water Posted September 17, 2008 Share Posted September 17, 2008 Hi AutoIt3-Gurus,I would like to query the ACLs of some network folders. I've seen how to change ACLs but this approach uses an external program that I would have to install on every computer where my AutoIt script should run.Is there an easier way to query ACLs when running Windows XP SP3?Thanks in advnaceThomas My UDFs and Tutorials: Spoiler UDFs:Active Directory (NEW 2022-02-19 - Version 1.6.1.0) - Download - General Help & Support - Example Scripts - WikiExcelChart (2017-07-21 - Version 0.4.0.1) - Download - General Help & Support - Example ScriptsOutlookEX (2021-11-16 - Version 1.7.0.0) - Download - General Help & Support - Example Scripts - WikiOutlookEX_GUI (2021-04-13 - Version 1.4.0.0) - DownloadOutlook Tools (2019-07-22 - Version 0.6.0.0) - Download - General Help & Support - WikiPowerPoint (2021-08-31 - Version 1.5.0.0) - Download - General Help & Support - Example Scripts - WikiTask Scheduler (NEW 2022-07-28 - Version 1.6.0.1) - Download - General Help & Support - Wiki Standard UDFs:Excel - Example Scripts - WikiWord - Wiki Tutorials:ADO - WikiWebDriver - Wiki Link to comment Share on other sites More sharing options...
ptrex Posted September 17, 2008 Share Posted September 17, 2008 @water Maybe this can get you going. expandcollapse popup$strComputer = "." $objWMIService = ObjGet("winmgmts:\\" & $strComputer & "\root\cimv2") $colItems = $objWMIService.ExecQuery('SELECT * FROM Win32_LogicalShareSecuritySetting', "WQL", 48) For $objItem in $colItems $strShareName = $objItem.name Dim $wmiSecurityDescriptor $wmiFileSecSetting = ObjGet("winmgmts:{impersonationLevel=impersonate}!//" & $strComputer & _ "/root/cimv2:Win32_LogicalShareSecuritySetting.Name='" & $strShareName & "'") $RetVal = $wmiFileSecSetting.GetSecurityDescriptor($wmiSecurityDescriptor) If @Error Then ConsoleWrite("GetSecurityDescriptor failed on " & $strShareName & @CRLF) Else ConsoleWrite("GetSecurityDescriptor succeeded for " & $strShareName & @CRLF) EndIf ; Retrieve the DACL array of Win32_ACE objects. $DACL = $wmiSecurityDescriptor.DACL $strsid = "" For $wmiAce in $DACL ConsoleWrite( "-----------------------" & @CRLF) ConsoleWrite("Found ACE" & @CRLF) ConsoleWrite( "-----------------------" & @CRLF) ConsoleWrite( "Access Mask: " & $wmiAce.AccessMask & @CRLF) ConsoleWrite( "ACE Type: " & $wmiAce.AceType & @CRLF) ; Get Win32_Trustee object from ACE $Trustee = $wmiAce.Trustee ConsoleWrite( "Trustee Domain: " & $Trustee.Domain & @CRLF) ConsoleWrite( "Trustee Name: " & $Trustee.Name & @CRLF) ; Get SID as array from Trustee $SID = $Trustee.SID For $i = 0 To UBound($SID) - 1 $strsid &= $SID[$i] & "," Next ConsoleWrite( "Trustee SID: {" & $strsid & "}" & @CRLF) ConsoleWrite(@CRLF) Next Next regards, ptrex Contributions :Firewall Log Analyzer for XP - Creating COM objects without a need of DLL's - UPnP support in AU3Crystal Reports Viewer - PDFCreator in AutoIT - Duplicate File FinderSQLite3 Database functionality - USB Monitoring - Reading Excel using SQLRun Au3 as a Windows Service - File Monitor - Embedded Flash PlayerDynamic Functions - Control Panel Applets - Digital Signing Code - Excel Grid In AutoIT - Constants for Special Folders in WindowsRead data from Any Windows Edit Control - SOAP and Web Services in AutoIT - Barcode Printing Using PS - AU3 on LightTD WebserverMS LogParser SQL Engine in AutoIT - ImageMagick Image Processing - Converter @ Dec - Hex - Bin -Email Address Encoder - MSI Editor - SNMP - MIB ProtocolFinancial Functions UDF - Set ACL Permissions - Syntax HighLighter for AU3ADOR.RecordSet approach - Real OCR - HTTP Disk - PDF Reader Personal Worldclock - MS Indexing Engine - Printing ControlsGuiListView - Navigation (break the 4000 Limit barrier) - Registration Free COM DLL Distribution - Update - WinRM SMART Analysis - COM Object Browser - Excel PivotTable Object - VLC Media Player - Windows LogOnOff Gui -Extract Data from Outlook to Word & Excel - Analyze Event ID 4226 - DotNet Compiler Wrapper - Powershell_COM - New Link to comment Share on other sites More sharing options...
water Posted September 18, 2008 Author Share Posted September 18, 2008 Hi ptrex, I tried your script but unfortunately it doesnt return anything. Line: @error-@extended: Line syntax 0001: 0-0: #AutoIt3Wrapper_Run_Debug_Mode=y 0002: 0-0: $strComputer = "." 0003: 0-0: $objWMIService = ObjGet("winmgmts:\\" & $strComputer & "\root\cimv2") 0005: 0-0: $colItems = $objWMIService.ExecQuery("SELECT * FROM Win32_LogicalShareSecuritySetting", "WQL", 48) 0007: 0-0: For $objItem in $colItems What I would like to do is present the user with a treeview (as in MS Windows Explorer) and when he clicks a network folder or subfolder or subsubfolder ... I show the Security Settings (Group- and Usernames) and in another window all the groups resolved to the Usernames. I hope I could make myself a bit clear. I'm no native speaker and no Active Directory guru. Thanks Thomas My UDFs and Tutorials: Spoiler UDFs:Active Directory (NEW 2022-02-19 - Version 1.6.1.0) - Download - General Help & Support - Example Scripts - WikiExcelChart (2017-07-21 - Version 0.4.0.1) - Download - General Help & Support - Example ScriptsOutlookEX (2021-11-16 - Version 1.7.0.0) - Download - General Help & Support - Example Scripts - WikiOutlookEX_GUI (2021-04-13 - Version 1.4.0.0) - DownloadOutlook Tools (2019-07-22 - Version 0.6.0.0) - Download - General Help & Support - WikiPowerPoint (2021-08-31 - Version 1.5.0.0) - Download - General Help & Support - Example Scripts - WikiTask Scheduler (NEW 2022-07-28 - Version 1.6.0.1) - Download - General Help & Support - Wiki Standard UDFs:Excel - Example Scripts - WikiWord - Wiki Tutorials:ADO - WikiWebDriver - Wiki Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now