标题: VBSCript 之 GenerateSDDL 函数
作者: Demon
链接: https://demon.tw/copy-paste/vbscript-generatesddl.html
版权: 本博客的所有文章,都遵守“署名-非商业性使用-相同方式共享 2.5 中国大陆”协议条款。
自己写的一个函数和应用实例,用于设置对象的相关权限。
Function GenerateSDDL(AccountName, AccessFlag, AccessType, AccessMask)
Dim Accounts, ObjWMI, ObjSID, ObjTru, ObjACE
Const SET_DACL_PRESENT = &H8004
Set ObjWMI = GetObject("winmgmts:" & "{impersonationLevel=impersonate, (Security)}!\\.\root\cimv2")
Set Accounts = ObjWMI.ExecQuery("SELECT * FROM Win32_Account WHERE Name='" & AccountName & "'")
For Each Account In Accounts
StrSID = Account.SID
Next
Set ObjSID = ObjWMI.Get("Win32_SID.SID='"& StrSID &"'")
Set ObjTru = ObjWMI.Get("Win32_Trustee").SpawnInstance_()
ObjTru.Domain = ObjSID.ReferencedDomainName
ObjTru.Name = ObjSID.AccountName
ObjTru.SID = ObjSID.BinaryRepresentation
ObjTru.SidLength = ObjSID.SidLength
ObjTru.SIDString = ObjSID.Sid
Set ObjACE = ObjWMI.Get("Win32_ACE").SpawnInstance_()
ObjACE.Trustee = ObjTru
ObjACE.AceType = AccessType
ObjACE.AccessMask = AccessMask
ObjACE.AceFlags = AccessFlag
Set GenerateSDDL = ObjWMI.Get("Win32_SecurityDescriptor").SpawnInstance_()
GenerateSDDL.Owner = ObjTru
GenerateSDDL.DACL = Array(ObjACE)
GenerateSDDL.ControlFlags = SET_DACL_PRESENT
End Function
例子:
strPath = "d:\\1.txt"
Set ObjWMI = GetObject("winmgmts:" & "{impersonationLevel=impersonate, (Security)}!\\.\root\cimv2")
Set ObjSec = ObjWMI.Get("Win32_LogicalFileSecuritySetting.Path='" & strPath & "'")
ObjSec.SetSecurityDescriptor(GenerateSDDL("everyone", &H0, &H1, &H100E0))
原文链接:http://www.enun.net/?p=1255
赞赏
微信赞赏
支付宝赞赏
随机文章: