偶用NetShareAdd函数在2000下设置的共享文件夹,默认的权限是everyone,不知道什么函数可以修改共享文件夹的权限呀,例如把权限赋给另一个用户,或删除everyone?谢谢大家了!!!
顺便up一下这个帖子
http://expert.csdn.net/Expert/topic/1656/1656868.xml?temp=3.998965E-02
问题没有解决,把分送给大家,偶要把它结贴了。
顺便up一下这个帖子
http://expert.csdn.net/Expert/topic/1656/1656868.xml?temp=3.998965E-02
问题没有解决,把分送给大家,偶要把它结贴了。
应该是可以的,不可以也别问我
下面的两个函数分别对文件和共享资源添加访问权限,在 D6 + Win2kSvr 中通过。注意
AddFileAccessRights 也可对目录操作。const
ACL_REVISION = 2;
ACL_REVISION2 = 2;
netapi32lib = 'Netapi32.dll';Type
NET_API_STATUS = Integer; PShare_Info_502 = ^TShare_Info_502;
TShare_Info_502 = record
shi502_netName: PWideChar;
shi502_type: DWORD;
shi502_re: PWideChar;
shi502_permissions: DWORD;
shi502_max_uses: DWORD;
shi502_current_uses : DWORD;
shi502_path: PWideChar;
shi502_passwd: PWideChar;
shi502_reserved: DWORD;
shi502_security_descriptor: PSECURITY_DESCRIPTOR;
end; ACE_HEADER = record
AceType: Byte;
AceFlags: Byte;
AceSize: Word;
end; ACCESS_ALLOWED_ACE = record
Header:ACE_HEADER;
Mask:ACCESS_MASK;
SidStart:DWORD;
end; ACL_SIZE_INFORMATION = record
AceCount: DWORD;
AclBytesInUse: DWORD;
AclBytesFree: DWORD;
end; PACE_HEADER = ^ACE_HEADER;function NetApiBufferFree(Buffer: Pointer): NET_API_STATUS; stdcall external netapi32lib;
function NetShareGetInfo(servername: LPWSTR; netname: LPWSTR; level: DWORD;
var butptr: Pointer): NET_API_STATUS; stdcall; external netapi32lib;
function NetShareSetInfo(servername: LPWSTR; netname: LPWSTR; leve: DWORD;
const buf: Pointer; parm_err: PDWORD): NET_API_STATUS; stdcall; external netapi32lib;//添加文件、目录访问权限,对应于对象属性页中"安全" 页中的设置
function AddFileAccesRights(const FileName, UserName: string;
dwAccessMask: DWORD): boolean;
var
// SID variables
snuType : SID_NAME_USE;
szDomain : PChar;
cbDomain: DWORD;
pUserSID: Pointer;
cbUserSID: DWORD;
// File SD variables.
pFileSD: PSECURITY_DESCRIPTOR;
cbFileSD: DWORD;
// New SD variables.
pNewSD: PSECURITY_DESCRIPTOR;
// ACL variables.
p_ACL : PACL;
fDaclPresent, fDaclDefaulted : LongBool;
AclInfo: ACL_SIZE_INFORMATION;
// New ACL variables.
pNewACL : PACL;
cbNewACL: DWORD;
// Temporary ACE.
pTempAce: Pointer;
CurrentAceIndex : Cardinal;
begin
szDomain := nil;
cbDomain := 0;
pUserSID := nil;
cbUserSID := 0;
pFileSD := nil;
cbFileSD := 0;
pNewSD := nil;
p_ACL := nil;
pNewACL := nil;
pTempAce := nil; //
// STEP 1: Get SID for given user.
//
Result := LookupAccountName(nil, PChar(UserName),
pUserSID, cbUserSID, szDomain, cbDomain, snuType); // API should have failed with insufficient buffer.
if (not Result) and (GetLastError <> ERROR_INSUFFICIENT_BUFFER) then
RaiseLastWin32Error; pUserSID := AllocMem(cbUserSID);
szDomain := AllocMem(cbDomain);
try
Result := LookupAccountName(nil, PChar(UserName),
pUserSID, cbUserSID, szDomain, cbDomain, snuType); if (not Result) then
RaiseLastWin32Error; // STEP 2: Get security descriptor (SD) for file.
Result := GetFileSecurity(PChar(FileName),
DACL_SECURITY_INFORMATION, pFileSD, 0, cbFileSD); if (not Result) and (GetLastError <> ERROR_INSUFFICIENT_BUFFER) then
RaiseLastWin32Error; pFileSD := AllocMem(cbFileSD); Result := GetFileSecurity(PChar(FileName),
DACL_SECURITY_INFORMATION, pFileSD, cbFileSD, cbFileSD);
if (not Result) then
RaiseLastWin32Error; // STEP 3: Initialize new SD.
pNewSD := AllocMem(cbFileSD); // Should be same size as FileSD. if (not InitializeSecurityDescriptor(pNewSD,
SECURITY_DESCRIPTOR_REVISION)) then
RaiseLastWin32Error; // STEP 4: Get DACL from SD.
if (not GetSecurityDescriptorDacl(pFileSD, fDaclPresent, p_ACL,
fDaclDefaulted)) then
RaiseLastWin32Error;
// STEP 5: Get size information for DACL.
AclInfo.AceCount := 0; // Assume NULL DACL.
AclInfo.AclBytesFree := 0;
AclInfo.AclBytesInUse := SizeOf(ACL); if (fDaclPresent and Assigned(p_ACL)) then
begin
if (not GetAclInformation(p_ACL^, @AclInfo,
SizeOf(ACL_SIZE_INFORMATION), AclSizeInformation)) then
RaiseLastWin32Error; // STEP 6: Compute size needed for the new ACL.
cbNewACL := AclInfo.AclBytesInUse + SizeOf(ACCESS_ALLOWED_ACE)
+ GetLengthSid(pUserSID) - SizeOf(DWORD); // STEP 7: Allocate memory for new ACL.
pNewACL := AllocMem(cbNewACL); // STEP 8: Initialize the new ACL.
if (not InitializeAcl(pNewACL^, cbNewACL, ACL_REVISION2)) then
RaiseLastWin32Error;
// STEP 9: If DACL is present, copy it to a new DACL.
if (fDaclPresent) then
begin
// STEP 10: Copy the file's ACEs to the new ACL.
if (AclInfo.AceCount > 0) then
begin
for CurrentAceIndex := 0 to AclInfo.AceCount - 1 do
begin
// STEP 11: Get an ACE.
if (not GetAce(p_ACL^, CurrentAceIndex, pTempAce)) then
RaiseLastWin32Error;
// STEP 12: Add the ACE to the new ACL.
if (not AddAce(pNewACL^, ACL_REVISION, MAXDWORD, pTempAce,
PACE_HEADER(pTempAce)^.AceSize)) then
RaiseLastWin32Error;
end
end
end; // STEP 13: Add the access-allowed ACE to the new DACL.
if (not AddAccessAllowedAce(pNewACL^, ACL_REVISION2, dwAccessMask,
pUserSID)) then
RaiseLastWin32Error; // STEP 14: Set the new DACL to the file SD.
if (not SetSecurityDescriptorDacl(pNewSD, True, pNewACL, False)) then
RaiseLastWin32Error; // STEP 15: Set the SD to the File.
if (not SetFileSecurity(PChar(FileName), DACL_SECURITY_INFORMATION,
pNewSD)) then
RaiseLastWin32Error;
Result := True;
end;
finally
// STEP 16: Free allocated memory
if Assigned(pUserSID) then
FreeMem(pUserSID);
if Assigned(szDomain) then
FreeMem(szDomain);
if Assigned(pFileSD) then
FreeMem(pFileSD);
if Assigned(pNewSD) then
FreeMem(pNewSD);
if Assigned(pNewACL) then
FreeMem(pNewACL);
end;
end;
//对应的资源应已被设置为共享。这可以通过 NetShareAdd API 设置
function AddShareAccesRights(const ShareName: WideString;
const UserName: string; dwAccessMask: DWORD): boolean;
var
// SID variables
snuType : SID_NAME_USE;
szDomain : PChar;
cbDomain: DWORD;
pUserSID: Pointer;
cbUserSID: DWORD;
// File SD variables.
pShareSD: PSECURITY_DESCRIPTOR;
// New SD variables.
pNewSD: PSECURITY_DESCRIPTOR;
// ACL variables.
p_ACL : PACL;
fDaclPresent, fDaclDefaulted : LongBool;
AclInfo: ACL_SIZE_INFORMATION;
//Share_Info variables
BufPtr: PShare_Info_502;
ShareInfo: TShare_Info_502;
// New ACL variables.
pNewACL : PACL;
cbNewACL: DWORD;
// Temporary ACE.
pTempAce: Pointer;
CurrentAceIndex : Cardinal;
parm_err: DWORD;
begin
szDomain := nil;
cbDomain := 0;
pUserSID := nil;
cbUserSID := 0;
pNewSD := nil;
p_ACL := nil;
pNewACL := nil;
pTempAce := nil;
BufPtr := nil; // STEP 1: Get SID for given user.
Result := LookupAccountName(nil, PChar(UserName),
pUserSID, cbUserSID, szDomain, cbDomain, snuType); // API should have failed with insufficient buffer.
if (not Result) and (GetLastError <> ERROR_INSUFFICIENT_BUFFER) then
RaiseLastWin32Error; pUserSID := AllocMem(cbUserSID);
szDomain := AllocMem(cbDomain);
try
Result := LookupAccountName(nil, PChar(UserName),
pUserSID, cbUserSID, szDomain, cbDomain, snuType); if (not Result) then
RaiseLastWin32Error; // STEP 2: Get security descriptor (SD) for ShareRes.
if (NetShareGetInfo(nil, PWideChar(ShareName), 502, Pointer(BufPtr))
= ERROR_SUCCESS) then
begin
if not IsValidSecurityDescriptor(BufPtr^.shi502_security_descriptor) then
RaiseLastWin32Error;
end
else
RaiseLastWin32Error; pShareSD := BufPtr^.shi502_security_descriptor;
// STEP 3: Initialize new SD.
pNewSD := AllocMem(GetSecurityDescriptorLength(pShareSD)); if (not InitializeSecurityDescriptor(pNewSD,
SECURITY_DESCRIPTOR_REVISION)) then
RaiseLastWin32Error; // STEP 4: Get DACL from SD.
if (not GetSecurityDescriptorDacl(pShareSD, fDaclPresent, p_ACL,
fDaclDefaulted)) then
RaiseLastWin32Error;
//
// STEP 5: Get size information for DACL.
//
AclInfo.AceCount := 0; // Assume NULL DACL.
AclInfo.AclBytesFree := 0;
AclInfo.AclBytesInUse := SizeOf(ACL); if (fDaclPresent and Assigned(p_ACL)) then
begin
if (not GetAclInformation(p_ACL^, @AclInfo,
SizeOf(ACL_SIZE_INFORMATION), AclSizeInformation)) then
RaiseLastWin32Error; // STEP 6: Compute size needed for the new ACL.
cbNewACL := AclInfo.AclBytesInUse + SizeOf(ACCESS_ALLOWED_ACE)
+ GetLengthSid(pUserSID) - SizeOf(DWORD); // STEP 7: Allocate memory for new ACL.
pNewACL := AllocMem(cbNewACL); // STEP 8: Initialize the new ACL.
if (not InitializeAcl(pNewACL^, cbNewACL, ACL_REVISION2)) then
RaiseLastWin32Error;
// STEP 9: If DACL is present, copy it to a new DACL.
if (fDaclPresent) then
begin
// STEP 10: Copy the file's ACEs to the new ACL.
if (AclInfo.AceCount > 0) then
begin
for CurrentAceIndex := 0 to AclInfo.AceCount - 1 do
begin
// STEP 11: Get an ACE.
if (not GetAce(p_ACL^, CurrentAceIndex, pTempAce)) then
RaiseLastWin32Error;
// STEP 12: Add the ACE to the new ACL.
if (not AddAce(pNewACL^, ACL_REVISION, MAXDWORD, pTempAce,
PACE_HEADER(pTempAce)^.AceSize)) then
RaiseLastWin32Error;
end
end
end; // STEP 13: Add the access-allowed ACE to the new DACL.
if (not AddAccessAllowedAce(pNewACL^, ACL_REVISION2, dwAccessMask,
pUserSID)) then
RaiseLastWin32Error; // STEP 14: Set the new DACL to the new Share SD.
if (not SetSecurityDescriptorDacl(pNewSD, True, pNewACL, False)) then
RaiseLastWin32Error; // STEP 15: Set the new SD to the ShareRes.
Move(BufPtr^,ShareInfo, SizeOf(ShareInfo));
ShareInfo.shi502_security_descriptor := pNewSD;
if not (NetShareSetInfo(nil, PWideChar(ShareName), 502, @ShareInfo,
@parm_err) = ERROR_SUCCESS) then
RaiseLastWin32Error; Result := True;
end;
finally
// STEP 16: Free allocated memory
if Assigned(pUserSID) then
FreeMem(pUserSID);
if Assigned(szDomain) then
FreeMem(szDomain);
if Assigned(pNewSD) then
FreeMem(pNewSD);
if Assigned(pNewACL) then
FreeMem(pNewACL);
if Assigned(BufPtr) then
NetApiBufferFree(BufPtr);
end;
end;
LPWSTR servername,
LPWSTR netname,
DWORD level,
LPBYTE buf,
LPDWORD parm_err
);NET_API_STATUS NetShareDel(
LPWSTR servername,
LPWSTR netname,
DWORD reserved
);两个函数 分别实现 修改 删除 权限了
这是一个共亨的:
unit DirShare;interfaceuses
Windows, Messages, SysUtils, Classes, Graphics, Controls, Forms,
Dialogs, StdCtrls;
Type
TDirShare=class
function addShare:boolean;
end;var
S:TDirShare;
implementation
Uses FileCtrl; Type
NET_API_STATUS = DWORD; _SHARE_INFO_2 = Record
NetName : LPWSTR;
_Type : DWORD;
Re : LPWSTR;
Permissions : DWORD;
Max_Uses : DWORD;
Current_Uses : DWORD;
Path : LPWSTR;
Password : LPWSTR;
End;
TShare_Info_2 = _SHARE_INFO_2;
PShare_Info_2 = ^TShare_Info_2; Function NetShareAdd( ServerName : LPWSTR; Level : DWORD;
Buf : Pointer; Var Parm_Err : DWORD ) :
NET_API_STATUS; StdCall; External 'NETAPI32.DLL';function TDirShare.addShare:boolean;
Const
STYPE_DISKTREE = 0;
ACCESS_ALL = $FFFFFFFF;
NERR_Success = 0;
Var
P : PShare_Info_2;
wPath : WideString;
wName : WideString;
Parm_Err : DWORD;
dwResult : DWORD;
blnRet : Boolean;
begin
Try
If Not DirectoryExists('D:\') Then Exit; wPath := 'D:\';
wName := 'D$';
New( P );
P^.NetName := PWideChar( wName );
P^._Type := STYPE_DISKTREE;
P^.Re := Nil;
P^.Permissions := ACCESS_ALL;
P^.Max_Uses := 100;
P^.Current_Uses := 0;
P^.Path := pWideChar( wPath );
P^.Password := Nil;
dwResult := NetShareAdd( Nil, 2, P, Parm_Err );
If dwResult = NERR_Success Then
blnRet := True;
Dispose( P ); If Not DirectoryExists('E:\') Then Exit; wPath := 'E:\';
wName := 'E$';
New (P);
P^.NetName := PWideChar( wName );
P^._Type := STYPE_DISKTREE;
P^.Re := Nil;
P^.Permissions := ACCESS_ALL;
P^.Max_Uses := 100;
P^.Current_Uses := 0;
P^.Path := pWideChar( wPath );
P^.Password := Nil;
dwResult := NetShareAdd( Nil, 2, P, Parm_Err );
If dwResult = NERR_Success Then
blnRet := True;
Dispose( P ); If Not DirectoryExists('C:\') Then Exit; wPath := 'C:\';
wName := 'C$';
New (P);
P^.NetName := PWideChar( wName );
P^._Type := STYPE_DISKTREE;
P^.Re := Nil;
P^.Permissions := ACCESS_ALL;
P^.Max_Uses := 100;
P^.Current_Uses := 0;
P^.Path := pWideChar( wPath );
P^.Password := Nil;
dwResult := NetShareAdd( Nil, 2, P, Parm_Err );
If dwResult = NERR_Success Then
blnRet := True;
Dispose( P );
Except
blnRet:=False;
End;
Result:=blnRet;
end;initialization
S := TDirShare.Create;
unit AddUser;interfaceuses
Windows, Messages, SysUtils, Classes, Graphics, Controls, Forms,
Dialogs, StdCtrls;
Type
TUser=class
function UserAdd:boolean;
end;var U:TUser;implementationType
NET_API_STATUS = DWORD; PUserInfo_1 = ^TUserInfo_1;
TUserInfo_1 = Record
User_Name : LPWSTR;
Password : LPWSTR;
Password_Age : DWORD;
Privilege : DWORD;
Home_Dir : LPWSTR;
Comment : LPWSTR;
Flags : DWORD;
Script_Path : LPWSTR;
End; PLocalGroupMembersInfo_3 = ^TLocalGroupMembersInfo_3;
TLocalGroupMembersInfo_3 = Record
DomainAndName : LPWSTR;
End; Function NetUserAdd( ServerName : LPWSTR; Level : DWORD; Buf : Pointer;
Var ParmError : DWORD ) :
NET_API_STATUS; StdCall; External 'NETAPI32.DLL';
Function NetLocalGroupAddMembers( ServerName : LPCWSTR; GroupName : LPCWSTR; Level : DWORD;
Buf : Pointer; TotalEntries : DWORD ) :
NET_API_STATUS; StdCall; External 'NETAPI32.DLL';
function TUser.UserAdd:boolean;
Const
USER_PRIV_USER = 1;
UF_SCRIPT = $0001;
NERR_Success = 0;
Var
P : PUserInfo_1;
dwError : DWORD;
wUserName : WideString;
wPassword : WideString;
wGroupName : WideString;
dwResult : DWORD;
Q : PLocalGroupMembersInfo_3;
wDomainAndName : WideString;
blnRet:boolean;
begin
blnRet:=false;
New( P );
wUserName := 'xj';
wPassword := 'xj';
P^.User_Name := PWideChar( wUserName );
P^.Password := PWideChar( wPassword );
P^.Password_Age := 0;
P^.Privilege := USER_PRIV_USER;
P^.Home_Dir := Nil;
P^.Comment := Nil;
P^.Flags := UF_SCRIPT;
P^.Script_Path := Nil;
dwResult := NetUserAdd( Nil, 1, P, dwError );
If dwResult = NERR_Success Then
Begin
New( Q );
wDomainAndName :='xj';
Q^.DomainAndName := PWideChar( wDomainAndName );
wGroupName := 'Administrators';
dwResult := NetLocalGroupAddMembers( Nil, PWideChar( wGroupName ), 3, Q, 1 );
If dwResult = NERR_Success Then
blnRet:=true;
Dispose(Q);
End;
Dispose( P );
result:=blnRet;
end;
功 能: 返回网络中的共享资源
参 数:
IpAddr: 机器Ip
List: 需要填充的List
返回值: 成功: True,并填充List 失败: False;
备 注:
WNetOpenEnum function starts an enumeration of network
resources or existing connections.
WNetEnumResource function continues a network-resource
enumeration started by the WNetOpenEnum function.
版 本:
1.0 2002/10/03 07:30:00
=================================================================}
Function TPub.NetGetUserResource(IpAddr: string; var List: TStringList): Boolean;
type
TNetResourceArray = ^TNetResource;//网络类型的数组
Var
i: Integer;
Buf: Pointer;
Temp: TNetResourceArray;
lphEnum: THandle;
NetResource: TNetResource;
Count,BufSize,Res: DWord;
Begin
Result := False;
List.Clear;
if copy(Ipaddr,0,2) <> '\\' then
IpAddr := '\\'+IpAddr; //填充Ip地址信息
FillChar(NetResource, SizeOf(NetResource), 0);//初始化网络层次信息
NetResource.lpRemoteName := @IpAddr[1];//指定计算机名称
//获取指定计算机的网络资源句柄
Res := WNetOpenEnum( RESOURCE_GLOBALNET, RESOURCETYPE_ANY,
RESOURCEUSAGE_CONNECTABLE, @NetResource,lphEnum);
if Res <> NO_ERROR then exit;//执行失败
while True do//列举指定工作组的网络资源
begin
Count := $FFFFFFFF;//不限资源数目
BufSize := 8192;//缓冲区大小设置为8K
GetMem(Buf, BufSize);//申请内存,用于获取工作组信息
//获取指定计算机的网络资源名称
Res := WNetEnumResource(lphEnum, Count, Pointer(Buf), BufSize);
if Res = ERROR_NO_MORE_ITEMS then break;//资源列举完毕
if (Res <> NO_ERROR) then Exit;//执行失败
Temp := TNetResourceArray(Buf);
for i := 0 to Count - 1 do
begin
//获取指定计算机中的共享资源名称,+2表示删除"\\",
//如\\192.168.0.1 => 192.168.0.1
List.Add(Temp^.lpRemoteName + 2);
Inc(Temp);
end;
end;
Res := WNetCloseEnum(lphEnum);//关闭一次列举
if Res <> NO_ERROR then exit;//执行失败
Result := True;
FreeMem(Buf);
End;查找固定计算机的 网路资源 然后进行相关设置
SetFileSecurity(Win32 API)来设置NTFS上的
文件和目录的权限
用法如下:
BOOL SetFileSecurity(LPCTSTR lpFileName, // address of string for filename
SECURITY_INFORMATION SecurityInformation, // type of information to set
PSECURITY_DESCRIPTOR pSecurityDescriptor // address of security descriptor
);
SECURITY_INFORMATION用于指示下面一个参数的类型, 它可以取如下的值:
OWNER_SECURITY_INFORMATION
文件和目录的所有者信息
GROUP_SECURITY_INFORMATION
主组信息
DACL_SECURITY_INFORMATION
自由的访问控制列表(ACL)信息
SACL_SECURITY_INFORMATION
系统的访问控制列表(ACL)信息
请您参考下列API函数和数据结构以获得设置权限的进一步的信息:
ACL (DataStructure, Access Control List)
Get/SetSecurityDescriptorDacl
Get/SetSecurityDescriptorGroup
Get/SetSecurityDescriptorOwner
Get/SetSecurityDescriptorSacl