Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

setting ntfs right with vbscript

1,060 views
Skip to first unread message

Markus Mannheim

unread,
Oct 25, 2004, 3:52:15 AM10/25/04
to
Hi,

I am trying to automate a process therefor need to set ntfs permissions to
a folder.
Platform: Win2K Server, onADS (workgroupserver)

Does have anybody a script for that?
For help thanks in advance,

Markus


moi

unread,
Nov 4, 2004, 10:49:24 AM11/4/04
to
Hi Markus

Markus Mannheim a écrit:

I do it to create my user's personal folder, the only way i found to do
it with vbs is to run a shell and the utility setacl.exe, it works fine
but it's not pure vbs.

Example of use
Set Shell = Wscript.CreateObject("Wscript.Shell")
shell.run "cmd /C cd c: & setacl" & strusr & " /dir /set
Administrateurs /full /p:no_dont_copy /silent",,true

With strusr contains the name of the file you want to grant rights.

You can find setacl there:
http://setacl.sourceforge.net

HTH

Phil


Vladimir

unread,
Apr 18, 2005, 6:57:22 AM4/18/05
to
' Setting NTFS permissions

' Creating Access Control Entry (ACE) object
Function SetACE(AccessMask, AceFlags, AceType, objTrustee)
Set objACE = getObject("Winmgmts:Win32_Ace").Spawninstance_
objACE.AccessMask = AccessMask
objACE.AceFlags = AceFlags
objACE.AceType = AceType
objACE.Trustee = objTrustee
Set SetACE = objACE
End Function

Wscript.Echo "Scripot running ..."

Set objs = GetObject("Winmgmts:").InstancesOf("Win32_AccountSID")

For Each obj In objs
strValue = obj.Properties_("Element") ' object refrence
Set objElement = GetObject("Winmgmts:"+strValue) ' getting object
strName = objElement.Properties_("Name")
If strName = "GeorgeSmith" Then ' that's it
Exit For
End If
Next

' Getting SID
strValue = obj.Properties_("Setting")
Set objSid = GetObject("Winmgmts:"+strValue)
BinaryRepresentationOfSid = objSid.Properties_("BinaryRepresentation")

' Group "All"
Set objTrusteeAll = getObject("Winmgmts:Win32_Trustee").SpawnInstance_
objTrusteeAll.SID = Array(1, 1, 0, 0, 0, 0, 0, 1, 0, 0, 0, 0)

' User GeorgeSmith
Set objTrusteeTT = GetObject("Winmgmts:Win32_Trustee").SpawnInstance_
objTrusteeTT.SID = BinaryRepresentationOfSid

' Setting NTFS permissions ...
Set Ace = SetACE(2032127, 3, 0, objTrusteeAll) ' full access

Set objSecDescriptor =
GetObject("Winmgmts:Win32_SecurityDescriptor").SpawnInstance_
objSecDescriptor.DACL = Array(Ace)

' One folder
folderName = "C:\Data\"
Set obj = GetObject("Winmgmts:Win32_Directory='" & folderName & "'")
Set objClass = GetObject("Winmgmts:Win32_Directory")
Set objInParam =
obj.Methods_("ChangeSecurityPermissions").inParameters.SpawnInstance_
objInParam.Option = 4 'DACL
objInParam.SecurityDescriptor = objSecDescriptor
Set objOutParams = obj.ExecMethod_("ChangeSecurityPermissions", objInParam)

Wscript.Echo folderName & " ..."
If objOutParams.ReturnValue = 0 Then
str = "... changed"
Else
str = "Error!" & vbCrLf & " ReturnValue = " & objOutParams.ReturnValue
End if
Wscript.Echo str

' Another folder
Set Ace1 = SetACE(1179817, 3, 0, objTrusteeAll) ' read
Set Ace2 = SetACE(2032127, 3, 0, objTrusteeTT) ' full

Set objSecDescriptor =
GetObject("Winmgmts:Win32_SecurityDescriptor").SpawnInstance_
objSecDescriptor.DACL = Array(Ace1, Ace2)

folderName = "C:\Data\Accounting"
Set obj = GetObject("Winmgmts:Win32_Directory='" & folderName & "'")
Set objClass = GetObject("Winmgmts:Win32_Directory")
Set objInParam =
obj.Methods_("ChangeSecurityPermissions").inParameters.SpawnInstance_
objInParam.Option = 4 'DACL
objInParam.SecurityDescriptor = objSecDescriptor
Set objOutParams = obj.ExecMethod_("ChangeSecurityPermissions", objInParam)

Wscript.Echo folderName & " ..."
If objOutParams.ReturnValue = 0 Then
str = "... changed"
Else
str = "Error!" & vbCrLf & " ReturnValue = " & objOutParams.ReturnValue
End if
Wscript.Echo str

Wscript.Echo "Finish"

0 new messages