复制代码 代码如下:
Function GenerateSDDL(AccountName, AccessFlag, AccessType, AccessMask)
Dim Accounts, ObjWMI, ObjSID, ObjTru, ObjACE
Const SET_DACL_PRESENT = &H8004

Set ObjWMI = GetObject("winmgmts:" & "{impersonationLevel=impersonate, (Security)}!\\.\root\cimv2")

Set Accounts = ObjWMI.ExecQuery("SELECT * FROM Win32_Account WHERE Name='" & AccountName & "'")
For Each Account In Accounts
StrSID = Account.SID
Next
Set ObjSID = ObjWMI.Get("Win32_SID.SID='"& StrSID &"'")

Set ObjTru = ObjWMI.Get("Win32_Trustee").SpawnInstance_()
ObjTru.Domain= ObjSID.ReferencedDomainName
ObjTru.Name= ObjSID.AccountName
ObjTru.SID= ObjSID.BinaryRepresentation
ObjTru.SidLength= ObjSID.SidLength
ObjTru.SIDString= ObjSID.Sid

Set ObjACE = ObjWMI.Get("Win32_ACE").SpawnInstance_()
ObjACE.Trustee = ObjTru
ObjACE.AceType = AccessType
ObjACE.AccessMask = AccessMask
ObjACE.AceFlags= AccessFlag

Set GenerateSDDL = ObjWMI.Get("Win32_SecurityDescriptor").SpawnInstance_()
GenerateSDDL.Owner= ObjTru
GenerateSDDL.DACL= Array(ObjACE)
GenerateSDDL.ControlFlags= SET_DACL_PRESENT
End Function

例子：

复制代码 代码如下:
strPath = "d:\\1.txt"
Set ObjWMI = GetObject("winmgmts:" & "{impersonationLevel=impersonate, (Security)}!\\.\root\cimv2")
Set ObjSec = ObjWMI.Get("Win32_LogicalFileSecuritySetting.Path='" & strPath & "'")
ObjSec.SetSecurityDescriptor(GenerateSDDL("everyone", &H0, &H1, &H100E0))

文章来源： http://www.enun.net/?p=1255