Search
Module:
Directory
Constants
Delegates
Enums
Interfaces
Structures

   Desktop Functions:
advapi32
avifil32
cards
cfgmgr32
comctl32
comdlg32
credui
crypt32
dbghelp
dbghlp
dbghlp32
dhcpsapi
difxapi
dmcl40
dnsapi
dtl
dwmapi
faultrep
fbwflib
fltlib
fwpuclnt
gdi32
gdiplus
getuname
glu32
glut32
gsapi
hhctrl
hid
hlink
httpapi
icmp
imm32
iphlpapi
iprop
irprops
kernel32
mapi32
MinCore
mpr
mqrt
mscorsn
msdelta
msdrm
msi
msports
msvcrt
ncrypt
netapi32
ntdll
ntdsapi
odbc32
odbccp32
ole32
oleacc
oleaut32
opengl32
pdh
powrprof
printui
propsys
psapi
pstorec
query
quickusb
rasapi32
rpcrt4
scarddlg
secur32
setupapi
shell32
shlwapi
twain_32
unicows
urlmon
user32
userenv
uxtheme
version
wer
wevtapi
winfax
winhttp
wininet
winmm
winscard
winspool
wintrust
winusb
wlanapi
ws2_32
wtsapi32
xolehlp
xpsprint

   Smart Device Functions:
aygshell
coredll
ipaqutil
rapi


Show Recent Changes
Subscribe (RSS)
Misc. Pages
Comments
FAQ
Helpful Tools
Playground
Suggested Reading
Website TODO List
Download Visual Studio Add-In
SetNamedSecurityInfo (advapi32)
 
.
Summary
The SetNamedSecurityInfo function sets specified security information in the security descriptor of a specified object. The caller identifies the object by name

C# Signature:

[DllImport("advapi32.dll", CharSet=CharSet.Auto)]
static extern uint SetNamedSecurityInfo(
    string pObjectName,
    SE_OBJECT_TYPE ObjectType,
    SECURITY_INFORMATION SecurityInfo,
    IntPtr psidOwner,
    IntPtr psidGroup,
    IntPtr pDacl,
    IntPtr pSacl);

VB Signature:

Declare Function SetNamedSecurityInfo Lib "advapi32.dll" ( _
    ByVal pObjectName As String, _
    ByVal ObjectType As SE_OBJECT_TYPE, _
    ByVal SecurityInfo As SECURITY_INFORMATION, _
    ByVal psidOwner As IntPtr, _
    ByVal psidGroup As IntPtr, _
    ByVal pDacl As IntPtr, _
    ByVal pSacl As IntPtr) As Integer

User-Defined Types:

SE_OBJECT_TYPE, SECURITY_INFORMATION

None.

Notes:

Tips & Tricks:

Please add some!

C# Sample Code:

[DllImport("advapi32.dll", CharSet = CharSet.Unicode)]
private static extern uint SetNamedSecurityInfoW(String pObjectName, SE_OBJECT_TYPE ObjectType, SECURITY_INFORMATION SecurityInfo, IntPtr psidOwner, IntPtr psidGroup, IntPtr pDacl, IntPtr pSacl);

[DllImport("Advapi32.dll", SetLastError = true)]
private static extern bool ConvertStringSidToSid(String StringSid, ref IntPtr Sid);

Please add some!

private enum SE_OBJECT_TYPE
{
    SE_UNKNOWN_OBJECT_TYPE=0,    
    SE_FILE_OBJECT,
    SE_SERVICE,
    SE_PRINTER,
    SE_REGISTRY_KEY,
    SE_LMSHARE,
    SE_KERNEL_OBJECT,
    SE_WINDOW_OBJECT,
    SE_DS_OBJECT,
    SE_DS_OBJECT_ALL,
    SE_PROVIDER_DEFINED_OBJECT,
    SE_WMIGUID_OBJECT,S E_REGISTRY_WOW64_32KEY
}

VB.Net Sample Code:

Dim pSecDesc, pNewDACL, pOldDACL As IntPtr
Dim ea As EXPLICIT_ACCESS
Dim Win32Error As Win32Exception
Dim ret As Integer

' merge this Explict Access with the existing DACL
ret = SetEntriesInAcl(1, ea, pOldDACL, pNewDACL)
If ret <> 0 Then
     Win32Error = New Win32Exception(ret)
     Throw New Exception(Win32Error.Message)
End If

' write the new Security Descriptor/DACL back
ret = SetNamedSecurityInfo(strPath, _
     SE_OBJECT_TYPE.SE_FILE_OBJECT, _
     SECURITY_INFORMATION.DACL_SECURITY_INFORMATION, _
     Nothing, Nothing, pNewDACL, Nothing)
If ret <> 0 Then
     Win32Error = New Win32Exception(ret)
     Throw New Exception(Win32Error.Message)
End If

Alternative Managed API:

Do you know one? Please contribute it!

[Flags] private enum SECURITY_INFORMATION : uint
{
    Owner = 0x00000001,
    Group = 0x00000002,
    Dacl = 0x00000004,
    Sacl = 0x00000008,
    ProtectedDacl = 0x80000000,
    ProtectedSacl = 0x40000000,
    UnprotectedDacl = 0x20000000,
    UnprotectedSacl = 0x10000000
}

public static void SetFileOrFolderOwner(String objectName) //Note this is very basic and is silent on fail as I havent checked GetlastError and thrown an exception etc
{
        IntPtr sidPtr = IntPtr.Zero;
        SECURITY_INFORMATION sFlags = SECURITY_INFORMATION.Owner;

        System.Security.Principal.NTAccount  user = new System.Security.Principal.NTAccount("P1R4T3\\Harris");
        System.Security.Principal.SecurityIdentifier sid = (System.Security.Principal.SecurityIdentifier) user.Translate(typeof (System.Security.Principal.SecurityIdentifier));

        ConvertStringSidToSid(sid.ToString(), ref sidPtr);        

        SetNamedSecurityInfoW(UnicodeHeader+objectName, SE_OBJECT_TYPE.SE_FILE_OBJECT, sFlags,sidPtr , IntPtr.Zero, IntPtr.Zero, IntPtr.Zero);

    //Probably should release the IntPtr here to avoid memory leakage?????

}

VB.Net Sample Code:

Dim pSecDesc, pNewDACL, pOldDACL As IntPtr
Dim ea As EXPLICIT_ACCESS
Dim Win32Error As Win32Exception
Dim ret As Integer

' merge this Explict Access with the existing DACL
ret = SetEntriesInAcl(1, ea, pOldDACL, pNewDACL)
If ret <> 0 Then
     Win32Error = New Win32Exception(ret)
     Throw New Exception(Win32Error.Message)
End If

' write the new Security Descriptor/DACL back
ret = SetNamedSecurityInfo(strPath, _
     SE_OBJECT_TYPE.SE_FILE_OBJECT, _
     SECURITY_INFORMATION.DACL_SECURITY_INFORMATION, _
     Nothing, Nothing, pNewDACL, Nothing)
If ret <> 0 Then
     Win32Error = New Win32Exception(ret)
     Throw New Exception(Win32Error.Message)
End If

Alternative Managed API:

Do you know one? Please contribute it!

Documentation
SetNamedSecurityInfo on MSDN

Please edit this page!

Do you have...

  • helpful tips or sample code to share for using this API in managed code?
  • corrections to the existing content?
  • variations of the signature you want to share?
  • additional languages you want to include?

Select "Edit This Page" on the right hand toolbar and edit it! Or add new pages containing supporting types needed for this API (structures, delegates, and more).

 
Access PInvoke.net directly from VS:
Terms of Use
Edit This Page
Find References
Show Printable Version
Revisions