Help with LookupAccountSid
-
Hi. Iwant to get the owner name of a file or directory. I hope to get the creators name. Thus I used the GetFileSecurity to get the file security id and then the GetSecurityOwnerDescriptor to get the account security id. Then, I stack. According to the manual you have to use the LookupAccountSide specifing two buffers as parameters: One to get the account name and another to get the domain name. Also according to them you need to give the current size of the buffers. The call will fail if one of buffer is not large enough and it will return the correct buffer sizes. It will also fail for other reasons like network failure etc. Does anyone knows what is the error returned due to a buffer failure? Is it the same error for both buffers or a different one? How many calls do I need until I correct the buffers (by reading the sizes and allocating the buffers) until I get anyothe legitimate failure?? Why MicroSoft, NEVER, NEVER, NEVER documents the possible ways that a function may fail??? Is this a developers friendly company???
-
Hi. Iwant to get the owner name of a file or directory. I hope to get the creators name. Thus I used the GetFileSecurity to get the file security id and then the GetSecurityOwnerDescriptor to get the account security id. Then, I stack. According to the manual you have to use the LookupAccountSide specifing two buffers as parameters: One to get the account name and another to get the domain name. Also according to them you need to give the current size of the buffers. The call will fail if one of buffer is not large enough and it will return the correct buffer sizes. It will also fail for other reasons like network failure etc. Does anyone knows what is the error returned due to a buffer failure? Is it the same error for both buffers or a different one? How many calls do I need until I correct the buffers (by reading the sizes and allocating the buffers) until I get anyothe legitimate failure?? Why MicroSoft, NEVER, NEVER, NEVER documents the possible ways that a function may fail??? Is this a developers friendly company???
I use something like:
PSECURITY_DESCRIPTOR pSecurityDescriptor;
PSID pSidOwner;
SID_NAME_USE rSidNameUse;
DWORD dwAccountSize,
dwDomainSize;
char *pszAccount,
*pszDomain;if (GetNamedSecurityInfo(
(LPSTR) lpszObjectName,
SE_FILE_OBJECT,
OWNER_SECURITY_INFORMATION,
&pSidOwner,
NULL,
NULL,
NULL,
&pSecurityDescriptor) == ERROR_SUCCESS)
{
dwAccountSize = 0;
dwDomainSize = 0;LookupAccountSid(NULL, pSidOwner, NULL, &dwAccountSize, NULL, &dwDomainSize, &rSidNameUse); pszAccount = new char\[dwAccountSize\]; pszDomain = new char\[dwDomainSize\]; if (LookupAccountSid(NULL, pSidOwner, pszAccount, &dwAccountSize, pszDomain, &dwDomainSize, &rSidNameUse) == TRUE) ... delete \[\] pszAccount; delete \[\] pszDomain; LocalFree(pSecurityDescriptor);}
"Ideas are a dime a dozen. People who put them into action are priceless." - Unknown
-
I use something like:
PSECURITY_DESCRIPTOR pSecurityDescriptor;
PSID pSidOwner;
SID_NAME_USE rSidNameUse;
DWORD dwAccountSize,
dwDomainSize;
char *pszAccount,
*pszDomain;if (GetNamedSecurityInfo(
(LPSTR) lpszObjectName,
SE_FILE_OBJECT,
OWNER_SECURITY_INFORMATION,
&pSidOwner,
NULL,
NULL,
NULL,
&pSecurityDescriptor) == ERROR_SUCCESS)
{
dwAccountSize = 0;
dwDomainSize = 0;LookupAccountSid(NULL, pSidOwner, NULL, &dwAccountSize, NULL, &dwDomainSize, &rSidNameUse); pszAccount = new char\[dwAccountSize\]; pszDomain = new char\[dwDomainSize\]; if (LookupAccountSid(NULL, pSidOwner, pszAccount, &dwAccountSize, pszDomain, &dwDomainSize, &rSidNameUse) == TRUE) ... delete \[\] pszAccount; delete \[\] pszDomain; LocalFree(pSecurityDescriptor);}
"Ideas are a dime a dozen. People who put them into action are priceless." - Unknown
Thanks. I do not think that the GetNamedSecurityInfo versus a combination GetFileSecurity, GetSecurityOwnerDescriptor will make much difference. To my view if I have two functions I localise slightly the failure. In the GetFileSecurity I know that I faild to get the file SID whilst with GetSecurityOwnerDescriptor I know I faild to get the owner account SID. Unless the GetNamedSecurityInfo returns a different account SID from the proposed combination. My real question is again the two calls of the LookupAccountSid. Like your case how do I know that the first one faild due to zero buffer size and not for any other reason (e.g. the file is across the network and the network went down when I was examining, or the file is been deleted and been left with a duggling pSidOwner). Also will one call set both buffer sizes or one of them and then will fail again because the second buffer is still NULL? Any detailed documentation on the failures will be great. Its an art to keep things simple
-
Thanks. I do not think that the GetNamedSecurityInfo versus a combination GetFileSecurity, GetSecurityOwnerDescriptor will make much difference. To my view if I have two functions I localise slightly the failure. In the GetFileSecurity I know that I faild to get the file SID whilst with GetSecurityOwnerDescriptor I know I faild to get the owner account SID. Unless the GetNamedSecurityInfo returns a different account SID from the proposed combination. My real question is again the two calls of the LookupAccountSid. Like your case how do I know that the first one faild due to zero buffer size and not for any other reason (e.g. the file is across the network and the network went down when I was examining, or the file is been deleted and been left with a duggling pSidOwner). Also will one call set both buffer sizes or one of them and then will fail again because the second buffer is still NULL? Any detailed documentation on the failures will be great. Its an art to keep things simple
Dimitris Vikeloudas wrote: Like your case how do I know that the first one faild due to zero buffer size and not for any other reason It returns
ERROR_INSUFFICIENT_BUFFER. Dimitris Vikeloudas wrote: Also will one call set both buffer sizes or one of them and then will fail again because the second buffer is still NULL? They are both set to the necessary size.
"Ideas are a dime a dozen. People who put them into action are priceless." - Unknown