Hey everyone,
I posted a thread earlier called Opening Files, doesnt matter anymore cause i found the problem. But i have a new question for you all.
Im trying to identify the Owner of a file based on NT Permissions. The code that i have (taken of MSDN) opens the file to do this. I was wondering if anyone has ever done this without opening the file. I figured out how to close the file, which helps emensely but when you open the file it counts as an access and kills the lastaccessdate. I need that to stay in tact if possible.
p.s. my current function is below.
Thanks.
CODE:
int getOwnerName(const char* filename, string &rAcctName){
DWORD dwRtnCode = 0;
PSID pSidOwner;
BOOL bRtnBool = TRUE;
LPTSTR AcctName, DomainName;
DWORD dwAcctName = 1, dwDomainName = 1;
SID_NAME_USE eUse = SidTypeUnknown;
HANDLE hFile;
PSECURITY_DESCRIPTOR pSD;
// Get the handle of the file object.
hFile = CreateFile(
filename,
GENERIC_READ,
FILE_SHARE_READ,
NULL,
OPEN_EXISTING,
FILE_ATTRIBUTE_NORMAL,
NULL);
// Check GetLastError for CreateFile error code.
if (hFile == INVALID_HANDLE_VALUE) {
DWORD dwErrorCode = 0;
dwErrorCode = GetLastError();
//_tprintf(TEXT("CreateFile error = %d-%s\n"), dwErrorCode, filename);
rAcctName="unknown";
return -1;
}
// Allocate memory for the SID structure.
pSidOwner = (PSID)GlobalAlloc(
GMEM_FIXED,
sizeof(PSID));
// Allocate memory for the security descriptor structure.
pSD = (PSECURITY_DESCRIPTOR)GlobalAlloc(
GMEM_FIXED,
sizeof(PSECURITY_DESCRIPTOR));
// Get the owner SID of the file.
dwRtnCode = GetSecurityInfo(
hFile,
SE_FILE_OBJECT,
OWNER_SECURITY_INFORMATION,
&pSidOwner,
NULL,
NULL,
NULL,
&pSD);
// Check GetLastError for GetSecurityInfo error condition.
if (dwRtnCode != ERROR_SUCCESS) {
DWORD dwErrorCode = 0;
dwErrorCode = GetLastError();
//_tprintf(TEXT("GetSecurityInfo error = %d\n"), dwErrorCode);
rAcctName="unknown";
return -1;
}
// First call to LookupAccountSid to get the buffer sizes.
bRtnBool = LookupAccountSid(
NULL, // local computer
pSidOwner,
AcctName,
(LPDWORD)&dwAcctName,
DomainName,
(LPDWORD)&dwDomainName,
&eUse);
// Reallocate memory for the buffers.
AcctName = (char *)GlobalAlloc(
GMEM_FIXED,
dwAcctName);
// Check GetLastError for GlobalAlloc error condition.
if (AcctName == NULL) {
DWORD dwErrorCode = 0;
dwErrorCode = GetLastError();
//_tprintf(TEXT("GlobalAlloc error = %d\n"), dwErrorCode);
rAcctName="unknown";
return -1;
}
DomainName = (char *)GlobalAlloc(
GMEM_FIXED,
dwDomainName);
// Check GetLastError for GlobalAlloc error condition.
if (DomainName == NULL) {
DWORD dwErrorCode = 0;
dwErrorCode = GetLastError();
//_tprintf(TEXT("GlobalAlloc error = %d\n"), dwErrorCode);
rAcctName="unknown";
return -1;
}
// Second call to LookupAccountSid to get the account name.
bRtnBool = LookupAccountSid(
NULL, // name of local or remote computer
pSidOwner, // security identifier
AcctName, // account name buffer
(LPDWORD)&dwAcctName, // size of account name buffer
DomainName, // domain name
(LPDWORD)&dwDomainName, // size of domain name buffer
&eUse); // SID type
// Check GetLastError for LookupAccountSid error condition.
if (bRtnBool == FALSE) {
DWORD dwErrorCode = 0;
dwErrorCode = GetLastError();
if (dwErrorCode == ERROR_NONE_MAPPED) {
// _tprintf(TEXT("Account owner not found for specified SID.\n"));
}
else {
// _tprintf(TEXT("Error in LookupAccountSid.\n"));
}
rAcctName = "unknown";
return -1;
}
else if (bRtnBool == TRUE) {
// Print the account name.
//_tprintf(TEXT("Account owner = %s\n"), AcctName);
rAcctName = AcctName;
return 1;
}
CloseHandle(hFile);
}
I posted a thread earlier called Opening Files, doesnt matter anymore cause i found the problem. But i have a new question for you all.
Im trying to identify the Owner of a file based on NT Permissions. The code that i have (taken of MSDN) opens the file to do this. I was wondering if anyone has ever done this without opening the file. I figured out how to close the file, which helps emensely but when you open the file it counts as an access and kills the lastaccessdate. I need that to stay in tact if possible.
p.s. my current function is below.
Thanks.
CODE:
int getOwnerName(const char* filename, string &rAcctName){
DWORD dwRtnCode = 0;
PSID pSidOwner;
BOOL bRtnBool = TRUE;
LPTSTR AcctName, DomainName;
DWORD dwAcctName = 1, dwDomainName = 1;
SID_NAME_USE eUse = SidTypeUnknown;
HANDLE hFile;
PSECURITY_DESCRIPTOR pSD;
// Get the handle of the file object.
hFile = CreateFile(
filename,
GENERIC_READ,
FILE_SHARE_READ,
NULL,
OPEN_EXISTING,
FILE_ATTRIBUTE_NORMAL,
NULL);
// Check GetLastError for CreateFile error code.
if (hFile == INVALID_HANDLE_VALUE) {
DWORD dwErrorCode = 0;
dwErrorCode = GetLastError();
//_tprintf(TEXT("CreateFile error = %d-%s\n"), dwErrorCode, filename);
rAcctName="unknown";
return -1;
}
// Allocate memory for the SID structure.
pSidOwner = (PSID)GlobalAlloc(
GMEM_FIXED,
sizeof(PSID));
// Allocate memory for the security descriptor structure.
pSD = (PSECURITY_DESCRIPTOR)GlobalAlloc(
GMEM_FIXED,
sizeof(PSECURITY_DESCRIPTOR));
// Get the owner SID of the file.
dwRtnCode = GetSecurityInfo(
hFile,
SE_FILE_OBJECT,
OWNER_SECURITY_INFORMATION,
&pSidOwner,
NULL,
NULL,
NULL,
&pSD);
// Check GetLastError for GetSecurityInfo error condition.
if (dwRtnCode != ERROR_SUCCESS) {
DWORD dwErrorCode = 0;
dwErrorCode = GetLastError();
//_tprintf(TEXT("GetSecurityInfo error = %d\n"), dwErrorCode);
rAcctName="unknown";
return -1;
}
// First call to LookupAccountSid to get the buffer sizes.
bRtnBool = LookupAccountSid(
NULL, // local computer
pSidOwner,
AcctName,
(LPDWORD)&dwAcctName,
DomainName,
(LPDWORD)&dwDomainName,
&eUse);
// Reallocate memory for the buffers.
AcctName = (char *)GlobalAlloc(
GMEM_FIXED,
dwAcctName);
// Check GetLastError for GlobalAlloc error condition.
if (AcctName == NULL) {
DWORD dwErrorCode = 0;
dwErrorCode = GetLastError();
//_tprintf(TEXT("GlobalAlloc error = %d\n"), dwErrorCode);
rAcctName="unknown";
return -1;
}
DomainName = (char *)GlobalAlloc(
GMEM_FIXED,
dwDomainName);
// Check GetLastError for GlobalAlloc error condition.
if (DomainName == NULL) {
DWORD dwErrorCode = 0;
dwErrorCode = GetLastError();
//_tprintf(TEXT("GlobalAlloc error = %d\n"), dwErrorCode);
rAcctName="unknown";
return -1;
}
// Second call to LookupAccountSid to get the account name.
bRtnBool = LookupAccountSid(
NULL, // name of local or remote computer
pSidOwner, // security identifier
AcctName, // account name buffer
(LPDWORD)&dwAcctName, // size of account name buffer
DomainName, // domain name
(LPDWORD)&dwDomainName, // size of domain name buffer
&eUse); // SID type
// Check GetLastError for LookupAccountSid error condition.
if (bRtnBool == FALSE) {
DWORD dwErrorCode = 0;
dwErrorCode = GetLastError();
if (dwErrorCode == ERROR_NONE_MAPPED) {
// _tprintf(TEXT("Account owner not found for specified SID.\n"));
}
else {
// _tprintf(TEXT("Error in LookupAccountSid.\n"));
}
rAcctName = "unknown";
return -1;
}
else if (bRtnBool == TRUE) {
// Print the account name.
//_tprintf(TEXT("Account owner = %s\n"), AcctName);
rAcctName = AcctName;
return 1;
}
CloseHandle(hFile);
}