Re: Need help interpreting a Script for Actie Directory using SubinAC

I'm not familiar with the tool SubInAcl, but a few comments. In the
statement

return = WshShell.Run(subcmd, o, true)

The letter "o" should be the number "0". There is a space missing in the
statement:

SetWshShell = CreateObject("Wscript.Shell")

It should be "Set WshSHell". I would check for blank lines in the text file
and skip. From what I can find about the tool SubInAcl, <source host> is the
first domain (the one we are copying permissions from) and <destination
host> is the new domain (the one we are copying permissions to). I would
guess that <destination directory> is a directory name. We are copying the
permission for this directory granted to users in domain <source host> to
similar users in domain <destination host>. The NT names of the users
(sAMAccountName's, also called "pre-Windows 2000 logon names") are read from
the text file <file containing list of accounts>. My guess is that subCmd is
to copy these permissions for one directory and subCmd2 is to copy
permissions for another directory, so I would expect the value of
<destination directory> to be different.

I cannot find completed documentation of the syntax for SubInAcl, but here
are some links:

http://www.microsoft.com/downloads/details.aspx?FamilyID=e8ba3e56-d8fe-4a91-93cf-ed6985e3927b&displaylang=en

http://support.microsoft.com/kb/266083

http://support.microsoft.com/kb/265360

I would expect the download in the first link to include some kind of help.
Also the tool probably has syntax help. I would think there must be a trust
between the two domains.

If you must specify every directory, it seems like a lot more than 2 command
lines are needed per user. Maybe the input file should have both user name
and directory. Then you run one command per non-blank line in the file. You
would parse each line for user name and directory.

--
Richard Mueller
Microsoft MVP Scripting and ADSI
Hilltop Lab - http://www.rlmueller.net
--

"booker@mgt" <bookermgt@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:FBCBC4DD-159E-4A4D-A69D-2C7FEFDCF08F@xxxxxxxxxxxxxxxx
Someone gave me the script below for the process of updating/changing the
SIDS on resources/users from one domain to the other. I am not 100% clear
on
how to interpret the script. I would imagine the source host is the
source
DC, and the destination host is the target domain DC. What would be the
"destination directory".

Also, why are there two subCmd operations. And will this work without a
trust between the two domains. And In laymen's terms, what exactly does
this
script do. Mind you, I have the same usernames in both domains.


'SCRIPT

Const ForReading = 1

Set UserDict = CreateObject("Scripting.Dictionary")

Set objFS01 = CreateObject("Scripting.FileSystemObject")

Set objLocalUsers = objFS01.OpenTextFile("<file containing list of
accounts>", ForReading)

SetWshShell = CreateObject("Wscript.Shell")

i=1

Do while objLocalUsers.AtEndOfStream <> True
strNextLine = objLocalUsers.Readline
userDict.Add i, strNextLine
i = i +1
Loop

namelist = userDict.Keys

For Each name in nameList
subCmd = "subinacl /noverbose " & _
"/alternatesamserver=\\<source host> /subdirectories ""<destination
directory>"" /replace=<source host>\" & _
userDict.Item(name) & "=<Destination host>\" & userDict.Item(name)

subCmd2 = "subinacl /noverbose " & _
"/alternatesamserver=\\<source host> /subdirectories ""<destination
directory>"" /replace=<source host>\" & _
userDict.Item(name) & "=<destination host>\" & userDict.Item(name)

' Wscript.Echo subCmd
' Wscript. Echo

Wscript.Echo "Setting ACL's for " & userDict.Item(name) & "..."
return = WshShell.Run(subcmd, o, true)
return2 = WshShell.Run(subcmd2, 0, true) Wscript.Echo

Next

'End of Script




.

Relevant Pages

  • Re: DTS package to copy database
    ... Create a script that will drop DRI on the destination ... Create a DTS package to pump all data from Source --> Destination ... Allan Mitchell MCSE,MCDBA, (Microsoft SQL Server MVP) ... >>> The DB permissions are set for local users on each machine (including ...
    (microsoft.public.sqlserver.dts)
  • Scripting: Zipping files and checking Network Share
    ... I am trying to write a script that performs a few specific ... Copy source files to destination only if they do not exsist on the ... out how to have it loop until a successful connection is made - and send out ... Sub CopySource() ...
    (microsoft.public.scripting.vbscript)
  • Re: Relink question
    ... I think I have found enough clues in the documentation to deduce that the destination database is the FE and the source database is the BE. ... Section 14.3 states that the Connect property can be used as long as there are "full permissions in the destination database and Open/Run permissions on the source database - no permissions at all are necessary on the source tables." ... I'm not sure why it assumes that, since the group name apparentlly is passed to the function, but assuming it is necessary to pass the Admins group name, either the code can be run only by members of the Admins group or everybody needs to be a member of the group. ...
    (microsoft.public.access.formscoding)
  • Re: Scripting: Zipping files and checking Network Share
    ... I am trying to write a script that performs a few specific ... Copy source files to destination only if they do not exsist on the ... out how to have it loop until a successful connection is made - and send ... Sub CopySource() ...
    (microsoft.public.scripting.vbscript)
  • Re: File Copy
    ... Can you create/move any files to that location on the destination machine? ... I think I can read the source file OK. ... my error is a lack of permissions on the target directory. ...
    (microsoft.public.windows.vista.file_management)