+ Post New Thread
Results 1 to 8 of 8
Scripts Thread, Script to change NTFS permissions in Coding and Web Development; Hi, I need a script that will give a group called btc\staff_sims_updates full permissions on the sims folder in program ...
  1. #1

    FN-GM's Avatar
    Join Date
    Jun 2007
    Location
    UK
    Posts
    16,054
    Thank Post
    888
    Thanked 1,729 Times in 1,492 Posts
    Blog Entries
    12
    Rep Power
    454

    Script to change NTFS permissions

    Hi,

    I need a script that will give a group called btc\staff_sims_updates full permissions on the sims folder in program files.

    I wonder if someone cna help

    Thanks

  2. #2

    Join Date
    May 2008
    Location
    Surrey
    Posts
    35
    Thank Post
    7
    Thanked 5 Times in 5 Posts
    Rep Power
    13
    cacls "C:\program files\SIMS" /E /T /C /G "btc\staff_sims_updates":C

    in a batch file or as part of your logon script

    Works for us...

    Matt

  3. #3

    SYNACK's Avatar
    Join Date
    Oct 2007
    Posts
    11,225
    Thank Post
    874
    Thanked 2,717 Times in 2,302 Posts
    Blog Entries
    11
    Rep Power
    780
    If this is for client machines just use the file system security bit in a GPO which results in a much cleaner implementation and does not require any scripting at all.

    applying folder permissions through group policy
    computer configuration/windows settings/security settings/file system

    Right click add file, then you browse to the folder (if it is being done on the server and the folder is not there cerate it so you can find the path then you can set the permissions by double clicking the folder in the file system

  4. #4

    FN-GM's Avatar
    Join Date
    Jun 2007
    Location
    UK
    Posts
    16,054
    Thank Post
    888
    Thanked 1,729 Times in 1,492 Posts
    Blog Entries
    12
    Rep Power
    454
    Hi,
    I have altered it so it will give full permisions and remove existing groups here is my code

    "C:\program files\SIMS" /T /C /G "btc\staff_sims_updates":f
    but it is prompting for a yes or no. How would i make it so it automatically says yes?

    thanks

  5. #5
    dwhyte85's Avatar
    Join Date
    Mar 2009
    Location
    Berkshire
    Posts
    1,219
    Thank Post
    159
    Thanked 147 Times in 132 Posts
    Rep Power
    103
    Here is a snippet of something that does similar that i modified, some vars aren't needed but you get the idea, could alter as needed:




    Code:
    Dim objFSO
    Set objFSO = CreateObject("Scripting.FileSystemObject")
    dim pos
    Set objRoot = GetObject("LDAP://RootDSE") 
    strDNC = objRoot.Get("DefaultNamingContext") 
    Set objDomain = GetObject("LDAP://" & strDNC) ' Bind to the top of the Domain using LDAP using ROotDSE 
    Dim fso
    Set fso = CreateObject("Scripting.FileSystemObject")
    Set wshShell = WScript.CreateObject ("WSCript.shell")
    
    ''''''''''''''''''''''''''''
    Call enummembers(objDomain)'
    ''''''''''''''''''''''''''''
    
    Sub enumMembers(objDomain) 
    On Error Resume Next 
    
    For Each objMember In objDomain ' go through the collection 
    
    
    
    If ObjMember.Class = "user" Then 
    
    SamAccountName = ObjMember.samAccountName 
    
    
    strDetail = "xcacls a:\path-to-folder /e /g "&SamAccountName&":F /y"
    wshshell.run strDetail,7, true
    
    ''''''''''''''''''
    
    If objMember.Class = "organizationalUnit" or OBjMember.Class = "container" Then 
    strDetail = objmember.adspath
    pos=InStr(1,strDetail,"SOME-OU",0) 
    if pos > 0 then
          enumMembers (objMember) 
     
    end if
    end if
    the 2 bolded bits are important, first one is path to folder that you want to add NTFS permissions, latter is to enumerate through an OU on AD, so you could go through the 'teachers' OU when ran on the DC, well i invoke through a scheduled task and it does something slightly different - similar in principal! This was made for something tottallly different but not alot of difference in what it does.
    Last edited by dwhyte85; 18th March 2009 at 01:02 PM.

  6. #6

    Join Date
    May 2008
    Location
    Surrey
    Posts
    35
    Thank Post
    7
    Thanked 5 Times in 5 Posts
    Rep Power
    13
    Modify perms should be sufficient to enable the user to update SIMS.

  7. #7

    Join Date
    Dec 2007
    Location
    Nottinghamshire
    Posts
    189
    Thank Post
    60
    Thanked 21 Times in 19 Posts
    Rep Power
    17
    If your trying to get users to update sims without being an admin i bleave there is a bat in sims\setups called simsperm you use it like this if its there

    I:\Sims\Setups\Simsperm.bat "Domain\Group"

    where I:\ is the share for your sims server

  8. #8
    box_l's Avatar
    Join Date
    May 2007
    Location
    Herefordshire
    Posts
    429
    Thank Post
    70
    Thanked 90 Times in 75 Posts
    Rep Power
    61
    i do the above (simsperms.bat), but i use mine as a startupscript in a gpo for the staff workstations.


    Create new group policy called simsperms
    Go to windows startup scripts (machine settings)
    Click Show files
    Paste in subinacl.exe and the .bat file
    Copy path from the window
    Eg.
    Code:
    \\schoolname.county.sch.uk\SysVol\schoolname.county.sch.uk\Policies\{5BB037E4-9025-4685-A436-5D003B249635}\Machine\Scripts\Startup\
    In the .bat prepend to all lines stating with subinacl
    Eg.
    Code:
    subinacl /SUBDIRECTORIES "%ALLUSERSPROFILE%\Start Menu\Programs\SIMS Applications" /GRANT=%1=F
    becomes
    Code:
    \\schoolname.county.sch.uk\SysVol\schoolname.county.sch.uk\Policies\{5BB037E4-9025-4685-A436-5D003B249635}\Machine\Scripts\Startup\subinacl /SUBDIRECTORIES "%ALLUSERSPROFILE%\Start Menu\Programs\SIMS Applications" /GRANT=%1=F
    Or you could use:
    Code:
    Set simsgpopath=\\schoolname.county.sch.uk\SysVol\schoolname.county.sch.uk\Policies\{5BB037E4-9025-4685-A436-5D003B249635}\Machine\Scripts\Startup
    which means you could do
    Code:
    %simsgpopath%\subinacl /FILE "%ALLUSERSPROFILE%\Start Menu\Programs\SIMS Applications" /GRANT=%1=F
    save file
    apply parameters to script in the form domain\security group



    That should do it.
    Attached Images Attached Images

SHARE:
+ Post New Thread

Similar Threads

  1. SIMS NTFS Permissions?
    By techyphil in forum MIS Systems
    Replies: 29
    Last Post: 1st March 2010, 12:54 PM
  2. C: drive NTFS permissions?
    By cookie_monster in forum Windows
    Replies: 4
    Last Post: 6th February 2008, 08:24 AM
  3. Script to change folder permissions
    By scottyses in forum General Chat
    Replies: 1
    Last Post: 15th January 2008, 08:52 AM
  4. script to change permissions on Reg Key
    By e_g_r in forum Windows
    Replies: 4
    Last Post: 16th February 2007, 05:48 PM
  5. Replies: 4
    Last Post: 23rd November 2006, 09:33 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •