/ Forside / Teknologi / Udvikling / VB/Basic / Nyhedsindlæg
Login
Glemt dit kodeord?
Brugernavn

Kodeord


Reklame
Top 10 brugere
VB/Basic
#NavnPoint
berpox 2425
pete 1435
CADmageren 1251
gibson 1230
Phylock 887
gandalf 836
AntonV 790
strarup 750
Benjamin... 700
10  tom.kise 610
Opsætning af rettigheder på folder
Fra : Niels Henriksen


Dato : 25-10-01 14:44

Hvordan kan man sætte rettigheder på en folder i vbs?


--
Niels Henriksen
Systemudvikler
- www.ryttersnak.dk



 
 
Jan Damkjær Dahl (25-10-2001)
Kommentar
Fra : Jan Damkjær Dahl


Dato : 25-10-01 19:11

Tænker du på NTFS eller Share rettigheder


"Niels Henriksen" <nh@netopcomdanmark.dk> skrev i en meddelelse
news:ttg25fdh9bi75f@corp.supernews.com...
> Hvordan kan man sætte rettigheder på en folder i vbs?
>
>
> --
> Niels Henriksen
> Systemudvikler
> - www.ryttersnak.dk
>
>



Niels Henriksen (26-10-2001)
Kommentar
Fra : Niels Henriksen


Dato : 26-10-01 10:09

"Jan Damkjær Dahl" <jdd@worldonline.dk> wrote in message
news:BAYB7.150$tI2.26527@news000.worldonline.dk...
> Tænker du på NTFS eller Share rettigheder
>
Jeg tænker på NTFS. Security rettigheder for Everyone osv.


--
Niels Henriksen
Systemudvikler
- www.ryttersnak.dk



Jan Damkjær Dahl (26-10-2001)
Kommentar
Fra : Jan Damkjær Dahl


Dato : 26-10-01 16:13

Det har jeg ikke selv fået kigget på, men det kan lade sig gøre ved hjælp af
ADSI
jeg har et par tekst dokumenter hvori der står noget

de er vedhæfter her

**************
'Konstanter i forbindelse med NTFS permissions:

ADS_RIGHT_DELETE = 0x10000,
ADS_RIGHT_READ_CONTROL = 0x20000,
ADS_RIGHT_WRITE_DAC = 0x40000,
ADS_RIGHT_WRITE_OWNER= 0x80000,
ADS_RIGHT_SYNCHRONIZE= 0x100000,
ADS_RIGHT_ACCESS_SYSTEM_SECURITY = 0x1000000,
ADS_RIGHT_GENERIC_READ = 0x80000000,
ADS_RIGHT_GENERIC_WRITE = 0x40000000,
ADS_RIGHT_GENERIC_EXECUTE= 0x20000000,
ADS_RIGHT_GENERIC_ALL= 0x10000000,
ADS_RIGHT_DS_CREATE_CHILD= 0x1,
ADS_RIGHT_DS_DELETE_CHILD= 0x2,
ADS_RIGHT_ACTRL_DS_LIST = 0x4,
ADS_RIGHT_DS_SELF= 0x8,
ADS_RIGHT_DS_READ_PROP = 0x10,
ADS_RIGHT_DS_WRITE_PROP = 0x20,
ADS_RIGHT_DS_DELETE_TREE = 0x40,
ADS_RIGHT_DS_LIST_OBJECT = 0x80,
ADS_RIGHT_DS_CONTROL_ACCESS = 0x100


'Forklaring:
ADS_RIGHT_DELETE
The right to delete the object.

ADS_RIGHT_READ_CONTROL
The right to read information from the security descriptor of the object,
not including the information in the SACL.

ADS_RIGHT_WRITE_DAC
The right to modify the discretionary access-control list (DACL) in the
object's security descriptor.

ADS_RIGHT_WRITE_OWNER
The right to assume ownership of the object. The user must be a trustee of
the object. The user cannot transfer the ownership to other users.

ADS_RIGHT_SYNCHRONIZE
The right to use the object for synchronization. This enables a thread to
wait until the object is in the signaled state.

ADS_RIGHT_ACCESS_SYSTEM_SECURITY
The right to get or set the SACL in the object's security descriptor.

ADS_RIGHT_GENERIC_READ
The right to read from the security descriptor, examine the object as well
as its children, and read all properties.

ADS_RIGHT_GENERIC_WRITE
The right to write all the properties and write to the DACL. The user can
add and remove the object to and from the directory.

ADS_RIGHT_GENERIC_EXECUTE
The right to list children of this object.

ADS_RIGHT_GENERIC_ALL
The right to create or delete children, delete a subtree, read and write
properties, examine children and the object itself, add and remove the
object from the directory, and read or write with an extended right.

ADS_RIGHT_DS_CREATE_CHILD
The right to create children of the object. The ObjectType member of an ACE
can contain a GUID that identifies the type of child object whose creation
is being controlled. If ObjectType does not contain a GUID, the ACE controls
the creation of all child object types.

ADS_RIGHT_DS_DELETE_CHILD
The right to delete children of the object. The ObjectType member of an ACE
can contain a GUID that identifies a type of child object whose deletion is
being controlled. If ObjectType does not contain a GUID, the ACE controls
the deletion of all child object types.

ADS_RIGHT_ACTRL_DS_LIST
The right to list children of this object.

ADS_RIGHT_DS_SELF
The right to modify the group membership of a group object.

ADS_RIGHT_DS_READ_PROP
The right to read properties of the object. The ObjectType member of an ACE
can contain a GUID that identifies a property set or property. If ObjectType
does not contain a GUID, the ACE controls the right to read all of the
object's properties.

ADS_RIGHT_DS_WRITE_PROP
The right to write properties of the object. The ObjectType member of an ACE
can contain a GUID that identifies a property set or property. If ObjectType
does not contain a GUID, the ACE controls the right to write all of the
object's properties.

ADS_RIGHT_DS_DELETE_TREE
The right to delete all children of this object, regardless of the
permission on the children.

ADS_RIGHT_DS_LIST_OBJECT
The right to list a particular object. If the user is not granted such a
right, the object is hidden from the user.

ADS_RIGHT_DS_CONTROL_ACCESS
The right to perform an operation controlled by an extended access right.
The ObjectType member of an ACE can contain a GUID that identifies the
extended right. If ObjectType does not contain a GUID, the ACE controls the
right to perform all extended right operations associated with the object.

************************

Setting file permission examples

'----Visual Basic----

Dim sec As New ADsSecurity
Dim sd As IADsSecurityDescriptor
Dim dacl As IADsAccessControlList
Dim ace As IADsAccessControlEntry
Dim newAce As New AccessControlEntry

Set sd = sec.GetSecurityDescriptor("FILE://\\srv01\public")
Set dacl = sd.DiscretionaryAcl

'----Show the ACEs in the DACL----
For Each ace In dacl
Debug.Print ace.Trustee
Debug.Print ace.AccessMask
Debug.Print ace.AceType
Next

Debug.Print dacl.AceCount

'----Add a new ace for Jsmith----
newAce.Trustee = "ARCADIABAY\jsmith"
newAce.AccessMask = ADS_RIGHT_GENERIC_READ Or ADS_RIGHT_GENERIC_EXECUTE
newAce.AceType = ADS_ACETYPE_ACCESS_ALLOWED

dacl.AddAce newAce
sd.DiscretionaryAcl = dacl
sec.SetSecurityDescriptor sd


'----VBSCript----

Const ADS_RIGHT_GENERIC_READ = &H80000000
Const ADS_RIGHT_GENERIC_EXECUTE = &H20000000
Const ADS_ACETYPE_ACCESS_ALLOWED = 0

Set sec = CreateObject("ADsSecurity")
Set sd = sec.GetSecurityDescriptor("FILE://c:\public\specs")
Set dacl = sd.DiscretionaryAcl

'-- Show the ACEs in the DACL ----
For Each ace In dacl
wscript.echo ace.Trustee
wscript.echo ace.AccessMask
wscript.echo ace.AceType
Next

'--- Add a new ACE so that JSmith can read/execute this file
Set ace = CreateObject("AccessControlEntry")
ace.Trustee = "ARCADIABAY\jsmith"
ace.AccessMask = ADS_RIGHT_GENERIC_READ Or ADS_RIGHT_GENERIC_EXECUTE
ace.AceType = ADS_ACETYPE_ACCESS_ALLOWED

dacl.AddAce ace
sd.DiscretionaryAcl = dacl
sec.SetSecurityDescriptor sd

'----File System Object----
Const ADS_RIGHT_GENERIC_READ = &H80000000
Const ADS_RIGHT_GENERIC_EXECUTE = &H20000000
Const ADS_ACETYPE_ACCESS_ALLOWED = 0

Set sec = CreateObject("ADsSecurity")

'Getting File System Security Descriptor from FSO
Set fso = CreateObject("Scripting.FileSystemObject")
Set fs = fso.GetFile("c:\public\specs\movetree.doc")

Set sd = sec.GetSecurityDescriptor(fs)
Set dacl = sd.DiscretionaryAcl

'----Show the ACEs in the DACL----
For Each ace In dacl
wscript.echo ace.Trustee
wscript.echo ace.AccessMask
wscript.echo ace.AceType
Next


'----Add a new ACE so that JSmith can read and execute this file----

Set ace = CreateObject("AccessControlEntry")
ace.Trustee = "ARCADIABAY\jsmith"
ace.AccessMask = ADS_RIGHT_GENERIC_READ Or ADS_RIGHT_GENERIC_EXECUTE
ace.AceType = ADS_ACETYPE_ACCESS_ALLOWED

dacl.AddAce ace
sd.DiscretionaryAcl = dacl
sec.SetSecurityDescriptor sd

SetSecurityDescriptor

****************


"Niels Henriksen" <nh@netopcomdanmark.dk> skrev i en meddelelse
news:tti6cgmgsam604@corp.supernews.com...
> "Jan Damkjær Dahl" <jdd@worldonline.dk> wrote in message
> news:BAYB7.150$tI2.26527@news000.worldonline.dk...
> > Tænker du på NTFS eller Share rettigheder
> >
> Jeg tænker på NTFS. Security rettigheder for Everyone osv.
>
>
> --
> Niels Henriksen
> Systemudvikler
> - www.ryttersnak.dk
>
>





Niels Henriksen (30-10-2001)
Kommentar
Fra : Niels Henriksen


Dato : 30-10-01 00:06

Jeg fandt lidt som virker...

Set Shell = WScript.CreateObject("WScript.Shell")
Shell.run "cacls C:\Text /T /E /C /G Everyone:C",1,true

Ovenstående sætter Change-rettigheder for Everyone på C:\Text

Rimelig fancy metode


--
Niels Henriksen
Softwareudvikler
www.ryttersnak.dk




René Elsborg (14-11-2001)
Kommentar
Fra : René Elsborg


Dato : 14-11-01 06:09

Bare for at være besværlig.....er der nogen der ved hvordan samme trick
gøres, hvis vi taler Share-rettigheder...for jeg ved det ikke....

(Og hedder kommandoen ikke Xcacls"
"Niels Henriksen" <niels@æblebiggs.dk> skrev i en meddelelse
news:9rknb5$22e$1@news.cybercity.dk...
> Jeg fandt lidt som virker...
>
> Set Shell = WScript.CreateObject("WScript.Shell")
> Shell.run "cacls C:\Text /T /E /C /G Everyone:C",1,true
>
> Ovenstående sætter Change-rettigheder for Everyone på C:\Text
>
> Rimelig fancy metode
>
>
> --
> Niels Henriksen
> Softwareudvikler
> www.ryttersnak.dk
>
>
>



Jan Damkjær Dahl (18-11-2001)
Kommentar
Fra : Jan Damkjær Dahl


Dato : 18-11-01 10:11

Virker det også over netværket


"Niels Henriksen" <niels@æblebiggs.dk> skrev i en meddelelse
news:9rknb5$22e$1@news.cybercity.dk...
> Jeg fandt lidt som virker...
>
> Set Shell = WScript.CreateObject("WScript.Shell")
> Shell.run "cacls C:\Text /T /E /C /G Everyone:C",1,true
>
> Ovenstående sætter Change-rettigheder for Everyone på C:\Text
>
> Rimelig fancy metode
>
>
> --
> Niels Henriksen
> Softwareudvikler
> www.ryttersnak.dk
>
>
>



Niels (19-11-2001)
Kommentar
Fra : Niels


Dato : 19-11-01 11:44

"Jan Damkjær Dahl" <jdd@worldonline.dk> wrote in message
news:_VKJ7.1237$B4.271321@news000.worldonline.dk...
> Virker det også over netværket
>
>
Det har jeg ikke afprøvet. Men det kunne være at man skulle


--
Niels Henriksen
Systemudvikler
- www.ryttersnak.dk



Søg
Reklame
Statistik
Spørgsmål : 177552
Tips : 31968
Nyheder : 719565
Indlæg : 6408847
Brugere : 218887

Månedens bedste
Årets bedste
Sidste års bedste