Solved

Add a user to all shares in the machine

Posted on 2007-12-03
32
355 Views
Last Modified: 2012-05-05
Hi,

I need a way to add a user to the share and NTFS permissions on all shares in the machine with read permissions.Is there a way to do this.

Regards
Sharath
0
Comment
Question by:bsharath
  • 17
  • 15
32 Comments
 
LVL 12

Expert Comment

by:chandru_sol
Comment Utility
How many shared drive are there?
0
 
LVL 11

Author Comment

by:bsharath
Comment Utility
More than 1000
0
 
LVL 11

Author Comment

by:bsharath
Comment Utility
there are 6 drives and 100 folders.This is a NAS box with windows 2000 OS
0
 
LVL 12

Expert Comment

by:chandru_sol
Comment Utility
I think what we can do is list all the shares in the server and put that in a text file and then use setacl to set the permission for all the folders

regards
Chandru
0
 
LVL 12

Expert Comment

by:chandru_sol
Comment Utility
Have you used shareenumerator from sysinternals
0
 
LVL 11

Author Comment

by:bsharath
Comment Utility
Yes...
Does this have any option?
0
 
LVL 12

Expert Comment

by:chandru_sol
Comment Utility
What option are you referring to? using this we can just pull out the shares
0
 
LVL 11

Author Comment

by:bsharath
Comment Utility
I have the list of shares taken from shareenum.Now what i the next step?
0
 
LVL 12

Expert Comment

by:chandru_sol
Comment Utility
Did you manage to get the list from the particular server?

Try this script......

regards
Chandru
Option Explicit 

Dim objFs, objShare 

Dim strServer
 

' The section sets the variables 

strServer = "servername"
 

' Connects to the operating system's file system

set objFs = GetObject("WinNT://" _

& strServer & "/LanmanServer,FileService")
 

' Loops through each share

For Each objShare In objFs

WScript.Echo objShare.path

Next

Open in new window

0
 
LVL 11

Author Comment

by:bsharath
Comment Utility
I managed to get all the shares to a file.
Now need a way to add a user to all shares.
0
 
LVL 12

Expert Comment

by:chandru_sol
Comment Utility
try this script........
Make sure you have the setacl in c:\windows\system32

regards
Chandru
Option Explicit 

Dim objFs, objShare 

Dim strServer

Dim StrFolder

Dim objshell
 

' The section sets the variables 

strServer = "servername"
 

' Connects to the operating system's file system

set objFs = GetObject("WinNT://" _

& strServer & "/LanmanServer,FileService")
 

' Loops through each share

For Each objShare In objFs
 

StrFolder = objShare.path
 

wscript.echo objshare.path
 

'SetACL to set permissions

Set objShell = CreateObject("WScript.Shell")

objShell.Run "%comspec% /c Setacl -on " & strFolder & " -ot file -actn ace -ace n:username;p:read;m:grant;"

wscript.sleep (10000)
 

Next
 

'Quit

Wscript.quit

Open in new window

0
 
LVL 11

Author Comment

by:bsharath
Comment Utility
What will the script do..>Will it add a user to all folders.(Shared folders)
0
 
LVL 12

Expert Comment

by:chandru_sol
Comment Utility
yes. I have added wscript.echo so that you can check after a folder whether the permission is applied

regards
Chandru
0
 
LVL 11

Author Comment

by:bsharath
Comment Utility
I saved the code to a vbs file and ran it...Nothing changed.Is there any where i need to add the username.Or is there something i am missing
0
 
LVL 12

Expert Comment

by:chandru_sol
Comment Utility
yes. change the username in the script to suit your needs and make sure setacl.exe is there from the location where the script is run or %systemroot%\system32

regards
Chandru
0
 
LVL 12

Expert Comment

by:chandru_sol
Comment Utility
You need to change the servername aswell

regards
Chandru
0
Do You Know the 4 Main Threat Actor Types?

Do you know the main threat actor types? Most attackers fall into one of four categories, each with their own favored tactics, techniques, and procedures.

 
LVL 11

Author Comment

by:bsharath
Comment Utility
Should i change this part
n:username;p:read;m:grant
      ^Myname
0
 
LVL 12

Expert Comment

by:chandru_sol
Comment Utility
only the username as bsharath
0
 
LVL 11

Author Comment

by:bsharath
Comment Utility
Excellent Chandru...
Was wanting a script like this from 2yrs...

One more thing can you get the results to a file on what it has added and to what folders.
If the user is already there what happens.In the results we can see all...
0
 
LVL 12

Expert Comment

by:chandru_sol
Comment Utility
Hope you didn't post the question in EE.

It doesn't make any difference if the user is already there.

I think if you can redirect the result using cscript
0
 
LVL 11

Author Comment

by:bsharath
Comment Utility
I tried this
C:\>cscript addpermissions.vbs > c:\re.txt

Re,txt file has just this...
Microsoft (R) Windows Script Host Version 5.6
Copyright (C) Microsoft Corporation 1996-2001. All rights reserved.

F:\Softwares\VPN
F:\c9934e862e22ff853c05cfghf

Any way to get the details...
0
 
LVL 12

Expert Comment

by:chandru_sol
Comment Utility
Hope you removed the wscript.echo
0
 
LVL 12

Expert Comment

by:chandru_sol
Comment Utility
Can you be more specific about what details?
0
 
LVL 11

Author Comment

by:bsharath
Comment Utility
If i remove wscript.echo
I get this.

C:\>cscript addpermissions.vbs > c:\re.txt
C:\addpermissions.vbs(19, 2) Microsoft VBScript runtime error: Object doesn't su
pport this property or method: 'path'

For details i mean. Which shares has it updated and which it sould not update.
Success/Failures.

As for a folder VPN there was sharath already as member as Full access so when i run the script nothing happened...So if i can get a results file that says
Added Sharath to share "VPN"
It would be easy when i use this script to give permissions for 1000 folders
0
 
LVL 12

Accepted Solution

by:
chandru_sol earned 500 total points
Comment Utility
Try this with the log file

Change the username and the servername. Log file will be in C:\logs.txt

regards
Chandru
Option Explicit 

Dim objFs, objShare 

Dim strServer

Dim StrFolder

Dim objshell, Command
 

' The section sets the variables 

strServer = "servername"
 

' Connects to the operating system's file system

set objFs = GetObject("WinNT://" _

& strServer & "/LanmanServer,FileService")
 

' Loops through each share

For Each objShare In objFs
 

StrFolder = objShare.path
 

'SetACL to set permissions

Set objShell = CreateObject("WScript.Shell")
 

Command = "Setacl.exe -on " & strFolder & " -ot file -actn ace -ace n:Username;p:read;m:grant -log c:\logs.txt -silent"
 

ObjShell.run Command, 0, True
 

Next
 

'Quit

Wscript.quit

Open in new window

0
 
LVL 11

Author Comment

by:bsharath
Comment Utility
I get the results file like this...

Processing ACL of: <\\?\F:\Softwares\VPN>

SetACL finished successfully.
Processing ACL of: <\\?\F:\c9934e862e22ff853c05cfghf>

SetACL finished successfully.
0
 
LVL 12

Expert Comment

by:chandru_sol
Comment Utility
That is the results file created by the setacl

Do you need anything else?
0
 
LVL 11

Author Comment

by:bsharath
Comment Utility
No that would be fine.Thanks a lot Chandru...
0
 
LVL 11

Author Closing Comment

by:bsharath
Comment Utility
Excellent Chandru Thanks....
0
 
LVL 12

Expert Comment

by:chandru_sol
Comment Utility
Glad i helped you in a script which you were searching for a long time

Hope this solved your purpose

regards
Chandru
0
 
LVL 11

Author Comment

by:bsharath
Comment Utility
Yes Chandru thanks a lot...
You saved hrs of my manual work with this script.Which can do the job in Minutes.

0
 
LVL 12

Expert Comment

by:chandru_sol
Comment Utility
No worries!
0

Featured Post

Top 6 Sources for Identifying Threat Actor TTPs

Understanding your enemy is essential. These six sources will help you identify the most popular threat actor tactics, techniques, and procedures (TTPs).

Join & Write a Comment

I hope you'll find this tutorial useful and interesting. So let's try to extend Tcl with a new package.  For anyone more deeply interested please check out the book "Practical Programming in Tcl and Tk". It's really one of the best written books abo…
The purpose of this article is to demonstrate how we can use conditional statements using Python.
The viewer will learn how to create and use a small PHP class to apply a watermark to an image. This video shows the viewer the setup for the PHP watermark as well as important coding language. Continue to Part 2 to learn the core code used in creat…
The goal of the video will be to teach the user the concept of local variables and scope. An example of a locally defined variable will be given as well as an explanation of what scope is in C++. The local variable and concept of scope will be relat…

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

14 Experts available now in Live!

Get 1:1 Help Now