Re: Share Berechtigungen auslesen



Es ist uninteressant.


250 oder so Messages wsh.de.

bei ueber einer Milliarde

installierten Windows OS seit [32 bits] 1995.

---------------------

Ihr habt versch*ssen.

----------------

Besucht Euch im Daimler 300 Reihe Museum,

und kratzt Euch wo es juckt.

=====================

International seit Ihr gegessen.











"Jens" <Jens@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:D238A378-46D2-4F69-905C-8D1D7F7EDC98@xxxxxxxxxxxxxxxx
So, wieder ein Stück weiter: Dieses Skript liest mir nun die Freigaben und
die Berechtigungen der Benutzer aus. Nur: Wenn ich für mehrere Benutzer
die
NTFS Berechtigungen gesetzt habe, liest er mir nur den alphabetisch
jeweils
ersten aus. Die Berechtigungen weiterer Benutzer werden nicht ausgelesen.
Weiß jemand wie ich das machen kann?

' Define constants.
Const FILE_LIST_DIRECTORY = &H1
Const FILE_ADD_FILE = &H2
Const FILE_ADD_SUBDIRECTORY = &H4
Const FILE_READ_EA = &H8
Const FILE_WRITE_EA = &H10
Const FILE_TRAVERSE = &H20
Const FILE_DELETE_CHILD = &H40
Const FILE_READ_ATTRIBUTES = &H80
Const FILE_WRITE_ATTRIBUTES = &H100
Const DELETE = &H10000
Const READ_CONTROL = &H20000
Const WRITE_DAC = &H40000
Const WRITE_OWNER = &H80000
Const SYNCHRONIZE = &H100000


Set oWMI = GetObject("winmgmts:")

Set objWMIService = GetObject("winmgmts:" &
"{impersonationLevel=impersonate}!\\" & "localhost" & "\root\cimv2")
Set oShares = oWMI.ExecQuery("select Name from Win32_Share where Type=0")

For Each oShare In oShares

' Connect to WMI and get the share security object for the share
Set oShareSecSetting =
GetObject("winmgmts:Win32_LogicalShareSecuritySetting.Name='" &
oShare.Name &
"'")


' Use the Win32_LogicalShareSecuritySetting Caption property to create a
' simple header before dumping the discretionary access control list
(DACL)
WScript.Echo oShareSecSetting.Caption


' Call the Win32_LogicalShareSecuritySetting GetSecurityDescriptor
' method to retrieve an instance of the Win32_SecurityDescriptor class
' for the target object. Note that this is achieved by passing an empty
' variable to GetSecurityDescriptor, which GetSecurityDescriptor in turn
' initializes with an instance of the Win32_SecurityDescriptor class
' that corresponds to the security descriptor for the target object.
iRC = oShareSecSetting.GetSecurityDescriptor(oSecurityDescriptor)


If iRC <> 0 Then
Select Case iRC
Case 2
WScript.Echo "You do not have access to the requested information"
Case 8
WScript.Echo "Unknown failure"
Case 9
WScript.Echo "You do not have adequate privileges"
Case 21
WScript.Echo "The specified parameter is invalid"
Case Else
WScript.Echo "Unknown error"
End Select
WScript.Quit
End If


' After the security descriptor is retrieved, you can use the properties
' provided by the Win32_SecurityDescriptor class to dissect the security
' descriptor's access control lists (DACL and SACL) and access
' control entries (ACEs).


' Retrieve the content of Win32_SecurityDescriptor DACL property.
' The DACL is an array of Win32_ACE objects.
aDACL = oSecurityDescriptor.DACL



For Each oAce In aDACL

WScript.Echo "Access Mask: " & oAce.AccessMask
WScript.Echo "ACE Type: " & oAce.AceType


' Get Win32_Trustee object from ACE
Set oTrustee = oAce.Trustee
WScript.Echo "Trustee Domain: " & oTrustee.Domain
WScript.Echo "Trustee Name: " & oTrustee.Name


' Get SID as array from Trustee
aSID = oTrustee.SID
strsid = ""

For i = 0 To UBound(aSID) - 1
strsid = strsid & aSID(i) & ","
Next
strsid = strsid & aSID(i)
WScript.Echo "Trustee SID: {" & strsid & "}" & vbcrlf & "== Rights
=="

If (oAce.AccessMask And FILE_LIST_DIRECTORY) <> 0 Then
Wscript.Echo "FILE_LIST_DIRECTORY"
End If
If (oAce.AccessMask And FILE_ADD_FILE) <> 0 Then
Wscript.Echo "FILE_ADD_FILE"
End If
If (oAce.AccessMask And FILE_ADD_SUBDIRECTORY) <> 0 Then
Wscript.Echo "FILE_ADD_SUBDIRECTORY"
End If
If (oAce.AccessMask And FILE_READ_EA) <> 0 Then
Wscript.Echo "FILE_READ_EA"
End If
If (oAce.AccessMask And FILE_WRITE_EA) <> 0 Then
Wscript.Echo "FILE_WRITE_EA"
End If
If (oAce.AccessMask And FILE_TRAVERSE) <> 0 Then
Wscript.Echo "FILE_TRAVERSE"
End If
If (oAce.AccessMask And FILE_DELETE_CHILD) <> 0 Then
Wscript.Echo "FILE_DELETE_CHILD"
End If
If (oAce.AccessMask And FILE_READ_ATTRIBUTES) <> 0 Then
Wscript.Echo "FILE_READ_ATTRIBUTES"
End If
If (oAce.AccessMask And FILE_WRITE_ATTRIBUTES) <> 0 Then
Wscript.Echo "FILE_WRITE_ATTRIBUTES"
End If
If (oAce.AccessMask And DELETE) <> 0 Then
Wscript.Echo "DELETE"
End If
If (oAce.AccessMask And READ_CONTROL) <> 0 Then
Wscript.Echo "READ_CONTROL"
End If
If (oAce.AccessMask And WRITE_DAC) <> 0 Then
Wscript.Echo "WRITE_DAC"
End If
If (oAce.AccessMask And WRITE_OWNER) <> 0 Then
Wscript.Echo "WRITE_OWNER"
End If
If (oAce.AccessMask And SYNCHRONIZE) <> 0 Then
Wscript.Echo "SYNCHRONIZE"
End If
wscript.echo
Next
Next

.