locked
Folder Permission RRS feed

  • Discussion générale

  • Bonsoir,

    quelqu'un peut m'aider pour rendre ce script ci dessous utilisable sous un domaine, car je veux l'utiliser pour récupérer les permissions & groupes de securité d'une ressources partagée.

     

    je vous remercie d'avance pour votre aide

     

    '==========================================================================
    '
    ' VBScript Source File -- Created with SAPIEN Technologies PrimalScript 4.0
    '
    ' NAME: Folder Permission
    '
    ' AUTHOR:  Abdelkader, Amine
    ' DATE  : 10/03/2006
    '
    ' COMMENT: Create a file with the name of the folder in HTML format
    '
    '==========================================================================
    Const ForReading = 1, ForWriting = 2, ForAppending = 8

    Const FullAccessMask = 2032127, ModifyAccessMask = 1245631, WriteAccessMask = 118009
    Const ROAccessMask = 1179817



    strComputer = "."
    sParentFolder = InputBox("Please Enter folder to gather information on", "Parent Folder")
    SParentFoldern=replace(sParentFolder,"\","")
    SParentFoldern=replace(sParentFoldern,":","")
    Set fso = CreateObject("Scripting.FileSystemObject")
    'File name Same As Folder Name without special Caracteres
    fullfilename=SParentFoldern&".html"
    'WScript.echo fullfilename

    Set fsOut = fso.OpenTextFile(fullfilename, ForAppending, True)

    On Error Resume Next

    fsOut.Writeline ("<html>"&vbCr&"<head>"&vbCr&"<title>File Permission For Folder under &"& SParentFoldern&"</title>"&vbCr&"</head>")

    strTableHead = "<table border=2 bordercolor='#000010' width='90%' id='Table1'>"
    fsOut.Writeline strTableHead
    fsOut.Writeline "<tr><td width='50%'>Folder</td>" & _
                    "<td width='50%'>User Name</td>"&_
                    "<td width='50%'>Permission</td></tr>"

    strTableFoot = "</table>"
                   
    fsOut.Close



    ShowSubFolders FSO.GetFolder(sParentFolder),fullfilename

    OutputFolderInfo sParentFolder, fullfilename

    Set fsOut = fso.OpenTextFile(fullfilename, ForAppending, True)
    fsOut.Writeline strTableFoot
    fsOut.Close
    MsgBox "Done "
    WScript.Quit

    Public Sub OutputFolderInfo(FolderName , sOutfile)

    Const FullAccessMask = 2032127, ModifyAccessMask = 1245631, WriteAccessMask = 1180095
    Const ROAccessMask = 1179817
    Const ForReading = 1, ForWriting = 2, ForAppending = 8

    strComputer = "."

    'Build the path to the folder because it requites 2 backslashes
    folderpath = Replace(FolderName, "\", "\\")

    objectpath = "winmgmts:Win32_LogicalFileSecuritySetting.path='" & folderpath & "'"

    'Get the security set for the object
    Set wmiFileSecSetting = GetObject(objectpath)

    'verify that the get was successful
    RetVal = wmiFileSecSetting.GetSecurityDescriptor(wmiSecurityDescriptor)
     If Err Then
         MsgBox ("GetSecurityDescriptor failed" & vbCrLf & Err.Number & vbCrLf & Err.Description)
         Err.Clear
     End If


    Set objWMIService = GetObject("winmgmts:" & "{impersonationLevel=impersonate}!\\" & _
        strComputer & "\root\cimv2")
    Set colFolders = objWMIService.ExecQuery("SELECT * FROM Win32_Directory WHERE Name ='" & _
        folderpath & "'")
    For Each objFolder In colFolders
       
        ' Retrieve the DACL array of Win32_ACE objects.
        DACL = wmiSecurityDescriptor.DACL

    Set fso = CreateObject("Scripting.FileSystemObject")
    Set fsOut = fso.OpenTextFile(sOutfile, ForAppending, True)
       

        For Each wmiAce In DACL
        ' Get Win32_Trustee object from ACE
            Set Trustee = wmiAce.Trustee
            fsOut.Writeline "<tr><td width='50%'>"&objFolder.Name&"</td>" & _
                    "<td width='50%'>"&Trustee.Domain&"\"&Trustee.Name&"</td>"

            'fsOut.Write objFolder.Name & "," & Trustee.Domain & "\" & Trustee.Name & ","
            FoundAccessMask = False
            CustomAccessMask = Flase
            While Not FoundAccessMask And Not CustomAccessMask
                If wmiAce.AccessMask = FullAccessMask Then
                    AccessType = "Full Control"
                    FoundAccessMask = True
                End If
                If wmiAce.AccessMask = ModifyAccessMask Then
                    AccessType = "Modify"
                    FoundAccessMask = True
                End If
                If wmiAce.AccessMask = WriteAccessMask Then
                    AccessType = "Read/Write Control"
                    FoundAccessMask = True
                End If
                If wmiAce.AccessMask = ROAccessMask Then
                    AccessType = "Read Only"
                    FoundAccessMask = True
                Else
                    CustomAccessMask = True
                End If
            Wend
         
            If FoundAccessMask Then
                'fsOut.Writeline AccessType
                fsOut.Writeline "<td width='50%'>"&AccessType&"</td></tr>"
            Else
                 fsOut.Writeline "<td width='50%'>Custom</td></tr>"
                'fsOut.Writeline "Custom"
            End If
          
        Next

        Set fsOut = Nothing
        Set fso = Nothing

    Next

    Set fsOut = Nothing
    Set fso = Nothing

    end Sub
    Sub ShowSubFolders (Folder,fname)
    On Error Resume Next
        For Each Subfolder in Folder.SubFolders
            Call OutputFolderInfo(Subfolder.Path,fname)
            Wscript.Echo Subfolder.Path
            call ShowSubFolders (Subfolder,fname)
        Next
    End Sub

    vendredi 13 août 2010 22:46

Toutes les réponses

  • Bonjour Mouataz,

     

    à mon avis, ce sera difficile de modifier en conservant le contenu, dans la mesure où les méthodes appelées ne me paraissent pas idéales pour du domaine.

    Sinon, vite fait puisque c'est les vacances, j'ai bricolé un mélange entre ton script et un autre trouvé sur scriptinganswers.com et qui fait ce que tu souhaite. Il te suffit de rentrer le nom du serveur :

     

    Const ForReading = 1, ForWriting = 2, ForAppending = 8
    Const FullAccessMask = 2032127, ModifyAccessMask = 1245631, WriteAccessMask = 118009
    Const ROAccessMask = 1179817

    strComputer = InputBox("Entrez le nom du serveur d'où vérifier les partages", "Nom du Serveur")
    Set fso = CreateObject("Scripting.FileSystemObject")

    fullfilename=strComputer&".html"
    Set fsOut = fso.OpenTextFile(fullfilename, ForAppending, True)
    fsOut.Writeline ("<html>"&vbCr&"<head>"&vbCr&"<title>File Permission For Folder under &"& fullfilename&"</title>"&vbCr&"</head>")
    strTableHead = "<table border=2 bordercolor='#000010' width='90%' id='Table1'>"
    fsOut.Writeline strTableHead
    fsOut.Writeline "<tr><td width='50%'>Folder</td>" & _
    "<td width='50%'>User Name</td>"&_
    "<td width='50%'>Permission</td></tr>"

    Set objWMI = GetObject("winmgmts:\\" & strComputer & "\root\cimv2")
    set objFs = GetObject("WinNT://" & strComputer & "/LanmanServer,FileService")
     
    For Each objShare In objFs
           strDir = objShare.path
           strDir = Replace(strDir,"\","\\")
           Set colItems = objWMI.ExecQuery("Select * from win32_logicalFileSecuritySetting WHERE Path='" & strDir & "'",,48)
     
           For each objItem in colItems
     
               If objItem.GetSecurityDescriptor(wmiSecurityDescriptor) Then
                  WScript.Echo "GetSecurityDescriptor failed"
                  DisplayFileSecurity = False
                  WScript.Quit
               End If
     
               For each wmiAce in wmiSecurityDescriptor.DACL

        select Case int(wmiAce.AccessMask)
                      case 2032127
                            droits="FULL"
                       case 1179817
                           droits="RX"
                       case -1610612736
                             droits="RXe"
                       case 1245631
                             droits="RWX"
                       case 268435456
                             droits="FULL SUB ONLY"
                       case Else
                             droits=Cstr(wmiAce.AccessMask)
                end Select

                   strACE = wmiAce.Trustee.Domain & "\" & wmiAce.Trustee.Name  
         fsOut.Writeline "<tr><td width='50%'>"& objShare.name&"</td>" & _
                    "<td width='50%'>"& strACE &"</td>"&_
          "<td width='50%'>"& droits &"</td></tr>"

        strTableFoot = "</table>"

               Next
           Next
    Next


    Jonathan BISMUTH Bis IT MVP Windows Server - Directory Services http://www.bis-it.fr / http://blog.portail-mcse.net
    lundi 16 août 2010 08:44
  • Je te remercie Jonathan, je vais faire un test et je te ferai un retour.

     

    merci et bonne vacance :)

    lundi 16 août 2010 23:25
  • Bonjour Jonathan,

    j'ai effectué aujourd'hui un test dans mon réseau d'entreprise, quand je saisie le chemin du répertoire sous cette forme \\serveur\ressource partagée\répértoire1\répertoire2, j'obtiens un message d'erreur :

     

    Script : chemin du script

    Line : 17

    Char : 1

    Error : 0x80041021

    Code : 80041021

    Source : (null)

     

    merci

    mardi 17 août 2010 15:25