Converting command line syntax to VBScript for NTFS permissions

Thanks to this forum, I now have the working syntax to uncheck the "inherit permissions from parent folder" with VBScript syntax:

Set WshShell = WScript.CreateObject("WScript.Shell")
WshShell.run "cscript c:\winnt\xcacls.vbs \\oak\users$\TEST /I remove /q /L c:\xlog.txt",10,true

I now need to incorporate this into the Createusers.vbs script. The relevant section is below:

If objFSO.FolderExists(strHomeFolder) Then
                     ' Assign user permission to home folder.
                    intRunError = objShell.Run("%COMSPEC% /c Echo Y| cacls " _
                    & strHomeFolder & " /T /E /C /G " & strNetBIOSDomain _
                    & "\" & strNTName & ":C", 2, True)
                    If intRunError <> 0 Then
                        Wscript.Echo "Error assigning permissions for user " _
                        & strNTName & " to home folder " & strHomeFolder
                    End If
                End If
I believe I should put the code to "uncheck the inherit box" as the first line and then alter
this to assign permissions in accordance with our current network policy which are:
administrators (local) F
SYSTEM: F
<strNTName>: M

How would I alter that seciton of code to:
1) use the variables to uncheck the "inherit" box
2) use variables to then assign the necessary permissionis

I have googled this to death and tried various combinations but due to a lack of
background in VBScript, am not yet fluent with the basics. Any assistance is
greatly appreciated as this is the final step to automating user account creation.
Attached is the entire Createusers.vbs that works up to this point.

Thanks.
Createusers.txt
bstillionAsked:
Who is Participating?

[Webinar] Streamline your web hosting managementRegister Today

x
 
RobSampsonConnect With a Mentor Commented:
Hi, I wouldn't say you've breached any etiquette.....sometimes though (from my experience), if a question looks too involved, experts will feel that they do not have enough time to volunteer their services to a question, and so do not want to cause the author to take a long amount of time to find a solution....

Other experts may feel that it's beyond their knowledge....

Anyway, I've taken a look at your code, and you have pointed out the relevant section, being:

                If objFSO.FolderExists(strHomeFolder) Then
                     ' Assign user permission to home folder.
                    intRunError = objShell.Run("%COMSPEC% /c Echo Y| cacls " _
                    & strHomeFolder & " /T /E /C /G " & strNetBIOSDomain _
                    & "\" & strNTName & ":C", 2, True)
                    If intRunError <> 0 Then
                        Wscript.Echo "Error assigning permissions for user " _
                        & strNTName & " to home folder " & strHomeFolder
                    End If
                End If


Now, with the new line of code that you have provided, that section should now look like this:

                If objFSO.FolderExists(strHomeFolder) Then
                     ' This is your new line of code
                     objShell.run "cscript c:\winnt\xcacls.vbs " & strHomeFolder & " /I remove /q /L c:\xlog.txt",10,true
                     ' Assign user permission to home folder.
                    intRunError = objShell.Run("%COMSPEC% /c Echo Y| cacls " _
                    & strHomeFolder & " /T /E /C /G " & strNetBIOSDomain _
                    & "\" & strNTName & ":C", 2, True)
                    If intRunError <> 0 Then
                        Wscript.Echo "Error assigning permissions for user " _
                        & strNTName & " to home folder " & strHomeFolder
                    End If
                End If


where I've included the variable of the home folder (from the Excel spreadsheet) into your command.

The necessary permissions are then hopefully applied by the original code as well.

The one thing you might have to watch out for here is the location of the XCacls.vbs file you're using. This might not always be the same on all systems.

You could add a bit to the code to copy the file to that locatoin before running it, so you can be sure it's there......

Regards,

Rob.
0
 
bstillionAuthor Commented:
I must have "breached etiquette" here.

My guess is that the point total is too low to be attractive.

Other possible reasons no one has replied:
The answer is too obvious
Can anyone comment on what I can improve in future questions?
Thanks in advance.

Brad
0
 
bstillionAuthor Commented:
Rob,
Thanks for the explanation.
I can certainly simplify my questions (which helps me as well.)

I will work with your suggestions now.

Thanks you also for your help.
Brad
0
Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

 
bstillionAuthor Commented:
Rob,
Here's the vbscript syntax that worked for me to uncheck the "inherit permissions from parent folder":

If objFSO.FolderExists(strHomeFolder) Then
                set objWsh = CreateObject("Wscript.Shell")
                objWsh.run "c:\WINNT\xcacls.vbs \\oak\Users$\" & strNTName & " /I remove"
                End If

strHomeFolder is designated in an excel spreadsheet and pulled into this larger script
which is free from the Win200X server resource kit called Createusers.vbs script

\\oak\users$ is the server and folder where all user home folders reside
xcacls.vbs (available free from Microsoft) is needed to "uncheck" the box-cacls cannot do it.

Thanks again for your help
Brad
0
 
bstillionAuthor Commented:
Rob,
Thanks for the help. I tweaked and posted my final working syntax but your help was very useful.
Brad
0
 
RobSampsonCommented:
Great work Brad, thanks for the info....and the grade.

Regards,

Rob.
0
All Courses

From novice to tech pro — start learning today.