/*++ DCOM Permission Configuration Sample Copyright (c) 1996, Microsoft Corporation. All rights reserved. Module Name: listacl.cpp Abstract: Code to list ACL information Author: Michael Nelson Environment: Windows NT --*/ #include "stdafx.h" #include "ntsecapi.h" #include "dcomperm.h" void ListACL ( PACL Acl ) { ACL_SIZE_INFORMATION aclSizeInfo; ACL_REVISION_INFORMATION aclRevInfo; ULONG i = 0; LPVOID ace = NULL; ACE_HEADER *aceHeader = NULL; ACCESS_ALLOWED_ACE *paaace = NULL; ACCESS_DENIED_ACE *padace = NULL; TCHAR domainName [256]; TCHAR userName [256]; DWORD nameLength = 0; SID_NAME_USE snu; if (!GetAclInformation (Acl, &aclSizeInfo, sizeof (ACL_SIZE_INFORMATION), AclSizeInformation)) { _tprintf (TEXT("Could not get AclSizeInformation")); return; } if (!GetAclInformation (Acl, &aclRevInfo, sizeof (ACL_REVISION_INFORMATION), AclRevisionInformation)) { _tprintf (TEXT("Could not get AclRevisionInformation")); return; } for (i = 0; i < aclSizeInfo.AceCount; i++) { if (!GetAce (Acl, i, &ace)) return; aceHeader = (ACE_HEADER *) ace; if (aceHeader->AceType == ACCESS_ALLOWED_ACE_TYPE) { paaace = (ACCESS_ALLOWED_ACE *) ace; nameLength = 255; LookupAccountSid (NULL, &paaace->SidStart, userName, &nameLength, domainName, &nameLength, &snu); _tprintf (TEXT("Access permitted to %s\\%s.\n"), domainName, userName); } else if (aceHeader->AceType == ACCESS_DENIED_ACE_TYPE) { padace = (ACCESS_DENIED_ACE *) ace; nameLength = 255; LookupAccountSid (NULL, &padace->SidStart, userName, &nameLength, domainName, &nameLength, &snu); _tprintf (TEXT("Access denied to %s\\%s.\n"), domainName, userName); } } }