Recently I tried to create a share using WMI and give read and write permissions to a user. Now using 0x1 (FILE_READ_DATA/FILE_LIST_DIRECTORY) and 0x2 (FILE_WRITE_DATA/FILE_ADD_FILE) didn't work. Setting all flags gave me Full Control.
Which flags do I have to use to set the Read, Change and Full Control share permissions respectively?
I've found out the following by trial-and-error:
For Read permission you need to use 0x1200A9. This corresponds to the following flags:
FILE_READ_DATA (file) or FILE_LIST_DIRECTORY (directory)
1 (0x1)
FILE_READ_EA
8 (0x8)
FILE_EXECUTE (file) or FILE_TRAVERSE (directory)
32 (0x20)
FILE_READ_ATTRIBUTES
128 (0x80)
READ_CONTROL
131072 (0x20000)
SYNCHRONIZE
1048576 (0x100000)
For Change permission you need to use 0x1301BF. This corresponds to the following additional flags:
FILE_WRITE_DATA (file) or FILE_ADD_FILE (directory)
2 (0x2)
FILE_APPEND_DATA (file) or FILE_ADD_SUBDIRECTORY (directory)
4 (0x4)
FILE_WRITE_EA
16 (0x10)
FILE_WRITE_ATTRIBUTES
256 (0x100)
DELETE
65536 (0x10000)
For Full Control permission you need to use 0x1F01FF. This corresponds to the following additional flags:
FILE_DELETE_CHILD
64 (0x40)
WRITE_DAC
262144 (0x40000)
WRITE_OWNER
524288 (0x80000)