Solved

Help with scripting share permissions

Posted on 2011-03-03
9
682 Views
Last Modified: 2012-05-11
Hi all, My developers have written a VB script  that shares all listed subfolders with "Everyone - Full Control". However, when running this on Server 2008 R2 x64, it only applies the "Read " bit. Please review the script to see what can be changed, or at least advise on a second script that can be ran afterwards. Thank you!

==========================================================================

Dim strFolder, strHome, strUser
Dim intRunError, objShell, objFSO
Dim strComputer
Const FILE_SHARE = 0
Const MAXIMUM_CONNECTIONS = 9999

'---------- CHANGE DIRECTORY PATH HERE ----------
strFolder = "E:\home"
'------------------------------------------------
strComputer = "."

Set objShell = CreateObject("Wscript.Shell")
Set objFSO = CreateObject("Scripting.FileSystemObject")
Set objFolder = objFSO.GetFolder(strFolder)
Set objWMIService = GetObject("winmgmts:" & "{impersonationLevel=impersonate}!\\" & strComputer & "\root\cimv2")
Set objNewShare = objWMIService.Get("Win32_Share")

SetPermissions objFSO.GetFolder(strFolder)

Function SetPermissions(Folder)

    For Each Subfolder in Folder.SubFolders
   
          'Reset Folder ACL
            If objFSO.FolderExists(strFolder) Then
                  intRunError = objShell.Run("%COMSPEC% /c Echo Y| cacls """ & Subfolder.Path & """ /t /c /g everyone:F", 2, True)
            End If
   
          'Share Folder
          intRunError = objNewShare.Create(Subfolder.Path,Subfolder.Name,FILE_SHARE,MAXIMUM_CONNECTIONS,"")  

    Next
      
End Function
0
Comment
Question by:entint
  • 5
  • 4
9 Comments
 
LVL 10

Expert Comment

by:Martin_J_Parker
ID: 35028761
I suspect you are running foul of the sort of User Access Control crap that Vista started.
Does it run correctly if you right click it and "run as administrator"?
0
 

Author Comment

by:entint
ID: 35032299
Tried that and UAC is turned off.
0
 
LVL 10

Expert Comment

by:Martin_J_Parker
ID: 35034873
Your VB program appears to work fine on my Win 2008 R2 x64 server!
I do have admin privileges (not logged in as administrator but as AD user with admin rights).
I assume that your user does have full priv. in the E:\Home folder?
0
 

Author Comment

by:entint
ID: 35148273
Yes I am logged in as a Domain Admin. Server is on the Domain, so this group is in the local Administrators group. UAC and Windows Firewall are both off, so what else could be in the way. I have been tested this on new OS installs, not off an image, only clan installs.
0
Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

 
LVL 10

Expert Comment

by:Martin_J_Parker
ID: 35148601
Unless you have some strange non-standard cacls command in your path I don't see any reason why it should fail.  My system is pretty bog standard and fairly recently clean installed as well - although the AD and group permissions are set centrally so I can't be 100% sure that it hasn't been modified!
0
 

Author Comment

by:entint
ID: 35149381
No CACL command in DOS, only running the script above.No added paremeters if this is what you mean
0
 
LVL 10

Accepted Solution

by:
Martin_J_Parker earned 125 total points
ID: 35149952
Yep - and as far as I can see it should work!  

If you change it from E:\Home to some other newly created folder (create a new E:\temp\folders for example) do you get the same results?

Is E: a standard local NTFS disk?  I assume it's not a share from somewhere else?
0
 

Author Comment

by:entint
ID: 35449262
Admins have Full Control at the parent level. I tried to create a new folder and verified permissions with and without inheritance. I even took my account as owner. What could be so differnet about all of our servers here compared to yours?
0
 

Author Comment

by:entint
ID: 35802234
Can this be reopened? No one ever replied
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
factorial example challenge 10 92
triangle challenge 4 121
C# application error "Parameter Is Not Valid". 3 79
Regular Expression Calculator Tester 2 54
RIA (Rich Internet Application) tools are interactive internet applications which have many of the characteristics of desktop applications. The RIA tools typically deliver output either by the way of a site-specific browser or via browser plug-in. T…
This is about my first experience with programming Arduino.
Viewers will learn how to properly install Eclipse with the necessary JDK, and will take a look at an introductory Java program. Download Eclipse installation zip file: Extract files from zip file: Download and install JDK 8: Open Eclipse and …
With the power of JIRA, there's an unlimited number of ways you can customize it, use it and benefit from it. With that in mind, there's bound to be things that I wasn't able to cover in this course. With this summary we'll look at some places to go…

910 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

23 Experts available now in Live!

Get 1:1 Help Now