Joon Posted July 12, 2007 Share Posted July 12, 2007 This is a sample VBS from Microsoft Scripting Guy's script repository. This is working fine as VBS but I'm not sure what to create for objSD in AutoIt. expandcollapse popupstrFolderName = "C:\temp" SE_DACL_PRESENT = &h4 ACCESS_ALLOWED_ACE_TYPE = &h0 ACCESS_DENIED_ACE_TYPE = &h1 FILE_ALL_ACCESS = &h1f01ff FOLDER_ADD_SUBDIRECTORY = &h000004 FILE_DELETE = &h010000 FILE_DELETE_CHILD = &h000040 FOLDER_TRAVERSE = &h000020 FILE_READ_ATTRIBUTES = &h000080 FILE_READ_CONTROL = &h020000 FOLDER_LIST_DIRECTORY = &h000001 FILE_READ_EA = &h000008 FILE_SYNCHRONIZE = &h100000 FILE_WRITE_ATTRIBUTES = &h000100 FILE_WRITE_DAC = &h040000 FOLDER_ADD_FILE = &h000002 FILE_WRITE_EA = &h000010 FILE_WRITE_OWNER = &h080000 Set objWMIService = GetObject("winmgmts:") Set objFolderSecuritySettings = _ objWMIService.Get("Win32_LogicalFileSecuritySetting='" & strFolderName & "'") intRetVal = objFolderSecuritySettings.GetSecurityDescriptor(objSD) intControlFlags = objSD.ControlFlags If intControlFlags AND SE_DACL_PRESENT Then arrACEs = objSD.DACL For Each objACE in arrACEs WScript.Echo objACE.Trustee.Domain & "\" & objACE.Trustee.Name If objACE.AceType = ACCESS_ALLOWED_ACE_TYPE Then WScript.Echo vbTab & "Allowed:" ElseIf objACE.AceType = ACCESS_DENIED_ACE_TYPE Then WScript.Echo vbTab & "Denied:" End If If objACE.AccessMask AND FILE_ALL_ACCESS Then WScript.Echo vbTab & vbTab & "FILE_ALL_ACCESS " End If If objACE.AccessMask AND FOLDER_ADD_SUBDIRECTORY Then WScript.Echo vbTab & vbTab & " FOLDER_ADD_SUBDIRECTORY " End If If objACE.AccessMask AND FILE_DELETE Then WScript.Echo vbTab & vbTab & "FILE_DELETE " End If If objACE.AccessMask AND FILE_DELETE_CHILD Then WScript.Echo vbTab & vbTab & "FILE_DELETE_CHILD " End If If objACE.AccessMask AND FOLDER_TRAVERSE Then WScript.Echo vbTab & vbTab & " FOLDER_TRAVERSE " End If If objACE.AccessMask AND FILE_READ_ATTRIBUTES Then WScript.Echo vbTab & vbTab & "FILE_READ_ATTRIBUTES " End If If objACE.AccessMask AND FILE_READ_CONTROL Then WScript.Echo vbTab & vbTab & "FILE_READ_CONTROL " End If If objACE.AccessMask AND FOLDER_LIST_DIRECTORY Then WScript.Echo vbTab & vbTab & " FOLDER_LIST_DIRECTORY " End If If objACE.AccessMask AND FILE_READ_EA Then WScript.Echo vbTab & vbTab & "FILE_READ_EA " End If If objACE.AccessMask AND FILE_SYNCHRONIZE Then WScript.Echo vbTab & vbTab & "FILE_SYNCHRONIZE " End If If objACE.AccessMask AND FILE_WRITE_ATTRIBUTES Then WScript.Echo vbTab & vbTab & "FILE_WRITE_ATTRIBUTES " End If If objACE.AccessMask AND FILE_WRITE_DAC Then WScript.Echo vbTab & vbTab & "FILE_WRITE_DAC " End If If objACE.AccessMask AND FOLDER_ADD_FILE Then WScript.Echo vbTab & vbTab & " FOLDER_ADD_FILE " End If If objACE.AccessMask AND FILE_WRITE_EA Then WScript.Echo vbTab & vbTab & "FILE_WRITE_EA " End If If objACE.AccessMask AND FILE_WRITE_OWNER Then WScript.Echo vbTab & vbTab & "FILE_WRITE_OWNER " End If Next Else WScript.Echo "No DACL present in security descriptor" End If Link to comment Share on other sites More sharing options...
Joon Posted July 12, 2007 Author Share Posted July 12, 2007 Got it. Thanks for looking. Link to comment Share on other sites More sharing options...
PsaltyDS Posted July 12, 2007 Share Posted July 12, 2007 This is a sample VBS from Microsoft Scripting Guy's script repository. This is working fine as VBS but I'm not sure what to create for objSD in AutoIt. The objSD variable is ByRef set by: intRetVal = objFolderSecuritySettings.GetSecurityDescriptor(objSD) Full translation to AutoIt is: expandcollapse popupDim $strFolderName = "C:\temp" Dim $SE_DACL_PRESENT = 0x4 Dim $ACCESS_ALLOWED_ACE_TYPE = 0x0 Dim $ACCESS_DENIED_ACE_TYPE = 0x1 Dim $FILE_ALL_ACCESS = 0x1f01ff Dim $FOLDER_ADD_SUBDIRECTORY = 0x000004 Dim $FILE_DELETE = 0x010000 Dim $FILE_DELETE_CHILD = 0x000040 Dim $FOLDER_TRAVERSE = 0x000020 Dim $FILE_READ_ATTRIBUTES = 0x000080 Dim $FILE_READ_CONTROL = 0x020000 Dim $FOLDER_LIST_DIRECTORY = 0x000001 Dim $FILE_READ_EA = 0x000008 Dim $FILE_SYNCHRONIZE = 0x100000 Dim $FILE_WRITE_ATTRIBUTES = 0x000100 Dim $FILE_WRITE_DAC = 0x040000 Dim $FOLDER_ADD_FILE = 0x000002 Dim $FILE_WRITE_EA = 0x000010 Dim $FILE_WRITE_OWNER = 0x080000 Dim $objWMIService = ObjGet("winmgmts:") Dim $objFolderSecuritySettings = $objWMIService.Get ("Win32_LogicalFileSecuritySetting='" & $strFolderName & "'") Dim $objSD Dim $intRetVal = $objFolderSecuritySettings.GetSecurityDescriptor ($objSD) Dim $intControlFlags = $objSD.ControlFlags If $intControlFlags And $SE_DACL_PRESENT Then Dim $strMsg = "", $objACE Dim $arrACEs = $objSD.DACL For $objACE In $arrACEs $strMsg &= $objACE.Trustee.Domain & "\" & $objACE.Trustee.Name If $objACE.AceType = $ACCESS_ALLOWED_ACE_TYPE Then $strMsg &= @TAB & "Allowed:" & @CRLF ElseIf $objACE.AceType = $ACCESS_DENIED_ACE_TYPE Then $strMsg &= @TAB & "Denied:" & @CRLF EndIf If $objACE.AccessMask And $FILE_ALL_ACCESS Then $strMsg &= @TAB & @TAB & "FILE_ALL_ACCESS " & @CRLF If $objACE.AccessMask And $FOLDER_ADD_SUBDIRECTORY Then $strMsg &= @TAB & @TAB & "FOLDER_ADD_SUBDIRECTORY " & @CRLF If $objACE.AccessMask And $FILE_DELETE Then $strMsg &= @TAB & @TAB & "FILE_DELETE " & @CRLF If $objACE.AccessMask And $FILE_DELETE_CHILD Then $strMsg &= @TAB & @TAB & "FILE_DELETE_CHILD " & @CRLF If $objACE.AccessMask And $FOLDER_TRAVERSE Then $strMsg &= @TAB & @TAB & "FOLDER_TRAVERSE " & @CRLF If $objACE.AccessMask And $FILE_READ_ATTRIBUTES Then $strMsg &= @TAB & @TAB & "FILE_READ_ATTRIBUTES " & @CRLF If $objACE.AccessMask And $FILE_READ_CONTROL Then $strMsg &= @TAB & @TAB & "FILE_READ_CONTROL " & @CRLF If $objACE.AccessMask And $FOLDER_LIST_DIRECTORY Then $strMsg &= @TAB & @TAB & "FOLDER_LIST_DIRECTORY " & @CRLF If $objACE.AccessMask And $FILE_READ_EA Then $strMsg &= @TAB & @TAB & "FILE_READ_EA " & @CRLF If $objACE.AccessMask And $FILE_SYNCHRONIZE Then $strMsg &= @TAB & @TAB & "FILE_SYNCHRONIZE " & @CRLF If $objACE.AccessMask And $FILE_WRITE_ATTRIBUTES Then $strMsg &= @TAB & @TAB & "FILE_WRITE_ATTRIBUTES " & @CRLF If $objACE.AccessMask And $FILE_WRITE_DAC Then $strMsg &= @TAB & @TAB & "FILE_WRITE_DAC " & @CRLF If $objACE.AccessMask And $FOLDER_ADD_FILE Then $strMsg &= @TAB & @TAB & "FOLDER_ADD_FILE " & @CRLF If $objACE.AccessMask And $FILE_WRITE_EA Then $strMsg &= @TAB & @TAB & "FILE_WRITE_EA " & @CRLF If $objACE.AccessMask And $FILE_WRITE_OWNER Then $strMsg &= @TAB & @TAB & "FILE_WRITE_OWNER " & @CRLF Next Else $strMsg = "No DACL present in security descriptor" EndIf ConsoleWrite($strMsg) I did change the functionality to assemble all the outputs before writing to the console only once, but you can revert that by changing all the "$strMsg &= " parts to multiple ConsoleWrite()'s. Valuater's AutoIt 1-2-3, Class... Is now in Session!For those who want somebody to write the script for them: RentACoder"Any technology distinguishable from magic is insufficiently advanced." -- Geek's corollary to Clarke's law Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now