IObjectSecurity Interface

Inherited from

IDispatch

IUnknown

Applies to Objects

ObjectSecurity

The IObjectSecurity interface is useful in the management of Discretionary Access Control Lists (DACLs) for Windows securable objects such as NTFS files and directories, the registry, and attached printers. You can use methods of the IObjectSecurity interface to manage access to the objects, and to get access information such as the owner of an object, the primary group of the owner, and permissions allowed to the various users and groups.

Property/Method

Description

AttachFile

Initializes File object security.

AttachFileShare

Initializes the ObjectSecurity object with the specified file share's security

AttachPrinter

Initialize the ObjectSecurity object with the specified printer's security

AttachRegistryKey

Initializes the ObjectSecurity object with the specified registrykey's security

GetAccessList

Gets the access control list for an object.

GetAccessPermissions

Returns the access permissions for the user or group specified.

GetAllPermissions

Gets all possible permissions on an object.

GetEffectivePermissions

Gets the access permissions for a trustee. If the trustee is a user, it gets the effective permissions the user gets as a result of being a member of various Groups.

GrantAccessPermissions

Adds the access permissions specified for a specified trustee (i.e., user or group).

IsAccessAllowed

Checks whether a specified user or group has the specified permission on an object.

Owner

Gets or sets the owner of the object.

PrimaryGroup

Gets or sets the primary group associated with the object.

RevokeAccessPermissions

Removes the specified permissions for a trustee.

SetAccessPermissions

Sets the permissions specified for a specified trustee.

SetSecurityOnFile

Copies the security permissions of an attached file to a specified file.

SetSecurityOnRegistryKey

Copies the security permissions of an attached registry key to a specified registry key.

Remarks
Attach: To use the functionality provided by the IObjectSecurity interface, you need to first attach the securable object of Windows. This can be done using the AttachXXXX functions of IObjectSecurity.

Reuse: Once the security object is created, you can attach different securable objects to it, such as, files, directories, registry keys, and printers. At any given time, you can have only one securable object attached to an ObjectSecurity object.

Example

'To initialize the ObjectSecurity object
Dim objectSec As IObjectSecurity
Set objectSec = CreateObject("DirectScript.ObjectSecurity")
'If D:\ is a NTFS volume
objectSec.AttachFile("d:\myfiles\foo.doc")
'Get/set security properties of this file
'Attach another file. Connection to the earlier file is lost
objectSec.AttachFile("\\MOON\d$\myfiles\AnotherFoo.doc")

 

See Also