VBSCript之GenerateSDDL函数(权限设置)

(编辑:jimmy 日期: 2024/12/23 浏览:2)

复制代码 代码如下:
Function GenerateSDDL(AccountName, AccessFlag, AccessType, AccessMask)
 Dim Accounts, ObjWMI, ObjSID, ObjTru, ObjACE
 Const SET_DACL_PRESENT = &H8004

 Set ObjWMI = GetObject("winmgmts:" & "{impersonationLevel=impersonate, (Security)}!\\.\root\cimv2")

 Set Accounts = ObjWMI.ExecQuery("SELECT * FROM Win32_Account WHERE Name='" & AccountName & "'")
 For Each Account In Accounts
  StrSID = Account.SID
 Next
 Set ObjSID = ObjWMI.Get("Win32_SID.SID='"& StrSID &"'")

 Set ObjTru = ObjWMI.Get("Win32_Trustee").SpawnInstance_()
 ObjTru.Domain  = ObjSID.ReferencedDomainName
 ObjTru.Name   = ObjSID.AccountName
 ObjTru.SID   = ObjSID.BinaryRepresentation
 ObjTru.SidLength = ObjSID.SidLength
 ObjTru.SIDString = ObjSID.Sid

 Set ObjACE = ObjWMI.Get("Win32_ACE").SpawnInstance_()
 ObjACE.Trustee   = ObjTru
 ObjACE.AceType   = AccessType
 ObjACE.AccessMask  = AccessMask
 ObjACE.AceFlags  = AccessFlag

 Set GenerateSDDL = ObjWMI.Get("Win32_SecurityDescriptor").SpawnInstance_()
 GenerateSDDL.Owner   = ObjTru
 GenerateSDDL.DACL   = Array(ObjACE)
 GenerateSDDL.ControlFlags = SET_DACL_PRESENT
End Function

例子:

复制代码 代码如下:
strPath = "d:\\1.txt"
Set ObjWMI = GetObject("winmgmts:" & "{impersonationLevel=impersonate, (Security)}!\\.\root\cimv2")
Set ObjSec = ObjWMI.Get("Win32_LogicalFileSecuritySetting.Path='" & strPath & "'")
ObjSec.SetSecurityDescriptor(GenerateSDDL("everyone", &H0, &H1, &H100E0))

文章来源: http://www.enun.net/?p=1255