Scripting share permissions

  • Thread starter Thread starter William Hymen
  • Start date Start date
W

William Hymen

I need to automate the creation of a share
and the addition of a user to the share, the
equivalent mouse clicks to:

[Sharing] [Permissions] [Add] (add user) then =>> r,rw,rwx
[Security] [Add] (add user) then =>> r,rw,rwx

Does anyone have samples of this? I would also
like to enumerate the users in a particular share.

I have 500 users and 600+ shares to manage.

Thanks in advance

Bill
 
William said:
I need to automate the creation of a share
and the addition of a user to the share, the
equivalent mouse clicks to:

[Sharing] [Permissions] [Add] (add user) then =>> r,rw,rwx
[Security] [Add] (add user) then =>> r,rw,rwx

Does anyone have samples of this?
Hi

E.g. RMTShare.exe (command line), WMI or ADSI can be used:

A)
RMTShare.exe

RMTSHARE is available for download here:
ftp://ftp.microsoft.com/bussys/winnt/winnt-public/reskit/nt40/i386/RMTSHAR.EXE

Q. How can I modify share permissions from the command line?
http://www.windows2000faq.com/Articles/Index.cfm?ArticleID=14459


B)
WMI (from e.g. VBScript)

http://msdn.microsoft.com/library/en-us/wmisdk/wmi/create_method_in_class_win32_share.asp?frame=true

For some examples:

See "Create a Network Share" and "Modify a Network Share" here:
http://www.microsoft.com/technet/scriptcenter/scripts/storage/shares/default.mspx

http://groups.google.com/groups?selm=#[email protected]

You can set the security descriptor for the shares with WMI as well..

SetSecurityDescriptor
http://msdn.microsoft.com/library/e...n_class_win32_logicalsharesecuritysetting.asp

Here is a couple of examples on the SetSecurityDescriptor method in Class
Win32_LogicalShareSecuritySetting (disregard that they use
wbemscripting.swbemlocator instead of winmgmts:, the rest will be the same):

From: Max L. Vaughn ([email protected])
Subject: RE: Add User to sharefolder
Newsgroups: microsoft.public.platformsdk.adsi
Date: 2001-11-16 14:01:51 PST
http://groups.google.com/[email protected]

From: [MS] Tim Chen ([email protected])
Subject: Re: Folder Security
Newsgroups: microsoft.public.win32.programmer.wmi
Date: 2002-06-13 13:06:05 PST
http://groups.google.com/[email protected]


C)
ADSI (from e.g. VBScript)

http://groups.google.com/[email protected]
 
When using the examples you pointed us to I am not getting past the adding
security to the share, when it gets to the "Set objShareSecSetting =
objServices.Get" line it errors out with a "Not Found" error on that line,
char 1, code 0. When I look in WMI for
Win32_LogicalShareSecuritySetting.Name there are no entries, is this why it's
failing? Any help to get around this will be greatly appreciated.....

Set objLocator = CreateObject("wbemscripting.swbemlocator")

strComputer = "."
'machinename = InputBox("Enter machine name where the share resides")

Set objServices = objLocator.ConnectServer(strComputer,"root\cimv2") 'THIS
IS THE NAME OF THE COMPUTER YOU ARE SETTING PERMISSIONS ON
objServices.security_.impersonationlevel = 3
objServices.security_.privileges.AddAsString("SeSecurityPrivilege")

-------->>>>>> Set objShareSecSetting =
objServices.Get("Win32_LogicalShareSecuritySetting.Name='" & strSharename &
"'")

Set objInParam =
objShareSecSetting.Methods_("SetSecurityDescriptor").inParameters.SpawnInstance_()


Set objSecDescriptor =
GetObject("Winmgmts:{impersonationlevel=impersonate}!root/cimv2:Win32_SecurityDescriptor").Spawninstance_()
objInParam.Properties_.item("Descriptor") = objSecDescriptor
'4 = DACL Present
'256 = Propagate to child objects


' Do not propagate to child objects
' (however child object descriptors may already be set to inherit security)
objSecDescriptor.Properties_.item("ControlFlags") = 4

Torgeir Bakken (MVP) said:
William said:
I need to automate the creation of a share
and the addition of a user to the share, the
equivalent mouse clicks to:

[Sharing] [Permissions] [Add] (add user) then =>> r,rw,rwx
[Security] [Add] (add user) then =>> r,rw,rwx

Does anyone have samples of this?
Hi

E.g. RMTShare.exe (command line), WMI or ADSI can be used:

A)
RMTShare.exe

RMTSHARE is available for download here:
ftp://ftp.microsoft.com/bussys/winnt/winnt-public/reskit/nt40/i386/RMTSHAR.EXE

Q. How can I modify share permissions from the command line?
http://www.windows2000faq.com/Articles/Index.cfm?ArticleID=14459


B)
WMI (from e.g. VBScript)

http://msdn.microsoft.com/library/en-us/wmisdk/wmi/create_method_in_class_win32_share.asp?frame=true

For some examples:

See "Create a Network Share" and "Modify a Network Share" here:
http://www.microsoft.com/technet/scriptcenter/scripts/storage/shares/default.mspx

http://groups.google.com/groups?selm=#[email protected]

You can set the security descriptor for the shares with WMI as well..

SetSecurityDescriptor
http://msdn.microsoft.com/library/e...n_class_win32_logicalsharesecuritysetting.asp

Here is a couple of examples on the SetSecurityDescriptor method in Class
Win32_LogicalShareSecuritySetting (disregard that they use
wbemscripting.swbemlocator instead of winmgmts:, the rest will be the same):

From: Max L. Vaughn ([email protected])
Subject: RE: Add User to sharefolder
Newsgroups: microsoft.public.platformsdk.adsi
Date: 2001-11-16 14:01:51 PST
http://groups.google.com/[email protected]

From: [MS] Tim Chen ([email protected])
Subject: Re: Folder Security
Newsgroups: microsoft.public.win32.programmer.wmi
Date: 2002-06-13 13:06:05 PST
http://groups.google.com/[email protected]


C)
ADSI (from e.g. VBScript)

http://groups.google.com/[email protected]



--
torgeir, Microsoft MVP Scripting and WMI, Porsgrunn Norway
Administration scripting examples and an ONLINE version of
the 1328 page Scripting Guide:
http://www.microsoft.com/technet/scriptcenter/default.mspx
 
William said:
I need to automate the creation of a share
and the addition of a user to the share, the
equivalent mouse clicks to:

[Sharing] [Permissions] [Add] (add user) then =>> r,rw,rwx
[Security] [Add] (add user) then =>> r,rw,rwx

Does anyone have samples of this? I would also
like to enumerate the users in a particular share.

I have 500 users and 600+ shares to manage.

Thanks in advance

Bill

cmd = "c:\winnt\rmtshare.exe \\UNC\SHARENAME=s:\pathto\foldertoshare
/grant DOMAIN\UserNAme :fc /remove everyone"
set oCMD = CreateObject("WScript.Shell")
oCMD.exec(cmd)

' give the user rights.
cmd = "c:\winnt\xcacls.exe \\path\to\folder /E /G UserName:f"
oCMD.exec(cmd)

' update the users profile
userDOM = "SUZUKIHQ/UserName"
On Error Resume Next
Set objUserWinNT = GetObject("WinNT://" & userDOM & ",user")
if (err.number) then
strError = strError & vbCrlf & User
end if

objUserWinNT.Put "HomeDirectory", "\\newHome\dir"
objUserWinNT.SetInfo
 
Back
Top