Win32::FileSecurity and explicitly denied permissions

Anonymous Monk has asked for the wisdom of the Perl Monks concerning the following question:

I'm working with Win32::FileSecurity and I'm having no problem identifying those users that have been *granted* particular rights on a folder. However, I also need to identify rights that have been *denied* a user. For example, a user that's part of the Power Users group that, for whatever reason, has had access to a given folder explicitly revoked.

Is there a different mask I could be using? A different procedure call? A different module? Any and all help is, of course, greatly appreciated.

Thanks
JDV

Comment on Win32::FileSecurity and explicitly denied permissions

Replies are listed 'Best First'.
Re: Win32::FileSecurity and explicitly denied permissions by ikegami (Patriarch) on Jun 01, 2006 at 17:45 UTC
Looking at the source, ACEs of types other than `ACCESS_ALLOWED_ACE_TYPE` are ignored. ACEs of type `ACCESS_DENIED_ACE_TYPE` are not returned by any function in Win32::FileSecurity.	[reply] [d/l] [select]
Re^2: Win32::FileSecurity and explicitly denied permissions by jdvernon1976 (Novice) on Jun 01, 2006 at 18:01 UTC
So how would I identify those ACCESS_DENIED_ACE_TYPEs for my servers?	[reply]
Re^3: Win32::FileSecurity and explicitly denied permissions (give) by tye (Sage) on Jun 01, 2006 at 18:33 UTC
Fix the code for the module and rebuild it? It could really use some TLC. It does some things nicely but has some serious limitations. The world will thank you. - tye	[reply]
Re^4: Win32::FileSecurity and explicitly denied permissions (give) by jdvernon1976 (Novice) on Jun 01, 2006 at 20:42 UTC
Re^4: Win32::FileSecurity and explicitly denied permissions (give) by jdvernon1976 (Novice) on Jun 01, 2006 at 21:49 UTC
Re^5: Win32::FileSecurity and explicitly denied permissions (give) by tye (Sage) on Jun 01, 2006 at 21:54 UTC