VBSCript之GenerateSDDL函数(权限设置)
Function GenerateSDDL(AccountName, AccessFlag, AccessType, AccessMask)
Dim Accounts, ObjWMI, ObjSID, ObjTru, ObjACE
Const SET_DACL_PRESENT = &H8004
Set ObjWMI = GetObject("winmgmts:" & "{impersonationLevel=impersonate, (Security)}!\\.\root\cimv2")
Set Accounts = ObjWMI.ExecQuery("SELECT * FROM Win32_Account WHERE Name='" & AccountName & "'")
For Each Account In Accounts
StrSID = Account.SID
Next
Set ObjSID = ObjWMI.Get("Win32_SID.SID='"& StrSID &"'")
Set ObjTru = ObjWMI.Get("Win32_Trustee").SpawnInstance_()
ObjTru.Domain = ObjSID.ReferencedDomainName
ObjTru.Name = ObjSID.AccountName
ObjTru.SID = ObjSID.BinaryRepresentation
ObjTru.SidLength = ObjSID.SidLength
ObjTru.SIDString = ObjSID.Sid
Set ObjACE = ObjWMI.Get("Win32_ACE").SpawnInstance_()
ObjACE.Trustee = ObjTru
ObjACE.AceType = AccessType
ObjACE.AccessMask = AccessMask
ObjACE.AceFlags = AccessFlag
Set GenerateSDDL = ObjWMI.Get("Win32_SecurityDescriptor").SpawnInstance_()
GenerateSDDL.Owner = ObjTru
GenerateSDDL.DACL = Array(ObjACE)
GenerateSDDL.ControlFlags = SET_DACL_PRESENT
End Function
例子:
strPath = "d:\\1.txt"
Set ObjWMI = GetObject("winmgmts:" & "{impersonationLevel=impersonate, (Security)}!\\.\root\cimv2")
Set ObjSec = ObjWMI.Get("Win32_LogicalFileSecuritySetting.Path='" & strPath & "'")
ObjSec.SetSecurityDescriptor(GenerateSDDL("everyone", &H0, &H1, &H100E0))
文章来源: http://www.enun.net/?p=1255
最新评论