using system;
using system.management;
using system.collections;
class tester
{
public static void main()
{
try
{
managementpath path = new managementpath( );
path.server = ".";
path.namespacepath = @"root/cimv2";
path.relativepath = @"win32_logicalfilesecuritysetting.path='c://test'"; // using tmp as folder name
managementobject lfs = new managementobject(path);
// dump all trustees (this includes owner)
foreach (managementbaseobject b in lfs.getrelated())
console.writeline("trustee: {0} /t sid [{1}]", b["accountname"], b["sid"]);
// get the security descriptor for this object
managementbaseobject outparams = lfs.invokemethod("getsecuritydescriptor", null, null);
if (((uint)(outparams.properties["returnvalue"].value)) == 0)
{
managementbaseobject descriptor = ((managementbaseobject)(outparams.properties["descriptor"].value));
managementbaseobject[] daclobject = ((managementbaseobject[])(descriptor.properties["dacl"].value));
dumpaces(daclobject);
managementbaseobject ownerobject = ((managementbaseobject)(descriptor.properties["owner"].value));
dumpownerproperties(ownerobject.properties); // show owner properies
}
}
catch(exception e)
{
console.writeline(e);
console.readline();
}
}
static void dumpaces(managementbaseobject[] daclobject)
{
// ace masks see: winnt.h
string[] filedesc = {"file_read_data", "file_write_data", "file_append_data", "file_read_ea",
"file_write_ea", "file_execute", "file_delete_child", "file_read_attributes",
"file_write_attributes", " ", " ", " ",
" ", " ", " ", " ",
"delete ", "read_control", "write_dac", "write_owner",
"synchronize ", " ", " "," ",
"access_system_security", "maximum_allowed", " "," ",
"generic_all", "generic_execute", "generic_write","generic_read"};
foreach(managementbaseobject mbo in daclobject)
{
console.writeline("-------------------------------------------------");
console.writeline("mask: {0:x} - aceflags: {1} - acetype: {2}", mbo["accessmask"], mbo["aceflags"], mbo["acetype"]);
// access allowed/denied ace
if(mbo["acetype"].tostring() == "1")
console.writeline("denied ace type");
else
console.writeline("allowed ace type");
// dump trustees
managementbaseobject trustee = ((managementbaseobject)(mbo["trustee"]));
console.writeline("name: {0} - domain: {1} - sid {2}/n",
trustee.properties["name"].value,
trustee.properties["domain"].value,
trustee.properties["sidstring"].value);
// dump ace mask in readable form
uint32 mask = (uint32)mbo["accessmask"];
int[] m = {(int)mask};
bitarray ba = new bitarray(m);
int i = 0;
ienumerator baenum = ba.getenumerator();
while ( baenum.movenext() )
{
if((bool)baenum.current)
console.writeline( "/t[{0}]", filedesc[i]);
i++;
}
}
}
static void dumpownerproperties(propertydatacollection owner)
{
console.writeline("=============== owner properties ========================");
console.writeline();
console.writeline("domain {0} /tname {1}",owner["domain"].value, owner["name"].value);
console.writeline("sid /t{0}",owner["sidstring"].value);
console.readline();
}
}
//
