NetShareAdd
Andreas Schibilla
I like to create a read-only share directory on Windows XP (to all users in
the network).
I've done that with the following code:
...
inf.shi502_netname=wcName;
inf.shi502_type = STYPE_DISKTREE;
inf.shi502_remark =wcRemark;
inf.shi502_permissions = ACCESS_READ; // this line doesn't matter, why?
inf.shi502_max_uses = 5;
inf.shi502_current_uses = 0;
inf.shi502_path =wcPath;
inf.shi502_passwd = NULL;
inf.shi502_reserved = 0;
inf.shi502_security_descriptor = NULL;
res=NetShareAdd(NULL, 502,(LPBYTE) &inf, NULL);
SHChangeNotify(SHCNE_NETSHARE, SHCNF_PATH, szPath, NULL);
...
But the problem is: the share directory isn't read-only, all users can read
AND write to the share.
Does anybody know how to make it read-only??? I think it's something with
the last parameter "shi502_security_descriptor", but I have no idea to
handle it...
Thanks,
Andi
PS: Sorry for my bad english!
John Harrison
"Andreas Schibilla" <And...@Schibilla.de> wrote in message
news:c1nklg$1ktbdp$1...@news.hansenet.net...
I have the following code, but I haven't tested it lately, maybe it will
work for you.
// create the SID representing everyone
SID_IDENTIFIER_AUTHORITY world_auth = SECURITY_WORLD_SID_AUTHORITY;
if (!AllocateAndInitializeSid(&world_auth,
1, SECURITY_WORLD_RID, 0, 0, 0, 0, 0, 0, 0, &sid))
{
res = GetLastError();
goto error;
}
// create an ACL with read access for everyone,
// note GENERIC_READ|GENERIC_EXECUTE seem to correspond to
// read only access on a share but I haven't seen this documented
EXPLICIT_ACCESS access;
access.grfAccessPermissions = GENERIC_READ|GENERIC_EXECUTE;
access.grfAccessMode = SET_ACCESS;
access.grfInheritance = NO_INHERITANCE;
access.Trustee.pMultipleTrustee = 0;
access.Trustee.MultipleTrusteeOperation = NO_MULTIPLE_TRUSTEE;
access.Trustee.TrusteeForm = TRUSTEE_IS_SID;
access.Trustee.TrusteeType = TRUSTEE_IS_GROUP;
access.Trustee.ptstrName = (LPSTR)sid;
res = SetEntriesInAclA(1, &access, 0, &dacl);
if (res != ERROR_SUCCESS)
{
goto error;
}
// create empty security descriptor
SECURITY_DESCRIPTOR sd;
if (!InitializeSecurityDescriptor(&sd, SECURITY_DESCRIPTOR_REVISION))
{
res = GetLastError();
goto error;
}
// add the ACL to the security descriptor
if (!SetSecurityDescriptorDacl(&sd, TRUE, dacl, FALSE))
{
res = GetLastError();
goto error;
}
// create the share
SHARE_INFO_502 info;
info.shi502_netname = (LPTSTR)wshare;
info.shi502_type = STYPE_DISKTREE;
info.shi502_remark = (LPTSTR)L"";
info.shi502_permissions = ACCESS_ALL;
info.shi502_max_uses = -1;
info.shi502_current_uses = 0;
info.shi502_path = (LPTSTR)wpath;
info.shi502_passwd = (LPTSTR)L"";
info.shi502_reserved = 0;
info.shi502_security_descriptor = &sd;
res = NetShareAdd((LPTSTR)wserver, 502, (LPBYTE)&info, 0);
Quite a lot of code for a very simple thing, but that's Windows
networking/security.
john
John Harrison
PSID sid = 0;
PACL dacl = 0;
and when you're done you should tidy up like this
if (dacl)
LocalFree(dacl);
if (sid)
FreeSid(sid);
john
Andreas Schibilla
I've tried your code and it works fine :-))
Thank you very much!!!!!!!!
But now I've got another little problem:
After I delete a share with "NetShareDel", I try to let the shell/explorer
know the share was deleted to let it change the directory icon:
SHChangeNotify(SHCNE_NETUNSHARE, SHCNF_PATH, name, NULL);
But the directory icon still looks like a share...
Do you know about the problem???
After creating the share the following command works fine:
SHChangeNotify(SHCNE_NETSHARE, SHCNF_PATH, name, NULL);
Big thanks,
Andi
John Harrison
"Andreas Schibilla" <And...@Schibilla.de> wrote in message
> Hello John,
>
>
> I've tried your code and it works fine :-))
> Thank you very much!!!!!!!!
>
> But now I've got another little problem:
> After I delete a share with "NetShareDel", I try to let the shell/explorer
> know the share was deleted to let it change the directory icon:
>
> SHChangeNotify(SHCNE_NETUNSHARE, SHCNF_PATH, name, NULL);
>
> But the directory icon still looks like a share...
> Do you know about the problem???
>
Sorry, don't know anything about that.
john