Pyro
08-31-2004, 06:58 PM
I realize that this is not a VBScript forum, and that this is, for the most part a VBScript question.
But with that said, VBP does offer limited functionality for creating a network share, so I think this may be the appropriate place to point out a slight hole in that functionality and possibly request some increased functionality...
In my build, I drop a network share so I can do some copies, and then re-create it right afterward. Using the built in system script vbld_CreateShare() causes the following code to get executed:
Dim objServer, objShare
Set objServer = vbld_ConnectServer("", "", "")
Set objShare = objServer.Get("Win32_Share")
objShare.Create sharePath, shareName, 0, Null, "", Null, Null
Most of the optional parameters are simple strings & ints describing the share that are easy to pass in that you can look up yourself. But unfortunately, that last Null is the Win32_SecurityDescriptor that defines the permissions to place on the share. And if it's passed in as Null, Everyone will have full access to the share (on Win2k3 anyway)! Not knowing this was the underlying script code, I happily added this to my build, causing these directories to be WAAAY too public for almost a month until I realized what had happened.
So I've looked into how to set up a Win32_SecurityDescriptor to pass in here, but frankly, it's a huge, complicated mess and I haven't been able to figure it out. So I was hoping that someone with more VB experience than I could provide a simple example along the lines of giving one user of a particular domain read-only access. Or point me in the right direction so I can see how this is done.
Or even better, Kinook could improve their vbld_CreateShare() method to take in some more parameters and provide this functionality.
Thanks!
Rob
P.S. And yes, I realize that running the cacls.exe command would be a legitimate workaround, but I'd rather do it in script.
But with that said, VBP does offer limited functionality for creating a network share, so I think this may be the appropriate place to point out a slight hole in that functionality and possibly request some increased functionality...
In my build, I drop a network share so I can do some copies, and then re-create it right afterward. Using the built in system script vbld_CreateShare() causes the following code to get executed:
Dim objServer, objShare
Set objServer = vbld_ConnectServer("", "", "")
Set objShare = objServer.Get("Win32_Share")
objShare.Create sharePath, shareName, 0, Null, "", Null, Null
Most of the optional parameters are simple strings & ints describing the share that are easy to pass in that you can look up yourself. But unfortunately, that last Null is the Win32_SecurityDescriptor that defines the permissions to place on the share. And if it's passed in as Null, Everyone will have full access to the share (on Win2k3 anyway)! Not knowing this was the underlying script code, I happily added this to my build, causing these directories to be WAAAY too public for almost a month until I realized what had happened.
So I've looked into how to set up a Win32_SecurityDescriptor to pass in here, but frankly, it's a huge, complicated mess and I haven't been able to figure it out. So I was hoping that someone with more VB experience than I could provide a simple example along the lines of giving one user of a particular domain read-only access. Or point me in the right direction so I can see how this is done.
Or even better, Kinook could improve their vbld_CreateShare() method to take in some more parameters and provide this functionality.
Thanks!
Rob
P.S. And yes, I realize that running the cacls.exe command would be a legitimate workaround, but I'd rather do it in script.