[Last Call] Learn about multicloud storage options and how to improve your company's cloud strategy. Register Now

x
?
Solved

Converting command line syntax to VBScript for NTFS permissions

Posted on 2008-06-09
6
Medium Priority
?
830 Views
Last Modified: 2011-10-19
Thanks to this forum, I now have the working syntax to uncheck the "inherit permissions from parent folder" with VBScript syntax:

Set WshShell = WScript.CreateObject("WScript.Shell")
WshShell.run "cscript c:\winnt\xcacls.vbs \\oak\users$\TEST /I remove /q /L c:\xlog.txt",10,true

I now need to incorporate this into the Createusers.vbs script. The relevant section is below:

If objFSO.FolderExists(strHomeFolder) Then
                     ' Assign user permission to home folder.
                    intRunError = objShell.Run("%COMSPEC% /c Echo Y| cacls " _
                    & strHomeFolder & " /T /E /C /G " & strNetBIOSDomain _
                    & "\" & strNTName & ":C", 2, True)
                    If intRunError <> 0 Then
                        Wscript.Echo "Error assigning permissions for user " _
                        & strNTName & " to home folder " & strHomeFolder
                    End If
                End If
I believe I should put the code to "uncheck the inherit box" as the first line and then alter
this to assign permissions in accordance with our current network policy which are:
administrators (local) F
SYSTEM: F
<strNTName>: M

How would I alter that seciton of code to:
1) use the variables to uncheck the "inherit" box
2) use variables to then assign the necessary permissionis

I have googled this to death and tried various combinations but due to a lack of
background in VBScript, am not yet fluent with the basics. Any assistance is
greatly appreciated as this is the final step to automating user account creation.
Attached is the entire Createusers.vbs that works up to this point.

Thanks.
Createusers.txt
0
Comment
Question by:bstillion
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 2
6 Comments
 

Author Comment

by:bstillion
ID: 21751363
I must have "breached etiquette" here.

My guess is that the point total is too low to be attractive.

Other possible reasons no one has replied:
The answer is too obvious
Can anyone comment on what I can improve in future questions?
Thanks in advance.

Brad
0
 
LVL 65

Accepted Solution

by:
RobSampson earned 1000 total points
ID: 21755841
Hi, I wouldn't say you've breached any etiquette.....sometimes though (from my experience), if a question looks too involved, experts will feel that they do not have enough time to volunteer their services to a question, and so do not want to cause the author to take a long amount of time to find a solution....

Other experts may feel that it's beyond their knowledge....

Anyway, I've taken a look at your code, and you have pointed out the relevant section, being:

                If objFSO.FolderExists(strHomeFolder) Then
                     ' Assign user permission to home folder.
                    intRunError = objShell.Run("%COMSPEC% /c Echo Y| cacls " _
                    & strHomeFolder & " /T /E /C /G " & strNetBIOSDomain _
                    & "\" & strNTName & ":C", 2, True)
                    If intRunError <> 0 Then
                        Wscript.Echo "Error assigning permissions for user " _
                        & strNTName & " to home folder " & strHomeFolder
                    End If
                End If


Now, with the new line of code that you have provided, that section should now look like this:

                If objFSO.FolderExists(strHomeFolder) Then
                     ' This is your new line of code
                     objShell.run "cscript c:\winnt\xcacls.vbs " & strHomeFolder & " /I remove /q /L c:\xlog.txt",10,true
                     ' Assign user permission to home folder.
                    intRunError = objShell.Run("%COMSPEC% /c Echo Y| cacls " _
                    & strHomeFolder & " /T /E /C /G " & strNetBIOSDomain _
                    & "\" & strNTName & ":C", 2, True)
                    If intRunError <> 0 Then
                        Wscript.Echo "Error assigning permissions for user " _
                        & strNTName & " to home folder " & strHomeFolder
                    End If
                End If


where I've included the variable of the home folder (from the Excel spreadsheet) into your command.

The necessary permissions are then hopefully applied by the original code as well.

The one thing you might have to watch out for here is the location of the XCacls.vbs file you're using. This might not always be the same on all systems.

You could add a bit to the code to copy the file to that locatoin before running it, so you can be sure it's there......

Regards,

Rob.
0
 

Author Comment

by:bstillion
ID: 21758831
Rob,
Thanks for the explanation.
I can certainly simplify my questions (which helps me as well.)

I will work with your suggestions now.

Thanks you also for your help.
Brad
0
VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

 

Author Comment

by:bstillion
ID: 21759538
Rob,
Here's the vbscript syntax that worked for me to uncheck the "inherit permissions from parent folder":

If objFSO.FolderExists(strHomeFolder) Then
                set objWsh = CreateObject("Wscript.Shell")
                objWsh.run "c:\WINNT\xcacls.vbs \\oak\Users$\" & strNTName & " /I remove"
                End If

strHomeFolder is designated in an excel spreadsheet and pulled into this larger script
which is free from the Win200X server resource kit called Createusers.vbs script

\\oak\users$ is the server and folder where all user home folders reside
xcacls.vbs (available free from Microsoft) is needed to "uncheck" the box-cacls cannot do it.

Thanks again for your help
Brad
0
 

Author Closing Comment

by:bstillion
ID: 31465551
Rob,
Thanks for the help. I tweaked and posted my final working syntax but your help was very useful.
Brad
0
 
LVL 65

Expert Comment

by:RobSampson
ID: 21764987
Great work Brad, thanks for the info....and the grade.

Regards,

Rob.
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this article we want to have a look at the directory attributes which are used by Microsoft to store the so called Security Identifiers (SID). These SIDs plays an important role in delegating and granting permissions and in authentication of trus…
When you see single cell contains number and text, and you have to get any date out of it seems like cracking our heads.
Video by: ITPro.TV
In this episode Don builds upon the troubleshooting techniques by demonstrating how to properly monitor a vSphere deployment to detect problems before they occur. He begins the show using tools found within the vSphere suite as ends the show demonst…
In this video, Percona Director of Solution Engineering Jon Tobin discusses the function and features of Percona Server for MongoDB. How Percona can help Percona can help you determine if Percona Server for MongoDB is the right solution for …
Suggested Courses

650 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question