关于windows用户管理和文件系统权限ACL的控制(100分)

到MSDN查了一下，大致有一下函数，可惜E文不行一时也没有头绪。<br>关于创建用户:<br>NetUserAdd<br>NetUserSetInfo<br>NetUserDel<br>NetUserSetGroups<br>NetUserGetGroups<br>NetGroupAddUser<br><br>文件权限：<br>InitializeSecurityDescriptor<br>InitializeAcl<br>LookupAccountName<br>AddAccessAllowedAce<br>SetSecurityDescriptorDacl<br>SetFileSecurity<br><br>主要还是c/c++不熟，delphi中对应的类型不清楚，而且其中有些函数不知是不是我没有找到还是DELPHI根本没有导入。

用户的问题解决了，目录权限谁能帮帮忙，翻译一下C++代码

DWORD AddAceToObjectsSecurityDescriptor (<br>&nbsp; &nbsp; LPTSTR pszObjName, &nbsp; &nbsp; &nbsp; &nbsp; &nbsp;// name of object<br>&nbsp; &nbsp; SE_OBJECT_TYPE ObjectType, &nbsp;// type of object<br>&nbsp; &nbsp; LPTSTR pszTrustee, &nbsp; &nbsp; &nbsp; &nbsp; &nbsp;// trustee for new ACE<br>&nbsp; &nbsp; TRUSTEE_FORM TrusteeForm, &nbsp; // format of trustee structure<br>&nbsp; &nbsp; DWORD dwAccessRights, &nbsp; &nbsp; &nbsp; // access mask for new ACE<br>&nbsp; &nbsp; ACCESS_MODE AccessMode, &nbsp; &nbsp; // type of ACE<br>&nbsp; &nbsp; DWORD dwInheritance &nbsp; &nbsp; &nbsp; &nbsp; // inheritance flags for new ACE<br>) <br>{<br>DWORD dwRes = 0;<br>PACL pOldDACL = NULL, pNewDACL = NULL;<br>PSECURITY_DESCRIPTOR pSD = NULL;<br>EXPLICIT_ACCESS ea;<br><br>if (NULL == pszObjName) <br>&nbsp; &nbsp; return ERROR_INVALID_PARAMETER;<br>// Get a pointer to the existing DACL.<br>dwRes = GetNamedSecurityInfo(pszObjName, ObjectType, <br>&nbsp; &nbsp; &nbsp; DACL_SECURITY_INFORMATION,<br>&nbsp; &nbsp; &nbsp; NULL, NULL, &amp;pOldDACL, NULL, &amp;pSD);<br>if (ERROR_SUCCESS != dwRes) {<br>&nbsp; &nbsp; printf( "GetNamedSecurityInfo Error %u/n", dwRes );<br>&nbsp; &nbsp; goto Cleanup; <br>} &nbsp;<br>// Initialize an EXPLICIT_ACCESS structure for the new ACE. <br>ZeroMemory(&amp;ea, sizeof(EXPLICIT_ACCESS));<br>ea.grfAccessPermissions = dwAccessRights;<br>ea.grfAccessMode = AccessMode;<br>ea.grfInheritance= dwInheritance;<br>ea.Trustee.TrusteeForm = TrusteeForm;<br>ea.Trustee.ptstrName = pszTrustee;<br>// Create a new ACL that merges the new ACE<br>// into the existing DACL.<br>dwRes = SetEntriesInAcl(1, &amp;ea, pOldDACL, &amp;pNewDACL);<br>if (ERROR_SUCCESS != dwRes) &nbsp;{<br>&nbsp; &nbsp; printf( "SetEntriesInAcl Error %u/n", dwRes );<br>&nbsp; &nbsp; goto Cleanup; <br>} &nbsp;<br>// Attach the new ACL as the object's DACL.<br>dwRes = SetNamedSecurityInfo(pszObjName, ObjectType, <br>&nbsp; &nbsp; &nbsp; DACL_SECURITY_INFORMATION,<br>&nbsp; &nbsp; &nbsp; NULL, NULL, pNewDACL, NULL);<br>if (ERROR_SUCCESS != dwRes) &nbsp;{<br>&nbsp; &nbsp; printf( "SetNamedSecurityInfo Error %u/n", dwRes );<br>&nbsp; &nbsp; goto Cleanup; <br>} &nbsp;<br>Cleanup:<br>&nbsp; &nbsp; if(pSD != NULL) <br>&nbsp; &nbsp; &nbsp; &nbsp; LocalFree((HLOCAL) pSD); <br>&nbsp; &nbsp; if(pNewDACL != NULL) <br>&nbsp; &nbsp; &nbsp; &nbsp; LocalFree((HLOCAL) pNewDACL); <br>&nbsp; &nbsp; return dwRes;<br>}<br>

需要的类型，不知我有没有写错，调用函数时一直有堆栈错误<br><br>type<br>&nbsp; // 一般情况下用：NO_MULTIPLE_TRUSTEE<br>&nbsp; MULTIPLE_TRUSTEE_OPERATION = (NO_MULTIPLE_TRUSTEE, TRUSTEE_IS_IMPERSONATE);<br>&nbsp; // 托管人标示类型<br>&nbsp; TRUSTEE_FORM = (TRUSTEE_IS_SID, TRUSTEE_IS_NAME, TRUSTEE_BAD_FORM, TRUSTEE_IS_OBJECTS_AND_SID,<br>&nbsp; &nbsp; &nbsp; &nbsp; &nbsp;TRUSTEE_IS_OBJECTS_AND_NAME);<br>&nbsp; // 托管人类型<br>&nbsp; TRUSTEE_TYPE = (TRUSTEE_IS_UNKNOWN, TRUSTEE_IS_USER, TRUSTEE_IS_GROUP,<br>&nbsp; &nbsp; &nbsp; &nbsp; &nbsp;TRUSTEE_IS_DOMAIN, TRUSTEE_IS_ALIAS, TRUSTEE_IS_WELL_KNOWN_GROUP,<br>&nbsp; &nbsp; &nbsp; &nbsp; &nbsp;TRUSTEE_IS_DELETED, TRUSTEE_IS_INVALID, TRUSTEE_IS_COMPUTER);<br>&nbsp; // 对象类型<br>&nbsp; SE_OBJECT_TYPE = (SE_UNKNOWN_OBJECT_TYPE, SE_FILE_OBJECT, SE_SERVICE, SE_PRINTER,<br>&nbsp; &nbsp; &nbsp; &nbsp; &nbsp;SE_REGISTRY_KEY, SE_LMSHARE, SE_KERNEL_OBJECT, SE_WINDOW_OBJECT, SE_DS_OBJECT,<br>&nbsp; &nbsp; &nbsp; &nbsp; &nbsp;SE_DS_OBJECT_ALL, SE_PROVIDER_DEFINED_OBJECT, SE_WMIGUID_OBJECT,<br>&nbsp; &nbsp; &nbsp; &nbsp; &nbsp;SE_REGISTRY_WOW64_32KEY);<br><br>&nbsp; // 托管人结构<br>&nbsp; PTRUSTEE = ^TRUSTEE;<br>&nbsp; TRUSTEE = record<br>&nbsp; &nbsp; pMultipleTrustee: PTRUSTEE;<br>&nbsp; &nbsp; MultipleTrusteeOperation: MULTIPLE_TRUSTEE_OPERATION;<br>&nbsp; &nbsp; TrusteeForm: TRUSTEE_FORM;<br>&nbsp; &nbsp; TrusteeType: TRUSTEE_TYPE;<br>&nbsp; &nbsp; ptstrName: LPTSTR;<br>&nbsp; end;<br><br>&nbsp; ACCESS_MODE = (NOT_USED_ACCESS = 0, GRANT_ACCESS, SET_ACCESS, DENY_ACCESS,<br>&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; REVOKE_ACCESS, SET_AUDIT_SUCCESS, SET_AUDIT_FAILURE);<br><br>&nbsp; PEXPLICIT_ACCESS = ^EXPLICIT_ACCESS;<br>&nbsp; EXPLICIT_ACCESS = record<br>&nbsp; &nbsp; grfAccessPermissions: DWORD;<br>&nbsp; &nbsp; grfAccessMode: ACCESS_MODE;<br>&nbsp; &nbsp; grfInheritance: DWORD;<br>&nbsp; &nbsp; Trustee: TRUSTEE;<br>&nbsp; end;<br><br>&nbsp; PSID_IDENTIFIER_AUTHORITY = ^SID_IDENTIFIER_AUTHORITY;<br>&nbsp; SID_IDENTIFIER_AUTHORITY &nbsp;= record<br>&nbsp; &nbsp; Value : array[1..6] of BYTE;<br>&nbsp; end;<br><br>function AllocateAndInitializeSid(pIdentifierAuthority: PSID_IDENTIFIER_AUTHORITY;<br>&nbsp; &nbsp; &nbsp;nSubAuthorityCount: BYTE; dwSubAuthority0: DWORD; dwSubAuthority1: DWORD;<br>&nbsp; &nbsp; &nbsp;dwSubAuthority2: DWORD; dwSubAuthority3: DWORD; dwSubAuthority4: DWORD;<br>&nbsp; &nbsp; &nbsp;dwSubAuthority5: DWORD; dwSubAuthority6: DWORD; dwSubAuthority7: DWORD;<br>&nbsp; &nbsp; &nbsp;pSid: PSID): bool; stdcall; external 'Advapi32.dll'<br><br>function GetNamedSecurityInfo(pObjectName: LPTSTR; ObjectType: SE_OBJECT_TYPE;<br>&nbsp; &nbsp; &nbsp;SecurityInfo: SECURITY_INFORMATION; ppsidOwner: PSID; ppsidGroup: PSID;<br>&nbsp; &nbsp; &nbsp;ppDacl: PACL; ppSacl: PACL; ppSecurityDescriptor: PSECURITY_DESCRIPTOR):<br>&nbsp; &nbsp; &nbsp;DWORD; stdcall; external 'Advapi32.dll'<br><br>function SetEntriesInAcl(cCountOfExplicitEntries: ULONG; pListOfExplicitEntries: PEXPLICIT_ACCESS;<br>&nbsp; &nbsp; &nbsp; &nbsp;OldAcl: PACL; &nbsp;NewAcl: PACL): DWORD; stdcall; external 'Advapi32.dll'<br><br>function SetNamedSecurityInfo(pObjectName: LPTSTR; ObjectType: SE_OBJECT_TYPE;<br>&nbsp; &nbsp; &nbsp; SecurityInfo: SECURITY_INFORMATION; psidOwner: PSID; psidGroup: PSID;<br>&nbsp; &nbsp; &nbsp; pDacl: PACL; pSacl: PACL): DWORD; stdcall; external 'Advapi32.dll'<br>

还说高手多，怎么没有一个人回复[]

也不能怪他们，在国内清楚这些的好像都不用delphi<br>最近我也在关注这些问题，不知道你要实现什么功能，是调整文件权限么？

对呀，你做过吗。那倒可以交流一下

刚刚作乐一个调整注册表权限的demo要么