problems sharing folder for a specific user
I'm having trouble sharing a specific folder with set of rights for
specific user account. Can anyone shed some light on this, unclear to
me, issue?
Here is the code I use:
#include <windows.h>
#include <tchar.h>
#include <comdef.h>
#include <lm.h>
#include <aclapi.h>
#include <string>
#pragma comment(lib,"netapi32.lib")
typedef std::basic_string<_TCHAR> tstring;
bool getUserSid(LPCTSTR user, PSID &sid) {
DWORD sidsize = 0UL;
TCHAR domain[256] = {};
DWORD domainsize = 0UL;
SID_NAME_USE use;
BOOL ret = ::LookupAccountName( NULL
,user
,NULL
,&sidsize
,NULL
,&domainsize
,&use
);
DWORD er = ::GetLastError();
_com_error errt(HRESULT_FROM_WIN32(er));
OutputDebugString(errt.ErrorMessage());
sid = static_cast<PSID>(::LocalAlloc(LMEM_ZEROINIT,sidsize));
ret = ::LookupAccountName( NULL
,user
,sid
,&sidsize
,&domain[0]
,&domainsize
,&use
);
er = ::GetLastError();
_com_error err2(HRESULT_FROM_WIN32(er));
OutputDebugString(err2.ErrorMessage());
return (ret == TRUE);
}
bool ShareFolderForUser(const std::wstring& path,
const tstring& user, const std::wstring& shareName
, const DWORD perms) {
bool result = true;
PSID userSID = NULL;
if (!getUserSid(user.c_str(),userSID) && !IsValidSid(userSID)) {
::LocalFree(userSID); userSID = NULL; (userSID);
return result;
}
EXPLICIT_ACCESS ea[1] = {};
ea[0].grfAccessPermissions = perms;
ea[0].grfAccessMode = SET_ACCESS;
ea[0].grfInheritance = NO_INHERITANCE;
ea[0].Trustee.MultipleTrusteeOperation = NO_MULTIPLE_TRUSTEE;
ea[0].Trustee.TrusteeType = TRUSTEE_IS_USER;
ea[0].Trustee.TrusteeForm = TRUSTEE_IS_SID;
ea[0].Trustee.ptstrName = static_cast<LPTSTR>(userSID);
PACL pACL = NULL;
DWORD dwRes = SetEntriesInAcl(1, ea, NULL, &pACL);
if (ERROR_SUCCESS != dwRes) {
::LocalFree(userSID); userSID = NULL; (userSID);
return result;
}
PSECURITY_DESCRIPTOR pdesc =
static_cast<PSECURITY_DESCRIPTOR>(LocalAlloc(LPTR,SECURITY_DESCRIPTOR_MIN_LENGTH));
if (NULL == pdesc) {
::LocalFree(userSID); userSID = NULL; (userSID);
return result;
}
if ( !( InitializeSecurityDescriptor(pdesc,
SECURITY_DESCRIPTOR_REVISION)
&& SetSecurityDescriptorDacl(pdesc,TRUE,pACL,FALSE) ) ) {
::LocalFree(pACL); pACL = NULL; (pACL);
::LocalFree(userSID); userSID = NULL; (userSID);
return result;
}
SECURITY_ATTRIBUTES sa = {sizeof(SECURITY_ATTRIBUTES), pdesc, FALSE};
SHARE_INFO_502 p = {};
p.shi502_netname = const_cast<LPWSTR>(shareName.c_str());
p.shi502_type = STYPE_DISKTREE;
p.shi502_path = const_cast<LPWSTR>(path.c_str());
p.shi502_remark = L"";
p.shi502_max_uses = static_cast<DWORD>(-1);
p.shi502_permissions = perms;
p.shi502_security_descriptor = &sa;
DWORD er = 0UL;
NET_API_STATUS nst = ::NetShareAdd( NULL
,502UL
,reinterpret_cast<LPBYTE>(&p)
,&er
);
result = (nst == NERR_Success);
if (!result) {
_com_error e(HRESULT_FROM_WIN32(nst));
OutputDebugString(e.ErrorMessage());
if ( er == SHARE_FILE_SD_PARMNUM) {
OutputDebugString(_T("\nInvalid Security Descriptor"));
}
}
::LocalFree(pACL); pACL = NULL; (pACL);
::LocalFree(pdesc); pdesc = NULL; (pdesc);
::LocalFree(userSID); userSID = NULL; (userSID);
return result;
}
int main() {
ShareFolderForUser( L"C:\\data\\trt"
,"<somevalidaccount>"
,L"trt"
,ACCESS_ALL);
return 0;
}
date: Sun, 24 Aug 2008 14:39:51 -0300
author: Darko Miletic
