I am using VbScript for retrieving the securitydescriptor of a Win32_Service. I am using the following code:

 SE_DACL_PRESENT = &h4
 ACCESS_ALLOWED_ACE_TYPE = &h0
 ACCESS_DENIED_ACE_TYPE  = &h1

 strComputer = "."
 Set objWMIService = GetObject("winmgmts:" _
  & "{impersonationLevel=impersonate, (Security)}!\\" & strComputer & "\root\cimv2")

 Set colInstalledPrinters =  objWMIService.ExecQuery _
  ("Select * from Win32_Service")

 For Each objPrinter in colInstalledPrinters
    Wscript.Echo "Name: " & objPrinter.Name 
 ' Get security descriptor for printer
  Return = objPrinter.GetSecurityDescriptor( objSD )
  If ( return <> 0 ) Then
  WScript.Echo "Could not get security descriptor: " & Return
  wscript.Quit Return
  End If
 ' Extract the security descriptor flags
  intControlFlags = objSD.ControlFlags
  If intControlFlags AND SE_DACL_PRESENT Then
 ' Get the ACE entries from security descriptor
   colACEs = objSD.DACL
  For Each objACE in colACEs
 ' Get all the trustees and determine which have access to printer
   WScript.Echo objACE.Trustee.Domain & "\" & objACE.Trustee.Name
   If objACE.AceType = ACCESS_ALLOWED_ACE_TYPE Then
    WScript.Echo vbTab & "User has access to printer"
   ElseIf objACE.AceType = ACCESS_DENIED_ACE_TYPE Then
    WScript.Echo vbTab & "User does not have access to the printer"
   End If
  Next
  Else
  WScript.Echo "No DACL found in security descriptor"
 End If
 Next

However, every time I run it I get the message saying the resulting code is -2147023582 something, rather than the error codes defined in the manual.

Anyone got any ideas? I am using Windows 7 professional 64-bit.

The number is -2147023582. Could it be some sort of 64-bit issue? doesn't that look like a unsigned integer stored as a signed integer?

(PS: don't mind the variablenames... I ripped an example off of msdn).