win2003 服务器磁盘权限安全设置批处理
程序员文章站
2022-11-27 20:24:59
复制代码 代码如下: @echo off title c盘权限批量处理-2010.7.1 echo ----------------------------- echo 萬...
复制代码 代码如下:
@echo off
title c盘权限批量处理-2010.7.1
echo -----------------------------
echo 服务器c盘权限设置
echo
echo -----------------------------
:menu
echo.
echo [1] 删除c盘的everyone的权限
echo [2] 删除c盘的所有的users的访问权限
echo [3] 添加iis_wpg的访问权限
echo [4] 添加iis_wpg的访问权限[.net专用]
echo [5] 添加iis_wpg的访问权限[装了macfee的软件专用]
echo [6] 添加users的访问权限
echo [7] 删除c盘windows下的所有的危险文件夹
echo [8] 删除系统危险文件的访问权限,只留管理组成员
echo [9] 注册表相关设定
echo [10] 将c盘权限还原为默认[需重启]
echo [0] 退出
echo.
@echo 请选择?
@echo 输入上面的选项回车
@echo off
set /p menu=
if %menu% == 0 goto exit
if %menu% == 1 goto 1
if %menu% == 2 goto 2
if %menu% == 3 goto 3
if %menu% == 4 goto 4
if %menu% == 5 goto 5
if %menu% == 6 goto 6
if %menu% == 7 goto 7
if %menu% == 8 goto 8
if %menu% == 9 goto 9
if %menu% == 10 goto 10
:1
echo 删除c盘的everyone的权限
cacls "%systemdrive%" /r "creator owner" /e
cacls "%systemdrive%" /r "everyone" /e
cacls "%systemroot%" /r "everyone" /e
cacls "%systemdrive%/documents and settings" /r "everyone" /e
cacls "%systemdrive%/documents and settings/all users" /r "everyone" /e
cacls "%systemdrive%/documents and settings/all users/documents" /r "everyone" /e
echo.
echo 删除c盘的everyone的权限 ………………ok!
echo.
goto menu
:2
echo 删除c盘的所有的users的访问权限
cacls "%systemdrive%" /r "users" /e
cacls "%systemdrive%/program files" /r "users" /e
cacls "%systemdrive%/documents and settings" /r "users" /e
cacls "%systemroot%" /r "users" /e
cacls "%systemroot%/addins" /r "users" /e
cacls "%systemroot%/apppatch" /r "users" /e
cacls "%systemroot%/connection wizard" /r "users" /e
cacls "%systemroot%/debug" /r "users" /e
cacls "%systemroot%/driver cache" /r "users" /e
cacls "%systemroot%/help" /r "users" /e
cacls "%systemroot%/iis temporary compressed files" /r "users" /e
cacls "%systemroot%/java" /r "users" /e
cacls "%systemroot%/msagent" /r "users" /e
cacls "%systemroot%/mui" /r "users" /e
cacls "%systemroot%/repair" /r "users" /e
cacls "%systemroot%/resources" /r "users" /e
cacls "%systemroot%/security" /r "users" /e
cacls "%systemroot%/system" /r "users" /e
cacls "%systemroot%/tapi" /r "users" /e
cacls "%systemroot%/temp" /r "users" /e
cacls "%systemroot%/twain_32" /r "users" /e
cacls "%systemroot%/web" /r "users" /e
cacls "%systemroot%/winsxs" /r "users" /e
cacls "%systemroot%/system32/3com_dmi" /r "users" /e
cacls "%systemroot%/system32/administration" /r "users" /e
cacls "%systemroot%/system32/cache" /r "users" /e
cacls "%systemroot%/system32/catroot2" /r "users" /e
cacls "%systemroot%/system32/com" /r "users" /e
cacls "%systemroot%/system32/config" /r "users" /e
cacls "%systemroot%/system32/dhcp" /r "users" /e
cacls "%systemroot%/system32/drivers" /r "users" /e
cacls "%systemroot%/system32/export" /r "users" /e
cacls "%systemroot%/system32/icsxml" /r "users" /e
cacls "%systemroot%/system32/lls" /r "users" /e
cacls "%systemroot%/system32/logfiles" /r "users" /e
cacls "%systemroot%/system32/microsoftpassport" /r "users" /e
cacls "%systemroot%/system32/mui" /r "users" /e
cacls "%systemroot%/system32/oobe" /r "users" /e
cacls "%systemroot%/system32/shellext" /r "users" /e
cacls "%systemroot%/system32/wbem" /r "users" /e
echo.
echo 删除c盘的所有的users的访问权限 ………………ok!
echo.
goto menu
:7
echo 删除c盘windows下的所有的危险文件夹
attrib %systemroot%/web/printers -s -r -h
del %systemroot%\web\printers\*.* /s /q /f
rd %systemroot%\web\printers /s /q
attrib %systemroot%\help\iishelp -s -r -h
del %systemroot%\help\iishelp\*.* /s /q /f
rd %systemroot%\help\iishelp /s /q
attrib %systemroot%\system32\inetsrv\iisadmpwd -s -r -h
del %systemroot%\system32\inetsrv\iisadmpwd\*.* /s /q /f
rd %systemroot%\system32\inetsrv\iisadmpwd /s /q
echo.
echo 删除c盘windows下的所有的危险文件夹 ………………ok!
echo.
goto menu
:8
echo 给系统危险文件设置权限设定
cacls "c:\boot.ini" /t /c /e /g administrators:f
cacls "c:\boot.ini" /d guests:f /e
cacls "c:\autoexec.bat" /t /c /e /g administrators:f
cacls "c:\autoexec.bat" /d guests:f /e
cacls "%systemroot%/system32/net.exe" /t /c /e /g administrators:f
cacls "%systemroot%/system32/net.exe" /d guests:f /e
cacls "%systemroot%/system32/net1.exe" /t /c /e /g administrators:f
cacls "%systemroot%/system32/net1.exe" /d guests:f /e
cacls "%systemroot%/system32/cmd.exe" /t /c /e /g administrators:f
cacls "%systemroot%/system32/cmd.exe" /d guests:f /e
cacls "%systemroot%/system32/ftp.exe" /t /c /e /g administrators:f
cacls "%systemroot%/system32/ftp.exe" /d guests:f /e
cacls "%systemroot%/system32/netstat.exe" /t /c /e /g administrators:f
cacls "%systemroot%/system32/netstat.exe" /d guests:f /e
cacls "%systemroot%/system32/regedit.exe" /t /c /e /g administrators:f
cacls "%systemroot%/system32/regedit.exe" /d guests:f /e
cacls "%systemroot%/system32/at.exe" /t /c /e /g administrators:f
cacls "%systemroot%/system32/at.exe" /d guests:f /e
cacls "%systemroot%/system32/attrib.exe" /t /c /e /g administrators:f
cacls "%systemroot%/system32/attrib.exe" /d guests:f /e
cacls "%systemroot%/system32/format.com" /t /c /e /g administrators:f
cacls "%systemroot%/system32/format.com" /d guests:f /e
cacls "%systemroot%/system32/logoff.exe" /t /c /e /g administrators:f
cacls "%systemroot%/system32/shutdown.exe" /g administrators:f
cacls "%systemroot%/system32/shutdown.exe" /d guests:f /e
cacls "%systemroot%/system32/telnet.exe" /t /c /e /g administrators:f
cacls "%systemroot%/system32/telnet.exe" /d guests:f /e
cacls "%systemroot%/system32/wscript.exe" /t /c /e /g administrators:f
cacls "%systemroot%/system32/wscript.exe" /d guests:f /e
cacls "%systemroot%/system32/doskey.exe" /t /c /e /g administrators:f
cacls "%systemroot%/system32/doskey.exe" /d guests:f /e
cacls "%systemroot%/system32/help.exe" /t /c /e /g administrators:f
cacls "%systemroot%/system32/help.exe" /d guests:f /e
cacls "%systemroot%/system32/ipconfig.exe" /t /c /e /g administrators:f
cacls "%systemroot%/system32/ipconfig.exe" /d guests:f /e
cacls "%systemroot%/system32/nbtstat.exe" /t /c /e /g administrators:f
cacls "%systemroot%/system32/nbtstat.exe" /d guests:f /e
cacls "%systemroot%/system32/print.exe" /t /c /e /g administrators:f
cacls "%systemroot%/system32/print.exe" /d guests:f /e
cacls "%systemroot%/system32/xcopy.exe" /t /c /e /g administrators:f
cacls "%systemroot%/system32/xcopy.exe" /d guests:f /e
cacls "%systemroot%/system32/edit.com" /t /c /e /g administrators:f
cacls "%systemroot%/system32/edit.com" /d guests:f /e
cacls "%systemroot%/system32/regedt32.exe" /t /c /e /g administrators:f
cacls "%systemroot%/system32/regedt32.exe" /d guests:f /e
cacls "%systemroot%/system32/reg.exe" /t /c /e /g administrators:f
cacls "%systemroot%/system32/reg.exe" /d guests:f /e
cacls "%systemroot%/system32/register.exe" /t /c /e /g administrators:f
cacls "%systemroot%/system32/register.exe" /d guests:f /e
cacls "%systemroot%/system32/replace.exe" /t /c /e /g administrators:f
cacls "%systemroot%/system32/replace.exe" /d guests:f /e
cacls "%systemroot%/system32/nwscript.exe" /t /c /e /g administrators:f
cacls "%systemroot%/system32/nwscript.exe" /d guests:f /e
cacls "%systemroot%/system32/share.exe" /t /c /e /g administrators:f
cacls "%systemroot%/system32/share.exe" /d guests:f /e
cacls "%systemroot%/system32/ping.exe" /t /c /e /g administrators:f
cacls "%systemroot%/system32/ping.exe" /d guests:f /e
cacls "%systemroot%/system32/ipsec6.exe" /t /c /e /g administrators:f
cacls "%systemroot%/system32/ipsec6.exe" /d guests:f /e
cacls "%systemroot%/system32/netsh.exe" /t /c /e /g administrators:f
cacls "%systemroot%/system32/netsh.exe" /d guests:f /e
cacls "%systemroot%/system32/debug.exe" /t /c /e /g administrators:f
cacls "%systemroot%/system32/debug.exe" /d guests:f /e
cacls "%systemroot%/system32/route.exe" /t /c /e /g administrators:f
cacls "%systemroot%/system32/route.exe" /d guests:f /e
cacls "%systemroot%/system32/tracert.exe" /t /c /e /g administrators:f
cacls "%systemroot%/system32/tracert.exe" /d guests:f /e
cacls "%systemroot%/system32/powercfg.exe" /t /c /e /g administrators:f
cacls "%systemroot%/system32/powercfg.exe" /d guests:f /e
cacls "%systemroot%/system32/nslookup.exe" /t /c /e /g administrators:f
cacls "%systemroot%/system32/nslookup.exe" /d guests:f /e
cacls "%systemroot%/system32/arp.exe" /t /c /e /g administrators:f
cacls "%systemroot%/system32/arp.exe" /d guests:f /e
cacls "%systemroot%/system32/rsh.exe" /t /c /e /g administrators:f
cacls "%systemroot%/system32/rsh.exe" /d guests:f /e
cacls "%systemroot%/system32/netdde.exe" /t /c /e /g administrators:f
cacls "%systemroot%/system32/netdde.exe" /d guests:f /e
cacls "%systemroot%/system32/mshta.exe" /t /c /e /g administrators:f
cacls "%systemroot%/system32/mshta.exe" /d guests:f /e
cacls "%systemroot%/system32/mountvol.exe" /t /c /e /g administrators:f
cacls "%systemroot%/system32/mountvol.exe" /d guests:f /e
cacls "%systemroot%/system32/tftp.exe" /t /c /e /g administrators:f
cacls "%systemroot%/system32/tftp.exe" /d guests:f /e
cacls "%systemroot%/system32/setx.exe" /t /c /e /g administrators:f
cacls "%systemroot%/system32/setx.exe" /d guests:f /e
cacls "%systemroot%/system32/find.exe" /t /c /e /g administrators:f
cacls "%systemroot%/system32/find.exe" /d guests:f /e
cacls "%systemroot%/system32/finger.exe" /t /c /e /g administrators:f
cacls "%systemroot%/system32/finger.exe" /d guests:f /e
cacls "%systemroot%/system32/where.exe" /t /c /e /g administrators:f
cacls "%systemroot%/system32/where.exe" /d guests:f /e
cacls "%systemroot%/system32/regsvr32.exe" /t /c /e /g administrators:f
cacls "%systemroot%/system32/regsvr32.exe" /d guests:f /e
cacls "%systemroot%/system32/cacls.exe" /t /c /e /g administrators:f
cacls "%systemroot%/system32/cacls.exe" /d guests:f /e
cacls "%systemroot%/system32/sc.exe" /t /c /e /g administrators:f
cacls "%systemroot%/system32/sc.exe" /d guests:f /e
cacls "%systemroot%/system32/shadow.exe" /t /c /e /g administrators:f
cacls "%systemroot%/system32/shadow.exe" /d guests:f /e
cacls "%systemroot%/system32/runas.exe" /t /c /e /g administrators:f
cacls "%systemroot%/system32/runas.exe" /d guests:f /e
cacls "%systemroot%/system32/wshom.ocx" /t /c /e /g administrators:f
cacls "%systemroot%/system32/wshom.ocx" /d guests:f /e
cacls "%systemroot%/system32/wshext.dll" /t /c /e /g administrators:f
cacls "%systemroot%/system32/wshext.dll" /d guests:f /e
cacls "%systemroot%/system32/shell32.dll" /t /c /e /g administrators:f
cacls "%systemroot%/system32/shell32.dll" /d guests:f /e
cacls "%systemroot%/system32/zipfldr.dll" /t /c /e /g administrators:f
cacls "%systemroot%/system32/zipfldr.dll" /d guests:f /e
cacls "%systemroot%/pchealth/helpctr/binaries/msconfig.exe" /t /c /e /g administrators:f
cacls "%systemroot%/pchealth/helpctr/binaries/msconfig.exe" /d guests:f /e
cacls "%systemroot%/notepad.exe" /t /c /e /g administrators:f
cacls "%systemroot%/notepad.exe" /d guests:f /e
cacls "%systemroot%/regedit.exe" /t /c /e /g administrators:f
cacls "%systemroot%/regedit.exe" /d guests:f /e
cacls "%systemroot%/winhelp.exe" /t /c /e /g administrators:f
cacls "%systemroot%/winhelp.exe" /d guests:f /e
cacls "%systemroot%/winhlp32.exe" /t /c /e /g administrators:f
cacls "%systemroot%/winhlp32.exe" /d guests:f /e
cacls "%systemroot%/system32/notepad.exe" /t /c /e /g administrators:f
cacls "%systemroot%/system32/notepad.exe" /d guests:f /e
cacls "%systemroot%/system32/edlin.exe" /t /c /e /g administrators:f
cacls "%systemroot%/system32/edlin.exe" /d guests:f /e
cacls "%systemroot%/system32/posix.exe" /t /c /e /g administrators:f
cacls "%systemroot%/system32/posix.exe" /d guests:f /e
cacls "%systemroot%/system32/atsvc.exe" /t /c /e /g administrators:f
cacls "%systemroot%/system32/atsvc.exe" /d guests:f /e
cacls "%systemroot%/system32/qbasic.exe" /t /c /e /g administrators:f
cacls "%systemroot%/system32/qbasic.exe" /t /c /e /g administrators:f
cacls "%systemroot%/system32/runonce.exe" /t /c /e /g administrators:f
cacls "%systemroot%/system32/runonce.exe" /d guests:f /e
cacls "%systemroot%/system32/syskey.exe" /t /c /e /g administrators:f
cacls "%systemroot%/system32/syskey.exe" /d guests:f /e
cacls "%systemroot%/system32/cscript.exe" /t /c /e /g administrators:f
cacls "%systemroot%/system32/cscript.exe" /d guests:f /e
echo.
echo 给系统危险文件设置权限设定 ………………ok!
echo.
goto menu
:9
echo 注册表相关设定
reg delete hkey_classes_root\wscript.shell /f
reg delete hkey_classes_root\wscript.shell.1 /f
reg delete hkey_classes_root\shell.application /f
reg delete hkey_classes_root\shell.application.1 /f
reg delete hkey_classes_root\wscript.network /f
reg delete hkey_classes_root\wscript.network.1 /f
regsvr32 /s /u wshom.ocx
regsvr32 /s /u wshext.dll
regsvr32 /s /u shell32.dll
regsvr32 /s /u zipfldr.dll
echo.
echo 注册表相关设定 ………………ok!
echo.
goto menu
:3
echo 添加iis_wpg的访问权限
cacls "%systemroot%" /g iis_wpg:r /e
cacls "%systemdrive%/program files/common files" /g iis_wpg:r /e
cacls "%systemroot%/downloaded program files" /g iis_wpg:c /e
cacls "%systemroot%/help" /g iis_wpg:c /e
cacls "%systemroot%/iis temporary compressed files" /g iis_wpg:c /e
cacls "%systemroot%/offline web pages" /g iis_wpg:c /e
cacls "%systemroot%/system32" /g iis_wpg:c /e
cacls "%systemroot%/tasks" /g iis_wpg:c /e
cacls "%systemroot%/temp" /g iis_wpg:c /e
cacls "%systemroot%/web" /g iis_wpg:c /e
echo.
echo 添加iis_wpg的访问权限 ………………ok!
echo.
goto menu
:4
echo 添加iis_wpg的访问权限[.net专用]
cacls "%systemroot%/assembly" /g iis_wpg:c /e
cacls "%systemroot%/microsoft.net" /g iis_wpg:c /e
echo.
echo 添加iis_wpg的访问权限[.net专用] ………………ok!
echo.
goto menu
:5
echo 添加iis_wpg的访问权限[装了macfee的软件专用]
cacls "%systemdrive%/program files/network associates" /g iis_wpg:r /e
echo.
echo 添加iis_wpg的访问权限[装了macfee的软件专用] ………………ok!
echo.
goto menu
:6
echo 添加users的访问权限
cacls "%systemroot%/temp" /g users:c /e
echo.
echo 添加users的访问权限 ………………ok!
echo.
goto menu
:10
echo 将c盘权限还原为默认
secedit /configure /db %systemroot%\security\database\cvtfs.sdb /cfg "%systemroot%\security\templates\setup security.inf" /areas filestore
goto menu
:exit
exit
将上面代码保存为xx.bat 即可设置服务器磁盘安全
其实青云的批处理也不错的,大家可以根据需要选择下载地址