Войти

Показать полную графическую версию : Задание прав группе Everyone


Serjione
16-10-2014, 15:03
Можно ли данный скрипт подружить с группой Everyone домена ?

Option Explicit
Dim objWMI, strDomain, strComputer, dicNTFS, dicShare

Const FILE_SHARE = 0
Const MAXIMUM_CONNECTIONS = 15

Const PERM_READ = 1179817
Const PERM_MODIFY = 1245631
Const PERM_FULL = 2032127
Const DOMAIN_NAME = "DOMAIN"

Set dicNTFS = CreateObject("Scripting.Dictionary")
Set dicShare = CreateObject("Scripting.Dictionary")

dicNTFS.CompareMode = vbTextCompare
dicShare.CompareMode = vbTextCompare

' Тут добавляем группы для NTFS прав

dicNTFS.Add "Group_01", PERM_READ
dicNTFS.Add "Group_02", PERM_READ

' Тут добавляем группы для прав на шару

dicShare.Add "Group_01", PERM_FULL
dicShare.Add "Group_02", PERM_FULL

' Тут вызываем функцию создания шары

CreateRemoteShare "Computer_01", "C:\TEST", "TEST", "Only Testing", dicShare, dicNTFS

' Функция создания шары

Sub CreateRemoteShare (strComp, strFolder, strShare, strInfo, dicSHARE, dicNTFS)
Dim objSecDesc, objTrustee, objACE, objWMI
Dim arrKeys, int, arrACE()
Dim objShare, objInParam, objFolderSec, intRet

Set objWMI = GetObject("winmgmts:{impersonationLevel=impersonate}!\\" & strComp & "\root\cimv2")
Set objFolderSec = objWMI.Get("Win32_LogicalFileSecuritySetting='" & strFolder & "'")
intRet = objFolderSec.GetSecurityDescriptor(objSecDesc)

arrKeys = dicNTFS.Keys
ReDim arrACE(dicNTFS.Count)

For int=0 To dicNTFS.Count-1
Set objTrustee = GetGroupTrustee(DOMAIN_NAME, arrKeys(int))
Set arrACE(int) = objWMI.Get("Win32_Ace").SpawnInstance_

arrACE(int).Properties_.Item("AccessMask") = dicNTFS.Item(arrKeys(int))
arrACE(int).Properties_.Item("AceFlags") = 3
arrACE(int).Properties_.Item("AceType") = 0
arrACE(int).Properties_.Item("Trustee") = objTrustee
Next

objSecDesc.Properties_.Item("DACL") = arrACE
intRet = objFolderSec.SetSecurityDescriptor(objSecDesc)
Set objSecDesc = objWMI.Get("Win32_SecurityDescriptor").SpawnInstance_()

arrKeys = dicSHARE.Keys
ReDim arrACE(dicSHARE.Count)

For int=0 To dicSHARE.Count-1
Set objTrustee = GetGroupTrustee(DOMAIN_NAME, arrKeys(int))
Set arrACE(int) = objWMI.Get("Win32_Ace").SpawnInstance_

arrACE(int).Properties_.Item("AccessMask") = dicSHARE.Item(arrKeys(int))
arrACE(int).Properties_.Item("ACEFlags") = 3
arrACE(int).Properties_.Item("AceType") = 0
arrACE(int).Properties_.Item("Trustee") = objTrustee
Next

objSecDesc.Properties_.Item("DACL") = arrACE

Set objShare = objWMI.Get("Win32_Share")
Set objInParam = objShare.Methods_("Create").InParameters.SpawnInstance_()

objInParam.Properties_.Item("Access") = objSecDesc
objInParam.Properties_.Item("Description") = strInfo
objInParam.Properties_.Item("Name") = strShare
objInParam.Properties_.Item("Path") = strFolder
objInParam.Properties_.Item("MaximumAllowed") = MAXIMUM_CONNECTIONS
objInParam.Properties_.Item("Type") = 0

objShare.ExecMethod_ "Create", objInParam
End Sub

' Функция получения объекта опекуна

Function GetGroupTrustee(strDomain, strName)
Dim objTrustee, objAccount, objSID, objWMI
Set objWMI = GetObject("winmgmts:\\.\root\cimv2")

Set objTrustee = objWMI.Get("Win32_Trustee").Spawninstance_
Set objAccount = objWMI.Get("Win32_Group.Name='" & strName & "',Domain='" & DOMAIN_NAME &"'")
Set objSID = objWMI.Get("Win32_SID.SID='" & objAccount.SID &"'")

objTrustee.Domain = strDomain
objTrustee.Name = strName
objTrustee.Properties_.Item("SID") = objSID.BinaryRepresentation

Set GetGroupTrustee = objTrustee
End Function

Ошибка в том что не находит данную группу, жалуясь на строке

set account = getObject("Winmgmts:{impersonationlevel=impersonate}!root/cimv2:Win32_Group.Name='" & strName & "',Domain='" & strDomain &"'")

С другими группами проблем нет.




© OSzone.net 2001-2012