Reading Share Permissions in C#
Is it possible to read the sharing permissions assigned to a shared folder? I'm able to read in the local security settings programmaticaly (the ones found under Right Click > Properties > Security) no problem. But, I'm wonderi开发者_StackOverflow中文版ng how I can read the permissions under Right Click > Sharing and Security... > Permissions
Here is an image of the Permissions I want to read:
Is this possible? I'm running an XP Pro machine if it helps.
Edit:
As per my answer I was able to iterate through all the shares, and get the access you (ie the person running the program) has on that share, but have not found a way to read the permissions others have on that share. This was done using Win32_Share class, however it does not have an option for getting the share permissions of other users. If anyone has any helpful hints that would be a huge help.
I was able to get this working by expanding on the approach taken by Petey B. Also, be sure that the process that runs this code impersonates a privileged user on the server.
using System;
using System.Management;
...
private static void ShareSecurity(string ServerName)
{
ConnectionOptions myConnectionOptions = new ConnectionOptions();
myConnectionOptions.Impersonation = ImpersonationLevel.Impersonate;
myConnectionOptions.Authentication = AuthenticationLevel.Packet;
ManagementScope myManagementScope =
new ManagementScope(@"\\" + ServerName + @"\root\cimv2", myConnectionOptions);
myManagementScope.Connect();
if (!myManagementScope.IsConnected)
Console.WriteLine("could not connect");
else
{
ManagementObjectSearcher myObjectSearcher =
new ManagementObjectSearcher(myManagementScope.Path.ToString(), "SELECT * FROM Win32_LogicalShareSecuritySetting");
foreach(ManagementObject share in myObjectSearcher.Get())
{
Console.WriteLine(share["Name"] as string);
InvokeMethodOptions options = new InvokeMethodOptions();
ManagementBaseObject outParamsMthd = share.InvokeMethod("GetSecurityDescriptor", null, options);
ManagementBaseObject descriptor = outParamsMthd["Descriptor"] as ManagementBaseObject;
ManagementBaseObject[] dacl = descriptor["DACL"] as ManagementBaseObject[];
foreach (ManagementBaseObject ace in dacl)
{
try
{
ManagementBaseObject trustee = ace["Trustee"] as ManagementBaseObject;
Console.WriteLine(
trustee["Domain"] as string + @"\" + trustee["Name"] as string + ": " +
ace["AccessMask"] as string + " " + ace["AceType"] as string
);
}
catch (Exception error)
{
Console.WriteLine("Error: "+ error.ToString());
}
}
}
}
}
I know you can with Windows Home Server: http://msdn.microsoft.com/en-us/library/bb425864.aspx
You can do this in MMC and most of that is available through code, so it should be possible. If you can't find it there then you should check out Windows API calls. I've seen it done in C++, so it should also be possible in C#. Sorry, I don't have any sample code or other links to provide for those. I'll see if I can dig some up though.
I also just saw this on SO: how to create shared folder in C# with read only access?
Another good link: http://social.msdn.microsoft.com/Forums/en/windowssdk/thread/de213b61-dc7e-4f33-acdb-893aa96837fa
The best I could come up with is iterating through all the shares on a machine and reading the permissions you have on the share.
ManagementClass manClass = new ManagementClass(@"\\" +computerName +@"\root\cimv2:Win32_Share"); //get shares
//run through all the shares
foreach (ManagementObject objShare in manClass.GetInstances())
{
//ignore system shares
if (!objShare.Properties["Name"].Value.ToString().Contains('$'))
{
//print out the share name and location
textBox2.Text += String.Format("Share Name: {0} Share Location: {1}", objShare.Properties["Name"].Value, objShare.Properties["Path"].Value) + "\n";
Int32 permissions = 0;
try
{
//get the access values you have
ManagementBaseObject result = objShare.InvokeMethod("GetAccessMask", null, null);
//value meanings: http://msdn.microsoft.com/en-us/library/aa390438(v=vs.85).aspx
permissions = Convert.ToInt32(result.Properties["ReturnValue"].Value);
}
catch (ManagementException me)
{
permissions = -1; //no permissions are set on the share
}
textBox2.Text += "You have permissions: " + permissions + "\n\n";
}
}
If anyone could figure out how to get the permissions others have on the share that would be amazing.
精彩评论