我想寫兩個腳本,它們可以是vbs或ms-dos命令。腳本安全權限
首先是設置文件夾的用戶權限(相當於:右鍵單擊文件夾,屬性,安全性,編輯,添加,NT AUTHORITY\NETWORK SERVICE)。
其次是設置permision作爲服務運行,相當於單擊點擊是:Control Panel/Administrative Tools/Local Security Policy;左側:Local Policies/User Rights Assignment;右側:Log on as a service -> add Network Service作爲擁有權限的用戶。
會有人幫我做那個嗎?
MS-DOS命令:
文件夾權限:
CACLS path_of_folder /E /T /C /G "userName":F
日誌上作爲服務權限:
ntrights -u "userName" +r SeServiceLogonRight
這太令人沮喪了,我們沒有Windows Server 2008及更高版本的ntrights工具。我已經提出了一個可行的vbscript。
Username = <domain\username>
Dim oShell
Set oShell = CreateObject ("WScript.Shell")
oShell.Run "secedit /export /cfg config.inf", 0, true
oShell.Run "secedit /import /cfg config.inf /db database.sdb", 0, true
FileName = "config.inf"
OrgStr = "SeServiceLogonRight ="
RepStr = "SeServiceLogonRight = " & Username & ","
Set inputFile = CreateObject("Scripting.FileSystemObject").OpenTextFile("config.inf", 1,1,-1)
strInputFile = inputFile.ReadAll
inputFile.Close
Set inputFile = Nothing
Set outputFile = CreateObject("Scripting.FileSystemObject").OpenTextFile("config.inf",2,1,-1)
outputFile.Write (Replace(strInputFile,OrgStr,RepStr))
outputFile.Close
Set outputFile = Nothing
oShell.Run "secedit /configure /db database.sdb /cfg config.inf",0,true
set oShell= Nothing
Set obj = CreateObject("Scripting.FileSystemObject")
obj.DeleteFile("config.inf")
obj.DeleteFile("database.sdb")
我會推薦'icacls' over'cacls',因爲它還能夠處理繼承和更改所有權。 –