Re: Very Annoying Permissions

Tech-Archive recommends: Repair Windows Errors & Optimize Windows Performance

Fine. If you want the computer to write something then
you must run that script within the context of a computer
session, not a user session. Up to now you've done the
latter, hence your problems.

Running the script under a local computer session
presents two challenges:
a) To find out when a user logs on and logs off, and
b) To give the computer session sufficient privileges
to access a log file located on a shared resource.

You could resolve item b) by getting the computer
session to write to a local log file that is inaccessible
to the user. You will then have to design a tool to
harvest these log files, which is apparently a minor
issue for you.

About my little script:

cd /d d:\Logs (assuming that this is the place where the logs reside)
for %%a in (*.*) do (
type %%a >> d:\SystemLogs\Logon.log
del %%a
)
> What is the %%a? That isn't an environment variable that I recognize.

%%a is the running variable used in the "for" loop. It assumes
the value of file names in the log folder.


"Robert Williams" <RobertW@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx>
wrote in message news:eLKeJQGIGHA.1760@xxxxxxxxxxxxxxxxxxxxxxx
>
> "Pegasus (MVP)" <I.can@xxxxxxx> wrote in message
> news:eUdNDziHGHA.376@xxxxxxxxxxxxxxxxxxxxxxx
> >
>
> [snip]
>
> >
> > You sound a little like the this person who could not write,
> > so he asked someone else to write a letter for him.
> > He made him do it blind-folded so that he could not see
> > what he was writing . . .
>
> I have no problem writing. If you are implying I'm asking you to write a
script
> for me, you're way off.
>
> My apologies if I was not clear enough. My whole point was: Why must one
have
> READ and EXECUTE permissions, just to WRITE to a folder that they
shouldn't see?
>
> I do not want the *PERSON* to see the folder, but I want the *COMPUTER* to
write
> to it, yet MS treats PERSON and COMPUTER as one being.
>
> Forget anything I mentioned about the scripts, I already have them
written. If
> I needed help with scripts, I would have posted in one of the many
scripting
> NGs.
>
> I want to allow computers to WRITE to a folder(or a file in a folder)
without
> allowing users the permission of opening or viewing what is in the folder.
BUT,
> just checking the "Hidden" attribute will not work, as all the users here
can
> see hidden and system files.
>
>
> > You can get around your little problem by getting the user's
> > PC to write the logon/logoff times into a PC-specific file
> > with full read/write access for everyone, e.g. into
> > \\YourServer\SomeShare\Logs\%ComputerNamet%.log.
> > You then run a scheduled task once every five minutes
> > on your server. Here is what it does:
> > @echo off
> > cd /d d:\Logs (assuming that this is the place where the logs reside)
> > for %%a in (*.*) do (
> > type %%a >> d:\SystemLogs\Logon.log
> > del %%a
> > )
> >
> > The file d:\SystemLogs\Logon.log is inaccessible to users.
> > Problem solved!
>
>
> My point is that I don't care WHERE the log files are written to, I don't
want
> the USERS to see the files. Allowing everyone full control STILL allows
the
> users to view the contents of the folder.
>
> I'm can't clog up my server with tasks from all my users every 5 minutes.
The
> scripts I have run when each user logs onto and off of their computers.
At max,
> that is 4 times per day per computer. Besides, I already have the scripts
being
> directed to USER-specific folders, so that I can go into a user's folder
and see
> when and where that person logged on This to me is much easier than
searching
> through all the computer folders trying to find specific users.
>
>
> Since you mention it though. If I were to add this portion of script to
the
> logon / logoff scripts, would that take care of my problem?
>
> @echo off
> cd /d d:\Logs (assuming that this is the place where the logs reside)
> for %%a in (*.*) do (
> type %%a >> d:\SystemLogs\Logon.log
> del %%a
> )
>
> What is the %%a? That isn't an environment variable that I recognize.
>
>
> Thanks
>
> RW
>
>


.

Relevant Pages

  • [kde] Re: plasma-desktop (KDE factory) acting up?
    ... example is another logging plasmoid that shows the output of a little ... script that outputs the state of my four drives every ten seconds. ... I have the group set to wheel for the logs I want to be read by trusted ... folder with pictures of people, and a subfolder with pictures of myself. ...
    (KDE)
  • RE: SP1 Install Errors
    ... I have received your logs files and emails. ... time difference between us, and as you know, SP1 log is a large file and we ... First attempt at executing script sp1_serv_uni.sql failed; ... Microsoft CSS Online Newsgroup Support ...
    (microsoft.public.windows.server.sbs)
  • RE: Domain Startup Scripting
    ... the following command always works and logs the appropriate info ... above which tells me it is accessing the script, ... could help me with troubleshooting a domain startup script routine. ... @echo off ...
    (microsoft.public.windows.server.scripting)
  • Re: Need some problemsolving-cgi/xml
    ... Did you check the server logs to see what ... Have you tested the script at ... > I get a CGI timeout error. ... How can I combine all these xml files/xsl to ...
    (comp.lang.perl.misc)
  • Re: Array, foreach problem
    ... On Wed, May 5, 2010 at 7:21 PM, Akhthar Parvez K ... If you want this script to run all the time in a never ending loop and ... (I've seen flat text logs that grew by as much as +1GB per day) ... sure you send a mail even if all it says that there is nothing to report. ...
    (perl.beginners)