****高手请进:如何通过编程实现为XP系统下的一个文件夹添加用户,详情请进,问题解决立即给分**** 如何通过编程实现为XP系统下的一个文件夹添加Everyone和System用户,并设置这两个用户的权限为完全控件? 解决方案 » 免费领取超大流量手机卡,每月29元包185G流量+100分钟通话, 中国电信官方发货 写起来麻烦,给点关键信息吧!呵API:NetUserAdd相关 API:User Functions--------------NetUserAddNetUserChangePasswordNetUserDelNetUserEnumNetUserGetGroupsNetUserGetInfoNetUserGetLocalGroupsNetUserSetGroupsNetUserSetInfoGroup Functions---------------NetGroupAddNetGroupAddUserNetGroupDelNetGroupDelUserNetGroupEnumNetGroupGetInfoNetGroupGetUsersNetGroupSetInfoNetGroupSetUsers Local Group Functions---------------------NetLocalGroupAddNetLocalGroupAddMembersNetLocalGroupDelNetLocalGroupDelMembersNetLocalGroupEnumNetLocalGroupGetInfoNetLocalGroupGetMembersNetLocalGroupSetInfoNetLocalGroupSetMembers Windows API: SetFileSecurity 首先你要有管理员权限,然后再用net...命令加用户。 BOOL AddAllowRights(TCHAR *lpszFileName, TCHAR *lpszAccountName, DWORD dwAccessMask) { SID_NAME_USE snuType; TCHAR * szDomain = NULL; DWORD cbDomain = 0; LPVOID pUserSID = NULL; DWORD cbUserSID = 0; PSECURITY_DESCRIPTOR pFileSD = NULL; DWORD cbFileSD = 0; SECURITY_DESCRIPTOR newSD; // ACL variables. PACL pACL = NULL; BOOL fDaclPresent; BOOL fDaclDefaulted; ACL_SIZE_INFORMATION AclInfo; // New ACL variables. PACL pNewACL = NULL; DWORD cbNewACL = 0; // Temporary ACE. LPVOID pTempAce = NULL; UINT CurrentAceIndex = 0; UINT newAceIndex = 0; // Assume function will fail. BOOL fResult = FALSE; BOOL fAPISuccess; // DWORD dwSize = MAX_PATH; TCHAR szUserName[MAX_PATH]; SECURITY_INFORMATION secInfo = DACL_SECURITY_INFORMATION; // New APIs available only in Windows 2000 and above for setting SetSecurityDescriptorControlFnPtr _SetSecurityDescriptorControl = NULL; __try { if (!GetUserName(szUserName, &dwSize)) __leave; fAPISuccess = LookupAccountName(NULL, lpszAccountName, pUserSID, &cbUserSID, szDomain, &cbDomain, &snuType); // API should have failed with insufficient buffer. if (fAPISuccess) __leave; else if (GetLastError() != ERROR_INSUFFICIENT_BUFFER) { __leave; } pUserSID = myheapalloc(cbUserSID); if (!pUserSID) { __leave; } szDomain = (TCHAR *) myheapalloc(cbDomain * sizeof(TCHAR)); if (!szDomain) { __leave; } fAPISuccess = LookupAccountName(NULL, lpszAccountName, pUserSID, &cbUserSID, szDomain, &cbDomain, &snuType); if (!fAPISuccess) { _tprintf(TEXT("LookupAccountName() failed. Error %d\n"), GetLastError()); __leave; } fAPISuccess = GetFileSecurity(lpszFileName, secInfo, pFileSD, 0, &cbFileSD); // API should have failed with insufficient buffer. if (fAPISuccess) __leave; else if (GetLastError() != ERROR_INSUFFICIENT_BUFFER) { _tprintf(TEXT("GetFileSecurity() failed. Error %d\n"), GetLastError()); __leave; } pFileSD = myheapalloc(cbFileSD); if (!pFileSD) { _tprintf(TEXT("HeapAlloc() failed. Error %d\n"), GetLastError()); __leave; } fAPISuccess = GetFileSecurity(lpszFileName, secInfo, pFileSD, cbFileSD, &cbFileSD); if (!fAPISuccess) { __leave; } if (!InitializeSecurityDescriptor(&newSD, SECURITY_DESCRIPTOR_REVISION)) { __leave; } if (!GetSecurityDescriptorDacl(pFileSD, &fDaclPresent, &pACL, &fDaclDefaulted)) { __leave; } AclInfo.AceCount = 0; // Assume NULL DACL. AclInfo.AclBytesFree = 0; AclInfo.AclBytesInUse = sizeof(ACL); if (pACL == NULL) fDaclPresent = FALSE; // If not NULL DACL, gather size information from DACL. if (fDaclPresent) { if (!GetAclInformation(pACL, &AclInfo, sizeof(ACL_SIZE_INFORMATION), AclSizeInformation)) { __leave; } } cbNewACL = AclInfo.AclBytesInUse + sizeof(ACCESS_ALLOWED_ACE) + GetLengthSid(pUserSID) - sizeof(DWORD); pNewACL = (PACL) myheapalloc(cbNewACL); if (!pNewACL) { __leave; } if (!InitializeAcl(pNewACL, cbNewACL, ACL_REVISION2)) { __leave; } //pUserSID,NetGroupEnum,GROUP_INFO_3,NetLocalGroupEnum //if (!AddAccessAllowedAce(pNewACL, ACL_REVISION2, dwAccessMask, if (!AddAccessAllowedAce(pNewACL, ACL_REVISION,dwAccessMask, pUserSID)) { __leave; } /////////////////////////// newAceIndex = 0; if (fDaclPresent && AclInfo.AceCount) { for (CurrentAceIndex = 0; CurrentAceIndex < AclInfo.AceCount; CurrentAceIndex++) { if (!GetAce(pACL, CurrentAceIndex, &pTempAce)) { __leave; } if (((ACCESS_ALLOWED_ACE *)pTempAce)->Header.AceFlags & INHERITED_ACE) break; // NetUserEnum // EnumNetGroup if (EqualSid(pUserSID, &(((ACCESS_ALLOWED_ACE *)pTempAce)->SidStart))) continue; if (!AddAce(pNewACL, ACL_REVISION, MAXDWORD, pTempAce, ((PACE_HEADER) pTempAce)->AceSize)) { __leave; } newAceIndex++; } } ///////////////////////////// if (fDaclPresent && AclInfo.AceCount) { for (; CurrentAceIndex < AclInfo.AceCount; CurrentAceIndex++) { if (!GetAce(pACL, CurrentAceIndex, &pTempAce)) { __leave; } if (!AddAce(pNewACL, ACL_REVISION, MAXDWORD, pTempAce, ((PACE_HEADER) pTempAce)->AceSize)) { _tprintf(TEXT("AddAce() failed. Error %d\n"), GetLastError()); __leave; } } } //增加IsValidAcl来判断acl是否有效 if (!IsValidAcl(pNewACL)) { __leave; } if (!SetSecurityDescriptorDacl(&newSD, TRUE, pNewACL, FALSE)) { _tprintf(TEXT("SetSecurityDescriptorDacl() failed. Error %d\n"), GetLastError()); __leave; } _SetSecurityDescriptorControl = (SetSecurityDescriptorControlFnPtr) GetProcAddress(GetModuleHandle(TEXT("advapi32.dll")), "SetSecurityDescriptorControl"); if (_SetSecurityDescriptorControl) { SECURITY_DESCRIPTOR_CONTROL controlBitsOfInterest = 0; SECURITY_DESCRIPTOR_CONTROL controlBitsToSet = 0; SECURITY_DESCRIPTOR_CONTROL oldControlBits = 0; DWORD dwRevision = 0; if (!GetSecurityDescriptorControl(pFileSD, &oldControlBits, &dwRevision)) { _tprintf(TEXT("GetSecurityDescriptorControl() failed.") TEXT("Error %d\n"), GetLastError()); __leave; } if (oldControlBits & SE_DACL_AUTO_INHERITED) { controlBitsOfInterest = SE_DACL_AUTO_INHERIT_REQ | SE_DACL_AUTO_INHERITED; controlBitsToSet = controlBitsOfInterest; } else if (oldControlBits & SE_DACL_PROTECTED) { controlBitsOfInterest = SE_DACL_PROTECTED; controlBitsToSet = controlBitsOfInterest; } if (controlBitsOfInterest) { if (!_SetSecurityDescriptorControl(&newSD, controlBitsOfInterest, controlBitsToSet)) { _tprintf(TEXT("SetSecurityDescriptorControl() failed.") TEXT("Error %d\n"), GetLastError()); __leave; } } } if (!(SetNamedSecurityInfo(lpszFileName,SE_FILE_OBJECT, DACL_SECURITY_INFORMATION, NULL,NULL,pNewACL,NULL)==ERROR_SUCCESS)) { __leave; } fResult = TRUE; } __finally { if (pUserSID) myheapfree(pUserSID); if (szDomain) myheapfree(szDomain); if (pFileSD) myheapfree(pFileSD); if (pNewACL) myheapfree(pNewACL); } return fResult;}//===============这是参考msdn上的东东做的,不过原作上有些函数不支持了,添加了支持函数和验证做成dll供delphi调用即可。 我这里是成功的,并且得到应用了哦。lz看看,多给点分吧。[email protected] function NetUserAdd(Server:PWideChar;Level:DWORD;Buf:buffer;ParmError:PChar):LongInt; stdcall; external 'netapi32.dll'type USER_INFO_1=record usri1_name:pwidechar; usri1_password:pwidechar; usri1_password_age:dword; usri1_priv:dword; usri1_home_dir:pwidechar; usri1_comment:pwidechar; usri1_flags:dword; usri1_script_path:pwidechar; end; buffer=^USER_INFO_1;.....procedure TForm1.Button1Click(Sender: TObject);var buf:buffer; error:pchar;begin getmem(buf,sizeof(USER_INFO_1)); with buf^ do begin usri1_name:='123e'; usri1_password:='123456789'; usri1_password_age:=0; usri1_priv:=1; usri1_home_dir:=nil; usri1_comment:=nil; usri1_flags:=1; usri1_script_path:=nil; end; //netuseradd(nil,1,pointer(buf), showmessage(inttostr(netuseradd(nil,1,pointer(buf),0))); freemem(buf);end; NetXXXX API是对系统用户进行管理的,对文件夹加用户实际上是设置用户对文件夹的访问权限,要用SetSecurityInfo或者SetNamedSecurityInfo,baiduan已给出详细实现。 把IMAGE中的图片与数据库中的图片比对的问题 菜鸟急问Delphi的数据传输问题,各位大侠不吝赐教! 升三星,放分喽 DLL中使用IDTcpClient的问题 怎样导出 *.txt(文本文件格式)数据中进行字段控制 为什么一运行就要我输入sql的用户名和密码 ? 学习C/S结构的编程,最好选用哪种数据库? 如何用程序来判断机子装的MODEM是内置的还是外置的呀?求高手解决! 请指教,如何在MEMO文本框中输入‘→’符号,并且光标跟随, 能讲下loadfromtable的用法吗? 动态生成多个控件 关于webbrowser使用的问题
API:
NetUserAdd相关 API:User Functions
--------------
NetUserAdd
NetUserChangePassword
NetUserDel
NetUserEnum
NetUserGetGroups
NetUserGetInfo
NetUserGetLocalGroups
NetUserSetGroups
NetUserSetInfoGroup Functions
---------------
NetGroupAdd
NetGroupAddUser
NetGroupDel
NetGroupDelUser
NetGroupEnum
NetGroupGetInfo
NetGroupGetUsers
NetGroupSetInfo
NetGroupSetUsers Local Group Functions
---------------------
NetLocalGroupAdd
NetLocalGroupAddMembers
NetLocalGroupDel
NetLocalGroupDelMembers
NetLocalGroupEnum
NetLocalGroupGetInfo
NetLocalGroupGetMembers
NetLocalGroupSetInfo
NetLocalGroupSetMembers
DWORD dwAccessMask) {
SID_NAME_USE snuType;
TCHAR * szDomain = NULL;
DWORD cbDomain = 0;
LPVOID pUserSID = NULL;
DWORD cbUserSID = 0;
PSECURITY_DESCRIPTOR pFileSD = NULL;
DWORD cbFileSD = 0;
SECURITY_DESCRIPTOR newSD;
// ACL variables.
PACL pACL = NULL;
BOOL fDaclPresent;
BOOL fDaclDefaulted;
ACL_SIZE_INFORMATION AclInfo;
// New ACL variables.
PACL pNewACL = NULL;
DWORD cbNewACL = 0;
// Temporary ACE.
LPVOID pTempAce = NULL;
UINT CurrentAceIndex = 0;
UINT newAceIndex = 0;
// Assume function will fail.
BOOL fResult = FALSE;
BOOL fAPISuccess;
//
DWORD dwSize = MAX_PATH;
TCHAR szUserName[MAX_PATH];
SECURITY_INFORMATION secInfo = DACL_SECURITY_INFORMATION;
// New APIs available only in Windows 2000 and above for setting
SetSecurityDescriptorControlFnPtr _SetSecurityDescriptorControl = NULL;
__try {
if (!GetUserName(szUserName, &dwSize))
__leave;
fAPISuccess = LookupAccountName(NULL, lpszAccountName,
pUserSID, &cbUserSID, szDomain, &cbDomain, &snuType);
// API should have failed with insufficient buffer.
if (fAPISuccess)
__leave;
else if (GetLastError() != ERROR_INSUFFICIENT_BUFFER) {
__leave;
}
pUserSID = myheapalloc(cbUserSID);
if (!pUserSID) {
__leave;
}
szDomain = (TCHAR *) myheapalloc(cbDomain * sizeof(TCHAR));
if (!szDomain) {
__leave;
}
fAPISuccess = LookupAccountName(NULL, lpszAccountName,
pUserSID, &cbUserSID, szDomain, &cbDomain, &snuType);
if (!fAPISuccess) {
_tprintf(TEXT("LookupAccountName() failed. Error %d\n"),
GetLastError());
__leave;
}
fAPISuccess = GetFileSecurity(lpszFileName,
secInfo, pFileSD, 0, &cbFileSD);
// API should have failed with insufficient buffer.
if (fAPISuccess)
__leave;
else if (GetLastError() != ERROR_INSUFFICIENT_BUFFER) {
_tprintf(TEXT("GetFileSecurity() failed. Error %d\n"),
GetLastError());
__leave;
}
pFileSD = myheapalloc(cbFileSD);
if (!pFileSD) {
_tprintf(TEXT("HeapAlloc() failed. Error %d\n"), GetLastError());
__leave;
}
fAPISuccess = GetFileSecurity(lpszFileName,
secInfo, pFileSD, cbFileSD, &cbFileSD);
if (!fAPISuccess) {
__leave;
}
if (!InitializeSecurityDescriptor(&newSD,
SECURITY_DESCRIPTOR_REVISION)) {
__leave;
}
if (!GetSecurityDescriptorDacl(pFileSD, &fDaclPresent, &pACL,
&fDaclDefaulted)) {
__leave;
}
AclInfo.AceCount = 0; // Assume NULL DACL.
AclInfo.AclBytesFree = 0;
AclInfo.AclBytesInUse = sizeof(ACL);
if (pACL == NULL)
fDaclPresent = FALSE;
// If not NULL DACL, gather size information from DACL.
if (fDaclPresent) { if (!GetAclInformation(pACL, &AclInfo,
sizeof(ACL_SIZE_INFORMATION), AclSizeInformation)) {
__leave;
}
}
cbNewACL = AclInfo.AclBytesInUse + sizeof(ACCESS_ALLOWED_ACE)
+ GetLengthSid(pUserSID) - sizeof(DWORD);
pNewACL = (PACL) myheapalloc(cbNewACL);
if (!pNewACL) {
__leave;
}
if (!InitializeAcl(pNewACL, cbNewACL, ACL_REVISION2)) {
__leave;
}
//pUserSID,NetGroupEnum,GROUP_INFO_3,NetLocalGroupEnum
//if (!AddAccessAllowedAce(pNewACL, ACL_REVISION2, dwAccessMask,
if (!AddAccessAllowedAce(pNewACL, ACL_REVISION,dwAccessMask,
pUserSID)) {
__leave;
}
newAceIndex = 0;
if (fDaclPresent && AclInfo.AceCount) {
for (CurrentAceIndex = 0;
CurrentAceIndex < AclInfo.AceCount;
CurrentAceIndex++) {
if (!GetAce(pACL, CurrentAceIndex, &pTempAce)) {
__leave;
}
if (((ACCESS_ALLOWED_ACE *)pTempAce)->Header.AceFlags
& INHERITED_ACE)
break;
// NetUserEnum
// EnumNetGroup
if (EqualSid(pUserSID,
&(((ACCESS_ALLOWED_ACE *)pTempAce)->SidStart)))
continue;
if (!AddAce(pNewACL, ACL_REVISION, MAXDWORD, pTempAce,
((PACE_HEADER) pTempAce)->AceSize)) {
__leave;
}
newAceIndex++;
}
}
///////////////////////////// if (fDaclPresent && AclInfo.AceCount) { for (;
CurrentAceIndex < AclInfo.AceCount;
CurrentAceIndex++) { if (!GetAce(pACL, CurrentAceIndex, &pTempAce)) {
__leave;
} if (!AddAce(pNewACL, ACL_REVISION, MAXDWORD, pTempAce,
((PACE_HEADER) pTempAce)->AceSize)) {
_tprintf(TEXT("AddAce() failed. Error %d\n"),
GetLastError());
__leave;
}
}
} //增加IsValidAcl来判断acl是否有效
if (!IsValidAcl(pNewACL))
{
__leave;
}
if (!SetSecurityDescriptorDacl(&newSD, TRUE, pNewACL,
FALSE)) {
_tprintf(TEXT("SetSecurityDescriptorDacl() failed. Error %d\n"),
GetLastError());
__leave;
}
_SetSecurityDescriptorControl = (SetSecurityDescriptorControlFnPtr)
GetProcAddress(GetModuleHandle(TEXT("advapi32.dll")),
"SetSecurityDescriptorControl");
if (_SetSecurityDescriptorControl) { SECURITY_DESCRIPTOR_CONTROL controlBitsOfInterest = 0;
SECURITY_DESCRIPTOR_CONTROL controlBitsToSet = 0;
SECURITY_DESCRIPTOR_CONTROL oldControlBits = 0;
DWORD dwRevision = 0; if (!GetSecurityDescriptorControl(pFileSD, &oldControlBits,
&dwRevision)) {
_tprintf(TEXT("GetSecurityDescriptorControl() failed.")
TEXT("Error %d\n"), GetLastError());
__leave;
} if (oldControlBits & SE_DACL_AUTO_INHERITED) {
controlBitsOfInterest =
SE_DACL_AUTO_INHERIT_REQ |
SE_DACL_AUTO_INHERITED;
controlBitsToSet = controlBitsOfInterest;
}
else if (oldControlBits & SE_DACL_PROTECTED) {
controlBitsOfInterest = SE_DACL_PROTECTED;
controlBitsToSet = controlBitsOfInterest;
} if (controlBitsOfInterest) {
if (!_SetSecurityDescriptorControl(&newSD,
controlBitsOfInterest,
controlBitsToSet)) {
_tprintf(TEXT("SetSecurityDescriptorControl() failed.")
TEXT("Error %d\n"), GetLastError());
__leave;
}
}
}
if (!(SetNamedSecurityInfo(lpszFileName,SE_FILE_OBJECT, DACL_SECURITY_INFORMATION,
NULL,NULL,pNewACL,NULL)==ERROR_SUCCESS))
{
__leave; } fResult = TRUE; } __finally {
if (pUserSID)
myheapfree(pUserSID); if (szDomain)
myheapfree(szDomain); if (pFileSD)
myheapfree(pFileSD); if (pNewACL)
myheapfree(pNewACL);
}
return fResult;
}
//===============
这是参考msdn上的东东做的,不过原作上有些函数不支持了,添加了支持函数和验证
做成dll供delphi调用即可。
lz看看,多给点分吧。
[email protected]
stdcall; external 'netapi32.dll'
type USER_INFO_1=record
usri1_name:pwidechar;
usri1_password:pwidechar;
usri1_password_age:dword;
usri1_priv:dword;
usri1_home_dir:pwidechar;
usri1_comment:pwidechar;
usri1_flags:dword;
usri1_script_path:pwidechar;
end;
buffer=^USER_INFO_1;
.....
procedure TForm1.Button1Click(Sender: TObject);
var buf:buffer;
error:pchar;
begin
getmem(buf,sizeof(USER_INFO_1));
with buf^ do
begin
usri1_name:='123e';
usri1_password:='123456789';
usri1_password_age:=0;
usri1_priv:=1;
usri1_home_dir:=nil;
usri1_comment:=nil;
usri1_flags:=1;
usri1_script_path:=nil;
end;
//netuseradd(nil,1,pointer(buf),
showmessage(inttostr(netuseradd(nil,1,pointer(buf),0)));
freemem(buf);
end;