为 AD2003 编写脚本共享安全和 NTFS 设置

Question 1

这是一个可以执行您所希望的操作的 PowerShell 脚本。

$Computer = "localhost"
$Class = "Win32_Share"
$Method = "Create"
$name = "foldername$"
$path = "C:\Folderpath"
$description = "This is shared for me to test"
$sd = ([WMIClass] "\\$Computer\root\cimv2:Win32_SecurityDescriptor").CreateInstance()
$ACE = ([WMIClass] "\\$Computer\root\cimv2:Win32_ACE").CreateInstance()
$Trustee = ([WMIClass] "\\$Computer\root\cimv2:Win32_Trustee").CreateInstance()
$Trustee.Name = "EVERYONE"
$Trustee.Domain = $Null
$Trustee.SID = @(1, 1, 0, 0, 0, 0, 0, 1, 0, 0, 0, 0)
$ace.AccessMask = 2032127
$ace.AceFlags = 3
$ace.AceType = 0

New-Item -type directory -path $path
$Acl = Get-Acl $path
$Ar = New-Object  system.security.accesscontrol.filesystemaccessrule("user\domain","Write","Allow")
$Acl.SetAccessRule($Ar)
Set-Acl $path $Acl
$ACE.Trustee = $Trustee
$sd.DACL += $ACE.psObject.baseobject 
$mc = [WmiClass]"\\$Computer\ROOT\CIMV2:$Class"
$InParams = $mc.psbase.GetMethodParameters($Method)
$InParams.Access = $sd
$InParams.Description = $description
$InParams.MaximumAllowed = $Null
$InParams.Name = $name
$InParams.Password = $Null
$InParams.Path = $path
$InParams.Type = [uint32]0
$R = $mc.PSBase.InvokeMethod($Method, $InParams, $Null)
switch ($($R.ReturnValue))
 {
  0 {Write-Host "Share:$name Path:$path Result:Success"; break}
  2 {Write-Host "Share:$name Path:$path Result:Access Denied" -foregroundcolor red -backgroundcolor yellow;break}
  8 {Write-Host "Share:$name Path:$path Result:Unknown Failure" -foregroundcolor red -backgroundcolor yellow;break}
  9 {Write-Host "Share:$name Path:$path Result:Invalid Name" -foregroundcolor red -backgroundcolor yellow;break}
  10 {Write-Host "Share:$name Path:$path Result:Invalid Level" -foregroundcolor red -backgroundcolor yellow;break}
  21 {Write-Host "Share:$name Path:$path Result:Invalid Parameter" -foregroundcolor red -backgroundcolor yellow;break}
  22 {Write-Host "Share:$name Path:$path Result:Duplicate Share" -foregroundcolor red -backgroundcolor yellow;break}
  23 {Write-Host "Share:$name Path:$path Result:Reedirected Path" -foregroundcolor red -backgroundcolor yellow;break}
  24 {Write-Host "Share:$name Path:$path Result:Unknown Device or Directory" -foregroundcolor red -backgroundcolor yellow;break}
  25 {Write-Host "Share:$name Path:$path Result:Network Name Not Found" -foregroundcolor red -backgroundcolor yellow;break}
  default {Write-Host "Share:$name Path:$path Result:*** Unknown Error ***" -foregroundcolor red -backgroundcolor yellow;break}
 }

我从其他几个网站上抄袭并拼凑了它，1和2。它在我的 Windows 7 机器上运行良好。有关 filesystemaccessrule 对象的更多信息，请查看这里。

Answer

这是一个可以执行您所希望的操作的 PowerShell 脚本。

$Computer = "localhost"
$Class = "Win32_Share"
$Method = "Create"
$name = "foldername$"
$path = "C:\Folderpath"
$description = "This is shared for me to test"
$sd = ([WMIClass] "\\$Computer\root\cimv2:Win32_SecurityDescriptor").CreateInstance()
$ACE = ([WMIClass] "\\$Computer\root\cimv2:Win32_ACE").CreateInstance()
$Trustee = ([WMIClass] "\\$Computer\root\cimv2:Win32_Trustee").CreateInstance()
$Trustee.Name = "EVERYONE"
$Trustee.Domain = $Null
$Trustee.SID = @(1, 1, 0, 0, 0, 0, 0, 1, 0, 0, 0, 0)
$ace.AccessMask = 2032127
$ace.AceFlags = 3
$ace.AceType = 0

New-Item -type directory -path $path
$Acl = Get-Acl $path
$Ar = New-Object  system.security.accesscontrol.filesystemaccessrule("user\domain","Write","Allow")
$Acl.SetAccessRule($Ar)
Set-Acl $path $Acl
$ACE.Trustee = $Trustee
$sd.DACL += $ACE.psObject.baseobject 
$mc = [WmiClass]"\\$Computer\ROOT\CIMV2:$Class"
$InParams = $mc.psbase.GetMethodParameters($Method)
$InParams.Access = $sd
$InParams.Description = $description
$InParams.MaximumAllowed = $Null
$InParams.Name = $name
$InParams.Password = $Null
$InParams.Path = $path
$InParams.Type = [uint32]0
$R = $mc.PSBase.InvokeMethod($Method, $InParams, $Null)
switch ($($R.ReturnValue))
 {
  0 {Write-Host "Share:$name Path:$path Result:Success"; break}
  2 {Write-Host "Share:$name Path:$path Result:Access Denied" -foregroundcolor red -backgroundcolor yellow;break}
  8 {Write-Host "Share:$name Path:$path Result:Unknown Failure" -foregroundcolor red -backgroundcolor yellow;break}
  9 {Write-Host "Share:$name Path:$path Result:Invalid Name" -foregroundcolor red -backgroundcolor yellow;break}
  10 {Write-Host "Share:$name Path:$path Result:Invalid Level" -foregroundcolor red -backgroundcolor yellow;break}
  21 {Write-Host "Share:$name Path:$path Result:Invalid Parameter" -foregroundcolor red -backgroundcolor yellow;break}
  22 {Write-Host "Share:$name Path:$path Result:Duplicate Share" -foregroundcolor red -backgroundcolor yellow;break}
  23 {Write-Host "Share:$name Path:$path Result:Reedirected Path" -foregroundcolor red -backgroundcolor yellow;break}
  24 {Write-Host "Share:$name Path:$path Result:Unknown Device or Directory" -foregroundcolor red -backgroundcolor yellow;break}
  25 {Write-Host "Share:$name Path:$path Result:Network Name Not Found" -foregroundcolor red -backgroundcolor yellow;break}
  default {Write-Host "Share:$name Path:$path Result:*** Unknown Error ***" -foregroundcolor red -backgroundcolor yellow;break}
 }

我从其他几个网站上抄袭并拼凑了它，1和2。它在我的 Windows 7 机器上运行良好。有关 filesystemaccessrule 对象的更多信息，请查看这里。

Question 2

我喜欢 CMD.EXE......（不是真的）：

mkdir x:\directory\to\make
cacls x:\directory\to\make /e /t /g DOMAIN\user:C
net share sharename=X:\directory\to\make

这将创建目录，向目录添加具有“更改”权限的“DOMAIN\user”（将继承到子文件夹和文件）并共享目录。如果需要，可以针对 UNC 路径运行前两个命令，但必须net share在共享目录所在的服务器上执行。（rmtshare.exeWindows NT Resource Kit 发行版中有一个旧工具，其语法大致相同，net share但可以在远程计算机上创建共享。）

Answer

我喜欢 CMD.EXE......（不是真的）：

mkdir x:\directory\to\make
cacls x:\directory\to\make /e /t /g DOMAIN\user:C
net share sharename=X:\directory\to\make

这将创建目录，向目录添加具有“更改”权限的“DOMAIN\user”（将继承到子文件夹和文件）并共享目录。如果需要，可以针对 UNC 路径运行前两个命令，但必须net share在共享目录所在的服务器上执行。（rmtshare.exeWindows NT Resource Kit 发行版中有一个旧工具，其语法大致相同，net share但可以在远程计算机上创建共享。）

Question 3

应该可以使用命令calcs。

Answer

应该可以使用命令calcs。

为 AD2003 编写脚本共享安全和 NTFS 设置

答案1

答案2

答案3

相关内容