Can't find the information you are looking for here? Then leave a message over on our WinBatch Tech Support Forum.
Keywords: wntAccessGet Interpreting Access Rights
records=wntAccessGet("\\MyServer","\\MyServer\it_files\Desktop and HelpDesk","u_desktop_all",300,0) records = StrReplace(records,@TAB,@CRLF) Message("",records)Returns - 0:3:1179881|
The return values are formatted Access-strings. The 'Access-string' specifies a delimited list of one or more specific 'access-records'.
This can be a single record, or a list of records (maximum of 100) delimited with vertical bars (|). Each record is in the format:
record-type:access-flags:access-rightswhere 'record-type', 'access-flags', and 'access-rights' are each a decimal number, separated with colons ( : ).
A brief description of the fields in the 'access-records' string are listed in the help file under wntAccessAdd.
Please note that any detailed explanation is beyond the scope of this document, but might be obtained from the WIN32 SDK programmers' documentation available from Microsoft and other publishers.
http://msdn.microsoft.com/en-us/library/aa364399(VS.85).aspx
;------------------------------------------------------------------------------------------------------ ; record-type : access-flags : access-rights ;------------------------------------------------------------------------------------------------------ ; 0 : 3 : 1179881 ;------------------------------------------------------------------------------------------------------ ; Access Allowed ACE type : OBJECT_INHERIT_ACE|CONTAINER_INHERIT_ACE : See below ;------------------------------------------------------------------------------------------------------ ;As expected, it's of type Access-Allowed [0], has OBJECT_INHERIT_ACE|CONTAINER_INHERIT_ACE inheritance flags [3] and has an access-mask value [1179881 decimal]. ;The hex representation of 1179881 is 0x001200E9. Breaking that down, we have the following access-mask bit values that were combined in a bit-wise OR operation: dir_accessrights = 1179881; hex 0x001200E9 ;File / Directory Access Rights ; 0x001200E9 ;- 0x00100000 = SYNCHRONIZE ;1048576 ; 0x00080000 = WRITE_OWNER ;524288 ; 0x00040000 = WRITE_DAC ;262144 ;- 0x00020000 = READ_CONTROL ;131072 ; 0x00010000 = DELETE ;65536 ; 0x00000100 = FILE_WRITE_ATTRIBUTES ;256 ;- 0x00000080 = FILE_READ_ATTRIBUTES ;128 ;- 0x00000040 = FILE_DELETE_CHILD ;64 ;- 0x00000020 = FILE_TRAVERSE ;32 ; 0x00000010 = FILE_WRITE_EA ;16 ;- 0x00000008 = FILE_READ_EA ;8 ; 0x00000004 = FILE_ADD_SUBDIRECTORY ;4 ; 0x00000002 = FILE_ADD_FILE ;2 ;- 0x00000001 = FILE_LIST_DIRECTORY ;1 In a nutshell, the user has: [SYNCHRONIZE] the right To specify a file handle In one of the WAIT functions, [READ_CONTROL] the right To read the information In the file or directory object's security descriptor. This does not Include the information In the SACL. [FILE_READ_ATTRIBUTES] the right To read file attributes. [FILE_DELETE_CHILD] For a directory, the right To delete a directory and all the files it contains, including read-only files. [FILE_TRAVERSE] For a directory, the right To traverse the directory. By DEFAULT, users are assigned the BYPASS_TRAVERSE_CHECKING privilege, which ignores the FILE_TRAVERSE access right. [FILE_READ_EA] the right To read EXTENDED file attributes. [FILE_LIST_DIRECTORY] For a directory, the right To list the contents of the directory.You can use the bitwise AND operatory to determine if a particular access right is allowed:
dir_accessrights = 1179881; hex 0x001200E9 If dir_accessrights & 104856 Then Pause('File/Directory Access Right','SYNCHRONIZE') If dir_accessrights & 524288 Then Pause('File/Directory Access Right','WRITE_OWNER') If dir_accessrights & 262144 Then Pause('File/Directory Access Right','WRITE_DAC') If dir_accessrights & 131072 Then Pause('File/Directory Access Right','READ_CONTROL') If dir_accessrights & 65536 Then Pause('File/Directory Access Right','DELETE') If dir_accessrights & 256 Then Pause('File/Directory Access Right','FILE_WRITE_ATTRIBUTES') If dir_accessrights & 128 Then Pause('File/Directory Access Right','FILE_READ_ATTRIBUTES') If dir_accessrights & 64 Then Pause('File/Directory Access Right','FILE_DELETE_CHILD') If dir_accessrights & 32 Then Pause('File/Directory Access Right','FILE_TRAVERSE') If dir_accessrights & 16 Then Pause('File/Directory Access Right','FILE_WRITE_EA') If dir_accessrights & 8 Then Pause('File/Directory Access Right','FILE_READ_EA') If dir_accessrights & 4 Then Pause('File/Directory Access Right','FILE_ADD_SUBDIRECTORY') If dir_accessrights & 2 Then Pause('File/Directory Access Right','FILE_ADD_FILE') If dir_accessrights & 1 Then Pause('File/Directory Access Right','FILE_LIST_DIRECTORY') Exit
Article ID: W17995
Filename: Interpreting Access Rights.txt
File Created: 2011:04:04:13:48:56
Last Updated: 2011:04:04:13:48:56