Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- @ECHO OFF
- :: Permissions Setting Script
- :: Written by Eric L. Pheterson
- :: Last modified 1/31/2013
- ::
- :: This script performs the actions detailed below, please read.
- ::
- :: Usage - Drop a folder onto this batch file, and it will execute.
- :: IMPORTANT! Execute this script while logged in as a local admin
- :: It will return an error if using a domain account
- ::
- :: SSID admin: S-1-5-21-3459025293-194629712-2905891279-500
- :: SSID users: S-1-5-21-1308237860-4193317556-336787646-559061
- if [%1] == [] (
- ECHO You must provide a folder or file as an argument.
- PAUSE
- ) ELSE (
- ECHO.
- ECHO ** ==================================================
- ECHO Set owner to admin (and recurse)
- ECHO ** ==================================================
- SetACL.exe -on "%~f1" -ot file -actn setowner -ownr "n:S-1-5-21-3459025293-194629712-2905891279-500" -rec cont_obj
- ECHO.
- ECHO ** ==================================================
- ECHO Disallow inheriting of permissions (and recurse)
- ECHO ** ==================================================
- SetACL.exe -on "%~f1" -ot file -actn setprot -op "dacl:p_nc;sacl:p_nc" -rec cont_obj
- ECHO.
- ECHO ** ==================================================
- ECHO Set admin as the Trustee for this folder (and recurse)
- ECHO ** ==================================================
- SetACL.exe -on "%~f1" -ot file -actn trustee -trst "n1:S-1-5-21-3459025293-194629712-2905891279-500" -rec cont_obj
- ECHO.
- ECHO ** ==================================================
- ECHO Allow admin full control (and recurse)
- ECHO ** ==================================================
- SetACL.exe -on "%~f1" -ot file -actn ace -ace "n:S-1-5-21-3459025293-194629712-2905891279-500;p:full" -rec cont_obj
- ECHO.
- ECHO ** ==================================================
- ECHO Allow users read, list ^& execute control (and recurse)
- ECHO ** ==================================================
- SetACL.exe -on "%~f1" -ot file -actn ace -ace "n:S-1-5-21-1308237860-4193317556-336787646-559061;p:read_ex" -rec cont_obj
- ECHO.
- ECHO ** ==================================================
- ECHO Deny users write control (and recurse)
- ECHO ** ==================================================
- SetACL.exe -on "%~f1" -ot file -actn ace -ace "n:S-1-5-21-1308237860-4193317556-336787646-559061;p:write;m:deny" -rec cont_obj
- PAUSE
- )
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement