Microsoft KB Archive/218965

= How To Obtain the Owner of a File on Windows NT =

Article ID: 218965

Article Last Modified on 2/12/2007

-

APPLIES TO


 * Microsoft Visual Basic 5.0 Learning Edition
 * Microsoft Visual Basic 6.0 Learning Edition
 * Microsoft Visual Basic 5.0 Professional Edition
 * Microsoft Visual Basic 6.0 Professional Edition
 * Microsoft Visual Basic 5.0 Enterprise Edition
 * Microsoft Visual Basic 6.0 Enterprise Edition
 * Microsoft Visual Basic 4.0 Standard Edition
 * Microsoft Visual Basic 4.0 Professional Edition
 * Microsoft Visual Basic 4.0 32-Bit Enterprise Edition
 * Microsoft Windows NT 4.0
 * Microsoft Windows NT 3.51 Service Pack 5
 * Microsoft Windows NT 4.0
 * Microsoft Windows 2000 Standard Edition

-



This article was previously published under Q218965



SUMMARY
Retrieving the owner of a file requires obtaining the security descriptor for the file, then using the security descriptor to get a pointer to the owner's Security Identifier (SID). Finally, you use the owner's SID to obtain the owner and domain name of the file.

This article provides a Visual Basic sample code that obtains the owner of a file on Microsoft Windows NT.



MORE INFORMATION
The following sample code retrieves the owner of the file notepad.exe, which is located in the default Windows folder.

NOTE: If the file is on an NTFS partition, this code returns the assigned owner of the file, but if it is on a FAT partition, the owner will be "Everyone".  Start a new Visual Basic Standard EXE project. Form1 is created by default. Place a command button (Command1) on Form1.  Paste the following code into the General Declarations section of Form1: Option Explicit

Private Declare Function GetFileSecurity Lib "advapi32.dll" _ Alias "GetFileSecurityA" ( _     ByVal lpFileName As String, _      ByVal RequestedInformation As Long, _      pSecurityDescriptor As Byte, _      ByVal nLength As Long, _      lpnLengthNeeded As Long _      ) As Long

Private Declare Function GetSecurityDescriptorOwner Lib "advapi32.dll" _ (pSecurityDescriptor As Any, _     pOwner As Long, _      lpbOwnerDefaulted As Long) As Long

Private Declare Function LookupAccountSid Lib "advapi32.dll" _ Alias "LookupAccountSidA" ( _     ByVal lpSystemName As String, _      ByVal Sid As Long, _      ByVal name As String, _      cbName As Long, _      ByVal ReferencedDomainName As String, _      cbReferencedDomainName As Long, _      peUse As Long) As Long

Private Declare Function GetWindowsDirectory Lib "kernel32" _ Alias "GetWindowsDirectoryA" ( _     ByVal lpBuffer As String, _      ByVal nSize As Long) As Long

Private Const OWNER_SECURITY_INFORMATION = &H1 Private Const ERROR_INSUFFICIENT_BUFFER = 122& Private Const MAX_PATH = 255

Sub Command1_Click

Dim szfilename As String  ' File name to retrieve the owner for Dim bSuccess As Long      ' Status variable Dim sizeSD As Long        ' Buffer size to store Owner's SID Dim pOwner As Long        ' Pointer to the Owner's SID Dim name As String        ' Name of the file owner Dim domain_name As String ' Name of the first domain for the owner Dim name_len As Long      ' Required length for the owner name Dim domain_len As Long    ' Required length for the domain name Dim sdBuf As Byte       ' Buffer for Security Descriptor Dim nLength As Long       ' Length of the Windows Directory Dim deUse As Long         ' Pointer to a SID_NAME_USE enumerated ' type indicating the type of the account

' Initialize some required variables.

bSuccess = 0 name = "" domain_name = "" name_len = 0 domain_len = 0 pOwner = 0 szfilename = Space(MAX_PATH)

' Obtain the path to the Windows Directory and use the notepad.exe file ' as it should be on the system.

nLength = GetWindowsDirectory(szfilename, Len(szfilename)) If nLength = 0 Then MsgBox "Unable to Obtain the Windows Directory" End If  szfilename = Left$(szfilename, nLength) & "\notepad.exe"

' Call GetFileSecurity the first time to obtain the size of the ' buffer required for the Security Descriptor.

bSuccess = GetFileSecurity( _          szfilename, _           OWNER_SECURITY_INFORMATION, _           0, _           0&, _           sizeSD)

If (bSuccess = 0) And _ (Err.LastDllError <> ERROR_INSUFFICIENT_BUFFER) Then MsgBox "GetLastError returned : " & Err.LastDllError End If

' Create a buffer of the required size and call GetFileSecurity again.

ReDim sdBuf(0 To sizeSD - 1) As Byte

' Fill the buffer with the security descriptor of the object specified ' by the szfilename parameter. The calling process must have the right ' to view the specified aspects of the object's security status.

bSuccess = GetFileSecurity( _          szfilename, _           OWNER_SECURITY_INFORMATION, _           sdBuf(0), _           sizeSD, _           sizeSD)

If (bSuccess <> 0) Then

' Obtain the owner's SID from the Security Descriptor. '     bSuccess = GetSecurityDescriptorOwner(sdBuf(0), pOwner, 0&) If (bSuccess = 0) Then MsgBox "GetLastError returned : " & Err.LastDllError End If

' Retrieve the name of the account and the name of the first ' domain on which this SID is found. Passes in the Owner's SID ' obtained previously. Call LookupAccountSid twice, the first time ' to obtain the required size of the owner and domain names.

bSuccess = LookupAccountSid(vbNullString, pOwner, name, name_len, _                                 domain_name, domain_len, deUse) If (bSuccess = 0) And _ (Err.LastDllError <> ERROR_INSUFFICIENT_BUFFER) Then MsgBox "GetLastError returned : " & Err.LastDllError End If

' Allocate the required space in the name and domain_name string ' variables. Allocate 1 byte less to avoid the appended NULL character. '     name = Space(name_len - 1) domain_name = Space(domain_len - 1)

' Call LookupAccountSid again to actually fill in the name of the owner ' and the first domain. '     bSuccess = LookupAccountSid(vbNullString, pOwner, name, name_len, _                                  domain_name, domain_len, deUse) If bSuccess = 0 Then MsgBox "GetLastError returned : " & Err.LastDllError End If

MsgBox "The Owner of " & szfilename & " is " & name

End If

End Sub  Press F5 to run the application and then click Command1 to display the owner of the file.

Keywords: kbhowto kbapi kbcodesnippet kbkernbase KB218965

-

[mailto:TECHNET@MICROSOFT.COM Send feedback to Microsoft]

© Microsoft Corporation. All rights reserved.