Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

VBScript Login Script to change share Permissions

Posted on 2009-04-14
6
1,087 Views
Last Modified: 2012-05-06
Hello,
I'm Looking for a VBScript to change all the shares permissions
from EVERYONE - Full Control to EVERYONE - Read
.
0
Comment
Question by:aztechacker
  • 3
  • 3
6 Comments
 
LVL 70

Expert Comment

by:Chris Dent
ID: 24147649

It should work if you do it like this.

Just pop out the "WScript.Echo" lines if you want it to run silently.

Chris

Sub ResetShareSecurity(objWMI, strShare)
  Dim objSecurity : Set objSecurity = objWMI.Get("Win32_LogicalShareSecuritySetting.Name='" & strShare & "'")
  Dim objSD : objSecurity.GetSecurityDescriptor objSD
 
  Dim objTrustee : Set objTrustee = GetObject("winmgmts:Win32_Trustee").SpawnInstance_
  objTrustee.Name = "EVERYONE"
 
  Dim objACE : Set objACE = GetObject("winmgmts:Win32_ACE").SpawnInstance_
  objACE.AceType = 0 ' Allow
  objACE.AceFlags = 0 ' N/A for Shares
  objACE.AccessMask = 1179817 ' ReadAndExecute and Synchronise
  objACE.Trustee = objTrustee
 
  ' Rewrite the DACL
  objSD.DACL = Array(objACE)
 
  Dim intReturn : intReturn = objSecurity.SetSecurityDescriptor(objSD)
 
  If intReturn = 0 Then
    WScript.Echo strShare & ": Success"
  Else
    WScript.Echo strShare & ": Failed - Return: " & intReturn
  End If
End Sub
 
' The system to execute this script against
Dim strComputer : strComputer = "."
 
' Connect to WMI
Dim objWMI : Set objWMI = GetObject("winmgmts:\\" & strComputer & "\root\CIMV2")
 
' Return all of the shares (Type = 0 means File Shares only, exclude 
' are Administrative, Printer, etc)
Dim colItems : Set colItems = _
  objWMI.ExecQuery("SELECT * FROM Win32_Share WHERE Type='0'", "WQL", _
  WBEM_RETURN_IMMEDIATELY + WBEM_FORWARD_ONLY)
 
Dim objItem
For Each objItem in colItems
  ResetShareSecurity objWMI, objItem.Name
Next

Open in new window

0
 

Author Comment

by:aztechacker
ID: 24148676
It works great but the scrips removes also the domain users permissions, is there a way to only modify EVERYONE only, and leve the other permissions intact.
0
 
LVL 70

Accepted Solution

by:
Chris Dent earned 125 total points
ID: 24155461

Certainly is... this should do it.

Chris

Sub ResetShareSecurity(objWMI, strShare)
  Dim objSecurity : Set objSecurity = objWMI.Get("Win32_LogicalShareSecuritySetting.Name='" & strShare & "'")
  Dim objSD : objSecurity.GetSecurityDescriptor objSD
 
  Dim arrDACL : arrDACL = objSD.DACL
 
  Dim i
  For i = 0 To UBound(arrDACL)
    If arrDACL(i).Trustee.Name = "Everyone" Then
      arrDACL(i).AccessMask = 1179817 ' ReadAndExecute and Synchronise
    End If
    i = i + 1
  Next
 
  ' Replace the DACL with the updated version
  objSD.DACL = arrDACL
 
  Dim intReturn : intReturn = objSecurity.SetSecurityDescriptor(objSD)
 
  If intReturn = 0 Then
    WScript.Echo strShare & ": Success"
  Else
    WScript.Echo strShare & ": Failed - Return: " & intReturn
  End If
End Sub
 
' The system to execute this script against
Dim strComputer : strComputer = "."
 
' Connect to WMI
Dim objWMI : Set objWMI = GetObject("winmgmts:\\" & strComputer & "\root\CIMV2")
 
' Return all of the shares (Type = 0 means File Shares only, exclude 
' are Administrative, Printer, etc)
Dim colItems : Set colItems = _
  objWMI.ExecQuery("SELECT * FROM Win32_Share WHERE Type='0'", "WQL", _
  WBEM_RETURN_IMMEDIATELY + WBEM_FORWARD_ONLY)
 
Dim objItem
For Each objItem in colItems
  ResetShareSecurity objWMI, objItem.Name
Next

Open in new window

0
Free Tool: Postgres Monitoring System

A PHP and Perl based system to collect and display usage statistics from PostgreSQL databases.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

 

Author Comment

by:aztechacker
ID: 24159515
It works but the everyone - full stays full it doesnt change to read only
0
 
LVL 70

Expert Comment

by:Chris Dent
ID: 24159536

Hmm really? I tested that so many times before posting it. Which OS is it running against? I'll be a bit more specific in my testing, could just be failing to find "everyone" because of a case-mismatch.

Chris
0
 

Author Comment

by:aztechacker
ID: 24159680
I'm testing on Windows XP, Vista and Windows 7
0

Featured Post

Free Tool: Postgres Monitoring System

A PHP and Perl based system to collect and display usage statistics from PostgreSQL databases.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Well hello again!  Glad to see you've made it this far without giving up.  In this, the fourth installment of my popular series, I'm going to cover functions and subroutines, what they are, and why they are useful.  Just in case you stumbled onto th…
This article is the result of a quest to better understand Task Scheduler 2.0 and all the newer objects available in vbscript in this version over  the limited options we had scripting in Task Scheduler 1.0.  As I started my journey of knowledge I f…
In a recent question (https://www.experts-exchange.com/questions/29004105/Run-AutoHotkey-script-directly-from-Notepad.html) here at Experts Exchange, a member asked how to run an AutoHotkey script (.AHK) directly from Notepad++ (aka NPP). This video…
In an interesting question (https://www.experts-exchange.com/questions/29008360/) here at Experts Exchange, a member asked how to split a single image into multiple images. The primary usage for this is to place many photographs on a flatbed scanner…

840 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question