File Permission issue with Win Server 2008

[coondog7820]

I have been working on a script as custom wrapper around an installer that is used to perform some pre-installation tasks such as copying files to the C:\ drive, performing some variable replacement in config files, and executing applications for installing databases. We have run into an issue with trying to write to the config files, hence the install fails as the variables never get replaced. The environment is a hardened environment where only an administrator can install, so the script uses the #RequireAdmin directive. The original developer performed a FileRead, then performed a string replace on the variable name, then performed a FileDelete, and finally a FileWrite. Example:

$FindText1 = "@ROOT@"

$ReplaceText1 = $DomainName

$FileContents = FileRead($TextFileName)

$FileContents = StringReplace($FileContents,$FindText1,$ReplaceText1)

FileDelete($TextFileName)

FileWrite($TextFileName,$FileContents)

My concern is that somehow the administrative privileges are not propagating to these function calls, so when executed they do not have admin privileges. Has anyone experienced an issue like this or has suggestions on the most efficient way to perform this particular type of task?

[Skitty]

It's not an issue with the administrative privileges not "propagating" to the functions, your account SID simply doesn't have the proper permission in the ACL (or something like that...).

Anyway, look into icacls.exe and takeown.exe and use them to allow write permission to the files individually.

[coondog7820]

Thanks for the tip. It actually had nothing to do with that at all, instead the files had been marked read-only.

[DXRW4E]

Ciao.