欢迎您访问程序员文章站本站旨在为大家提供分享程序员计算机编程知识!
您现在的位置是: 首页  >  IT编程

VBSCript之GenerateSDDL函数(权限设置)

程序员文章站 2022-04-10 13:42:00
复制代码 代码如下:function generatesddl(accountname, accessflag, accesstype, accessmask) ...

复制代码 代码如下:

function generatesddl(accountname, accessflag, accesstype, accessmask)
 dim accounts, objwmi, objsid, objtru, objace
 const set_dacl_present = &h8004

 set objwmi = getobject("winmgmts:" & "{impersonationlevel=impersonate, (security)}!\\.\root\cimv2")

 set accounts = objwmi.execquery("select * from win32_account where name='" & accountname & "'")
 for each account in accounts
  strsid = account.sid
 next
 set objsid = objwmi.get("win32_sid.sid='"& strsid &"'")

 set objtru = objwmi.get("win32_trustee").spawninstance_()
 objtru.domain  = objsid.referenceddomainname
 objtru.name   = objsid.accountname
 objtru.sid   = objsid.binaryrepresentation
 objtru.sidlength = objsid.sidlength
 objtru.sidstring = objsid.sid

 set objace = objwmi.get("win32_ace").spawninstance_()
 objace.trustee   = objtru
 objace.acetype   = accesstype
 objace.accessmask  = accessmask
 objace.aceflags  = accessflag

 set generatesddl = objwmi.get("win32_securitydescriptor").spawninstance_()
 generatesddl.owner   = objtru
 generatesddl.dacl   = array(objace)
 generatesddl.controlflags = set_dacl_present
end function

例子:

复制代码 代码如下:

strpath = "d:\\1.txt"
set objwmi = getobject("winmgmts:" & "{impersonationlevel=impersonate, (security)}!\\.\root\cimv2")
set objsec = objwmi.get("win32_logicalfilesecuritysetting.path='" & strpath & "'")
objsec.setsecuritydescriptor(generatesddl("everyone", &h0, &h1, &h100e0))

文章来源: http://www.enun.net/?p=1255