Author: Brian Yule (byule at PembrokeTechnology.com)

Download... the project. (13 kb)

Windows Security is difficult to do in Visual Basic. NTFS keeps tabs of permissions and how the permissions are inherited (i.e. you set permissions on c:\zzz and all the permissions for the child folders are inherited from the parent folder) and this info is only available via the Win API.

The code to get security info is actually pretty cool. First you get the security descriptor. This gives you access to the list of users that have priviliges to this folder

Public Function getDirectorySecurityDescriptor(DirectoryName As String) As Byte()
'   Returns the SID for the directory.
    Dim lngResult&, lngSizeRequired&, lngLength&
    Dim strDirectoryName As String
    Dim bytSd() As Byte
    
    ReDim bytSd(lngLength) As Byte
    
    strDirectoryName = DirectoryName
    
    lngResult = GetFileSecurity( _
        strDirectoryName, _
        SECURITY_INFORMATION.Dacl, _
        bytSd(0), _
        lngLength, _
        lngSizeRequired _
    )

    ReDim bytSd(lngSizeRequired - 1) As Byte
    lngLength = lngSizeRequired
    
    lngResult = GetFileSecurity( _
        strDirectoryName, _
        SECURITY_INFORMATION.Dacl, _
        bytSd(0), _
        lngLength, _
        lngSizeRequired _
    )
    
    If IsValidSecurityDescriptor(bytSd(0)) Then
        getDirectorySecurityDescriptor = bytSd
    Else
        Call Err.Raise(2, "Security.getDirectorySecurityDescriptor", "Invalid Security Descriptor")
    End If
End Function

From the code above, the users are derived. Then, you can get the particular permissions and inheritance for a particular user.

Download... the project. (13 kb)

To get in touch with the author of this example, email Brian Yule at byule at PembrokeTechnology.com