[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 832
  • Last Modified:

Converting command line syntax to VBScript for NTFS permissions

Thanks to this forum, I now have the working syntax to uncheck the "inherit permissions from parent folder" with VBScript syntax:

Set WshShell = WScript.CreateObject("WScript.Shell")
WshShell.run "cscript c:\winnt\xcacls.vbs \\oak\users$\TEST /I remove /q /L c:\xlog.txt",10,true

I now need to incorporate this into the Createusers.vbs script. The relevant section is below:

If objFSO.FolderExists(strHomeFolder) Then
                     ' Assign user permission to home folder.
                    intRunError = objShell.Run("%COMSPEC% /c Echo Y| cacls " _
                    & strHomeFolder & " /T /E /C /G " & strNetBIOSDomain _
                    & "\" & strNTName & ":C", 2, True)
                    If intRunError <> 0 Then
                        Wscript.Echo "Error assigning permissions for user " _
                        & strNTName & " to home folder " & strHomeFolder
                    End If
                End If
I believe I should put the code to "uncheck the inherit box" as the first line and then alter
this to assign permissions in accordance with our current network policy which are:
administrators (local) F
SYSTEM: F
<strNTName>: M

How would I alter that seciton of code to:
1) use the variables to uncheck the "inherit" box
2) use variables to then assign the necessary permissionis

I have googled this to death and tried various combinations but due to a lack of
background in VBScript, am not yet fluent with the basics. Any assistance is
greatly appreciated as this is the final step to automating user account creation.
Attached is the entire Createusers.vbs that works up to this point.

Thanks.
Createusers.txt
0
bstillion
Asked:
bstillion
  • 4
  • 2
1 Solution
 
bstillionAuthor Commented:
I must have "breached etiquette" here.

My guess is that the point total is too low to be attractive.

Other possible reasons no one has replied:
The answer is too obvious
Can anyone comment on what I can improve in future questions?
Thanks in advance.

Brad
0
 
RobSampsonCommented:
Hi, I wouldn't say you've breached any etiquette.....sometimes though (from my experience), if a question looks too involved, experts will feel that they do not have enough time to volunteer their services to a question, and so do not want to cause the author to take a long amount of time to find a solution....

Other experts may feel that it's beyond their knowledge....

Anyway, I've taken a look at your code, and you have pointed out the relevant section, being:

                If objFSO.FolderExists(strHomeFolder) Then
                     ' Assign user permission to home folder.
                    intRunError = objShell.Run("%COMSPEC% /c Echo Y| cacls " _
                    & strHomeFolder & " /T /E /C /G " & strNetBIOSDomain _
                    & "\" & strNTName & ":C", 2, True)
                    If intRunError <> 0 Then
                        Wscript.Echo "Error assigning permissions for user " _
                        & strNTName & " to home folder " & strHomeFolder
                    End If
                End If


Now, with the new line of code that you have provided, that section should now look like this:

                If objFSO.FolderExists(strHomeFolder) Then
                     ' This is your new line of code
                     objShell.run "cscript c:\winnt\xcacls.vbs " & strHomeFolder & " /I remove /q /L c:\xlog.txt",10,true
                     ' Assign user permission to home folder.
                    intRunError = objShell.Run("%COMSPEC% /c Echo Y| cacls " _
                    & strHomeFolder & " /T /E /C /G " & strNetBIOSDomain _
                    & "\" & strNTName & ":C", 2, True)
                    If intRunError <> 0 Then
                        Wscript.Echo "Error assigning permissions for user " _
                        & strNTName & " to home folder " & strHomeFolder
                    End If
                End If


where I've included the variable of the home folder (from the Excel spreadsheet) into your command.

The necessary permissions are then hopefully applied by the original code as well.

The one thing you might have to watch out for here is the location of the XCacls.vbs file you're using. This might not always be the same on all systems.

You could add a bit to the code to copy the file to that locatoin before running it, so you can be sure it's there......

Regards,

Rob.
0
 
bstillionAuthor Commented:
Rob,
Thanks for the explanation.
I can certainly simplify my questions (which helps me as well.)

I will work with your suggestions now.

Thanks you also for your help.
Brad
0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
bstillionAuthor Commented:
Rob,
Here's the vbscript syntax that worked for me to uncheck the "inherit permissions from parent folder":

If objFSO.FolderExists(strHomeFolder) Then
                set objWsh = CreateObject("Wscript.Shell")
                objWsh.run "c:\WINNT\xcacls.vbs \\oak\Users$\" & strNTName & " /I remove"
                End If

strHomeFolder is designated in an excel spreadsheet and pulled into this larger script
which is free from the Win200X server resource kit called Createusers.vbs script

\\oak\users$ is the server and folder where all user home folders reside
xcacls.vbs (available free from Microsoft) is needed to "uncheck" the box-cacls cannot do it.

Thanks again for your help
Brad
0
 
bstillionAuthor Commented:
Rob,
Thanks for the help. I tweaked and posted my final working syntax but your help was very useful.
Brad
0
 
RobSampsonCommented:
Great work Brad, thanks for the info....and the grade.

Regards,

Rob.
0

Featured Post

Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

  • 4
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now