Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Chriss Miller on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Need script to change share permissions 1

Status
Not open for further replies.
Seaspray0

Seaspray0

Technical User
Jan 27, 2003
1,037
US
I can create a folder, edit the NTFS permissions, share the folder, but what I haven't found yet is something that will edit the share permissions. I wish to remove the everyone group from the share and add two users with full share permissions. I will settle for doing it in a .bat or .vbs.

A+/MCP/MCSE/MCDBA
 
Sort by date Sort by votes
does xcalcs handle this?
how about the adssecurity.dll? or how about an ADSI script?
 
Upvote 0 Downvote
xcalcs only handles NTFS permissions (same as calcs.exe), not share permissions.
adssecurity.dll? I have read articles about detrimental effects using it and have found no reference to editing share permissions to a folder share.
I have looked at all the scripting I can find made available by the microsoft scripting guys and have yet to see any reference to share permissions.

As you can see, I have looked before posting. It just surprises me that microsoft has not considered this would come up.



A+/MCP/MCSE/MCDBA
 
Upvote 0 Downvote
found this

'====================
'ShareSetup.vbs
'Author: Jonathan Warnken - jon.warnken@gmail.com
'Credits: parts of various other posted scripts used
'Requirements: Admin Rights
'====================
Option Explicit
Const FILE_SHARE = 0
Const MAXIMUM_CONNECTIONS = 25
Dim strComputer
Dim objWMIService
Dim objNewShare

strComputer = "."
Set objWMIService = GetObject("winmgmts:" & "{impersonationLevel=impersonate}!\\" & strComputer & "\root\cimv2")
Set objNewShare = objWMIService.Get("Win32_Share")
Call sharesec ("C:\Robot", "Robot", "SCOT SHARE", "POSTerminalUsers_GG")

Sub sharesec(Fname,shr,info,account)
Dim FSO
Dim Services
Dim SecDescClass
Dim SecDesc
Dim Trustee
Dim ACE
Dim Share
Dim InParam
Dim Network
Dim FolderName
Dim AdminServer
Dim ShareName

FolderName = Fname
AdminServer = "\\" & strComputer
ShareName = shr

Set Services = GetObject("WINMGMTS:{impersonationLevel=impersonate,(Security)}!" & AdminServer & "\ROOT\CIMV2")
Set SecDescClass = Services.Get("Win32_SecurityDescriptor")
Set SecDesc = SecDescClass.SpawnInstance_()

'Set Trustee = Services.Get("Win32_Trustee").SpawnInstance_
'Trustee.Domain = Null
'Trustee.Name = "EVERYONE"
'Trustee.Properties_.Item("SID") = Array(1, 1, 0, 0, 0, 0, 0, 1, 0, 0, 0, 0)

Set Trustee = SetGroupTrustee("Retail", account) 'Use SetGroupTrustee for groups and SetAccountTrustee for users
Set ACE = Services.Get("Win32_Ace").SpawnInstance_
ACE.Properties_.Item("AccessMask") = 2032127 '2032127 = "Full"; 1245631 = "Change"; 1179817 = "Read"
ACE.Properties_.Item("AceFlags") = 3
ACE.Properties_.Item("AceType") = 0
ACE.Properties_.Item("Trustee") = Trustee
SecDesc.Properties_.Item("DACL") = Array(ACE)
Set Share = Services.Get("Win32_Share")
Set InParam = Share.Methods_("Create").InParameters.SpawnInstance_()
InParam.Properties_.Item("Access") = SecDesc
InParam.Properties_.Item("Description") = "Public Share"
InParam.Properties_.Item("Name") = ShareName
InParam.Properties_.Item("Path") = FolderName
InParam.Properties_.Item("Type") = 0
Share.ExecMethod_ "Create", InParam
End Sub


Function SetAccountTrustee(strDomain, strName)
Dim objTrustee
Dim account
Dim accountSID
set objTrustee = getObject("Winmgmts:{impersonationlevel=impersonate}!root/cimv2:Win32_Trustee").Spawninstance_
set account = getObject("Winmgmts:{impersonationlevel=impersonate}!root/cimv2:Win32_Account.Name='" & strName & "',Domain='" & strDomain &"'")
set accountSID = getObject("Winmgmts:{impersonationlevel=impersonate}!root/cimv2:Win32_SID.SID='" & account.SID &"'")
objTrustee.Domain = strDomain
objTrustee.Name = strName
objTrustee.Properties_.item("SID") = accountSID.BinaryRepresentation
set accountSID = nothing
set account = nothing
set SetAccountTrustee = objTrustee
End Function


Function SetGroupTrustee(strDomain, strName)
Dim objTrustee
Dim account
Dim accountSID
set objTrustee = getObject("Winmgmts:{impersonationlevel=impersonate}!root/cimv2:Win32_Trustee").Spawninstance_
set account = getObject("Winmgmts:{impersonationlevel=impersonate}!root/cimv2:Win32_Group.Name='" & strName & "',Domain='" & strDomain &"'")
set accountSID = getObject("Winmgmts:{impersonationlevel=impersonate}!root/cimv2:Win32_SID.SID='" & account.SID &"'")
objTrustee.Domain = strDomain
objTrustee.Name = strName
objTrustee.Properties_.item("SID") = accountSID.BinaryRepresentation
set accountSID = nothing
set account = nothing
set SetGroupTrustee = objTrustee
End Function
 
Upvote 0 Downvote
thank you, mrmovie. I just found that today as well on and was going to post it here and you beat me to the punch. I'm hoping this will do the trick. BTW, I did find in another post that the share permissions are stored in the registry at:

hklm\system\currentcontrolset\services\lanmanserver\shares




A+/MCP/MCSE/MCDBA
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

S
  • Locked
  • Question
Need to submit page when clicking a checkbox
Replies
0
Views
423
shbr5413
S
wchull
  • Locked
  • Question
How do I resolve this permissions error in my script?
Replies
0
Views
428
wchull
wchull
bdwilcox
  • Locked
  • Question
Script seeing input variable value as blank but sees hard-coded value 4
Replies
6
Views
972
bdwilcox
bdwilcox
Alexvb6
  • Locked
  • Question
Deprecation of VBScript + Classic ASP: How to Ask Microsoft to cancel their planned craziness
Replies
0
Views
677
Alexvb6
Alexvb6
bdwilcox
  • Locked
  • Question
Trying to adapt VBScript to search if machine is in an AD group 6
Replies
8
Views
1K
SoftwareRT
SoftwareRT

Part and Inventory Search

Sponsor

Back
Top