Solved

Create folder, set permissions based on domain user - script

Posted on 2009-07-09
7
1,178 Views
Last Modified: 2013-11-26
I have a VB script that will create a directory, and map a drive to that directory based on the users domain account. How can  I add to this script to remove inheritable permissions, and set permissions for only that user to access that folder. My goal for this script is to

1. Make sure the users directory exists, of not, create it.  DONE

2. Set permissions for only that user to access it, remove inheritable permissions. NOT DONE

3. Map the directory to a specific drive DONE
Set objSysInfo = CreateObject("ADSystemInfo")

strUser = objSysInfo.UserName

Set objUser = GetObject("LDAP://" & strUser)

strUserName = objUser.samAccountName

 

Dim fso, f

Set fso = CreateObject("Scripting.FileSystemObject")

If fso.FolderExists("\\stpluto\user\" & strUserName) Then

Else

Set f = fso.CreateFolder("\\stpluto\user\" & strUserName)

End If

 

strDrive = "\\Stpluto\User\" & strUserName

On Error Resume Next

Set objNetwork = CreateObject("Wscript.Network")

objNetwork.RemoveNetworkDrive "x:"

objNetwork.MapNetworkDrive "x:", strDrive

Open in new window

0
Comment
Question by:Pierellie
  • 3
  • 2
  • 2
7 Comments
 
LVL 13

Assisted Solution

by:lciprianionut
lciprianionut earned 200 total points
Comment Utility
One question: what I understand from your script it will run withuser credentials as login script or with your credentials (administrator on file server) ?
You can use calcs.exe, but if runs under user credentials and directory is on a file server where he is not an admin it will fail
0
 
LVL 3

Author Comment

by:Pierellie
Comment Utility
it will run as a script on user login. So using user credentials. I'll check into calcs.exe... the share is on a fileserver, the share has user rights permission, within that share will be the individual user folders... hence the reason i need to disable inhereted permissions when the users folder is created.
0
 
LVL 3

Author Comment

by:Pierellie
Comment Utility
Well i figured it out using cacls, it doesn't seem as efficent as it possibly could be, could you let me know if i can consolidate all the "SendKeys"?

Also, apparently, using the /g switch, i don't need to worry about inheritance, as that will overwrite the existing ACL and write only what is configured.


Set objSysInfo = CreateObject("ADSystemInfo")

strUser = objSysInfo.UserName

Set objUser = GetObject("LDAP://" & strUser)

strUserName = objUser.samAccountName
 

'Checks for/Creates Users directory

Dim fso, f

Set fso = CreateObject("Scripting.FileSystemObject")

If fso.FolderExists("\\stpluto\user\" & strUserName) Then

Else

Set f = fso.CreateFolder("\\stpluto\user\" & strUserName)

End If
 

'opens command shell, executes cacls to change folder permissions.

Dim objShell

Set objShell = CreateObject("WScript.Shell")

objShell.Run "cmd"

WScript.Sleep 50

objShell.SendKeys "cacls "

objShell.SendKeys "\\stpluto\user\" & strUserName

objShell.SendKeys " /g " & strUserName

objShell.SendKeys ":F"

objShell.SendKeys "{ENTER}"

objShell.SendKeys "Y"

objShell.SendKeys "{ENTER}"

objShell.SendKeys "exit"

objShell.SendKeys "{ENTER}"
 

'Maps Folder to local Drive

strDrive = "\\Stpluto\User\" & strUserName

On Error Resume Next

Set objNetwork = CreateObject("Wscript.Network")

objNetwork.RemoveNetworkDrive "q:"

objNetwork.MapNetworkDrive "q:", strDrive

Open in new window

0
How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

 
LVL 2

Accepted Solution

by:
JManicki earned 300 total points
Comment Utility
It looks like you're using CMD and the SENDKEYS so that you can answer "Yes" to the confirmation request from CACLS and then exit the command prompt?

If you got CACLS to set the proper file rights then you can use XCACLS instead which has a few more options including a /Y switch to not prompt for confirmation and just set the rights as set.

Replace your lines 17 through 27 with the code below.  The Run Method is also configured to NOT show the black CMD window while it's running:

objWSHShell.Run "XCACLS \\stpluto\user\" & strUserName & " /G " & strUserName & ":F /Y", 0, True

Open in new window

0
 
LVL 2

Expert Comment

by:JManicki
Comment Utility
Sorry, I used objWSHShell where you were using objShell.
0
 
LVL 13

Expert Comment

by:lciprianionut
Comment Utility
I would use
objWSHShell.Run Chr(34) & "XCACLS \\stpluto\user\" & strUserName & " /G " & strUserName & ":F /Y" & Chr(34), 0, True

Open in new window

0
 
LVL 3

Author Closing Comment

by:Pierellie
Comment Utility
Thanks both lciprianionut and JManicki. JManicki, i was more concerned about consolidating all this, your solution worked perfect. thanks again!
0

Featured Post

What Should I Do With This Threat Intelligence?

Are you wondering if you actually need threat intelligence? The answer is yes. We explain the basics for creating useful threat intelligence.

Join & Write a Comment

Have you ever wanted to restrict the users input in a textbox to numbers, and while doing that make sure that they can't 'cheat' by pasting in non-numeric text? Of course you can do that with code you write yourself but it's tedious and error-prone …
Over the years I have built up my own little library of code snippets that I refer to when programming or writing a script.  Many of these have come from the web or adaptations from snippets I find on the Web.  Periodically I add to them when I come…
Learn the basics of modules and packages in Python. Every Python file is a module, ending in the suffix: .py: Modules are a collection of functions and variables.: Packages are a collection of modules.: Module functions and variables are accessed us…
This lesson covers basic error handling code in Microsoft Excel using VBA. This is the first lesson in a 3-part series that uses code to loop through an Excel spreadsheet in VBA and then fix errors, taking advantage of error handling code. This l…

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now