RE: How Add Directory Permissions
by Robert W Sturdevant other posts by this author
Dec 20 2006 10:05AM messages near this date
view in the new Beta List Site
Re: I have to believe somebody has done this already
|
How Add Directory Permissions
Jeremy,
Many thanks. That did the trick and I'm back in business. Looks like it's:
Out with Perms, In with FileSecurity.
Best Regards,
Sturdy
_____
From: perl-win32-admin-bounces@[...].com
[mailto:perl-win32-admin-bounces@[...].com] On Behalf Of
Jeremy Fluhmann
Sent: Wednesday, December 20, 2006 12:24 PM
To: perl-win32-admin@[...].com
Subject: Re: How Add Directory Permissions
Robert,
You might take a look at Win32::FileSecurity
(http://search.cpan.org/~jdb/libwin32-0.26/FileSecurity/FileSecurity.pm
<http://search.cpan.org/%7Ejdb/libwin32-0.26/FileSecurity/FileSecurity.pm>
). I used it when I was automating web account creations on IIS servers.
Sample, adapted from your example (looks like 'FTP Users' is the user
account, correct?):
#!/usr/bin/perl
use Win32::FileSecurity qw(MakeMask Get Set);
my %hash;
my $directory = 'c:/temp/test';
my $user_account = 'FTP Users';
# Mask for READ access
# shows up as 'Read & Execute', 'List Folder Contents', and 'Read'
my $permissions = MakeMask( qw( READ GENERIC_READ GENERIC_EXECUTE ) );
Get( $directory, \%hash ) ; # get existing permissions
$hash{$user_account} = $permissions; # set user permissions
Set( $directory, \%hash ) ; # set permissions for directory
I hope that helps!
Jeremy
http://www.yapc.org/America <http://www.yapc.org/America>
On 12/20/06, robert.w.sturdevant@[...].mil
<mailto:robert.w.sturdevant@[...].mil> <
<mailto:robert.w.sturdevant@[...].mil> robert.w.sturdevant@[...].mil>
wrote:
Hi, All
I'm back again. I need some help to change directory permissions on Win XP
using Win32-Perms or anything else that works (desperation here).
Specifically, I am trying to add an ACE for a single user account to an
existing ACL containing other user accounts. Here is the simple code:
use Win32::Perms;
my $DirObj = new Win32::Perms("dir:c:\\temp\\test");
$DirObj -> Add( { Account=>'FTP Users', Mask=>READ, Type=>Allow,
Flag=> 0x00000003 } );
my $GLE = Win32-> GetLastError;
$DirObj -> Set();
$DirObj -> Dump;
$DirObj -> Close();
On Win2000 the above produces $GLE=53 (The network path was not found).
On WinXP the above produces $GLE=997 (Overlapped I/O operation is in
progress).
$DirObj appears to be created but the Add() method causes a delay of a few
seconds then the error is thrown.
I curently use WIN32::Perms in a standalone app to set permissions on
several folders. Here is one example. The apparent difference is the dir
perms are first removed then all are again re-added recursively. This is a
kludge but seems to work. But I don't think I can use this same approach
without rebuilding the perms for the entire directory structure.
if( my $DirObj = new Win32::Perms( "dir:c:\\sms\\" )){
$DirObj -> Remove( -1 ); # remove all permissions
$DirObj -> Add({ Account=>'SAMS
Operators',Mask=> FULL,Type=>ALLOW,Flag=>0x00000003 });
$DirObj -> Add({
Account=> 'Administrators',Mask=>FULL,Type=>ALLOW,Flag=>0x00000013 });
$DirObj -> Add({ Account=>'SYSTEM',Mask=>FULL,Type=>ALLOW,Flag=>0x00000013
});
$DirObj -> Add({ Account=>'Users', Mask=>0x001200a9, Type=>ALLOW,
Flag=> 0x00000013 });
$DirObj -> Add({ Account=>'CREATOR OWNER',Mask=>0x001f01ff, Type=>ALLOW,
Flag=> 0x0000001b });
if( $DirObj -> SetRecurse("")){
print LOG "Okay\n \n";
}else{
print LOG "FAIL: Cannot set permissions\n";
}
$DirObj -> Close();
}else{
print LOG "FAIL: Cannot create object\n";
}
Any help is really appreciated.
Sturdy
_______________________________________________
Perl-Win32-Admin mailing list
Perl-Win32-Admin@[...].com
<mailto:Perl-Win32-Admin@[...].com>
To unsubscribe: http://listserv.ActiveState.com/mailman/mysubs
<http://listserv.ActiveState.com/mailman/mysubs>
|
