トップ回答者
フォルダ(ファイル)のアクセス許可エントリがここでユーザがグループか

質問
-
みなさん、
お疲れ様です。
フォルダ(ファイル)のアクセス許可エントリがここでユーザがグループかどうか確認したいです。
どうすれば良いでしょうか。
Dim DirInfo As New DirectoryInfo("C:\Folder1")
Dim sc = DirInfo.GetAccessControl
For Each rl As FileSystemAccessRule In sc.GetAccessRules(True, True, GetType(NTAccount))
'ここでユーザがグループかどうか判断したい
Console.WriteLine("{0}, {1}", rl.IdentityReference.Value, rl.AccessControlType)
Next
以上、宜しくお願い致します。
回答
-
質問の「ユーザー」というのがIdentityReferenceの指しているアカウントという意味であれば、
Imports System.IO Imports System.Text Imports System.Security.Principal Imports System.Security.AccessControl Module Module1 Declare Auto Function LookupAccountSid Lib "advapi32.dll" _ (ByVal systemName As String _ , ByVal psid As Byte() _ , ByVal name As StringBuilder _ , ByRef ccName As Integer _ , ByVal domainName As StringBuilder _ , ByRef ccDomainName As Integer _ , ByRef euse As SID_NAME_USE) As Boolean Enum SID_NAME_USE SidTypeUser = 1 SidTypeGroup SidTypeDomain SidTypeAlias SidTypeWellKnownGroup SidTypeDeletedAccount SidTypeInvalid SidTypeUnknown SidTypeComputer SidTypeLabel SidTypeLogonSession End Enum Private Function GetSID_NAME_USE(si As SecurityIdentifier) As SID_NAME_USE Dim bs As Byte() = New Byte(si.BinaryLength) {} si.GetBinaryForm(bs, 0) Dim num2 As Integer = 0 Dim sb1 As StringBuilder = New StringBuilder(256) Dim sb2 As StringBuilder = New StringBuilder(256) If LookupAccountSid(Nothing, bs, sb1, 256, sb2, 256, num2) <> 0 Then Return num2 End If Return 0 End Function Sub Main() Dim DirInfo As New DirectoryInfo(System.Environment.ExpandEnvironmentVariables("%APPDATA%")) Dim sc = DirInfo.GetAccessControl For Each rl As FileSystemAccessRule In sc.GetAccessRules(True, True, GetType(NTAccount)) 'ここでユーザがグループかどうか判断したい Dim nta As NTAccount Dim isUnknownAccount As Boolean Try nta = rl.IdentityReference.Translate(GetType(NTAccount)) Catch ex As IdentityNotMappedException isUnknownAccount = True End Try Dim si As SecurityIdentifier = rl.IdentityReference.Translate(GetType(SecurityIdentifier)) Dim sidType As SID_NAME_USE = GetSID_NAME_USE(si) If sidType = SID_NAME_USE.SidTypeAlias _ OrElse sidType = SID_NAME_USE.SidTypeGroup _ Or sidType = SID_NAME_USE.SidTypeWellKnownGroup Then Console.ForegroundColor = ConsoleColor.Green End If Console.WriteLine("{0}, {1}", rl.IdentityReference.Value, rl.AccessControlType) If (isUnknownAccount AndAlso sidType = 0) Then Console.WriteLine(vbTab + "*" + "不明なアカウント") Else Console.WriteLine(vbTab + "*" + sidType.ToString()) End If For Each w As WellKnownSidType In [Enum].GetValues(GetType(WellKnownSidType)) If (si.IsWellKnown(w)) Then Console.WriteLine(vbTab + w.ToString()) End If Next Console.ResetColor() Next End Sub End Module
個別に明示されていない限りgekkaがフォーラムに投稿したコードにはフォーラム使用条件に基づき「MICROSOFT LIMITED PUBLIC LICENSE」が適用されます。(かなり自由に使ってOK!)
すべての返信
-
質問の「ユーザー」というのがIdentityReferenceの指しているアカウントという意味であれば、
Imports System.IO Imports System.Text Imports System.Security.Principal Imports System.Security.AccessControl Module Module1 Declare Auto Function LookupAccountSid Lib "advapi32.dll" _ (ByVal systemName As String _ , ByVal psid As Byte() _ , ByVal name As StringBuilder _ , ByRef ccName As Integer _ , ByVal domainName As StringBuilder _ , ByRef ccDomainName As Integer _ , ByRef euse As SID_NAME_USE) As Boolean Enum SID_NAME_USE SidTypeUser = 1 SidTypeGroup SidTypeDomain SidTypeAlias SidTypeWellKnownGroup SidTypeDeletedAccount SidTypeInvalid SidTypeUnknown SidTypeComputer SidTypeLabel SidTypeLogonSession End Enum Private Function GetSID_NAME_USE(si As SecurityIdentifier) As SID_NAME_USE Dim bs As Byte() = New Byte(si.BinaryLength) {} si.GetBinaryForm(bs, 0) Dim num2 As Integer = 0 Dim sb1 As StringBuilder = New StringBuilder(256) Dim sb2 As StringBuilder = New StringBuilder(256) If LookupAccountSid(Nothing, bs, sb1, 256, sb2, 256, num2) <> 0 Then Return num2 End If Return 0 End Function Sub Main() Dim DirInfo As New DirectoryInfo(System.Environment.ExpandEnvironmentVariables("%APPDATA%")) Dim sc = DirInfo.GetAccessControl For Each rl As FileSystemAccessRule In sc.GetAccessRules(True, True, GetType(NTAccount)) 'ここでユーザがグループかどうか判断したい Dim nta As NTAccount Dim isUnknownAccount As Boolean Try nta = rl.IdentityReference.Translate(GetType(NTAccount)) Catch ex As IdentityNotMappedException isUnknownAccount = True End Try Dim si As SecurityIdentifier = rl.IdentityReference.Translate(GetType(SecurityIdentifier)) Dim sidType As SID_NAME_USE = GetSID_NAME_USE(si) If sidType = SID_NAME_USE.SidTypeAlias _ OrElse sidType = SID_NAME_USE.SidTypeGroup _ Or sidType = SID_NAME_USE.SidTypeWellKnownGroup Then Console.ForegroundColor = ConsoleColor.Green End If Console.WriteLine("{0}, {1}", rl.IdentityReference.Value, rl.AccessControlType) If (isUnknownAccount AndAlso sidType = 0) Then Console.WriteLine(vbTab + "*" + "不明なアカウント") Else Console.WriteLine(vbTab + "*" + sidType.ToString()) End If For Each w As WellKnownSidType In [Enum].GetValues(GetType(WellKnownSidType)) If (si.IsWellKnown(w)) Then Console.WriteLine(vbTab + w.ToString()) End If Next Console.ResetColor() Next End Sub End Module
個別に明示されていない限りgekkaがフォーラムに投稿したコードにはフォーラム使用条件に基づき「MICROSOFT LIMITED PUBLIC LICENSE」が適用されます。(かなり自由に使ってOK!)