6,871
社区成员
发帖
与我相关
我的任务
分享救救我-关于ASP控制NTFS分区中文件权限问题
小弟由于程序需要,得用ASP 程序来配置NFFS分区中 文件夹 “安全”中的属性,在“安全”卡中实现如下功能:
1、添加“组或用户名称”
2、设置“组或用户名称”的“完全控制、修改、读取和运行、列出文件夹目录、读取、写入”等属性。
找遍整个网络也未能找到答案,现好不容易找到一个 VBS 的代码,可以实现我要求的功能,但是我对VBS不了解,恳求哪位大哥给改写成 ASP 或 PHP 程序,恳请恳请!
救我于水深火热之中吧~~郁闷了4天了!
----------VBS代码如下,请改写成ASP或PHP代码--------
'====================================================================
'SetPerms.vbs
'====================================================================
'Variable Declarations
Dim sec
Dim sd
Dim Dacl
Dim ace
Dim ace1
Dim ace2
Dim oSid
Dim sidHex
'Option Explicit
'Flags: Specifies Inheritance
const ADS_ACEFLAG_INHERIT_ACE = &h2
const ADS_ACEFLAG_NO_PROPAGATE_INHERIT_ACE = &h4
const ADS_ACEFLAG_INHERIT_ONLY_ACE = &h8
const ADS_ACEFLAG_INHERITED_ACE = &h10
const ADS_ACEFLAG_VALID_INHERIT_FLAGS = &h1f
const ADS_ACEFLAG_SUCCESSFUL_ACCESS = &h40
const ADS_ACEFLAG_FAILED_ACCESS = &h80
'Permission Type: Allow or Deny
const ADS_ACETYPE_ACCESS_ALLOWED = &h0
const ADS_ACETYPE_ACCESS_DENIED = &h1
'Permissions: Read, Write, FullControl
const ADS_RIGHT_GENERIC_READ = &h80000000
const ADS_RIGHT_GENERIC_WRITE = &h40000000
const ADS_RIGHT_GENERIC_EXECUTE = &h20000000
const ADS_RIGHT_GENERIC_ALL = &h10000000
const ADS_SID_RAW = 0
const ADS_SID_HEXSTRING = 1
const ADS_SID_SAM = 2
const ADS_SID_UPN = 3
const ADS_SID_SDDL = 4
const ADS_SID_WINNT_PATH = 5
const ADS_SID_ACTIVE_DIRECTORY_PATH = 6
const ADS_SID_SID_BINDING = 7
const fldname = "C:\test2" '<----Change this to the top folder name
const usrname = "Domain\User" '<---Change this to the user you want to add permissions for
Dim fso, fldr, fc, f1', fldname, usrname
' Get instance of FileSystemObject.
Set fso = CreateObject("Scripting.FileSystemObject")
Call ApplyPerms (fldname)
Set fldr = fso.GetFolder(fldname)
Recurse fldr ',usrname
Set fldr = Nothing
Set fso = Nothing
wscript.echo "done"
Wscript.Quit
Public Sub Recurse( ByRef fldr)', ByRef usrname )
dim subfolders,files,folder,file
Set subfolders = fldr.SubFolders
Set files = fldr.Files
'Display the path and all of the folders.
Wscript.Echo ""
Wscript.Echo fldr.Path
For Each folder in subfolders
Wscript.Echo folder.Name
Call ApplyPerms (folder.path)', usrname)
Next
'Display all of the files.
For Each file in files
wscript.echo file.name
Call ApplyPerms (file.path)', usrname)
Next
'Recurse all of the subfolders.
For Each folder in subfolders
Recurse folder', usrname
Next
Set subfolders = Nothing
Set files = Nothing
End Sub
Sub ApplyPerms(ByRef path)' , Byref usrname)
Set sec = CreateObject("AdsSecurity")
Set sd = sec.GetSecurityDescriptor("FILE://" & path)
Set Dacl = sd.DiscretionaryAcl
Set oSid = CreateObject("AdsSid")
oSid.SetAs ADS_SID_SAM, Cstr(usrname)
sidHex = oSid.GetAs(ADS_SID_SDDL)
Wscript.Echo sidHex
'----Add a new ACE so User has Full Control on Files.
Set ace1 = CreateObject ("AccessControlEntry")
ace1.Trustee = sidHex
ace1.AccessMask = ADS_RIGHT_GENERIC_ALL
ace1.AceType = ADS_ACETYPE_ACCESS_ALLOWED
ace1.AceFlags = ADS_ACEFLAG_INHERIT_ACE Or ADS_ACEFLAG_INHERIT_ONLY_ACE Or 1
dacl.AddAce ace1
'----Add a new ACE so User has Full Control on Folders.
Set ace2 = CreateObject ("AccessControlEntry")
ace2.Trustee = sidHex
ace2.AccessMask = ADS_RIGHT_GENERIC_ALL
ace2.AceType = ADS_ACETYPE_ACCESS_ALLOWED
ace2.AceFlags = ADS_ACEFLAG_INHERIT_ACE Or 1
dacl.AddAce ace2
sd.DiscretionaryAcl = dacl
sec.SetSecurityDescriptor sd
End Sub
1、添加“组或用户名称”
2、设置“组或用户名称”的“完全控制、修改、读取和运行、列出文件夹目录、读取、写入”等属性。
找遍整个网络也未能找到答案,现好不容易找到一个 VBS 的代码,可以实现我要求的功能,但是我对VBS不了解,恳求哪位大哥给改写成 ASP 或 PHP 程序,恳请恳请!
救我于水深火热之中吧~~郁闷了4天了!
----------VBS代码如下,请改写成ASP或PHP代码--------
'====================================================================
'SetPerms.vbs
'====================================================================
'Variable Declarations
Dim sec
Dim sd
Dim Dacl
Dim ace
Dim ace1
Dim ace2
Dim oSid
Dim sidHex
'Option Explicit
'Flags: Specifies Inheritance
const ADS_ACEFLAG_INHERIT_ACE = &h2
const ADS_ACEFLAG_NO_PROPAGATE_INHERIT_ACE = &h4
const ADS_ACEFLAG_INHERIT_ONLY_ACE = &h8
const ADS_ACEFLAG_INHERITED_ACE = &h10
const ADS_ACEFLAG_VALID_INHERIT_FLAGS = &h1f
const ADS_ACEFLAG_SUCCESSFUL_ACCESS = &h40
const ADS_ACEFLAG_FAILED_ACCESS = &h80
'Permission Type: Allow or Deny
const ADS_ACETYPE_ACCESS_ALLOWED = &h0
const ADS_ACETYPE_ACCESS_DENIED = &h1
'Permissions: Read, Write, FullControl
const ADS_RIGHT_GENERIC_READ = &h80000000
const ADS_RIGHT_GENERIC_WRITE = &h40000000
const ADS_RIGHT_GENERIC_EXECUTE = &h20000000
const ADS_RIGHT_GENERIC_ALL = &h10000000
const ADS_SID_RAW = 0
const ADS_SID_HEXSTRING = 1
const ADS_SID_SAM = 2
const ADS_SID_UPN = 3
const ADS_SID_SDDL = 4
const ADS_SID_WINNT_PATH = 5
const ADS_SID_ACTIVE_DIRECTORY_PATH = 6
const ADS_SID_SID_BINDING = 7
const fldname = "C:\test2" '<----Change this to the top folder name
const usrname = "Domain\User" '<---Change this to the user you want to add permissions for
Dim fso, fldr, fc, f1', fldname, usrname
' Get instance of FileSystemObject.
Set fso = CreateObject("Scripting.FileSystemObject")
Call ApplyPerms (fldname)
Set fldr = fso.GetFolder(fldname)
Recurse fldr ',usrname
Set fldr = Nothing
Set fso = Nothing
wscript.echo "done"
Wscript.Quit
Public Sub Recurse( ByRef fldr)', ByRef usrname )
dim subfolders,files,folder,file
Set subfolders = fldr.SubFolders
Set files = fldr.Files
'Display the path and all of the folders.
Wscript.Echo ""
Wscript.Echo fldr.Path
For Each folder in subfolders
Wscript.Echo folder.Name
Call ApplyPerms (folder.path)', usrname)
Next
'Display all of the files.
For Each file in files
wscript.echo file.name
Call ApplyPerms (file.path)', usrname)
Next
'Recurse all of the subfolders.
For Each folder in subfolders
Recurse folder', usrname
Next
Set subfolders = Nothing
Set files = Nothing
End Sub
Sub ApplyPerms(ByRef path)' , Byref usrname)
Set sec = CreateObject("AdsSecurity")
Set sd = sec.GetSecurityDescriptor("FILE://" & path)
Set Dacl = sd.DiscretionaryAcl
Set oSid = CreateObject("AdsSid")
oSid.SetAs ADS_SID_SAM, Cstr(usrname)
sidHex = oSid.GetAs(ADS_SID_SDDL)
Wscript.Echo sidHex
'----Add a new ACE so User has Full Control on Files.
Set ace1 = CreateObject ("AccessControlEntry")
ace1.Trustee = sidHex
ace1.AccessMask = ADS_RIGHT_GENERIC_ALL
ace1.AceType = ADS_ACETYPE_ACCESS_ALLOWED
ace1.AceFlags = ADS_ACEFLAG_INHERIT_ACE Or ADS_ACEFLAG_INHERIT_ONLY_ACE Or 1
dacl.AddAce ace1
'----Add a new ACE so User has Full Control on Folders.
Set ace2 = CreateObject ("AccessControlEntry")
ace2.Trustee = sidHex
ace2.AccessMask = ADS_RIGHT_GENERIC_ALL
ace2.AceType = ADS_ACETYPE_ACCESS_ALLOWED
ace2.AceFlags = ADS_ACEFLAG_INHERIT_ACE Or 1
dacl.AddAce ace2
sd.DiscretionaryAcl = dacl
sec.SetSecurityDescriptor sd
End Sub
...全文
请发表友善的回复…
发表回复
lhszf 2006-02-05
- 打赏
- 举报
顶一下
