使用 IAD 获取安全描述符
以下代码示例使用 IADs::Get 方法检索指向 Active Directory 域服务 中对象的 nTSecurityDescriptor 属性的 IADsSecurityDescriptor 指针。
Dim rootDSE As IADs
Dim ADUser As IADs
Dim sd As IADsSecurityDescriptor
On Error GoTo Cleanup
' Bind to the Users container in the local domain.
Set rootDSE = GetObject("LDAP://rootDSE")
Set ADUser = GetObject("LDAP://cn=users," & rootDSE.Get("defaultNamingContext"))
' Get the security descriptor on the Users container.
Set sd = ADUser.Get("ntSecurityDescriptor")
Debug.Print sd.Control
Debug.Print sd.Group
Debug.Print sd.Owner
Debug.Print sd.Revision
Exit Sub
Cleanup:
Set rootDSE = Nothing
Set ADUser = Nothing
Set sd = Nothing
HRESULT GetSDFromIADs(
IADs *pObject,
IADsSecurityDescriptor **ppSD )
{
VARIANT var;
HRESULT hr;
if(!pObject || !ppSD)
{
return E_INVALIDARG;
}
// Set *ppSD to NULL.
*ppSD = NULL;
VariantInit(&var);
// Get the nTSecurityDescriptor.
hr = pObject->Get(CComBSTR("nTSecurityDescriptor"), &var);
if (SUCCEEDED(hr))
{
// Type should be VT_DISPATCH - an IDispatch pointer to the security descriptor object.
if (var.vt == VT_DISPATCH)
{
// Use V_DISPATCH macro to get the IDispatch pointer from the
// VARIANT structure and QueryInterface for the IADsSecurityDescriptor pointer.
hr = V_DISPATCH(&var)->QueryInterface(IID_IADsSecurityDescriptor, (void**)ppSD);
}
else
{
hr = E_FAIL;
}
}
VariantClear(&var);
return hr;
}
反馈
即将发布:在整个 2024 年,我们将逐步淘汰作为内容反馈机制的“GitHub 问题”,并将其取代为新的反馈系统。 有关详细信息,请参阅:https://aka.ms/ContentUserFeedback。
提交和查看相关反馈