Advertisement
epheterson

SetACL Permissions Setting Script

Jul 11th, 2013
115
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. @ECHO OFF
  2.  
  3. :: Permissions Setting Script
  4. :: Written by Eric L. Pheterson
  5. :: Last modified 1/31/2013
  6. ::
  7. :: This script performs the actions detailed below, please read.
  8. ::
  9. :: Usage - Drop a folder onto this batch file, and it will execute.
  10. :: IMPORTANT! Execute this script while logged in as a local admin
  11. :: It will return an error if using a domain account
  12. ::
  13. :: SSID admin: S-1-5-21-3459025293-194629712-2905891279-500
  14. :: SSID users: S-1-5-21-1308237860-4193317556-336787646-559061
  15.  
  16. if [%1] == [] (
  17.     ECHO You must provide a folder or file as an argument.
  18.     PAUSE
  19. ) ELSE (
  20.  
  21. ECHO.
  22. ECHO ** ==================================================
  23. ECHO Set owner to admin (and recurse)
  24. ECHO ** ==================================================
  25. SetACL.exe -on "%~f1" -ot file -actn setowner -ownr "n:S-1-5-21-3459025293-194629712-2905891279-500" -rec cont_obj
  26.  
  27. ECHO.
  28. ECHO ** ==================================================
  29. ECHO Disallow inheriting of permissions (and recurse)
  30. ECHO ** ==================================================
  31. SetACL.exe -on "%~f1" -ot file -actn setprot -op "dacl:p_nc;sacl:p_nc" -rec cont_obj
  32.  
  33. ECHO.
  34. ECHO ** ==================================================
  35. ECHO Set admin as the Trustee for this folder (and recurse)
  36. ECHO ** ==================================================
  37. SetACL.exe -on "%~f1" -ot file -actn trustee -trst "n1:S-1-5-21-3459025293-194629712-2905891279-500" -rec cont_obj
  38.  
  39. ECHO.
  40. ECHO ** ==================================================
  41. ECHO Allow admin full control (and recurse)
  42. ECHO ** ==================================================
  43. SetACL.exe -on "%~f1" -ot file -actn ace -ace "n:S-1-5-21-3459025293-194629712-2905891279-500;p:full" -rec cont_obj
  44.  
  45. ECHO.
  46. ECHO ** ==================================================
  47. ECHO Allow users read, list ^& execute control (and recurse)
  48. ECHO ** ==================================================
  49. SetACL.exe -on "%~f1" -ot file -actn ace -ace "n:S-1-5-21-1308237860-4193317556-336787646-559061;p:read_ex" -rec cont_obj
  50.  
  51. ECHO.
  52. ECHO ** ==================================================
  53. ECHO Deny users write control (and recurse)
  54. ECHO ** ==================================================
  55. SetACL.exe -on "%~f1" -ot file -actn ace -ace "n:S-1-5-21-1308237860-4193317556-336787646-559061;p:write;m:deny" -rec cont_obj
  56.  
  57. PAUSE
  58. )
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement