Photo Gallery Member List Search Calendars FAQ Ticket List Log Out


I need some help on a script to pull share and ntfs permissions

  		Logged in as: Guest
arrSession:exec spGetSession 2,2,59669
Active Users: There are 0 members and 0 guests.
Users viewing this topic: none
 

 

  
 
  Printable Version
All Forums >> [Scripting] >> WSH & Client Side VBScript >> I need some help on a script to pull share and ntfs permissions
  Do you like VisualBasicScript.com? Link to us and help spread the word about our forum. Thanks! 		Page: [1]
Login
Message << Older Topic   Newer Topic >>
I need some help on a script to pull share and ntfs per... - 4/30/2008 6:35:16 AM   
  bkcook

 

Posts: 3
Score: 0
Joined: 4/30/2008
Status: offline 		I need to pull share and ntfs permissions from a remote server. I need to write the output to .csv   I found this script on the web and havent had any luck modifing.

Option Explicit

Const SE_DACL_PRESENT = &h4
Const ACCESS_ALLOWED_ACE_TYPE = &h0
Const ACCESS_DENIED_ACE_TYPE  = &h1

Const FILE_ALL_ACCESS = &h1f01ff
Const FOLDER_ADD_SUBDIRECTORY = &h000004
Const FILE_DELETE = &h010000
Const FILE_DELETE_CHILD = &h000040
Const FOLDER_TRAVERSE = &h000020
Const FILE_READ_ATTRIBUTES = &h000080
Const FILE_READ_CONTROL = &h020000
Const FOLDER_LIST_DIRECTORY = &h000001
Const FILE_READ_EA = &h000008
Const FILE_SYNCHRONIZE = &h100000
Const FILE_WRITE_ATTRIBUTES = &h000100
Const FILE_WRITE_DAC = &h040000
Const FOLDER_ADD_FILE = &h000002
Const FILE_WRITE_EA = &h000010
Const FILE_WRITE_OWNER = &h080000

Const WBEM_RETURN_IMMEDIATELY = &h10
Const WBEM_FORWARD_ONLY = &h20

Dim objWMIService, objItem
Dim strComputer
Dim arrComputers
Dim colItems

Sub ReadDescriptor(strPath)
     Dim objFolderSecuritySettings, objSD, objACE
     Dim arrACEs
     Dim intControlFlags

     Set objFolderSecuritySettings = objWMIService.Get("Win32_LogicalFileSecuritySetting='" & strPath & "'")
     objFolderSecuritySettings.GetSecurityDescriptor objSD
                 
     intControlFlags = objSD.ControlFlags

     If intControlFlags AND SE_DACL_PRESENT Then
           arrACEs = objSD.DACL
           For Each objACE in arrACEs
                 WScript.Echo objACE.Trustee.Domain & "\" & objACE.Trustee.Name
                 If objACE.AceType = ACCESS_ALLOWED_ACE_TYPE Then
                       WScript.Echo vbTab & "Allowed:"
                 ElseIf objACE.AceType = ACCESS_DENIED_ACE_TYPE Then
                       WScript.Echo vbTab & "Denied:"
                 End If
                 If objACE.AccessMask AND FILE_ALL_ACCESS Then
                       WScript.Echo vbTab & vbTab & "FILE_ALL_ACCESS "
                 End If
                 If objACE.AccessMask AND FOLDER_ADD_SUBDIRECTORY Then
                       WScript.Echo vbTab & vbTab & " FOLDER_ADD_SUBDIRECTORY "
                 End If
                 If objACE.AccessMask AND FILE_DELETE Then
                       WScript.Echo vbTab & vbTab & "FILE_DELETE "
                 End If
                 If objACE.AccessMask AND FILE_DELETE_CHILD Then
                       WScript.Echo vbTab & vbTab & "FILE_DELETE_CHILD "
                 End If
                 If objACE.AccessMask AND FOLDER_TRAVERSE Then
                       WScript.Echo vbTab & vbTab & " FOLDER_TRAVERSE "
                 End If
                 If objACE.AccessMask AND FILE_READ_ATTRIBUTES Then
                       WScript.Echo vbTab & vbTab & "FILE_READ_ATTRIBUTES "
                 End If
                 If objACE.AccessMask AND FILE_READ_CONTROL Then
                       WScript.Echo vbTab & vbTab & "FILE_READ_CONTROL "
                 End If
                 If objACE.AccessMask AND FOLDER_LIST_DIRECTORY Then
                       WScript.Echo vbTab & vbTab & " FOLDER_LIST_DIRECTORY "
                 End If
                 If objACE.AccessMask AND FILE_READ_EA Then
                       WScript.Echo vbTab & vbTab & "FILE_READ_EA "
                 End If
                 If objACE.AccessMask AND FILE_SYNCHRONIZE Then
                       WScript.Echo vbTab & vbTab & "FILE_SYNCHRONIZE "
                 End If
                 If objACE.AccessMask AND FILE_WRITE_ATTRIBUTES Then
                       WScript.Echo vbTab & vbTab & "FILE_WRITE_ATTRIBUTES "
                 End If
                 If objACE.AccessMask AND FILE_WRITE_DAC Then
                       WScript.Echo vbTab & vbTab & "FILE_WRITE_DAC "
                 End If
                 If objACE.AccessMask AND FOLDER_ADD_FILE Then
                       WScript.Echo vbTab & vbTab & " FOLDER_ADD_FILE "
                 End If
                 If objACE.AccessMask AND FILE_WRITE_EA Then
                       WScript.Echo vbTab & vbTab & "FILE_WRITE_EA "
                 End If
                 If objACE.AccessMask AND FILE_WRITE_OWNER Then
                       WScript.Echo vbTab & vbTab & "FILE_WRITE_OWNER "
                 End If
           Next
     Else
             WScript.Echo "No DACL present in security descriptor"
     End If
End Sub

'
' Main Code
'


arrComputers = Array("127.0.0.1")
For Each strComputer In arrComputers
     WScript.Echo
     WScript.Echo "=========================================="
     WScript.Echo "Computer: " & strComputer
     WScript.Echo "=========================================="
     WScript.Echo

     On Error Resume Next
     Set objWMIService = GetObject("winmgmts:\\" & strComputer & "\root\CIMV2")
     Set colItems = objWMIService.ExecQuery("SELECT * FROM Win32_Share WHERE Type=0", "WQL",_
                 WBEM_RETURN_IMMEDIATELY + WBEM_FORWARD_ONLY)

     For Each objItem in colItems
           WScript.Echo "Listing Permissions for " & objItem.Path
           ReadDescriptor objItem.Path
     Next
     Set objWMIService = Nothing
     On Error Goto 0
Next
 
 
Post #: 1
 
RE: I need some help on a script to pull share and ntfs... - 4/30/2008 6:37:57 AM   
  ebgreen


Posts: 4595
Score: 29
Joined: 7/12/2005
Status: offline 		So it works for what you need except for outputting to CSV?

_____________________________

"... when you are good and crazy, oooh, oooh, oooh, the sky is the limit!" - The Tick
Goog places to start:http://www.visualbasicscript.com/m_24727/tm.htm
http://www.visualbasicscript.com/m_47117/tm.htm

(in reply to bkcook)
 
 
Post #: 2
 
RE: I need some help on a script to pull share and ntfs... - 4/30/2008 6:43:38 AM   
  bkcook

 

Posts: 3
Score: 0
Joined: 4/30/2008
Status: offline 		Yes sorry I am a real newbie.


(in reply to ebgreen)
 
 
Post #: 3
 
RE: I need some help on a script to pull share and ntfs... - 4/30/2008 7:01:43 AM   
  ebgreen


Posts: 4595
Score: 29
Joined: 7/12/2005
Status: offline 		Ok, so you need to look at this section of your code:

                WScript.Echo objACE.Trustee.Domain & "\" & objACE.Trustee.Name
                If objACE.AceType = ACCESS_ALLOWED_ACE_TYPE Then
                      WScript.Echo vbTab & "Allowed:"
                ElseIf objACE.AceType = ACCESS_DENIED_ACE_TYPE Then
                      WScript.Echo vbTab & "Denied:"
                End If
                If objACE.AccessMask AND FILE_ALL_ACCESS Then
                      WScript.Echo vbTab & vbTab & "FILE_ALL_ACCESS "
                End If
                If objACE.AccessMask AND FOLDER_ADD_SUBDIRECTORY Then
                      WScript.Echo vbTab & vbTab & " FOLDER_ADD_SUBDIRECTORY "
                End If
                If objACE.AccessMask AND FILE_DELETE Then
                      WScript.Echo vbTab & vbTab & "FILE_DELETE "
                End If
                If objACE.AccessMask AND FILE_DELETE_CHILD Then
                      WScript.Echo vbTab & vbTab & "FILE_DELETE_CHILD "
                End If
                If objACE.AccessMask AND FOLDER_TRAVERSE Then
                      WScript.Echo vbTab & vbTab & " FOLDER_TRAVERSE "
                End If
                If objACE.AccessMask AND FILE_READ_ATTRIBUTES Then
                      WScript.Echo vbTab & vbTab & "FILE_READ_ATTRIBUTES "
                End If
                If objACE.AccessMask AND FILE_READ_CONTROL Then
                      WScript.Echo vbTab & vbTab & "FILE_READ_CONTROL "
                End If
                If objACE.AccessMask AND FOLDER_LIST_DIRECTORY Then
                      WScript.Echo vbTab & vbTab & " FOLDER_LIST_DIRECTORY "
                End If
                If objACE.AccessMask AND FILE_READ_EA Then
                      WScript.Echo vbTab & vbTab & "FILE_READ_EA "
                End If
                If objACE.AccessMask AND FILE_SYNCHRONIZE Then
                      WScript.Echo vbTab & vbTab & "FILE_SYNCHRONIZE "
                End If
                If objACE.AccessMask AND FILE_WRITE_ATTRIBUTES Then
                      WScript.Echo vbTab & vbTab & "FILE_WRITE_ATTRIBUTES "
                End If
                If objACE.AccessMask AND FILE_WRITE_DAC Then
                      WScript.Echo vbTab & vbTab & "FILE_WRITE_DAC "
                End If
                If objACE.AccessMask AND FOLDER_ADD_FILE Then
                      WScript.Echo vbTab & vbTab & " FOLDER_ADD_FILE "
                End If
                If objACE.AccessMask AND FILE_WRITE_EA Then
                      WScript.Echo vbTab & vbTab & "FILE_WRITE_EA "
                End If
                If objACE.AccessMask AND FILE_WRITE_OWNER Then
                      WScript.Echo vbTab & vbTab & "FILE_WRITE_OWNER "
                End If


Read that and understand what it is doing and why it does what it does. Make changes and see how the output changes. Next decide how your CSV needs to be structured. Then figure out how you change that code to produce output that matches how your CSV needs to be structured. Last you will use the FileSystemObject to send your output to a file instead of the command line.

_____________________________

"... when you are good and crazy, oooh, oooh, oooh, the sky is the limit!" - The Tick
Goog places to start:http://www.visualbasicscript.com/m_24727/tm.htm
http://www.visualbasicscript.com/m_47117/tm.htm

(in reply to bkcook)
 
 
Post #: 4
 
RE: I need some help on a script to pull share and ntfs... - 4/30/2008 1:29:05 PM   
  bkcook

 

Posts: 3
Score: 0
Joined: 4/30/2008
Status: offline 		Ok tell me if I am on the right path

The WScript.Echo is what prints it to the screen?

Do  I replace it with the FileSystemObject

Could you put a example of what I need up.

(in reply to ebgreen)
 
 
Post #: 5
 
RE: I need some help on a script to pull share and ntfs... - 5/1/2008 12:31:16 AM   
  ebgreen


Posts: 4595
Score: 29
Joined: 7/12/2005
Status: offline 		Search the forums for:

FileSystemObject
OpenTextFile
WriteLine
Write

_____________________________

"... when you are good and crazy, oooh, oooh, oooh, the sky is the limit!" - The Tick
Goog places to start:http://www.visualbasicscript.com/m_24727/tm.htm
http://www.visualbasicscript.com/m_47117/tm.htm

(in reply to bkcook)
 
 
Post #: 6
 
 
 
 

If you found our site useful please link to us <a href="http://www.visualbasicscript.com">VisualBasicScript.com</a>.
All Forums >> [Scripting] >> WSH & Client Side VBScript >> I need some help on a script to pull share and ntfs permissions Page: [1]
Jump to:





New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts




Forum Software © ASPPlayground.NET Advanced Edition 2.5.5 ANSI