Solved

Converting command line syntax to VBScript for NTFS permissions

Posted on 2008-06-09
6
818 Views
Last Modified: 2011-10-19
Thanks to this forum, I now have the working syntax to uncheck the "inherit permissions from parent folder" with VBScript syntax:

Set WshShell = WScript.CreateObject("WScript.Shell")
WshShell.run "cscript c:\winnt\xcacls.vbs \\oak\users$\TEST /I remove /q /L c:\xlog.txt",10,true

I now need to incorporate this into the Createusers.vbs script. The relevant section is below:

If objFSO.FolderExists(strHomeFolder) Then
                     ' Assign user permission to home folder.
                    intRunError = objShell.Run("%COMSPEC% /c Echo Y| cacls " _
                    & strHomeFolder & " /T /E /C /G " & strNetBIOSDomain _
                    & "\" & strNTName & ":C", 2, True)
                    If intRunError <> 0 Then
                        Wscript.Echo "Error assigning permissions for user " _
                        & strNTName & " to home folder " & strHomeFolder
                    End If
                End If
I believe I should put the code to "uncheck the inherit box" as the first line and then alter
this to assign permissions in accordance with our current network policy which are:
administrators (local) F
SYSTEM: F
<strNTName>: M

How would I alter that seciton of code to:
1) use the variables to uncheck the "inherit" box
2) use variables to then assign the necessary permissionis

I have googled this to death and tried various combinations but due to a lack of
background in VBScript, am not yet fluent with the basics. Any assistance is
greatly appreciated as this is the final step to automating user account creation.
Attached is the entire Createusers.vbs that works up to this point.

Thanks.
Createusers.txt
0
Comment
Question by:bstillion
  • 4
  • 2
6 Comments
 

Author Comment

by:bstillion
Comment Utility
I must have "breached etiquette" here.

My guess is that the point total is too low to be attractive.

Other possible reasons no one has replied:
The answer is too obvious
Can anyone comment on what I can improve in future questions?
Thanks in advance.

Brad
0
 
LVL 65

Accepted Solution

by:
RobSampson earned 250 total points
Comment Utility
Hi, I wouldn't say you've breached any etiquette.....sometimes though (from my experience), if a question looks too involved, experts will feel that they do not have enough time to volunteer their services to a question, and so do not want to cause the author to take a long amount of time to find a solution....

Other experts may feel that it's beyond their knowledge....

Anyway, I've taken a look at your code, and you have pointed out the relevant section, being:

                If objFSO.FolderExists(strHomeFolder) Then
                     ' Assign user permission to home folder.
                    intRunError = objShell.Run("%COMSPEC% /c Echo Y| cacls " _
                    & strHomeFolder & " /T /E /C /G " & strNetBIOSDomain _
                    & "\" & strNTName & ":C", 2, True)
                    If intRunError <> 0 Then
                        Wscript.Echo "Error assigning permissions for user " _
                        & strNTName & " to home folder " & strHomeFolder
                    End If
                End If


Now, with the new line of code that you have provided, that section should now look like this:

                If objFSO.FolderExists(strHomeFolder) Then
                     ' This is your new line of code
                     objShell.run "cscript c:\winnt\xcacls.vbs " & strHomeFolder & " /I remove /q /L c:\xlog.txt",10,true
                     ' Assign user permission to home folder.
                    intRunError = objShell.Run("%COMSPEC% /c Echo Y| cacls " _
                    & strHomeFolder & " /T /E /C /G " & strNetBIOSDomain _
                    & "\" & strNTName & ":C", 2, True)
                    If intRunError <> 0 Then
                        Wscript.Echo "Error assigning permissions for user " _
                        & strNTName & " to home folder " & strHomeFolder
                    End If
                End If


where I've included the variable of the home folder (from the Excel spreadsheet) into your command.

The necessary permissions are then hopefully applied by the original code as well.

The one thing you might have to watch out for here is the location of the XCacls.vbs file you're using. This might not always be the same on all systems.

You could add a bit to the code to copy the file to that locatoin before running it, so you can be sure it's there......

Regards,

Rob.
0
 

Author Comment

by:bstillion
Comment Utility
Rob,
Thanks for the explanation.
I can certainly simplify my questions (which helps me as well.)

I will work with your suggestions now.

Thanks you also for your help.
Brad
0
What Is Threat Intelligence?

Threat intelligence is often discussed, but rarely understood. Starting with a precise definition, along with clear business goals, is essential.

 

Author Comment

by:bstillion
Comment Utility
Rob,
Here's the vbscript syntax that worked for me to uncheck the "inherit permissions from parent folder":

If objFSO.FolderExists(strHomeFolder) Then
                set objWsh = CreateObject("Wscript.Shell")
                objWsh.run "c:\WINNT\xcacls.vbs \\oak\Users$\" & strNTName & " /I remove"
                End If

strHomeFolder is designated in an excel spreadsheet and pulled into this larger script
which is free from the Win200X server resource kit called Createusers.vbs script

\\oak\users$ is the server and folder where all user home folders reside
xcacls.vbs (available free from Microsoft) is needed to "uncheck" the box-cacls cannot do it.

Thanks again for your help
Brad
0
 

Author Closing Comment

by:bstillion
Comment Utility
Rob,
Thanks for the help. I tweaked and posted my final working syntax but your help was very useful.
Brad
0
 
LVL 65

Expert Comment

by:RobSampson
Comment Utility
Great work Brad, thanks for the info....and the grade.

Regards,

Rob.
0

Featured Post

How to improve team productivity

Quip adds documents, spreadsheets, and tasklists to your Slack experience
- Elevate ideas to Quip docs
- Share Quip docs in Slack
- Get notified of changes to your docs
- Available on iOS/Android/Desktop/Web
- Online/Offline

Join & Write a Comment

I met Paul Devereux (@pdevereux) today when I responded to his tweet asking “Anybody know how to automate adding files from disk to a folder in #outlook  ?”.  I replied back and told Paul that using automation, in this case scripting, to add files t…
Not long ago I saw a question in the VB Script forum that I thought would not take much time. You can read that question (Question ID  (http://www.experts-exchange.com/Programming/Languages/Visual_Basic/VB_Script/Q_28455246.html)28455246) Here (http…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…
You have products, that come in variants and want to set different prices for them? Watch this micro tutorial that describes how to configure prices for Magento super attributes. Assigning simple products to configurable: We assigned simple products…

763 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

8 Experts available now in Live!

Get 1:1 Help Now