Serjione
16-10-2014, 15:03
Можно ли данный скрипт подружить с группой Everyone домена ?
Option Explicit
Dim objWMI, strDomain, strComputer, dicNTFS, dicShare
Const FILE_SHARE = 0
Const MAXIMUM_CONNECTIONS = 15
Const PERM_READ = 1179817
Const PERM_MODIFY = 1245631
Const PERM_FULL = 2032127
Const DOMAIN_NAME = "DOMAIN"
Set dicNTFS = CreateObject("Scripting.Dictionary")
Set dicShare = CreateObject("Scripting.Dictionary")
dicNTFS.CompareMode = vbTextCompare
dicShare.CompareMode = vbTextCompare
' Тут добавляем группы для NTFS прав
dicNTFS.Add "Group_01", PERM_READ
dicNTFS.Add "Group_02", PERM_READ
' Тут добавляем группы для прав на шару
dicShare.Add "Group_01", PERM_FULL
dicShare.Add "Group_02", PERM_FULL
' Тут вызываем функцию создания шары
CreateRemoteShare "Computer_01", "C:\TEST", "TEST", "Only Testing", dicShare, dicNTFS
' Функция создания шары
Sub CreateRemoteShare (strComp, strFolder, strShare, strInfo, dicSHARE, dicNTFS)
Dim objSecDesc, objTrustee, objACE, objWMI
Dim arrKeys, int, arrACE()
Dim objShare, objInParam, objFolderSec, intRet
Set objWMI = GetObject("winmgmts:{impersonationLevel=impersonate}!\\" & strComp & "\root\cimv2")
Set objFolderSec = objWMI.Get("Win32_LogicalFileSecuritySetting='" & strFolder & "'")
intRet = objFolderSec.GetSecurityDescriptor(objSecDesc)
arrKeys = dicNTFS.Keys
ReDim arrACE(dicNTFS.Count)
For int=0 To dicNTFS.Count-1
Set objTrustee = GetGroupTrustee(DOMAIN_NAME, arrKeys(int))
Set arrACE(int) = objWMI.Get("Win32_Ace").SpawnInstance_
arrACE(int).Properties_.Item("AccessMask") = dicNTFS.Item(arrKeys(int))
arrACE(int).Properties_.Item("AceFlags") = 3
arrACE(int).Properties_.Item("AceType") = 0
arrACE(int).Properties_.Item("Trustee") = objTrustee
Next
objSecDesc.Properties_.Item("DACL") = arrACE
intRet = objFolderSec.SetSecurityDescriptor(objSecDesc)
Set objSecDesc = objWMI.Get("Win32_SecurityDescriptor").SpawnInstance_()
arrKeys = dicSHARE.Keys
ReDim arrACE(dicSHARE.Count)
For int=0 To dicSHARE.Count-1
Set objTrustee = GetGroupTrustee(DOMAIN_NAME, arrKeys(int))
Set arrACE(int) = objWMI.Get("Win32_Ace").SpawnInstance_
arrACE(int).Properties_.Item("AccessMask") = dicSHARE.Item(arrKeys(int))
arrACE(int).Properties_.Item("ACEFlags") = 3
arrACE(int).Properties_.Item("AceType") = 0
arrACE(int).Properties_.Item("Trustee") = objTrustee
Next
objSecDesc.Properties_.Item("DACL") = arrACE
Set objShare = objWMI.Get("Win32_Share")
Set objInParam = objShare.Methods_("Create").InParameters.SpawnInstance_()
objInParam.Properties_.Item("Access") = objSecDesc
objInParam.Properties_.Item("Description") = strInfo
objInParam.Properties_.Item("Name") = strShare
objInParam.Properties_.Item("Path") = strFolder
objInParam.Properties_.Item("MaximumAllowed") = MAXIMUM_CONNECTIONS
objInParam.Properties_.Item("Type") = 0
objShare.ExecMethod_ "Create", objInParam
End Sub
' Функция получения объекта опекуна
Function GetGroupTrustee(strDomain, strName)
Dim objTrustee, objAccount, objSID, objWMI
Set objWMI = GetObject("winmgmts:\\.\root\cimv2")
Set objTrustee = objWMI.Get("Win32_Trustee").Spawninstance_
Set objAccount = objWMI.Get("Win32_Group.Name='" & strName & "',Domain='" & DOMAIN_NAME &"'")
Set objSID = objWMI.Get("Win32_SID.SID='" & objAccount.SID &"'")
objTrustee.Domain = strDomain
objTrustee.Name = strName
objTrustee.Properties_.Item("SID") = objSID.BinaryRepresentation
Set GetGroupTrustee = objTrustee
End Function
Ошибка в том что не находит данную группу, жалуясь на строке
set account = getObject("Winmgmts:{impersonationlevel=impersonate}!root/cimv2:Win32_Group.Name='" & strName & "',Domain='" & strDomain &"'")
С другими группами проблем нет.
Option Explicit
Dim objWMI, strDomain, strComputer, dicNTFS, dicShare
Const FILE_SHARE = 0
Const MAXIMUM_CONNECTIONS = 15
Const PERM_READ = 1179817
Const PERM_MODIFY = 1245631
Const PERM_FULL = 2032127
Const DOMAIN_NAME = "DOMAIN"
Set dicNTFS = CreateObject("Scripting.Dictionary")
Set dicShare = CreateObject("Scripting.Dictionary")
dicNTFS.CompareMode = vbTextCompare
dicShare.CompareMode = vbTextCompare
' Тут добавляем группы для NTFS прав
dicNTFS.Add "Group_01", PERM_READ
dicNTFS.Add "Group_02", PERM_READ
' Тут добавляем группы для прав на шару
dicShare.Add "Group_01", PERM_FULL
dicShare.Add "Group_02", PERM_FULL
' Тут вызываем функцию создания шары
CreateRemoteShare "Computer_01", "C:\TEST", "TEST", "Only Testing", dicShare, dicNTFS
' Функция создания шары
Sub CreateRemoteShare (strComp, strFolder, strShare, strInfo, dicSHARE, dicNTFS)
Dim objSecDesc, objTrustee, objACE, objWMI
Dim arrKeys, int, arrACE()
Dim objShare, objInParam, objFolderSec, intRet
Set objWMI = GetObject("winmgmts:{impersonationLevel=impersonate}!\\" & strComp & "\root\cimv2")
Set objFolderSec = objWMI.Get("Win32_LogicalFileSecuritySetting='" & strFolder & "'")
intRet = objFolderSec.GetSecurityDescriptor(objSecDesc)
arrKeys = dicNTFS.Keys
ReDim arrACE(dicNTFS.Count)
For int=0 To dicNTFS.Count-1
Set objTrustee = GetGroupTrustee(DOMAIN_NAME, arrKeys(int))
Set arrACE(int) = objWMI.Get("Win32_Ace").SpawnInstance_
arrACE(int).Properties_.Item("AccessMask") = dicNTFS.Item(arrKeys(int))
arrACE(int).Properties_.Item("AceFlags") = 3
arrACE(int).Properties_.Item("AceType") = 0
arrACE(int).Properties_.Item("Trustee") = objTrustee
Next
objSecDesc.Properties_.Item("DACL") = arrACE
intRet = objFolderSec.SetSecurityDescriptor(objSecDesc)
Set objSecDesc = objWMI.Get("Win32_SecurityDescriptor").SpawnInstance_()
arrKeys = dicSHARE.Keys
ReDim arrACE(dicSHARE.Count)
For int=0 To dicSHARE.Count-1
Set objTrustee = GetGroupTrustee(DOMAIN_NAME, arrKeys(int))
Set arrACE(int) = objWMI.Get("Win32_Ace").SpawnInstance_
arrACE(int).Properties_.Item("AccessMask") = dicSHARE.Item(arrKeys(int))
arrACE(int).Properties_.Item("ACEFlags") = 3
arrACE(int).Properties_.Item("AceType") = 0
arrACE(int).Properties_.Item("Trustee") = objTrustee
Next
objSecDesc.Properties_.Item("DACL") = arrACE
Set objShare = objWMI.Get("Win32_Share")
Set objInParam = objShare.Methods_("Create").InParameters.SpawnInstance_()
objInParam.Properties_.Item("Access") = objSecDesc
objInParam.Properties_.Item("Description") = strInfo
objInParam.Properties_.Item("Name") = strShare
objInParam.Properties_.Item("Path") = strFolder
objInParam.Properties_.Item("MaximumAllowed") = MAXIMUM_CONNECTIONS
objInParam.Properties_.Item("Type") = 0
objShare.ExecMethod_ "Create", objInParam
End Sub
' Функция получения объекта опекуна
Function GetGroupTrustee(strDomain, strName)
Dim objTrustee, objAccount, objSID, objWMI
Set objWMI = GetObject("winmgmts:\\.\root\cimv2")
Set objTrustee = objWMI.Get("Win32_Trustee").Spawninstance_
Set objAccount = objWMI.Get("Win32_Group.Name='" & strName & "',Domain='" & DOMAIN_NAME &"'")
Set objSID = objWMI.Get("Win32_SID.SID='" & objAccount.SID &"'")
objTrustee.Domain = strDomain
objTrustee.Name = strName
objTrustee.Properties_.Item("SID") = objSID.BinaryRepresentation
Set GetGroupTrustee = objTrustee
End Function
Ошибка в том что не находит данную группу, жалуясь на строке
set account = getObject("Winmgmts:{impersonationlevel=impersonate}!root/cimv2:Win32_Group.Name='" & strName & "',Domain='" & strDomain &"'")
С другими группами проблем нет.