Has anyone ever found a way to return a security descriptor in SDDL format from either a file object or a registry object?
This has been a constant issue for a couple of ye4ars. I have researched it in the SDK and numerous other places. All indications are that this is not possible. I decided to ask on a couple of forums to see if anyone has found a sneaky way around this limitation.
I know that it can be done with WMI on Wndows Vista and later. It cannot be done with WMI on WS2003 or earlier systems.
The Win32 API has had a conversion routine that can convert an SD to SDDL since Windows 2000. This API is not available to VBScript. It is exposed in "Authorization Manager" but AzMan is not installed on any system by default.
So...
The question is, using buitlin components, how to get a file security descriptor in SDDL format?
Everything I know tells me this is not possible.
Get SDDL in VBScript
Forum rules
Do not post any licensing information in this forum.
Any code longer than three lines should be added as code using the 'Select Code' dropdown menu or attached as a file.
Do not post any licensing information in this forum.
Any code longer than three lines should be added as code using the 'Select Code' dropdown menu or attached as a file.
Get SDDL in VBScript
Has anyone ever found a way to return a security descriptor in SDDL format from either a file object or a registry object?
This has been a constant issue for a couple of ye4ars. I have researched it in the SDK and numerous other places. All indications are that this is not possible. I decided to ask on a couple of forums to see if anyone has found a sneaky way around this limitation.
I know that it can be done with WMI on Wndows Vista and later. It cannot be done with WMI on WS2003 or earlier systems.
The Win32 API has had a conversion routine that can convert an SD to SDDL since Windows 2000. This API is not available to VBScript. It is exposed in "Authorization Manager" but AzMan is not installed on any system by default.
So...
The question is, using buitlin components, how to get a file security descriptor in SDDL format?
Everything I know tells me this is not possible.
This has been a constant issue for a couple of ye4ars. I have researched it in the SDK and numerous other places. All indications are that this is not possible. I decided to ask on a couple of forums to see if anyone has found a sneaky way around this limitation.
I know that it can be done with WMI on Wndows Vista and later. It cannot be done with WMI on WS2003 or earlier systems.
The Win32 API has had a conversion routine that can convert an SD to SDDL since Windows 2000. This API is not available to VBScript. It is exposed in "Authorization Manager" but AzMan is not installed on any system by default.
So...
The question is, using buitlin components, how to get a file security descriptor in SDDL format?
Everything I know tells me this is not possible.
Get SDDL in VBScript
Hi jvierra,I don't know of a way using built-in objects. However, I believe SetACL (setacl.sourceforge.net) provides the ability to dump permissions in SDDL format. I think he provides an ActiveX object version as well.HTH,Bill