时间戳

首页 > 解决方案 > 使用 vb.net 以编程方式为系统范围的“访问权限”添加或删除用户

vb.net - 使用 vb.net 以编程方式为系统范围的“访问权限”添加或删除用户

问题描述

我已经成功地想出了一个使用 vb.net 更改应用程序特定“访问权限”的程序。这相当于运行 'dcomcnfg' 并通过选择 'Component services\Computers\My Computer\DCOM Config' 文件夹和特定应用程序来更改设置。通过右键单击应用程序并选择属性和安全选项卡,可以添加或删除不同的用户帐户。这适用于下面显示的代码。

我正在努力想出可以更改系统范围等效“访问权限”的代码。该代码应该是等效的或运行“dcomcnfg”并通过右键单击“组件服务\计算机\我的电脑”中的我的电脑并选择属性和安全选项卡来更改设置。

我希望我可以修改我现有的代码,但是因为我正在尝试更改系统范围的设置而不是特定于应用程序的设置,所以我遇到了障碍。我在谷歌上做了很多搜索,但无法解决。任何建议表示赞赏。

Private Sub ChangeApplicationDcomAccessSecuritySettings(AddUser As Boolean, RemoveUser As Boolean)
    Dim strComputer As String = "."
    Dim objWMIService As New Object
    objWMIService = GetObject("winmgmts:" & "{impersonationLevel=impersonate, (Security)}!\\" & strComputer & "\root\cimv2")

    ' Get an instance of Win32_SecurityDescriptorHelper
    Dim objHelper As New Object
    objHelper = GetObject("winmgmts:\\" & strComputer & "\root\CIMV2:Win32_SecurityDescriptorHelper")

    ' Obtain an instance of the the class
    ' using a key property value.
    Dim objCosmosApp As Object = objWMIService.Get("Win32_DCOMApplicationSetting.AppID='" & OPCServerApplicationID.Trim & "'")

    ' Get the existing security descriptor for the App
    Dim objSD As New Object
    objSD = Nothing

    Dim ret As Object
    ret = objCosmosApp.GetAccessSecurityDescriptor(objSD)
    If ret <> 0 Then
        MessageBox.Show("Could not get security descriptor: " & ret)
    End If

    ' Convert file security descriptor from Win32_SecurityDescriptor format to SDDL format
    Dim SDDLstring As String = ""
    ret = objHelper.Win32SDToSDDL(objSD, SDDLstring)
    If ret <> 0 Then
        MessageBox.Show("Could not convert to SDDL: " & ret)
    Else
    End If

    ' Set the Launch security descriptor for the App
    '  the sidString here the is the securityidentifier for the username that is to be added or removed converted to a string
    If AddUser = True And RemoveUser = False Then
        SDDLstring = SDDLstring & "(A;;CCDCLCSWRP;;;" & sidString & ")"
    End If
    If AddUser = False And RemoveUser = True Then
        Dim temporarystring As String = "(A;;CCDCLCSWRP;;;" + sidString + ")"
        SDDLstring = SDDLstring.Replace(temporarystring, "")
    End If
    ret = objHelper.SDDLToWin32SD(SDDLstring, objSD)
    If ret <> 0 Then
        MessageBox.Show("Could not translate SDDL String to Win32SD: " & ret)
    End If
    ret = objCosmosApp.SetaccessSecurityDescriptor(objSD)
    If ret <> 0 Then
        MessageBox.Show("Could not set security descriptor: " & ret)
    End If
End Sub

标签: vb.netdcom

解决方案

推荐阅读