溫馨提示×

溫馨提示×

您好,登錄后才能下訂單哦!

密碼登錄×
登錄注冊×
其他方式登錄
點(diǎn)擊 登錄注冊 即表示同意《億速云用戶服務(wù)條款》

vbs怎么通過WMI修改文件文件夾的NTFS權(quán)限

發(fā)布時(shí)間:2021-08-27 15:51:02 來源:億速云 閱讀:144 作者:chen 欄目:開發(fā)技術(shù)

這篇文章主要介紹“vbs怎么通過WMI修改文件文件夾的NTFS權(quán)限”,在日常操作中,相信很多人在vbs怎么通過WMI修改文件文件夾的NTFS權(quán)限問題上存在疑惑,小編查閱了各式資料,整理出簡單好用的操作方法,希望對大家解答”vbs怎么通過WMI修改文件文件夾的NTFS權(quán)限”的疑惑有所幫助!接下來,請跟著小編一起來學(xué)習(xí)吧!

使用WMI修改文件文件夾的NTFS權(quán)限, 代碼:

復(fù)制代碼 代碼如下:


strUser = "guests"
strPath = "D:\\abc.txt"
RetVal = AddPermission(strUser,strPath,"R",True)

'-------------------------------------------------------------------------

'用于給文件和文件夾添加一條權(quán)限設(shè)置.返回值: 0-成功,1-賬戶不存在,2-路徑不存在
'strUser表示用戶名或組名
'strPath表示文件夾路徑或文件路徑
'strAccess表示允許權(quán)限設(shè)置的字符串,字符串中帶有相應(yīng)字母表示允許相應(yīng)權(quán)限: R-讀,C-讀寫,F-完全控制
'blInherit表示是否繼承父目錄權(quán)限.True為繼承,False為不繼承

Function AddPermission(strUser,strPath,strAccess,blInherit)
        Set objWMIService = GetObject("winmgmts:\\.\root\Cimv2")
        Set fso = CreateObject("Scripting.FileSystemObject")
        '得到Win32_SID并判斷用戶/組/內(nèi)置賬戶是否存在
        Set colUsers = objWMIService.ExecQuery("SELECT * FROM Win32_Account WHERE Name='"&strUser&"'")
        If colUsers.count<>0 Then
                For Each objUser In colUsers
                        strSID = objUser.SID
                Next
        Else
                AddPermission = 1
                Exit Function
        End If
        Set objSID = objWMIService.Get("Win32_SID.SID='"&strSID&"'")
        '判斷文件/文件夾是否存在
        pathType = ""
        If fso.fileExists(strPath) Then pathType = "FILE"
        If fso.folderExists(strPath) Then pathType = "FOLDER"
        If pathType = "" Then
                AddPermission = 2
                Exit Function
        End If
        '設(shè)置Trustee
        Set objTrustee = objWMIService.Get("Win32_Trustee").SpawnInstance_()
        objTrustee.Domain = objSID.ReferencedDomainName
        objTrustee.Name = objSID.AccountName
        objTrustee.SID = objSID.BinaryRepresentation
        objTrustee.SidLength = objSID.SidLength
        objTrustee.SIDString = objSID.Sid
        '設(shè)置ACE
        Set objNewACE = objWMIService.Get("Win32_ACE").SpawnInstance_()
        objNewACE.Trustee = objTrustee
        objNewACE.AceType = 0
        If InStr(UCase(strAccess),"R") > 0 Then objNewACE.AccessMask = 1179817
        If InStr(UCase(strAccess),"C") > 0 Then objNewACE.AccessMask = 1245631
        If InStr(UCase(strAccess),"F") > 0 Then objNewACE.AccessMask = 2032127
        If pathType = "FILE" And blInherit = True Then objNewACE.AceFlags = 16
        If pathType = "FILE" And blInherit = False Then objNewACE.AceFlags = 0
        If pathType = "FOLDER" And blInherit = True Then objNewACE.AceFlags = 19
        If pathType = "FOLDER" And blInherit = False Then objNewACE.AceFlags = 3
        '設(shè)置SD
        Set objFileSecSetting = objWMIService.Get("Win32_LogicalFileSecuritySetting.Path='"&strPath&"'")
        Call objFileSecSetting.GetSecurityDescriptor(objSD)
        blSE_DACL_AUTO_INHERITED = True
        If (objSD.ControlFlags And &H400) = 0 Then
                blSE_DACL_AUTO_INHERITED = False
                objSD.ControlFlags = (objSD.ControlFlags Or &H400)               
    '自動繼承位置位,如果是剛創(chuàng)建的目錄或文件該位是不置位的,需要置位
        End If
        If blInherit = True Then
                objSD.ControlFlags = (objSD.ControlFlags And &HEFFF)       
    '阻止繼承復(fù)位
        Else
                objSD.ControlFlags = (objSD.ControlFlags Or &H1400)               
    '阻止繼承位置位,自動繼承位置位
        End If
        objOldDacl = objSD.Dacl
        ReDim objNewDacl(0)
        Set objNewDacl(0) = objNewACE
        If IsArray(objOldDacl) Then               
  '權(quán)限為空時(shí)objOldDacl不是集合不可遍歷
                For Each objACE In objOldDacl
                        If (blSE_DACL_AUTO_INHERITED=False And blInherit=True) Or ((objACE.AceFlags And 16)>0 And (blInherit=True) Or (LCase(objACE.Trustee.Name)=LCase(strUser))) Then
                                'Do nothing
                                '當(dāng)自動繼承位置位為0時(shí)即使時(shí)繼承的權(quán)限也會顯示為非繼承,這時(shí)所有權(quán)限都不設(shè)置
                                '當(dāng)自動繼承位置位為0時(shí),在繼承父目錄權(quán)限的情況下不設(shè)置繼承的權(quán)限.賬戶和需要加權(quán)限的賬戶一樣時(shí)不設(shè)置權(quán)限
                        Else
                                Ubd = UBound(objNewDacl)
                                ReDim preserve objNewDacl(Ubd+1)
                                Set objNewDacl(Ubd+1) = objACE
                        End If
                Next
        End If

        objSD.Dacl = objNewDacl
        '提交設(shè)置修改
        Call objFileSecSetting.SetSecurityDescriptor(objSD)
        AddPermission = 0
        Set fso = Nothing
End Function

到此,關(guān)于“vbs怎么通過WMI修改文件文件夾的NTFS權(quán)限”的學(xué)習(xí)就結(jié)束了,希望能夠解決大家的疑惑。理論與實(shí)踐的搭配能更好的幫助大家學(xué)習(xí),快去試試吧!若想繼續(xù)學(xué)習(xí)更多相關(guān)知識,請繼續(xù)關(guān)注億速云網(wǎng)站,小編會繼續(xù)努力為大家?guī)砀鄬?shí)用的文章!

向AI問一下細(xì)節(jié)

免責(zé)聲明:本站發(fā)布的內(nèi)容(圖片、視頻和文字)以原創(chuàng)、轉(zhuǎn)載和分享為主,文章觀點(diǎn)不代表本網(wǎng)站立場,如果涉及侵權(quán)請聯(lián)系站長郵箱:is@yisu.com進(jìn)行舉報(bào),并提供相關(guān)證據(jù),一經(jīng)查實(shí),將立刻刪除涉嫌侵權(quán)內(nèi)容。

AI