Alvin Abraham
asked on
Powershell or VBS Script to Share a Web Folder and set permissions (Web Sharing)
I'm more familiar with VB, but I can try Powershell
I need to create a script that does the following:
Right Click on a folder (ie:C:\Sessions) select Sharing and Security
Click on the Web Sharing Tab, Click Share this folder
Set Access permissions to Read
Set Applicaiton Permissions to Scripts
I need to create a script that does the following:
Right Click on a folder (ie:C:\Sessions) select Sharing and Security
Click on the Web Sharing Tab, Click Share this folder
Set Access permissions to Read
Set Applicaiton Permissions to Scripts
ASKER
The Powershell and VB Zones were picked higher than IIS.
The Web Sharing creates a directory under IIS. Does this script create the WEB Share?
The Web Sharing creates a directory under IIS. Does this script create the WEB Share?
No, it deals with standard file shares, and only security there (it doesn't create a share).
Is this with IIS 6? Otherwise, which operating system / version of Windows?
Chris
ASKER
Windows 2003
IIS 6.0
IIS 6.0
Okay, I have some of those at work, I'll have a poke around and see if I can get it to play in the morning :)
Chris
Okay, so..
Web Sharing, it creates a Virtual Directory in IIS with the path set to the folder. We can do that easily enough :) Would it be fair to assume the Default Web Site is the target?
And when you mentioned permissions, did you mean "Access Permissions"? And if so, what would you like them set to?
Chris
ASKER
no its not the default website, its a virtual directory under that called Sessions.
Set Access permissions to Read
Set Applicaiton Permissions to Scripts
Set Access permissions to Read
Set Applicaiton Permissions to Scripts
ASKER
I'm sorry . I appreciate your help. I just learned that i have to do some more.
After the virtual directory is created
I have to right click the directory and go to properties
1) Go to the directory security tab. Click Edit
Enable anonymous access.
2) Go to the ASP.Net tab
select the ASP.NET 2.0.xxxxx
3) Go to the Documents Tab
Add default.aspx.
After the virtual directory is created
I have to right click the directory and go to properties
1) Go to the directory security tab. Click Edit
Enable anonymous access.
2) Go to the ASP.Net tab
select the ASP.NET 2.0.xxxxx
3) Go to the Documents Tab
Add default.aspx.
Okay, cool.
If we were to go with PowerShell (as an example) we could do this...
Chris
$ServerName = "ServerName"
$Folder = Get-Item "FolderOrFolderPath"
# The Default Web Site is Site ID 1.
$SessionsDir = [ADSI]"IIS://$ServerName/W3SVC/1/ROOT/Sessions"
# Create a new Virtual Directory
$NewVirtualDirectory = $SessionsDir.Create("IIsWebVirtualDir", $Folder.Name)
# Give it the same name as the folder referred to above
$NewVirtualDirectory.Put("Path", $Folder.FullName)
# Set Read and Run Scripts
$NewVirtualDirectory.Put("AccessFlags", 513)
# Commit the changes
$NewVirtualDirectory.SetInfo()
Oh okay, no bother. Hold on.
Chris
Well not much bother.
I've done this before, to change between versions of .NET on a virtual directory (or site) the ScriptMaps must be rewritten.
It's not hard, it's just messy because you have to try and swap the version numbers around. Is there a directory that runs the right version of .NET already? If so, copying them from there (in the script) would be really useful.
With that bit pending, these are the other settings. Still in PowerShell. Is that okay? I can rewrite in VbScript if you prefer, it isn't much different, especially not when we're using ADSI like this.
Chris
$ServerName = "ServerName"
$Folder = Get-Item "FolderOrFolderPath"
# The Default Web Site is Site ID 1.
$SessionsDir = [ADSI]"IIS://$ServerName/W3SVC/1/ROOT/Sessions"
# Create a new Virtual Directory
$NewVirtualDirectory = $SessionsDir.Create("IIsWebVirtualDir", $Folder.Name)
# Give it the same name as the folder referred to above
$NewVirtualDirectory.Put("Path", $Folder.FullName)
# Set Read and Run Scripts
$NewVirtualDirectory.Put("AccessFlags", 513)
# Configure the application settings
$NewVirtualDirectory.Put("AppRoot", "/LM/W3SVC/1/Root/Sessions/$($Folder.Name)")
$NewVirtualDirectory.Put("AppIsolated", 2)
# Allow Anonymous Access with the default IUSR account
$NewVirtualDirectory.Put("AuthFlags", 1)
$NewVirtualDirectory.Put("UNCPassword", "")
# Set the default Document
$NewVirtualDirectory.Put("DefaultDoc", "default.aspx")
# Commit the changes
$NewVirtualDirectory.SetInfo()
ASKER
Yeah i think VB is better for me. I'm getting all types of errors in Powershell.
I created a file with .ps1 as the extention and running the script ./xxxxxx.ps1
I created a file with .ps1 as the extention and running the script ./xxxxxx.ps1
Probably better just pasting it into the PowerShell prompt :)
Not to worry... VbScript version of the same, not much difference :)
Chris
Dim objFSO : Set objFSO = CreateObject("Scripting.FileSystemObject")
Dim objFolder : Set objFolder = objFSO.GetFolder("FolderOrFolderPath")
Dim strServerName : strServerName = "ServerName"
' The Default Web Site is Site ID 1.
Set objSessionsDir = GetObject("IIS://" & strServerName & "/W3SVC/1/ROOT/Sessions")
' Create a new Virtual Directory
Set objNewVDir = objSessionsDir.Create("IIsWebVirtualDir", objFolder.Name)
' Give it the same name as the folder referred to above
objNewVDir.Put "Path", objFolder.Path
' Set Read and Run Scripts
objNewVDir.Put "AccessFlags", 513
' Configure the application settings
objNewVDir.Put "AppRoot", "/LM/W3SVC/1/Root/Sessions/" & objFolder.Name
objNewVDir.Put "AppIsolated", 2
' Allow Anonymous Access with the default IUSR account
objNewVDir.Put "AuthFlags", 1
objNewVDir.Put "UNCPassword", ""
' Set the default Document
objNewVDir.Put "DefaultDoc", "default.aspx"
' Commit the changes
objNewVDir.SetInfo()
ASKER
I changed the FolderorFolderPath to C:\sessions
I changed the ServerName to the name of the server SERVER1
I'm getting the system cannot find the path specified
line 7
I changed the ServerName to the name of the server SERVER1
I'm getting the system cannot find the path specified
line 7
Hmm I might have misunderstood. When you said Sessions earlier, did you mean you needed to create the new virtual directory underneath that (in IIS)?
Or did you mean that was the name of it?
If it's the name, and doesn't exist, we need to modify the IIS path we feed the script, bringing it up a level (as below). Not a big change, just alters where I thought we were creating the new virtual directory.
Chris
Dim objFSO : Set objFSO = CreateObject("Scripting.FileSystemObject")
Dim objFolder : Set objFolder = objFSO.GetFolder("FolderOrFolderPath")
Dim strServerName : strServerName = "ServerName"
' The Default Web Site is Site ID 1.
Set objWebsite = GetObject("IIS://" & strServerName & "/W3SVC/1/ROOT")
' Create a new Virtual Directory
Set objNewVDir = objWebsite.Create("IIsWebVirtualDir", objFolder.Name)
' Give it the same name as the folder referred to above
objNewVDir.Put "Path", objFolder.Path
' Set Read and Run Scripts
objNewVDir.Put "AccessFlags", 513
' Configure the application settings
objNewVDir.Put "AppRoot", "/LM/W3SVC/1/Root/" & objFolder.Name
objNewVDir.Put "AppIsolated", 2
' Allow Anonymous Access with the default IUSR account
objNewVDir.Put "AuthFlags", 1
objNewVDir.Put "UNCPassword", ""
' Set the default Document
objNewVDir.Put "DefaultDoc", "default.aspx"
' Commit the changes
objNewVDir.SetInfo()
ASKER
That worked! Sorry i wasnt explaining myself correctly.
So to set the ASP.net version It has to be copied from an existing directory?
So to set the ASP.net version It has to be copied from an existing directory?
Well, it can be set without, but the field looks like the snippet below. We have to modify every .NET version number in there to v2. Okay it's already 2 here, that's because I only have 2 installed on my web server :)
Anyway, it's a fair amount of hassle, so if there is somewhere we can grab it from it would be lovely and quick.
Last time I did it I just replaced v1.somethingorother with v2.0.50727 for each which is fine but you end up hard-coding the version numbers. So if you prefer to set it (rather than copy it) I need to know what version it's set to by default :)
Chris
.asp,C:\WINDOWS\system32\inetsrv\asp.dll,5,GET,HEAD,POST,TRACE
.cer,C:\WINDOWS\system32\inetsrv\asp.dll,5,GET,HEAD,POST,TRACE
.cdx,C:\WINDOWS\system32\inetsrv\asp.dll,5,GET,HEAD,POST,TRACE
.asa,C:\WINDOWS\system32\inetsrv\asp.dll,5,GET,HEAD,POST,TRACE
.idc,C:\WINDOWS\system32\inetsrv\httpodbc.dll,5,GET,POST
.shtm,C:\WINDOWS\system32\inetsrv\ssinc.dll,5,GET,POST
.shtml,C:\WINDOWS\system32\inetsrv\ssinc.dll,5,GET,POST
.stm,C:\WINDOWS\system32\inetsrv\ssinc.dll,5,GET,POST
.asax,c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_isapi.dll,5,GET,HEAD,POST,DEBUG
.ascx,c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_isapi.dll,5,GET,HEAD,POST,DEBUG
.ashx,c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_isapi.dll,1,GET,HEAD,POST,DEBUG
.asmx,c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_isapi.dll,1,GET,HEAD,POST,DEBUG
.aspx,c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_isapi.dll,1,GET,HEAD,POST,DEBUG
.axd,c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_isapi.dll,1,GET,HEAD,POST,DEBUG
.vsdisco,c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_isapi.dll,1,GET,HEAD,POST,DEBUG
.rem,c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_isapi.dll,1,GET,HEAD,POST,DEBUG
.soap,c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_isapi.dll,1,GET,HEAD,POST,DEBUG
.config,c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_isapi.dll,5,GET,HEAD,POST,DEBUG
.cs,c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_isapi.dll,5,GET,HEAD,POST,DEBUG
.csproj,c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_isapi.dll,5,GET,HEAD,POST,DEBUG
.vb,c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_isapi.dll,5,GET,HEAD,POST,DEBUG
.vbproj,c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_isapi.dll,5,GET,HEAD,POST,DEBUG
.webinfo,c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_isapi.dll,5,GET,HEAD,POST,DEBUG
.licx,c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_isapi.dll,5,GET,HEAD,POST,DEBUG
.resx,c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_isapi.dll,5,GET,HEAD,POST,DEBUG
.resources,c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_isapi.dll,5,GET,HEAD,POST,DEBUG
.master,c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_isapi.dll,5,GET,HEAD,POST,DEBUG
.skin,c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_isapi.dll,5,GET,HEAD,POST,DEBUG
.compiled,c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_isapi.dll,5,GET,HEAD,POST,DEBUG
.browser,c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_isapi.dll,5,GET,HEAD,POST,DEBUG
.mdb,c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_isapi.dll,5,GET,HEAD,POST,DEBUG
.jsl,c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_isapi.dll,5,GET,HEAD,POST,DEBUG
.vjsproj,c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_isapi.dll,5,GET,HEAD,POST,DEBUG
.sitemap,c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_isapi.dll,5,GET,HEAD,POST,DEBUG
.msgx,c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_isapi.dll,1,GET,HEAD,POST,DEBUG
.ad,c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_isapi.dll,5,GET,HEAD,POST,DEBUG
.dd,c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_isapi.dll,5,GET,HEAD,POST,DEBUG
.ldd,c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_isapi.dll,5,GET,HEAD,POST,DEBUG
.sd,c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_isapi.dll,5,GET,HEAD,POST,DEBUG
.cd,c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_isapi.dll,5,GET,HEAD,POST,DEBUG
.adprototype,c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_isapi.dll,5,GET,HEAD,POST,DEBUG
.lddprototype,c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_isapi.dll,5,GET,HEAD,POST,DEBUG
.sdm,c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_isapi.dll,5,GET,HEAD,POST,DEBUG
.sdmDocument,c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_isapi.dll,5,GET,HEAD,POST,DEBUG
.ldb,c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_isapi.dll,5,GET,HEAD,POST,DEBUG
.mdf,c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_isapi.dll,5,GET,HEAD,POST,DEBUG
.ldf,c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_isapi.dll,5,GET,HEAD,POST,DEBUG
.java,c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_isapi.dll,5,GET,HEAD,POST,DEBUG
.exclude,c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_isapi.dll,5,GET,HEAD,POST,DEBUG
.refresh,c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_isapi.dll,5,GET,HEAD,POST,DEBUG
.svc,c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_isapi.dll,1,GET,HEAD,POST,DEBUG
.xoml,C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_isapi.dll,1,GET,HEAD,POST,DEBUG
.rules,C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_isapi.dll,1,GET,HEAD,POST,DEBUG
ASKER
Thanks.
If i had to do the same script but the FolderOrFolderPath was set to c:\inetpub\wwwroot\Session s2
what would change in the rest of the script except the 2nd line?
If i had to do the same script but the FolderOrFolderPath was set to c:\inetpub\wwwroot\Session
what would change in the rest of the script except the 2nd line?
Nothing except that line. It names everything else after the folder you set there.
Chris
ASKER
I get path not found. when i change it to c:\inetpub\wwwroot\Session s2
another question: If the virtual directory is there in IIS, but not Shared what line can I add to share it.?
another question: If the virtual directory is there in IIS, but not Shared what line can I add to share it.?
It should just be the Path, it seems to happily link back as long as there's a reference in the site.
So..
Set objVDir = GetObject("IIS://" & strServer & "/W3SVC/1/ROOT/WhatEverThe
objVDir.Put "Path", "c:\inetpub\wwwroot\Sessio
objVDir.SetInfo()
Chris
ASKER
THANK YOU!!!
The ASP.net by default is 1.1.4322
the other choice is 2.0.50727
The ASP.net by default is 1.1.4322
the other choice is 2.0.50727
ASKER
Question for sharepointguru14 or anyone:
This code below strips all security and adds everyone with read permissions.
How can i change it to KEEP the existing security but also add a user (domain\username) with:
Modify, read/execute, list folder contents, Read, Write.
This code below strips all security and adds everyone with read permissions.
How can i change it to KEEP the existing security but also add a user (domain\username) with:
Modify, read/execute, list folder contents, Read, Write.
Sub ResetShareSecurity(objWMI, strShare)
Dim objSecurity : Set objSecurity = objWMI.Get("Win32_LogicalShareSecuritySetting.Name='" & strShare & "'")
Dim objSD : objSecurity.GetSecurityDescriptor objSD
Dim objTrustee : Set objTrustee = GetObject("winmgmts:Win32_Trustee").SpawnInstance_
objTrustee.Name = "EVERYONE"
Dim objACE : Set objACE = GetObject("winmgmts:Win32_ACE").SpawnInstance_
objACE.AceType = 0 ' Allow
objACE.AceFlags = 0 ' N/A for Shares
objACE.AccessMask = 1179817 ' ReadAndExecute and Synchronise
objACE.Trustee = objTrustee
' Rewrite the DACL
objSD.DACL = Array(objACE)
Dim intReturn : intReturn = objSecurity.SetSecurityDescriptor(objSD)
If intReturn = 0 Then
WScript.Echo strShare & ": Success"
Else
WScript.Echo strShare & ": Failed - Return: " & intReturn
End If
End Sub
' The system to execute this script against
Dim strComputer : strComputer = "."
' Connect to WMI
Dim objWMI : Set objWMI = GetObject("winmgmts:\\" & strComputer & "\root\CIMV2")
' Return all of the shares (Type = 0 means File Shares only, exclude
' are Administrative, Printer, etc)
Dim colItems : Set colItems = _
objWMI.ExecQuery("SELECT * FROM Win32_Share WHERE Type='0'", "WQL", _
WBEM_RETURN_IMMEDIATELY + WBEM_FORWARD_ONLY)
Dim objItem
For Each objItem in colItems
ResetShareSecurity objWMI, objItem.Name
Next
ASKER
Ok i got it! i just need help with the ASP version switch
below changed the permissions on a folder.
below changed the permissions on a folder.
Dim strHomeFolder, strHome, strUser
Dim intRunError, objShell, objFSO
strHomeFolder = "C:\inetpub\wwwroot\sessions2"
Set objShell = CreateObject("Wscript.Shell")
Set objFSO = CreateObject("Scripting.FileSystemObject")
If objFSO.FolderExists(strHomeFolder) Then
intRunError = objShell.Run("%COMSPEC% /c Echo Y| cacls " _
& strHomeFolder & " /t /c /g domain\iis_wp:C ", 2, True)
If intRunError <> 0 Then
Wscript.Echo "Error assigning permissions for user " _
& strUser & " to home folder " & strHomeFolder
End If
End If
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
This changed the 1.1.4.322 to blank..
ASKER
ok i figured it out..
i changed the "2.0.50727" to "v2.0.50727"
i changed the "2.0.50727" to "v2.0.50727"
Oops sorry, yeah, that would do it.
Working now?
Chris
ASKER
Yes it works perfect! i can't say THank you enough!
ASKER
Thank you Chris!
Here is a vb script that strips out all security and grants "everybody" read permissions. You will have to change that part to setting the permissions for who and what you want.
Open in new window