unit Unit1;

{$UNSAFECODE ON}
interface

uses
  Windows, Messages, SysUtils, Variants, Classes, Graphics, Controls, Forms,
  Dialogs, System.Text, System.Runtime.InteropServices;

  type
  SE_OBJECT_TYPE = (
    SE_UNKNOWN_OBJECT_TYPE,
    SE_FILE_OBJECT,
    SE_SERVICE,
    SE_PRINTER,
    SE_REGISTRY_KEY,
    SE_LMSHARE,
    SE_KERNEL_OBJECT,
    SE_WINDOW_OBJECT,
    SE_DS_OBJECT,
    SE_DS_OBJECT_ALL,
    SE_PROVIDER_DEFINED_OBJECT,
    SE_WMIGUID_OBJECT
  );

type
  TForm1 = class(TForm)
    procedure FormCreate(Sender: TObject);

  private
    { Private-Deklarationen }
  public
    { Public-Deklarationen }
  end;

function GetNamedSecurityInfoW(pObjectName: String; ObjectType: SE_OBJECT_TYPE; SecurityInfo: SECURITY_INFORMATION; var ppsidOwner: PSID; var ppsidGroup: PSID; var ppDacl: IntPtr; ppSacl: IntPtr; ppSecurityDescriptor: PSecurity_Descriptor): DWord; stdcall;
function ConvertSidToStringSidW(Sid: PSID; var StringSid: String): Bool; stdcall;
function LookupAccountSid(systemName: string; psid: IntPtr; Out accountName: StringBuilder; var cbAccount: Integer; Out domainName: StringBuilder; var cbDomainName: Integer; out use: Integer): Integer; stdcall;

var
  Form1: TForm1;

implementation

const advapi32 = 'advapi32.dll';

function GetNamedSecurityInfoW(pObjectName: String; ObjectType: SE_OBJECT_TYPE; SecurityInfo: SECURITY_INFORMATION; var ppsidOwner: PSID; var ppsidGroup: PSID; var ppDacl: IntPtr; ppSacl: IntPtr; ppSecurityDescriptor: PSecurity_Descriptor): DWord; stdcall;
external advapi32 name 'GetNamedSecurityInfo';

function ConvertSidToStringSidW(Sid: PSID; var StringSid: String): Bool; stdcall;
external advapi32 name 'ConvertSidToStringSid';

function LookupAccountSid(systemName: string; psid: PSID; Out accountName: StringBuilder; var cbAccount: Integer; Out domainName: StringBuilder; var cbDomainName: Integer; out use: Integer): Integer; stdcall;
external advapi32 name 'LookupAccountSid';

{$R *.nfm}

procedure TForm1.FormCreate(Sender: TObject); unsafe;
var ssid: PSID;
    dir, mystringsid: string;
    dirchar: Char;
    charsid: PWideChar;
    sspointer: PSecurity_Descriptor;
    pZero, pSid, psd, nulll : IntPtr;
    accountLength, domainLength, sidNameUse, bufferSize, errorReturn, error, sbuffer: Integer;
    buffer, account, domain, stringsid: StringBuilder;

begin
dir := ('c:\test.txt');
nulll := nil;

error := GetNamedSecurityInfoW(dir, SE_FILE_OBJECT, OWNER_SECURITY_INFORMATION, ssid, nulll, nulll, nulll, sspointer);

if error <> 0 then
begin
  ShowMessage('ERROR');
  ShowMessage(SysErrorMessage(error));
  ShowMessage(SysErrorMessage(System.Runtime.InteropServices.Marshal.GetLastWin32Error));
end;
//ShowMessage(ssid.ToString);

//sbuffer := 128;
//stringsid := StringBuilder.Create(sbuffer);

if ConvertSidToStringSidW(ssid, mystringsid) = false then
ShowMessage('Error: ' + SysErrorMessage(error));

//stringsid.Capacity := stringsid.length;
ShowMessage(SysErrorMessage(error));
ShowMessage(SysErrorMessage(System.Runtime.InteropServices.Marshal.GetLastWin32Error));
//ShowMessage(stringsid.ToString);
ShowMessage(mystringsid);

(*
  bufferSize   := 64;
  accountLength := bufferSize;
  domainLength := bufferSize;
  sidNameUse   := 0;

  buffer := StringBuilder.Create(bufferSize);
  account := StringBuilder.Create(bufferSize);
  domain := StringBuilder.Create(bufferSize);
    try
  errorReturn := LookupAccountSid(nil, ssid ,account, accountLength, domain, domainLength, sidNameUse);
  except
  on ex: Exception do
  ShowMessage(ex.Message);
  end;
  if (errorReturn = 0) then
  begin
  ShowMessage(SysErrorMessage(errorReturn));
  ShowMessage(SysErrorMessage(System.Runtime.InteropServices.Marshal.GetLastWin32Error));

//  buffer.Append(domain);
//  buffer.Append('\');
//  buffer.Append(account);
  ShowMessage(domain.ToString);
  ShowMessage(account.ToString);
  ShowMessage(buffer.ToString);
  end;

  ShowMessage('failure');
  *)

end;

end.