盼各位NTFS权限高手助阵,设置某用户仅具备某个文件夹权限

iwebsms 2004-11-05 02:06:10
现在我已经可以用程序设置用户具备某个文件夹权限。
但是我希望此用户仅具备我指定的某个目录的权限,也就是说除次以外其他目录权限都继承此用户所属组的权限。
具体那位大侠知道?
...全文
231 7 打赏 收藏 转发到动态 举报
AI 作业
写回复
用AI写文章
7 条回复
切换为时间正序
请发表友善的回复…
发表回复
zxggwan 2005-03-03
  • 打赏
  • 举报
回复
mark
wangxiaomin009 2005-02-15
  • 打赏
  • 举报
回复
mark,好帖
iwebsms 2004-11-07
  • 打赏
  • 举报
回复
估计csdn.net是没有人回答的出了
iwebsms 2004-11-05
  • 打赏
  • 举报
回复
老大,你这个东东我已经研究过了。
可以设置某个目录的权限,不过这个不是我要解决的问题。
现在我只能设置某个目录有权限,而无法设置其他目录没有权限。
karykwan 2004-11-05
  • 打赏
  • 举报
回复


System.Management.ManagementObjectSearcher diskClass=new ManagementObjectSearcher("select filesystem from Win32_LogicalDisk where name='"+diskName+":'");

ManagementObjectCollection disks=diskClass.Get();

foreach(ManagementObject disk in disks)

{

PropertyDataCollection diskProperties=disk.Properties;

foreach (PropertyData diskProperty in diskProperties)

{

fileSystem = diskProperty.Value.ToString();

}

}

return fileSystem;



}

private bool FindTrustee(string filePath,string userName)

{

ArrayList trusteesName=new ArrayList();

ManagementPath path = new ManagementPath( );

path.Server = ".";

path.NamespacePath = @"root\cimv2";

path.RelativePath = @"Win32_LogicalFileSecuritySetting.Path='"+filePath+"'"; //定位到文件夹

ManagementObject dir = new ManagementObject(path);

ManagementBaseObject outParams = dir.InvokeMethod("GetSecurityDescriptor", null, null); //获取安全描述符



if (((uint)(outParams.Properties["ReturnValue"].Value)) != 0) //OK

{

throw new Exception("获取文件描述符失败");

}

ManagementBaseObject Descriptor = ((ManagementBaseObject)(outParams.Properties["Descriptor"].Value));

ManagementBaseObject[] DaclObject = ((ManagementBaseObject[])(Descriptor.Properties["Dacl"].Value)); //获取访问控制列表

for(int i=0;i<DaclObject.Length;i++)

{

trusteesName.Add(((ManagementBaseObject)DaclObject[i].Properties["Trustee"].Value).Properties["Name"].Value);

}

return trusteesName.Contains(userName);

}

private void SetDACL(string filePath,string userName)

{

//获取帐户信息

int cbSid = 100;

byte[] userSid = new byte[28] ;

StringBuilder domainName=new StringBuilder(255);

int domainNameLength = 255;

int sidType =255;

bool result = LookupAccountName(null, userName,userSid, ref cbSid, domainName,ref domainNameLength,ref sidType);

if(!result)

return;

//获取文件描述符

ManagementPath path = new ManagementPath();

path.Server = ".";

path.NamespacePath = @"root\cimv2";

path.RelativePath = @"Win32_LogicalFileSecuritySetting.Path='"+filePath+"'";

ManagementObject dir = new ManagementObject(path);

ManagementBaseObject outParams = dir.InvokeMethod("GetSecurityDescriptor", null, null);

if (((uint)(outParams.Properties["ReturnValue"].Value)) != 0)

{

throw new Exception("获取文件描述符失败");

}

ManagementBaseObject Descriptor = ((ManagementBaseObject)(outParams.Properties["Descriptor"].Value));

//获取访问控制列表

ManagementBaseObject[] DaclObject = ((ManagementBaseObject[])(Descriptor.Properties["Dacl"].Value));



//复制一个访问控制项

ManagementBaseObject ace=(ManagementBaseObject)DaclObject[0].Clone();



//设置访问控制项属性

ManagementBaseObject trustee=(ManagementBaseObject)ace.Properties["Trustee"].Value;

trustee.Properties["Domain"].Value=domainName.ToString();

trustee.Properties["Name"].Value=userName;

trustee.Properties["SID"].Value=userSid;

trustee.Properties["SidLength"].Value=28;//trustee.Properties["SIDString"].Value="S-1-5-21-602162358-708899826-854245398-1005";

ace.Properties["Trustee"].Value=trustee;

ace.Properties["AccessMask"].Value=2032127;

ace.Properties["AceFlags"].Value=3;

ace.Properties["AceType"].Value=0;

//复制一份访问控制列表,并将以上生成的访问控制项添加到其后。

ManagementBaseObject[] newDacl=new ManagementBaseObject[DaclObject.Length+1];

for(int i=0;i<DaclObject.Length;i++)

{

newDacl[i]=DaclObject[i];

}

newDacl[DaclObject.Length]=ace;

//将安全描述符的DACL属性设为新生成的访问控制列表

Descriptor.Properties["Dacl"].Value=newDacl;

//设置安全描述符

dir.Scope.Options.EnablePrivileges=true;

ManagementBaseObject inProperties=dir.GetMethodParameters("SetSecurityDescriptor");

inProperties["Descriptor"] = Descriptor;

outParams = dir.InvokeMethod("SetSecurityDescriptor", inProperties, null);

}



private void button1_Click(object sender, System.EventArgs e)

{

System.Management.ManagementObjectSearcher cmicWmi=new System.Management.ManagementObjectSearcher("SELECT * FROM Win32_BaseBoard");

foreach(System.Management.ManagementObject cmicWmiObj in cmicWmi.Get())

{

//Debug.WriteLine("bios序列号" & cmicWmiObj["SerialNumber"]);

this.textBox1.Text = "bios序列号" + cmicWmiObj["product"];

}





}

}

}

karykwan 2004-11-05
  • 打赏
  • 举报
回复
借用别人的,帮你一下
using System;

using System.Drawing;

using System.Collections;

using System.ComponentModel;

using System.Windows.Forms;

using System.Data;

using System.Management;

using System.Text;

using System.Runtime.InteropServices;

namespace SetAcl

{

/// <summary>

/// Form1 的摘要说明。

/// </summary>

public class Form1 : System.Windows.Forms.Form

{

private System.Windows.Forms.TextBox textBox1;

private System.Windows.Forms.TextBox textBox2;

private System.Windows.Forms.Button SetAcl;

private System.Windows.Forms.Label label1;

private System.Windows.Forms.Label label2;

private System.Windows.Forms.Button button1;

/// <summary>

/// 必需的设计器变量。

/// </summary>

private System.ComponentModel.Container components = null;



public Form1()

{

//

// Windows 窗体设计器支持所必需的

//

InitializeComponent();



//

// TODO: 在 InitializeComponent 调用后添加任何构造函数代码

//

}



/// <summary>

/// 清理所有正在使用的资源。

/// </summary>

protected override void Dispose( bool disposing )

{

if( disposing )

{

if (components != null)

{

components.Dispose();

}

}

base.Dispose( disposing );

}



#region Windows Form Designer generated code

/// <summary>

/// 设计器支持所需的方法 - 不要使用代码编辑器修改

/// 此方法的内容。

/// </summary>

private void InitializeComponent()

{

this.textBox1 = new System.Windows.Forms.TextBox();

this.textBox2 = new System.Windows.Forms.TextBox();

this.SetAcl = new System.Windows.Forms.Button();

this.label1 = new System.Windows.Forms.Label();

this.label2 = new System.Windows.Forms.Label();

this.button1 = new System.Windows.Forms.Button();

this.SuspendLayout();

//

// textBox1

//

this.textBox1.Location = new System.Drawing.Point(80, 32);

this.textBox1.Name = "textBox1";

this.textBox1.Size = new System.Drawing.Size(152, 21);

this.textBox1.TabIndex = 0;

this.textBox1.Text = "c:\\test";

//

// textBox2

//

this.textBox2.Location = new System.Drawing.Point(80, 80);

this.textBox2.Name = "textBox2";

this.textBox2.Size = new System.Drawing.Size(152, 21);

this.textBox2.TabIndex = 1;

this.textBox2.Text = "ASPNET";

//

// SetAcl

//

this.SetAcl.Location = new System.Drawing.Point(152, 136);

this.SetAcl.Name = "SetAcl";

this.SetAcl.TabIndex = 2;

this.SetAcl.Text = "设置";

this.SetAcl.Click += new System.EventHandler(this.SetAcl_Click);

//

// label1

//

this.label1.Location = new System.Drawing.Point(24, 80);

this.label1.Name = "label1";

this.label1.Size = new System.Drawing.Size(48, 23);

this.label1.TabIndex = 5;

this.label1.Text = "用户:";

//

// label2

//

this.label2.Location = new System.Drawing.Point(24, 32);

this.label2.Name = "label2";

this.label2.Size = new System.Drawing.Size(48, 23);

this.label2.TabIndex = 6;

this.label2.Text = "目录:";

//

// button1

//

this.button1.Location = new System.Drawing.Point(8, 168);

this.button1.Name = "button1";

this.button1.TabIndex = 7;

this.button1.Text = "button1";

this.button1.Click += new System.EventHandler(this.button1_Click);

//

// Form1

//

this.AutoScaleBaseSize = new System.Drawing.Size(6, 14);

this.ClientSize = new System.Drawing.Size(280, 197);

this.Controls.Add(this.button1);

this.Controls.Add(this.label2);

this.Controls.Add(this.label1);

this.Controls.Add(this.SetAcl);

this.Controls.Add(this.textBox2);

this.Controls.Add(this.textBox1);

this.MaximizeBox = false;

this.MinimizeBox = false;

this.Name = "Form1";

this.Text = "Form1";

this.ResumeLayout(false);



}

#endregion



/// <summary>

/// 应用程序的主入口点。

/// </summary>

[STAThread]

static void Main()

{

Application.Run(new Form1());

}

[DllImport("advapi32.dll")]

public static extern bool LookupAccountName(string lpSystemName, string lpAccountName,byte[] sid,ref int cbSid, StringBuilder ReferencedDomainName, ref int cbReferencedDomainName,ref int peUse);



private void SetAcl_Click(object sender, System.EventArgs e)

{

string filePath=this.textBox1.Text;

string userName=this.textBox2.Text;

if(GetFileSystem(filePath.Substring(0,1))!="NTFS")

return;

if(FindTrustee(filePath,userName))

return;

SetDACL(filePath,userName);

}

private string GetFileSystem(string diskName)

{

string fileSystem="";
Hunter 2004-11-05
  • 打赏
  • 举报
回复
幫頂一下

62,243

社区成员

发帖
与我相关
我的任务
社区描述
.NET技术交流专区
javascript云原生 企业社区
社区管理员
  • ASP.NET
  • .Net开发者社区
  • R小R
加入社区
  • 近7日
  • 近30日
  • 至今
社区公告

.NET 社区是一个围绕开源 .NET 的开放、热情、创新、包容的技术社区。社区致力于为广大 .NET 爱好者提供一个良好的知识共享、协同互助的 .NET 技术交流环境。我们尊重不同意见,支持健康理性的辩论和互动,反对歧视和攻击。

希望和大家一起共同营造一个活跃、友好的社区氛围。

试试用AI创作助手写篇文章吧