Photo Gallery Member List Search Calendars FAQ Ticket List Log Out


inheritable permissions from AD on computers?

  		Logged in as: Guest
arrSession:exec spGetSession 2,2,60343
Active Users: There are 0 members and 0 guests.
Users viewing this topic: none
 

 

  
 
  Printable Version
All Forums >> [Scripting] >> WSH & Client Side VBScript >> inheritable permissions from AD on computers?
  Do you like VisualBasicScript.com? Link to us and help spread the word about our forum. Thanks! 		Page: [1]
Login
Message << Older Topic   Newer Topic >>
inheritable permissions from AD on computers? - 5/18/2008 4:22:46 AM   
  ybotspawn

 

Posts: 2
Score: 0
Joined: 5/18/2008
Status: offline 		Hey everyone, im obviously new here but i have a problem. I made a script that sets the active directory security setting that enable this setting for users, but can't seem to modify it to do the same for computers. I continually get a contraint violation has occured on line 38, char 1. ANy advice would be great!! ! THanks in advance!!!

'enableperminheritance.vbs

'Set strOUpath variable to match the

'target OU in your domain

strOUpath = "OU=testinherit,OU=Test,OU=Workstations,OU=ybotspawn,OU=buildings,DC=oz,DC=kiamoko,DC=org"

Const SE_DACL_PROTECTED = 0 'enables inheritance



'Connect to OU in Active Directory

set objConn = createObject("ADODB.Connection")

set objCommand = createObject("ADODB.Command")

objConn.Provider = "ADsDSOObject"

objConn.Open "Active Directory Provider"

Set objCommand.ActiveConnection = objConn

strUsrFil = "<LDAP://" & strOUpath & ">;(&(objectCategory=person)(objectClass=Computer))"

objCommand.CommandText = strUsrFil & ";Name;subtree"

'wscript.echo strUsrFil & ";sAMAccountName;subtree"

objCommand.Properties("Page Size") = 100

objCommand.Properties("Timeout") = 30

objCommand.Properties("Cache Results") = False

Set objComputerRecords = objCommand.Execute



intComputerCount = 0 'Computer object counter



' Enable Permissions inheritance for each Computer

Do Until objComputerRecords.EOF

intComputerCount = intComputerCount + 1

strComputer = objComputerRecords.Fields("Name").Value

'wscript.echo "LDAP://cn=" & strComputer & "," & strOuPath



strComputer=replace(strComputer, ",", "\,")

strComputer=replace(strComputer, "/", "\/")

'set objComputer = GetObject ("LDAP://cn=" & replace(strComputer, ",", "\,") & "," & strOuPath)

set objComputer = GetObject ("LDAP://cn=" & strComputer & "," & strOuPath)

Set objNTSec = objComputer.Get("nTSecurityDescriptor")

intNTSecDes = objNTSec.Control

intNTSecDes = intNTSecDes And SE_DACL_PROTECTED

objNTSec.Control = intNTSecDes

'objComputer.Put "nTSecurityDescriptor", objNTSec

objComputer.Put("ntSecurityDescriptor"), objNTSec

'objComputer.SetInfo

objComputerRecords.MoveNext

Loop



' Output the number of records changed

' Note that the permissions inheritance flag is

' set on all Computers in the OU, regardless of whether

' or not it was already set.

wscript.echo("Enabled Permissions Inheritance for " &_

intComputerCount & " Computers in the OU " & strOUpath)
 
 
Post #: 1
 
RE: inheritable permissions from AD on computers? - 5/20/2008 2:02:05 AM   
  ybotspawn

 

Posts: 2
Score: 0
Joined: 5/18/2008
Status: offline 		bump? 

(in reply to ybotspawn)
 
 
Post #: 2
 
 
 
 

If you found our site useful please link to us <a href="http://www.visualbasicscript.com">VisualBasicScript.com</a>.
All Forums >> [Scripting] >> WSH & Client Side VBScript >> inheritable permissions from AD on computers? Page: [1]
Jump to:





New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts




Forum Software © ASPPlayground.NET Advanced Edition 2.5.5 ANSI