Leaderboard

Hi. I've been working on this for a while. I think now it's good enough to post it here. Functions to do most everything with the DACL and ownership on all types of objects: Files or folders, Registry keys, services, Kernel and WMI objects, etc. Here's a good example to test: #include 'Permissions.au3' _InitiatePermissionResources() FileWrite(@ScriptDir&'test.txt','Test') Local $TI = TimerInit() Local $ret = _DenyAllAccess(@ScriptDir&'test.txt',$SE_FILE_OBJECT,@UserName) Local $TD = TimerDiff($TI) MsgBox(0,'','Deny all access to test.txt and take ownership:'&@CRLF&@CRLF& _ '_DenyAllAccesss return value: '&$ret&' Time: '&Round($TD,2)&' miliseconds.'&@CRLF& _ 'Check the file permissons before closing the message box.') $TI = TimerInit() $ret = _GrantReadAccess(@ScriptDir&'test.txt',$SE_FILE_OBJECT,'Administrators') $TD = TimerDiff($TI) MsgBox(0,'','Grant everyone read access, all access to admins and system, and set the owner: Admins group'&@CRLF&@CRLF& _ '_GrantReadAccesss return value: '&$ret&' Time: '&Round($TD,2)&' miliseconds.'&@CRLF& _ 'Check the file permissons before closing the message box.') $TI = TimerInit() $ret = _GrantAllAccess(@ScriptDir&'test.txt') $TD = TimerDiff($TI) MsgBox(0,'','Grant everyone access'&@CRLF&@CRLF& _ '_GrantAllAccesss return value: '&$ret&' Time: '&Round($TD,2)&' miliseconds.'&@CRLF& _ 'Check the file permissons before closing the message box.') $TI = TimerInit() $ret = _CopyFullDacl(@ScriptDir&'test.txt',$SE_FILE_OBJECT,@ScriptDir) $TD = TimerDiff($TI) MsgBox(0,'','Restore all inherited permissions'&@CRLF&@CRLF& _ '_CopyFullDacl return value: '&$ret&' Time: '&Round($TD,2)&' miliseconds.'&@CRLF& _ 'Check the file permissons before closing the message box.') $TI = TimerInit() Local $aPerm[2][3] = [['Restricted',1,$GENERIC_ALL],['Users',1,$GENERIC_ALL]] $ret = _EditObjectPermissions(@ScriptDir&'test.txt',$aPerm) $TD = TimerDiff($TI) MsgBox(0,'','Add two granted access aces: Restricted and Users'&@CRLF&@CRLF& _ '_EditObjectPermissions return value: '&$ret&' Time: '&Round($TD,2)&' miliseconds.'&@CRLF& _ 'Check the file permissons before closing the message box.') $TI = TimerInit() Dim $aPerm[2][3] = [['Restricted',1,$GENERIC_READ],['Users',1,$GENERIC_READ]] $ret = _EditObjectPermissions(@ScriptDir&'test.txt',$aPerm) $TD = TimerDiff($TI) MsgBox(0,'','Give only read access to the Restricted and Users groups'&@CRLF&@CRLF& _ '_EditObjectPermissions return value: '&$ret&' Time: '&Round($TD,2)&' miliseconds.'&@CRLF& _ 'Check the file permissons before closing the message box.') $TI = TimerInit() Dim $aPerm[2][3] = [['Restricted',0,$GENERIC_ALL],['Users',0,$GENERIC_ALL]] $ret = _EditObjectPermissions(@ScriptDir&'test.txt',$aPerm) $TD = TimerDiff($TI) MsgBox(0,'','Deny access to the Restricted and Users groups'&@CRLF&@CRLF& _ '_EditObjectPermissions return value: '&$ret&' Time: '&Round($TD,2)&' miliseconds.'&@CRLF& _ 'Check the file permissons before closing the message box.') $TI = TimerInit() Local $Hndl = _Permissions_OpenProcess(@AutoItPID) Local $SDBefore = _GetObjectStringSecurityDescriptor($Hndl,$SE_KERNEL_OBJECT) Local $CODRet = _ClearObjectDacl($Hndl,$SE_KERNEL_OBJECT) Local $DARet = _DenyAllAccess($Hndl,$SE_KERNEL_OBJECT) Local $SDAfter = _GetObjectStringSecurityDescriptor($Hndl,$SE_KERNEL_OBJECT) $TD = Round(TimerDiff($TI),2) MsgBox(0,'', 'Deny everyone access to the current process:'&@CRLF&@CRLF& _ '@AutoItPID original security descriptor: '&@CRLF&$SDBefore&@CRLF&@CRLF& _ '_ClearObjectDacl return value: '&$CODRet&@CRLF&@CRLF& _ '_DenyAllAccess_ return value: '&$DARet&@CRLF&@CRLF& _ 'New @AutoItPID security descriptor: '&@CRLF& _ $SDAfter&@CRLF&@CRLF& 'Time taken: '&$TD&' miliseconds.') _Permissions_CloseHandle($Hndl) FileDelete(@ScriptDir&'test.txt') _ClosePermissionResources()I'm planning to add functions to deal with the Sacl in the future, even though I don't think it's very important. Edit: Let me know if you need an example for the registry. Updated: Fixed a bug in the _ClearObjectDacl function. I thought that adding a null DACL would work fine, but it causes problems later when adding a new DACL. Those who have downloaded, please update. Shoot! Now it wasn't clearing the DACL at all. Updated again. I think it's fixed now. Updated 9/11/2011 - Added the security descriptor functions and removed unnecessary constants. Updated 10/11/2011 - There were some functions missing in the index, and some parameters in the comments. Also removed the "MustDeclareVars" option. (About 50 total downloads before) Update 12/12/2011 - Added more functions: New Update 12/12/2011 - Missing declaration keywords in 3 constants. Sorry Update 16/12/2011 - Added support for all object types, including window and process handles. Added more functions, modified most of them, and removed one. Here's the new function list: Updated 22/2/2012.. This time I'm including SecurityConstants.au3 and FileConstants.au3 to prevent constants conflicts. Added a few more functions and fixed a few bugs. Also added the ability to include the inherited aces in the _EditObjectPermissions function. Now the permissions array can have four elements (optional). It will still work with three elements arrays though. The fourth element is intended to have the inheritance flag for the corresponding ace. Here's the new list of functions: 400 previous downloads Permissions.au3

rds_correia, Try this version: #include <Array.au3> #include <File.au3> Global $aPath[5] = [4, "580001", "000", "00", "00"] ; Find last folder $aFolder_List = _Last_Folder($aPath) _ArrayDisplay($aFolder_List) ; Work backwards through the folder list For $i = $aFolder_List[0] To 1 Step -1 ; Read the list of files in this folder $aFile_List = _FileListToArray($aFolder_List[$i] & "\", "*.xml", 1) If IsArray($aFile_List) Then _ArrayDisplay($aFile_List, $aFolder_List[$i]) Else MsgBox(0, "Error", "No files found in" & @CRLF & $aFolder_List[$i]) Exit EndIf Next Func _Last_Folder($aPath) ; Create an array to hold the list of folders found Local $aFolders[100] = [1, "C:\surveillance\" & _ArrayToString($aPath, "\", 1, 4) & "\"] While 1 ; Add 1 to the folder and reset to 00 if needed $aPath[4] = StringFormat("%02i", Mod($aPath[4] + 1, 100)) ; If we did reset to 00 then we need to check the level above If $aPath[4] = "00" Then ; Again we add 1 and reset to 00 if required $aPath[3] = StringFormat("%02i", Mod($aPath[3] + 1, 100)) ; And if we reset to 00 we need to check the level above If $aPath[3] = "00" Then ; Add 1 but this time we reset to 000 if required $aPath[2] = StringFormat("%03i", Mod($aPath[2] + 1, 1000)) ; And again we move up a level if the lower folder was reset If $aPath[2] = "000" Then ; If this one gets to 589999 then you need to restart - or add another level to this tree! $aPath[1] = $aPath[1] + 1 EndIf EndIf EndIf ; Now see if this path exists $sNext_Path = "C:\surveillance\" & _ArrayToString($aPath, "\", 1, 4) & "\" If Not FileExists($sNext_Path) Then ; If the path does not exist then we return the list of folders found ReDim $aFolders[$aFolders[0] + 1] Return $aFolders Else ; The folder exists so add it to the array - resizing if necessary $aFolders[0] += 1 If UBound($aFolders) <= $aFolders[0] Then ReDim $aFolders[$aFolders[0] * 2] EndIf $aFolders[$aFolders[0]] = $sNext_Path EndIf WEnd EndFunc Does it work now? M23

If you have differernt creadentials on each computer you're screwed. Or you could ask the user for the administrator password. Just use InputBox. There is no way to elevate the rights without the RusAsAdmin() function, as guinness already stated.

in case you change your mind...i found the "transform" (properly dubbed transpose) function. here it is unsolicited. edit: It is designed for Two-Dimensional Arrays edit: Added Function Description/Usage Header and error checking ; #FUNCTION# ==================================================================================================================== ; Name...........: _ArrayTranspose ; Description ...: Transpose a two-dimensional array ; Syntax.........: _ArrayTranspose(ByRef $arr) ; Parameters ....: $arr - The array to Transpose ; Return values .: Success - $arr Transposed ; Failure - 0, sets @error to: ; |1 - $arr is no an array ; |2 - $arr is not a two-dimensional array ; Author ........: Spudw2k ; Modified.......: ; Remarks .......: ; Related .......: ; Link ..........: ; Example .......: Yes ; =============================================================================================================================== Func _ArrayTranspose(ByRef $arr) If Not IsArray($arr) Then Return SetError(1, 0, 0) If Not UBound($arr,0) = 2 Then Return SetError(2, 0, 0) Dim $arrTrans[UBound($arr,2)][UBound($arr,1)] For $x = 0 To UBound($arrTrans,2)-1 For $y = 0 To UBound($arrTrans)-1 $arrTrans[$y][$x]=$arr[$x][$y] Next Next Return $arrTrans EndFunc Usage Example: #include "array.au3" Dim $array[3][2]=[["First Name","Last Name"],["John","Smith"],["David","Copperfield"]] _ArrayDisplay($array) $array = _ArrayTranspose($array) _ArrayDisplay($array)

Another way you could approach it: DriveMapAdd("B:", "\\sharecomputer\share", 0, "username", "password") RunWait("B:\executable_to_run.exe") ; You could use silent switches to install without user interaction DriveMapDel("B:")