+ Post New Thread
Results 1 to 8 of 8
Scripts Thread, Script to change NTFS permissions in Coding and Web Development; Hi, I need a script that will give a group called btc\staff_sims_updates full permissions on the sims folder in program ...
  1. 18th March 2009, 12:30 PM #1
    FN-GM
    FN-GM is offline

    FN-GM's Avatar
    Join Date
    Jun 2007
    Location
    UK
    Posts
    11,840
    Blog Entries
    6
    Thank Post
    592
    Thanked 1,043 Times in 920 Posts
    Rep Power
    224

    Script to change NTFS permissions

    Hi,

    I need a script that will give a group called btc\staff_sims_updates full permissions on the sims folder in program files.

    I wonder if someone cna help

    Thanks
    Reply With Quote Reply With Quote
  2. IDG Tech News

  3. 18th March 2009, 12:37 PM #2
    MattCrick
    MattCrick is offline
    Join Date
    May 2008
    Location
    Surrey
    Posts
    35
    Thank Post
    7
    Thanked 5 Times in 5 Posts
    Rep Power
    9
    cacls "C:\program files\SIMS" /E /T /C /G "btc\staff_sims_updates":C

    in a batch file or as part of your logon script

    Works for us...

    Matt
    Reply With Quote Reply With Quote
  4. 18th March 2009, 01:21 PM #3
    SYNACK
    SYNACK is offline

    SYNACK's Avatar
    Join Date
    Oct 2007
    Posts
    7,558
    Blog Entries
    9
    Thank Post
    444
    Thanked 1,911 Times in 1,625 Posts
    Rep Power
    458
    Send a message via MSN to SYNACK
    If this is for client machines just use the file system security bit in a GPO which results in a much cleaner implementation and does not require any scripting at all.

    applying folder permissions through group policy
    computer configuration/windows settings/security settings/file system

    Right click add file, then you browse to the folder (if it is being done on the server and the folder is not there cerate it so you can find the path then you can set the permissions by double clicking the folder in the file system
    Reply With Quote Reply With Quote
  5. 18th March 2009, 01:52 PM #4
    FN-GM
    FN-GM is offline

    FN-GM's Avatar
    Join Date
    Jun 2007
    Location
    UK
    Posts
    11,840
    Blog Entries
    6
    Thank Post
    592
    Thanked 1,043 Times in 920 Posts
    Rep Power
    224
    Hi,
    I have altered it so it will give full permisions and remove existing groups here is my code

    "C:\program files\SIMS" /T /C /G "btc\staff_sims_updates":f
    but it is prompting for a yes or no. How would i make it so it automatically says yes?

    thanks
    Reply With Quote Reply With Quote
  6. 18th March 2009, 01:56 PM #5
    dwhyte85
    dwhyte85 is offline
    dwhyte85's Avatar
    Join Date
    Mar 2009
    Location
    Berkshire
    Posts
    1,144
    Thank Post
    138
    Thanked 136 Times in 123 Posts
    Rep Power
    67
    Here is a snippet of something that does similar that i modified, some vars aren't needed but you get the idea, could alter as needed:




    Code:
    Dim objFSO
Set objFSO = CreateObject("Scripting.FileSystemObject")
dim pos
Set objRoot = GetObject("LDAP://RootDSE") 
strDNC = objRoot.Get("DefaultNamingContext") 
Set objDomain = GetObject("LDAP://" & strDNC) ' Bind to the top of the Domain using LDAP using ROotDSE 
Dim fso
Set fso = CreateObject("Scripting.FileSystemObject")
Set wshShell = WScript.CreateObject ("WSCript.shell")

''''''''''''''''''''''''''''
Call enummembers(objDomain)'
''''''''''''''''''''''''''''

Sub enumMembers(objDomain) 
On Error Resume Next 

For Each objMember In objDomain ' go through the collection 



If ObjMember.Class = "user" Then 

SamAccountName = ObjMember.samAccountName 


strDetail = "xcacls a:\path-to-folder /e /g "&SamAccountName&":F /y"
wshshell.run strDetail,7, true

''''''''''''''''''

If objMember.Class = "organizationalUnit" or OBjMember.Class = "container" Then 
strDetail = objmember.adspath
pos=InStr(1,strDetail,"SOME-OU",0) 
if pos > 0 then
      enumMembers (objMember) 
 
end if
end if
    the 2 bolded bits are important, first one is path to folder that you want to add NTFS permissions, latter is to enumerate through an OU on AD, so you could go through the 'teachers' OU when ran on the DC, well i invoke through a scheduled task and it does something slightly different - similar in principal! This was made for something tottallly different but not alot of difference in what it does.
    Last edited by dwhyte85; 18th March 2009 at 02:02 PM.
    Reply With Quote Reply With Quote
  7. 18th March 2009, 01:59 PM #6
    MattCrick
    MattCrick is offline
    Join Date
    May 2008
    Location
    Surrey
    Posts
    35
    Thank Post
    7
    Thanked 5 Times in 5 Posts
    Rep Power
    9
    Modify perms should be sufficient to enable the user to update SIMS.
    Reply With Quote Reply With Quote
  8. 18th March 2009, 03:40 PM #7
    notalot
    notalot is offline
    Join Date
    Dec 2007
    Location
    Nottinghamshire
    Posts
    157
    Thank Post
    52
    Thanked 14 Times in 14 Posts
    Rep Power
    12
    If your trying to get users to update sims without being an admin i bleave there is a bat in sims\setups called simsperm you use it like this if its there

    I:\Sims\Setups\Simsperm.bat "Domain\Group"

    where I:\ is the share for your sims server
    Reply With Quote Reply With Quote
  9. 20th March 2009, 12:03 PM #8
    box_l
    box_l is offline
    box_l's Avatar
    Join Date
    May 2007
    Location
    Herefordshire
    Posts
    338
    Thank Post
    52
    Thanked 68 Times in 56 Posts
    Rep Power
    22
    i do the above (simsperms.bat), but i use mine as a startupscript in a gpo for the staff workstations.


    Create new group policy called simsperms
    Go to windows startup scripts (machine settings)
    Click Show files
    Paste in subinacl.exe and the .bat file
    Copy path from the window
    Eg.
    Code:
    \\schoolname.county.sch.uk\SysVol\schoolname.county.sch.uk\Policies\{5BB037E4-9025-4685-A436-5D003B249635}\Machine\Scripts\Startup\
    In the .bat prepend to all lines stating with subinacl
    Eg.
    Code:
    subinacl /SUBDIRECTORIES "%ALLUSERSPROFILE%\Start Menu\Programs\SIMS Applications" /GRANT=%1=F
    becomes
    Code:
    \\schoolname.county.sch.uk\SysVol\schoolname.county.sch.uk\Policies\{5BB037E4-9025-4685-A436-5D003B249635}\Machine\Scripts\Startup\subinacl /SUBDIRECTORIES "%ALLUSERSPROFILE%\Start Menu\Programs\SIMS Applications" /GRANT=%1=F
    Or you could use:
    Code:
    Set simsgpopath=\\schoolname.county.sch.uk\SysVol\schoolname.county.sch.uk\Policies\{5BB037E4-9025-4685-A436-5D003B249635}\Machine\Scripts\Startup
    which means you could do
    Code:
    %simsgpopath%\subinacl /FILE "%ALLUSERSPROFILE%\Start Menu\Programs\SIMS Applications" /GRANT=%1=F
    save file
    apply parameters to script in the form domain\security group



    That should do it.
    Attached Images Attached Images
    Reply With Quote Reply With Quote
SHARE:
+ Post New Thread

Similar Threads

  1. SIMS NTFS Permissions?
    By techyphil in forum MIS Systems
    Replies: 29
    Last Post: 1st March 2010, 01:54 PM
  2. C: drive NTFS permissions?
    By cookie_monster in forum Windows
    Replies: 4
    Last Post: 6th February 2008, 09:24 AM
  3. Script to change folder permissions
    By scottyses in forum General Chat
    Replies: 1
    Last Post: 15th January 2008, 09:52 AM
  4. script to change permissions on Reg Key
    By e_g_r in forum Windows
    Replies: 4
    Last Post: 16th February 2007, 06:48 PM
  5. Login script to change ntfs permissions on cmd.exe
    By Kyle in forum Scripts
    Replies: 4
    Last Post: 23rd November 2006, 10:33 PM
« Help! A script to find and delete folders and contents | Script to check various ping results »

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules