Jump to content

scipting 'net share' with autoit

sulfurious

By sulfurious,
in AutoIt General Help and Support

 Share

Recommended Posts

sulfurious Universalist

sulfurious

Posted
Posted

Hi. I have been scripting 'net share' commands with autoit. However, I have an issue with sp2 and net share. It would appear that prior to sp2, positive about original release xp, unknown on sp1, that 'net share' would set standard permissions that simple file sharing employs. In other words, everyone has read/writes. Now, with sp2, you can use the 'net share' command to create the share, but it is not accessible other than seeing it as a resource. You can even 'net use' it, but cannot go 'into' it.

Is there a known way to use an AutoIt script, employing the 'net share' command to create a share that IS accessible?

If I make the share from gui in sp2, then it works correctly. It is only if I create it from 'net share' command that it is not correct. BTW, I do use the simple file sharing, and prefer not to quit using it as I don't really need the added security of advanced file sharing.

Or perphaps I have missed some function that does this.

Any help?

sul

Link to comment
Share on other sites
idshisha Seeker

idshisha

Posted
Posted

DriveMapAdd()

DriveMapAdd( "device", "remote share" [, flags [, "user" [, "password"]]] )

; Map X drive to \\myserver\stuff using current user

DriveMapAdd("X:", "\\myserver\stuff")

; Map X drive to \\myserver2\stuff2 using the user "jon" from "domainx" with password "tickle"

DriveMapAdd("X:", "\\myserver2\stuff2", 0, "domainx\jon", "tickle")

Link to comment
Share on other sites
sulfurious Universalist

sulfurious

Posted
  • Author
Posted

If I am not mistaken, drive map add is the same as a 'net use' command. That only maps the drive. I am interested in a fix for actually creating the share. This can only be done if the script runs from the local machine, but it is creating, not mapping. Thanx tho for the reply.

sul

Link to comment
Share on other sites
BigDod Universalist

BigDod

Posted
Posted

If I am not mistaken, drive map add is the same as a 'net use' command. That only maps the drive. I am interested in a fix for actually creating the share. This can only be done if the script runs from the local machine, but it is creating, not mapping. Thanx tho for the reply.

sul

I am running WinXP pro SP2 on all my computers and i can use net share ok. I brought up a command prompt and typed

net share tmp=c:\temp

If I go to any other computer on my network I can see the contents of the shared folder.


Time you enjoyed wasting is not wasted time ......T.S. Elliot
Suspense is worse than disappointment................Robert Burns
God help the man who won't help himself, because no-one else will...........My Grandmother

Link to comment
Share on other sites
jefhal Universalist

jefhal

Posted
Posted

I have an issue with sp2

First, are you running WinXP HE or WinXP Pro? If HE, look at the properties page for the local c:\temp folder and it will tell you a lot about the state of sharing on that folder. It mentions what Windows Firewall thinks about it as well as what the current share state is.

For WinXP Pro, again, check the properties of the local temp folder and see what permissions are set. Perhaps you have to apply cacls to that folder to allow others to get "into" it. Permissions include: seeing, touching, and destroying. You may only be able to "see".

...by the way, it's pronounced: "JIF"... Bob Berry --- inventor of the GIF format
Link to comment
Share on other sites
sulfurious Universalist

sulfurious

Posted
  • Author
Posted

Yes, xp pro, not xp home. Fresh install of sp2 on 2 rigs. Security center is completely off, and there is no firewall or av installed. Server and browser services are started. All 4 of my rigs are using simple file sharing, so that forces all users who use the shares a 'guest'. The guest account is on all policies that it needs to be, and it not on any policies it does not need to be. That is default anyway. By enabling simple file sharing, the guest account is enabled, even though it is not really enabled, according to microsoft.

Since there are no account or permissions other than the guest account, not sure if setting permissions will be a help or not. I am not near those machines right now, but a little clarification. I know that I have no c:\temp file on them. I believe there is a temp file in the user profile. Is that what you mean? I am always learning, but how exactly is the properties of the temp file going to affect my permissions? I already have access IF I create the share from the GUI. It is when I create the share from command line 'net share' that the permissions do not work. I will check it out though just in case it is something new for me to learn.

Valuater, that is a good example of using the 'net' command. However, my commands already work in the script. It is some issue with the OS. Thanks for the link though.

Thanks for replies.

Looking into older resource kit for nt4.0 tool called rmtshar.exe. Personally, I think it is some regedit or policy change that allows the 'net share' command to do what it used to, or rather makes the guest account 'less' secure.

sul.

Link to comment
Share on other sites
BigDod Universalist

BigDod

Posted
Posted

Check that File and Print sharing is in the exceptions section of Windows firewall in the control panel as this may be what is blocking you.


Time you enjoyed wasting is not wasted time ......T.S. Elliot
Suspense is worse than disappointment................Robert Burns
God help the man who won't help himself, because no-one else will...........My Grandmother

Link to comment
Share on other sites
jefhal Universalist

jefhal

Posted
Posted

Since there are no account or permissions other than the guest account, not sure if setting permissions will be a help or not.

It's odd that you only have a Guest account shown in permissions. Are you on a domain or a workgroup?

If on a domain I always disable Guest just for security. Second, I usually have the "Administrators" and "System" accounts included. Both get full permissions.

Does your guest account have "full" permissions, or "modify" or something else?

...by the way, it's pronounced: "JIF"... Bob Berry --- inventor of the GIF format
Link to comment
Share on other sites
sulfurious Universalist

sulfurious

Posted
  • Author
Posted

BigDod, that would definately be a good call, but I have disabled windows firewall already.

Jefhal, I am on workgroup. Home network basically. The guest account that is visible from ControlPanel/useraccts is disabled (by default). However, the guest acct in the managemet snap-in is not disabled. If you 'net user guest', the guest acct shows as active. Since I am using simple file sharing, the guest acct has what I would assume to be full control or at least read/write. It seems to be a bit of a mangled mess, as MS says the guest acct is enabled because of SFS, yet it is not really enabled if you look at the guest acct in controlpanel/useraccts. It would seem that as long as the guest acct is active, that windows will attempt a secondary logon if you attempt to access a resource with no username/pw, as in being a guest. Turning the guest acct off, or inactive as it may be, is one thing that locks out guests in the advanced file sharing, in addition to other security policies. So, with the guest acct active, using advanced file sharing, I can create the share using 'net share' and access it. Granted, if there were any security issues, the guest account would be turned off, and a username/pw would have to be used to get access.

I did another fresh install of xp pro sp2 on a different computer, and that one, with the exact same settings across the board but different drivers, it allows the net share no problem. I am failing to understand what the issue is. It must be some simple setting, but I just cannot find it. Reinstalling on the two machines is question reproduces the same thing over and over. No permissions from command line sharing. I am almost beginning to think it is a hardware or driver issue, as I cannot see the difference in the install. I mean, everything is default, from same xp cd, and yet these two mobos do this (they are the same, nforce2 ultra 400s) and put the exact same cd into a different pc and it works fine.

I think I am being punished for something.

Thanks for the replies.

sul

Link to comment
Share on other sites
skippynz Prodigy

skippynz

Posted
Posted (edited)

have you tried net share temp=c:\temp /unlimited as your command line you are running from within the autoit script ?

that gives everyone full permisions to the share you are creating.

example as below

#Include <process.au3>

_RunDOS( "net share temp=c:\temp /unlimited" )

Edited by craig.gill
Link to comment
Share on other sites
sulfurious Universalist

sulfurious

Posted
  • Author
Posted

Yes sir, I have tried that.

Even without running from a script using command prompt, using a 'net share whatevershare=c:\somepath /unlimited' does create the share, but does not share it correctly. So here is the latest.

1 machine with a longstanding install of xp pro (no service paks) can use net share and make share. 1 fileserver running xp pro sp1 can use net share to make share. These two can use resources fine between them. 3 other machines running exact same copy of default install xp sp2 (these are all xp pro btw) can use those older 2 machines shares as well.

1 new machine, which happens to be a raid 0 rig, after default xp sp2 install, can use net share and all other machines can use the shares.

The other 2 new machines, after default install of xp sp2, can create shares with net share, but NO other machine can use the resources, althought they can map them.

From what I can tell, all default values are what they should be. I am at a loss for why they are doing this.

BTW, simple file sharing is ENABLED on all of them. Same services are running on all of them (mostly, except the ones omitted/added from sp2). All are on default workgroup. You can net view them, net use them, and network neighborhood 'see' them, just not go 'into' those shares on those 2 machines. Like I said before, if I create the share on those 2 from GUI, it works fine.

I just don't know why this is, but is makes them useless as part of my network where I like to make scripts to automate stuff I do at home.

thanks for the replies

sul

Link to comment
Share on other sites
skippynz Prodigy

skippynz

Posted
Posted (edited)

can you stick another hdd in one of the machines and rebuild it with just xp no services packs, then check if that works, if so then apply SP2 then check that works and if so then apply the rest of the patches from m$ - if its still working with all the patches installed then check that machine against the other machine which isnt working setting by setting.

Edited by craig.gill
Link to comment
Share on other sites
  • 1 month later...
blademonkey Universalist

blademonkey

Posted
Posted

Try checking your GPEDIT.MSC or SECPOL.MSC

under Computer Configuration --> Security Settings --> Local Policies --> User Rights Assignment

Look at the following entries

Access This computer From the network

Deny Access To this Computer from the network

Here are other you may want to look at:

Deny Logon Through T.S.

Log on Locally

Allow Logon Through T.S.

Hope that helps.

---"Educate the Mind, Make Savage the Body" -Mao Tse Tung

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...