Security
DACLs
Read a Folder DACL , WMI
' Read a Folder DACL
strFolderName = "C:\scripts\sec_center"
SE_DACL_PRESENT = &h4
ACCESS_ALLOWED_ACE_TYPE = &h0
ACCESS_DENIED_ACE_TYPE = &h1
FILE_ALL_ACCESS = &h1f01ff
FOLDER_ADD_SUBDIRECTORY = &h000004
FILE_DELETE = &h010000
FILE_DELETE_CHILD = &h000040
FOLDER_TRAVERSE = &h000020
FILE_READ_ATTRIBUTES = &h000080
FILE_READ_CONTROL = &h020000
FOLDER_LIST_DIRECTORY = &h000001
FILE_READ_EA = &h000008
FILE_SYNCHRONIZE = &h100000
FILE_WRITE_ATTRIBUTES = &h000100
FILE_WRITE_DAC = &h040000
FOLDER_ADD_FILE = &h000002
FILE_WRITE_EA = &h000010
FILE_WRITE_OWNER = &h080000
Set objWMIService = GetObject("winmgmts:")
Set objFolderSecuritySettings = _
objWMIService.Get("Win32_LogicalFileSecuritySetting='" & strFolderName & "'")
intRetVal = objFolderSecuritySettings.GetSecurityDescriptor(objSD)
intControlFlags = objSD.ControlFlags
If intControlFlags AND SE_DACL_PRESENT Then
arrACEs = objSD.DACL
For Each objACE in arrACEs
WScript.Echo objACE.Trustee.Domain & "\" & objACE.Trustee.Name
If objACE.AceType = ACCESS_ALLOWED_ACE_TYPE Then
WScript.Echo vbTab & "Allowed:"
ElseIf objACE.AceType = ACCESS_DENIED_ACE_TYPE Then
WScript.Echo vbTab & "Denied:"
End If
If objACE.AccessMask AND FILE_ALL_ACCESS Then
WScript.Echo vbTab & vbTab & "FILE_ALL_ACCESS "
End If
If objACE.AccessMask AND FOLDER_ADD_SUBDIRECTORY Then
WScript.Echo vbTab & vbTab & " FOLDER_ADD_SUBDIRECTORY "
End If
If objACE.AccessMask AND FILE_DELETE Then
WScript.Echo vbTab & vbTab & "FILE_DELETE "
End If
If objACE.AccessMask AND FILE_DELETE_CHILD Then
WScript.Echo vbTab & vbTab & "FILE_DELETE_CHILD "
End If
If objACE.AccessMask AND FOLDER_TRAVERSE Then
WScript.Echo vbTab & vbTab & " FOLDER_TRAVERSE "
End If
If objACE.AccessMask AND FILE_READ_ATTRIBUTES Then
WScript.Echo vbTab & vbTab & "FILE_READ_ATTRIBUTES "
End If
If objACE.AccessMask AND FILE_READ_CONTROL Then
WScript.Echo vbTab & vbTab & "FILE_READ_CONTROL "
End If
If objACE.AccessMask AND FOLDER_LIST_DIRECTORY Then
WScript.Echo vbTab & vbTab & " FOLDER_LIST_DIRECTORY "
End If
If objACE.AccessMask AND FILE_READ_EA Then
WScript.Echo vbTab & vbTab & "FILE_READ_EA "
End If
If objACE.AccessMask AND FILE_SYNCHRONIZE Then
WScript.Echo vbTab & vbTab & "FILE_SYNCHRONIZE "
End If
If objACE.AccessMask AND FILE_WRITE_ATTRIBUTES Then
WScript.Echo vbTab & vbTab & "FILE_WRITE_ATTRIBUTES "
End If
If objACE.AccessMask AND FILE_WRITE_DAC Then
WScript.Echo vbTab & vbTab & "FILE_WRITE_DAC "
End If
If objACE.AccessMask AND FOLDER_ADD_FILE Then
WScript.Echo vbTab & vbTab & " FOLDER_ADD_FILE "
End If
If objACE.AccessMask AND FILE_WRITE_EA Then
WScript.Echo vbTab & vbTab & "FILE_WRITE_EA "
End If
If objACE.AccessMask AND FILE_WRITE_OWNER Then
WScript.Echo vbTab & vbTab & "FILE_WRITE_OWNER "
End If
Next
Else
WScript.Echo "No DACL present in security descriptor"
End If
|
VbsEdit includes all these samples!
Download version 3.4.1
Released Tuesday, January 06, 2009 -
The evaluation version never expires
Home
Buy Now
HtaEdit
Support
Video
What's new ?
Awards
|