Microsoft KB Archive/194757

From BetaArchive Wiki
Knowledge Base Articles  


Q194757


The information in this article applies to:

  • Microsoft Visual Basic Learning Edition for Windows, version 6.0, on platform(s):
    • the operating system: Microsoft Windows NT
    • the operating system: Microsoft Windows 2000
  • Microsoft Visual Basic Professional Edition for Windows, version 6.0, on platform(s):
    • the operating system: Microsoft Windows NT
    • the operating system: Microsoft Windows 2000
  • Microsoft Visual Basic Enterprise Edition for Windows, version 6.0, on platform(s):
    • the operating system: Microsoft Windows NT
    • the operating system: Microsoft Windows 2000
  • Microsoft Visual Basic Control Creation Edition for Windows, version 5.0, on platform(s):
    • the operating system: Microsoft Windows NT
    • the operating system: Microsoft Windows 2000
  • Microsoft Visual Basic Learning Edition for Windows, version 5.0, on platform(s):
    • the operating system: Microsoft Windows NT
    • the operating system: Microsoft Windows 2000
  • Microsoft Visual Basic Professional Edition for Windows, version 5.0, on platform(s):
    • the operating system: Microsoft Windows NT
    • the operating system: Microsoft Windows 2000
  • Microsoft Visual Basic Enterprise Edition for Windows, version 5.0, on platform(s):
    • the operating system: Microsoft Windows NT
    • the operating system: Microsoft Windows 2000



SUMMARY

The purpose of an Access-Allowed Access Control Entry (ACE) is to either permit or deny access to a specific file to a user or a group of users. This article contains a sample function that adds a new ACE to a text file each time the function is called.


MORE INFORMATION

WARNING: One or more of the following functions are discussed in this article; VarPtr, VarPtrArray, VarPtrStringArray, StrPtr, ObjPtr. These functions are not supported by Microsoft Technical Support. They are not documented in the Visual Basic documentation and are provided in this Knowledge Base article "as is." Microsoft does not guarantee that they will be available in future releases of Visual Basic.

NOTE: Access Controls Entries and Security Descriptors are very powerful,low-level objects, and should only be handled by programmers who have a thorough understanding of file security.

This sample only works on NT 4.0 or Windows 2000 machines with NTFS-formatted drives. Fat16-formatted drives do not offer the same security features.

The steps to create this example are below; the following APIs are used: 

   GetComputerName
   GetUserName
   LookupAccountName
   InitializeSecurityDescriptor
   GetSecurityDescriptorDacl
   SetSecurityDescriptorDacl
   GetFileSecurity
   SetFileSecurity
   InitializeAcl
   GetAclInformation
   GetAce
   AddAce
   AddAccessAllowedAce
   GetLengthSid
   CopyMemory

Step-by-Step Example

  1. Create a Standard EXE project in Visual Basic. Form1 is created by default.
  2. Add a CommandButton to Form1.
  3. Paste the following code into Form1's code window:
  4. Add a standard module (Module1) to this project.
  5. In the standard module (Module1), paste the following code:
  6. Start NotePad, and create a new text file.
  7. Save the text file as "C:\Readme.Txt," and exit NotePad.
  8. In the Microsoft Visual Basic IDE, press the F5 key to run the project.
  9. Click the "Command1" button on the running form. This calls the routine that will add an ACE to the newly-created text file.
  10. Each time you click the "Command1" button, another ACE will be added, and the project will tell you how many ACEs there are for that file.


REFERENCES

For additional information, click the article number below to view the article in the Microsoft Knowledge Base:

Q102102 HOWTO: Add an Access-Allowed ACE to a File

The above article gives more detailed information on the steps that are taken in this example. This article simply shows how to accomplish the same thing from Visual Basic, where many of the above-mentioned API calls are very difficult to call successfully.

Explore the Microsoft Developers Network for detailed information for all APIs, Structures, and Constants used in this example. Additional query words:

Keywords : kbAccess kbAPI kbOSWinNT kbVBp kbVBp500 kbVBp600 kbGrpDSVB
Issue type : kbhowto
Technology : kbVBSearch kbAudDeveloper kbPTNotAssigned kbZNotKeyword2


Last Reviewed: January 10, 2001



Send feedback to Microsoft

© 2002 Microsoft Corporation. All rights reserved.


Retrieved from ‘https://www.betaarchive.com/wiki/index.php?title=Microsoft_KB_Archive/194757&oldid=364044
the Creative Commons 3.0 ShareAlike (except the Microsoft KB Archive).
Powered by MediaWiki