The NT Utilities package is a runtime package containing the ENTException class, which is used by other NT component packages and demos.
The package additionally contains an import unit for the LSAAPI NT local security functions.
*New 20/01/2002
The NT Utilities package now contains a set of classes for managing NT Security (Owner, Group, Discretionary Access Control List (DACL) and System Access Control List (SACL)).
The access control lists can be manipulated using the new TAccessControlList and TAccessControlElement classes, and the NT objects themselves can be controlled using the following new classes:
TRegistryObject allows you view and change Registry Key security.
TFileObject allows you to view and change security for Files and Directories.
TUserObject allows you to view and change security for User Objects.
TKernelObject allows you to view and change security for Kernel Objects.
TServiceObject allows you to view and change security for NT Services.
There's a demo program on it's way. In the meantime, here's how you add a new user to a file's DACL.
procedure AddFileSecurity (const fileName, userName : string);
var
f : TNTFileObject;
acl : TAccessControlList;
begin
acl := Nil;
f := TNTFileObject.Create(fileName);
try
acl := TAccessControlList.Create;
f.GetDiscretionaryAccessList(acl);
acl.AddElement(TAccessControlElement.Create(userName, aeAccessAllowed, 0,
FILE_ALL_ACCESS));
f.SetDiscretionaryAccessList(acl);
finally
acl.Free;
f.Free;
end
end;
And here's how you set security on a registry key and it's subkeys.
procedure AddRegistrySecurity (key : HKEY; const userName : string);
var
f : TNTRegistryObject;
acl : TAccessControlList;
begin
acl := Nil;
f := TNTRegistryObject.Create (key);
try
acl := TAccessControlList.Create;
f.GetDiscretionaryAccessList(acl);
acl.AddElement(TAccessControlElement.Create(userName, aeAccessAllowed, OBJECT_INHERIT_ACE or
CONTAINER_INHERIT_ACE, FILE_ALL_ACCESS));
f.SetDiscretionaryAccessList(acl);
finally
acl.Free;
f.Free;
end
end;