Since my previous message, I try to use WMI to Get a list of Share Then to
Get List of Permissions.
I Wrote this sample Code that enumerate the Shares but I cannot continue.
Any Help or Advices or Code will be appreciated.
' Code Start
sDomainName = WScript.Arguments ( 0 )
sComputerName = WScript.Arguments ( 1 )
Set oWbemLocator = CreateObject ( "WbemScripting.SWbemLocator" )
Set oConnection = owbemLocator.ConnectServer ( sComputerName,
"root\cimv2", "Username", "Password", , "NTLMDOMAIN:" & sDomainName )
Set odShares = oConnection.ExecQuery ( "Select * from Win32_Share" )
For Each oShare in odShares
WScript.Echo
WScript.Echo "AccessMask : " & oShare.AccessMask
WScript.Echo "AllowMaximum : " & oShare.AllowMaximum
WScript.Echo "Caption : " & oShare.Caption
WScript.Echo "Description : " & oShare.Description
WScript.Echo "InstallDate : " & oShare.InstallDate
WScript.Echo "MaximumAllowed : " & oShare.MaximumAllowed
WScript.Echo "Name : " & oShare.Name
WScript.Echo "Path : " & oShare.Path
WScript.Echo "Status : " & oShare.Status
WScript.Echo "Type : " & oShare.Type
Next
' Code End
Thanks
\Imhotep
> Hi Again,
>
> Since my previous message, I try to use WMI to Get a list of Share Then to
> Get List of Permissions.
>
> I Wrote this sample Code that enumerate the Shares but I cannot continue.
> Any Help or Advices or Code will be appreciated.
Hi
Here is a script that gets and parses the security descriptor for all local disk
drive shares (does not connect remote).
It is based on this script:
GetSecurityDescriptor Method in Class Win32_LogicalFileSecuritySetting.
http://msdn.microsoft.com/library/en-us/wmisdk/wmi/getsecuritydescriptor_method_in_class_win32_logicalfilesecuritysetting.asp
Set oWMI = GetObject("winmgmts:")
' Get only Disk Drive shares
Set oShares = oWMI.ExecQuery("select Name from Win32_Share where Type=0")
For Each oShare In oShares
' Connect to WMI and get the share security object for the share
Set oShareSecSetting = GetObject( _
"winmgmts:Win32_LogicalShareSecuritySetting.Name='" & oShare.Name & "'")
' Use the Win32_LogicalShareSecuritySetting Caption property to create a
' simple header before dumping the discretionary access control list (DACL)
WScript.Echo oShareSecSetting.Caption
' Call the Win32_LogicalShareSecuritySetting GetSecurityDescriptor
' method to retrieve an instance of the Win32_SecurityDescriptor class
' for the target object. Note that this is achieved by passing an empty
' variable to GetSecurityDescriptor, which GetSecurityDescriptor in turn
' initializes with an instance of the Win32_SecurityDescriptor class
' that corresponds to the security descriptor for the target object.
iRC = oShareSecSetting.GetSecurityDescriptor(oSecurityDescriptor)
If iRC <> 0 Then
Select Case iRC
Case 2
WScript.Echo "You do not have access to the requested information"
Case 8
WScript.Echo "Unknown failure"
Case 9
WScript.Echo "You do not have adequate privileges"
Case 21
WScript.Echo "The specified parameter is invalid"
Case Else
WScript.Echo "Unknown error"
End Select
WScript.Quit
End If
' After the security descriptor is retrieved, you can use the properties
' provided by the Win32_SecurityDescriptor class to dissect the security
' descriptor's access control lists (DACL and SACL) and access
' control entries (ACEs).
' Retrieve the content of Win32_SecurityDescriptor DACL property.
' The DACL is an array of Win32_ACE objects.
aDACL = oSecurityDescriptor.DACL
For Each oAce In aDACL
WScript.Echo
WScript.Echo "Access Mask: " & oAce.AccessMask
WScript.Echo "ACE Type: " & oAce.AceType
' Get Win32_Trustee object from ACE
Set oTrustee = oAce.Trustee
WScript.Echo "Trustee Domain: " & oTrustee.Domain
WScript.Echo "Trustee Name: " & oTrustee.Name
' Get SID as array from Trustee
aSID = oTrustee.SID
For i = 0 To UBound(aSID) - 1
strsid = strsid & aSID(i) & ","
Next
strsid = strsid & aSID(i)
WScript.Echo "Trustee SID: {" & strsid & "}"
Next
--
torgeir
> WScript.Echo "Trustee SID: {" & strsid & "}"
> Next
Oops. One missing Next at the bottom. This is correct:
WScript.Echo "Trustee SID: {" & strsid & "}"
Next
Next
--
torgeir
I will adapt this code for remote computer
Regards
\Imhotep
"Torgeir Bakken" <Torgeir.B...@hydro.com> a écrit dans le message de
news: 3D2FA0BE...@hydro.com...