if (((uint)(outParams.Properties["ReturnValue"].Value)) == 0)


{


ManagementBaseObject Descriptor = ((ManagementBaseObject)(outParams.Properties["Descriptor"].Value));


ManagementBaseObject[] DaclObject = ((ManagementBaseObject[])(Descriptor.Properties["Dacl"].Value));


DumpACEs(DaclObject);


ManagementBaseObject OwnerObject = ((ManagementBaseObject)(Descriptor.Properties["Owner"].Value));


DumpOwnerProperties(OwnerObject.Properties); // Show owner properies


}


}


catch(Exception e)


{


Console.WriteLine(e);


Console.ReadLine();


}


}



static void DumpACEs(ManagementBaseObject[] DaclObject)


{


// ACE masks see: winnt.h


string[] filedesc = {"FILE_READ_DATA", "FILE_WRITE_DATA", "FILE_APPEND_DATA", "FILE_READ_EA",


"FILE_WRITE_EA", "FILE_EXECUTE", "FILE_DELETE_CHILD", "FILE_READ_ATTRIBUTES",


"FILE_WRITE_ATTRIBUTES", " ", " ", " ",


" ", " ", " ", " ",


"DELETE ", "READ_CONTROL", "WRITE_DAC", "WRITE_OWNER",


"SYNCHRONIZE ", " ", " "," ",


"ACCESS_SYSTEM_SECURITY", "MAXIMUM_ALLOWED", " "," ",


"GENERIC_ALL", "GENERIC_EXECUTE", "GENERIC_WRITE","GENERIC_READ"};



foreach(ManagementBaseObject mbo in DaclObject)


{


Console.WriteLine("-------------------------------------------------");


Console.WriteLine("mask: {0:X} - aceflags: {1} - acetype: {2}", mbo["AccessMask"], mbo["AceFlags"], mbo["AceType"]);


// Access allowed/denied ACE


if(mbo["AceType"].ToString() == "1")


Console.WriteLine("DENIED ACE TYPE");


else


Console.WriteLine("ALLOWED ACE TYPE");


// Dump trustees


ManagementBaseObject Trustee = ((ManagementBaseObject)(mbo["Trustee"]));


Console.WriteLine("Name: {0} - Domain: {1} - SID {2} ",


Trustee.Properties["Name"].Value,


Trustee.Properties["Domain"].Value,


Trustee.Properties["SIDString"].Value);


// Dump ACE mask in readable form


UInt32 mask = (UInt32)mbo["AccessMask"];


int[] m = {(int)mask};


BitArray ba = new BitArray(m);


int i = 0;


IEnumerator baEnum = ba.GetEnumerator();


while ( baEnum.MoveNext() )


{


if((bool)baEnum.Current)


Console.WriteLine( " [{0}]", filedesc[i]);


i++;


}


}


}



static void DumpOwnerProperties(PropertyDataCollection Owner)


{


Console.WriteLine("=============== Owner Properties ========================");


Console.WriteLine();


Console.WriteLine("Domain {0} Name {1}",Owner["Domain"].Value, Owner["Name"].Value);


Console.WriteLine("SID {0}",Owner["SidString"].Value);


Console.ReadLine();


}


}


补充:软件开发 , C# ,
CopyRight © 2022 站长资源库 编程知识问答 zzzyk.com All Rights Reserved
部分文章来自网络,