#cs ---------------------------------------------------------------------------- AutoIt Version: 3.3.14.5 Author: NoNameCode Script Function: UDF for SubInAcl.exe functions #ce ---------------------------------------------------------------------------- #include-once #include ;Only for _SubInAcl_TestGui #include #include #include #include #RequireAdmin Func _SubInAcl_TestGui($sParameters, $sSubInAcl_ExePath=@ScriptDir&"\subinacl.exe", $sWorkingDir=@ScriptDir) Local $aSubInAcl_Return Local $hGUI = GUICreate("SubInAcl testing", 901, 601, 1135, 265, -1, BitOR($WS_EX_TOPMOST,$WS_EX_WINDOWEDGE)) Local $icInput_Parameters = GUICtrlCreateInput($sParameters, 10, 10, 871, 24) GUICtrlCreateLabel("Output Log (/outputlog=FILE)", 10, 50, 226, 23) GUICtrlSetFont(-1, 12, 800, 0, "Arial") Local $icEdit_outputlog = GUICtrlCreateEdit("", 10, 80, 425, 479) GUICtrlCreateLabel("Error Log (/errorlog=FILE)", 450, 50, 200, 23) GUICtrlSetFont(-1, 12, 800, 0, "Arial") Local $icEdit_errorlog = GUICtrlCreateEdit("", 450, 80, 435, 479) Local $icButton_Execute = GUICtrlCreateButton("Run subinacl", 404, 566, 85, 25) GUICtrlCreateLabel("ExitCode:", 10, 570, 65, 20) GUICtrlSetFont(-1, 10, 800, 0, "Arial") Local $icLabel_ExitCode = GUICtrlCreateLabel("", 90, 570, 39, 20) GUICtrlSetFont(-1, 10, 800, 0, "Arial") GUISetState(@SW_SHOW) While 1 $nMsg = GUIGetMsg() Switch $nMsg Case $GUI_EVENT_CLOSE Exit Case $icButton_Execute GUICtrlSetData($icLabel_ExitCode, '') ;Delete Data of Error Code Label GUICtrlSetData($icEdit_outputlog, '') ;Delete Data of Output Log Pannel GUICtrlSetData($icEdit_errorlog, '') ;Delete Data of Error Log Pannel $sParameters = GUICtrlRead($icInput_Parameters) ;Read the Parameters for SubInAcl $aSubInAcl_Return = __SubInAcl_RunWait($sParameters, $sSubInAcl_ExePath, $sWorkingDir) If @error Then MsgBox(0, "__SubInAcl_RunWait", "@error = " & @error & @CRLF & "@extended = " & @extended) Else GUICtrlSetData($icLabel_ExitCode, $aSubInAcl_Return[0]) GUICtrlSetData($icEdit_outputlog, $aSubInAcl_Return[1]) GUICtrlSetData($icEdit_errorlog, $aSubInAcl_Return[2]) EndIf EndSwitch WEnd EndFunc Func __SubInAcl_RunWait($sParameters, $sSubInAcl_ExePath=@ScriptDir&"\subinacl.exe", $sWorkingDir=@ScriptDir) Local $aReturn[3], $iError Local $sExecuteLine If Not FileExists($sSubInAcl_ExePath) Then Return SetError(1) ;Error = 1 >> Path to suninacl.exe dose not exist If Not FileExists($sWorkingDir) Then Return SetError(2) ;Error = 2 >> Path to workingdir dose not exist ;Creates TempFile for SubInAcl Output Log (SubInAcl /outputlog=FILE) $aReturn[1] = _TempFile() If @error Then Return SetError(1, @error) ;Error = 3 >> Could not creat tempfile for outputlog temp file ;Creates TempFile for SubInAcl Error Output (SubInAcl /errorlog=FILE) $aReturn[2] = _TempFile() If @error Then $iError = @error FileDelete($aReturn[1]) ;Delets outputlog temp file Return SetError(4, $iError) ;Error = 4 >> Could not creat tempfile for errorlog temp file EndIf ;Builds Execute line for RunWait $sExecuteLine = $sSubInAcl_ExePath $sExecuteLine &= ' /outputlog=' & $aReturn[1] $sExecuteLine &= ' /errorlog=' & $aReturn[2] $sExecuteLine &= ' ' & $sParameters ;Run SubInAcl with errorlog & outputlog via File Output $aReturn[0] = RunWait($sExecuteLine, $sWorkingDir, @SW_HIDE) If @error Then $iError = @error FileDelete($aReturn[1]) ;Delets outputlog temp file FileDelete($aReturn[2]) ;Delets errorlog temp file Return SetError(5, $iError) ;Error = 5 >> RunWait gives error EndIf ;Read the "/outputlog=" file $aReturn[1] = FileRead($aReturn[1]) ;Read the outputlog temp file to return If @error Then Return SetError(6, @error) ;Error = 6 >> FileRead from outputlog temp file error ;Read the "/errorlog=" file $aReturn[2] = FileRead($aReturn[2]) ;Read the errorlog temp file to return If @error Then Return SetError(7, @error) ;Error = 7 >> FileRead errorlog temp file error ;Delete the temp files FileDelete($aReturn[1]) ;Delets outputlog temp file FileDelete($aReturn[2]) ;Delets errorlog temp file Return $aReturn EndFunc #cs /GRANT ------ /grant=[DomainName\]User[=Access] will add a Permission Ace for the user. if Access is not specified, the Full Control access will be granted. File: F : Full Control C : Change R : Read P : Change Permissions O : Take Ownership X : eXecute E : Read eXecute W : Write D : Delete ClusterShare: F : Full Control R : Read C : Change Printer: F : Full Control M : Manage Documents P : Print KeyReg: F : Full Control R : Read A : ReAd Control Q : Query Value S : Set Value C : Create SubKey E : Enumerate Subkeys Y : NotifY L : Create Link D : Delete W : Write DAC O : Write Owner Service: F : Full Control R : Generic Read W : Generic Write X : Generic eXecute L : Read controL Q : Query Service Configuration S : Query Service Status E : Enumerate Dependent Services C : Service Change Configuration T : Start Service O : Stop Service P : Pause/Continue Service I : Interrogate Service U : Service User-Defined Control Commands -- Press Return To Continue ---- Share: F : Full Control R : Read C : Change Metabase: F : Full Control R : Read - MD_ACR_READ W : Write - MD_ACR_WRITE I : Restricted Write - MD_ACR_RESTRICTED_WRITE U : Unsecure props read - MD_ACR_UNSECURE_PROPS_READ E : Enum keys- MD_ACR_ENUM_KEYS D : write Dac- MD_ACR_WRITE_DAC Process: F : Full Control R : Read W : Write X : eXecute SamObject: F : Full Control W : Write R : Read X : Execute #ce #comments-start SubInAcl version 5.2.3790.1180 USAGE ----- Usage : SubInAcl [/option...] /object_type object_name [[/action[=parameter]...] /options : /outputlog=FileName /errorlog=FileName /noverbose /verbose (default) /notestmode (default) /testmode /alternatesamserver=SamServer /offlinesam=FileName /stringreplaceonoutput=string1=string2 /expandenvironmentsymbols (default) /noexpandenvironmentsymbols /statistic (default) /nostatistic /dumpcachedsids=FileName /separator=character /applyonly=[dacl,sacl,owner,group] /nocrossreparsepoint (default) /crossreparsepoint /object_type : /service /keyreg /subkeyreg /file /subdirectories[=directoriesonly|filesonly] /clustershare /kernelobject /metabase /printer /onlyfile /process /share /samobject /action : /display[=dacl|sacl|owner|primarygroup|sdsize|sddl] (default) /setowner=owner /replace=[DomainName\]OldAccount=[DomainName\]New_Account /accountmigration=[DomainName\]OldAccount=[DomainName\]New_Account /changedomain=OldDomainName=NewDomainName[=MappingFile[=Both]] /migratetodomain=SourceDomain=DestDomain=[MappingFile[=Both]] /findsid=[DomainName\]Account[=stop|continue] /suppresssid=[DomainName\]Account /confirm /ifchangecontinue /cleandeletedsidsfrom=DomainName[=dacl|sacl|owner|primarygroup|all] /testmode /accesscheck=[DomainName\]Username /setprimarygroup=[DomainName\]Group /grant=[DomainName\]Username[=Access] /deny=[DomainName\]Username[=Access] /sgrant=[DomainName\]Username[=Access] /sdeny=[DomainName\]Username[=Access] /sallowdeny==[DomainName\]Username[=Access] /revoke=[DomainName\]Username /perm /audit /compactsecuritydescriptor /pathexclude=pattern /objectexclude=pattern /sddl=sddl_string /objectcopysecurity=object_path /pathcopysecurity=path_container Usage : SubInAcl [/option...] /playfile file_name Usage : SubInAcl /help [keyword] SubInAcl /help /full keyword can be : features usage syntax sids view_mode test_mode object_type domain_migration server_migration substitution_features editing_features - or - any [/option] [/action] [/object_type #comments-end