Biatu Posted April 22, 2017 Posted April 22, 2017 (edited) 1 hour ago, Bowmore said: @Biatu Does this give you what you are looking for? $sName = ObjName() Basically im creating a wrapper for this UDF so I can use it via console, I should have clarified lol, is there a way to get the SE_OBJECT_TYPE from a string (command line arg) detecting a file/path and registry are pretty straight forward, but I was wonding if there was a way to automatically detect the type before calling GrantAll Edited April 22, 2017 by Biatu What is what? What is what.
YawStar Posted April 12, 2018 Posted April 12, 2018 Some files that named with unicode character can not be set permission. Sorry for my english.
YawStar Posted April 13, 2018 Posted April 13, 2018 Sorry for late this is my script. #Include <Permissions.au3> $ret_Val = _DenyAllAccess(@ScriptDir & "\#Apink's Eunji Tuto! DAILY BEST Video YouTube.mp4") If $ret_Val = 1 Then MsgBox(0, "Permission", "Successful.") EndIf If $ret_Val = 0 Then MsgBox(16, "Permission", "Failure.") EndIf #Apink's Eunji Tuto! DAILY BEST Video YouTube.mp4
AdamUL Posted April 13, 2018 Posted April 13, 2018 It looks like you forgot _InitiatePermissionResources and _ClosePermissionResources function calls at the beginning and ending of your script. Give this a try. #Include <Permissions.au3> _InitiatePermissionResources() $ret_Val = _DenyAllAccess(@ScriptDir & "\#Apink's Eunji Tuto! DAILY BEST Video YouTube.mp4") If $ret_Val = 1 Then MsgBox(0, "Permission", "Successful.") EndIf If $ret_Val = 0 Then MsgBox(16, "Permission", "Failure.") EndIf _ClosePermissionResources() Adam YawStar 1
YawStar Posted April 18, 2018 Posted April 18, 2018 Sorry for late. I have traveled to no internet region. I tried with your suggest script. But not working. I added #RequireAdmin , _InitiatePermissionResources() and _ClosePermissionResources() in my second script but not working. And then I added FileOpenDialog(). When i chose "171029 걸크러) 엉덩이(지아) 밀리오레신발 직캠.txt" in ScriptDir, the return value is 0. But when i change file name "171029 걸크러) 엉덩이(지아) 밀리오레신발 직캠.txt" to "English File Name Changed.txt", the return value is 1. My OS is Windows 10 RS4 (x64) My Autoit Version is 3.3.14.5 Can permission.au3 used in Window 10 RS 4 (x64)? I have no test other windows. Here is my second Script #NoTrayIcon #RequireAdmin #include "RESOURCES\UDF\Permissions.au3" _InitiatePermissionResources() $file= FileOpenDialog("Chose File", @ScriptDir, "All files (*.*)") If Not @error Then $ret_Val = _DenyAllAccess($file, $SE_FILE_OBJECT) If $ret_Val = 1 Then MsgBox(64, "Permission", "Successful.") EndIf If $ret_Val = 0 Then MsgBox(16, "Permission", "Failure.") EndIf _ClosePermissionResources() 171029 걸크러) 엉덩이(지아) 밀리오레신발 직캠.txt
AdamUL Posted April 18, 2018 Posted April 18, 2018 It looks like the DLL call in _SetObjectSecurity uses SetNamedSecurityInfo, and does not use the Unicode function SetNamedSecurityInfoW. Try the following updated function, and see if it work. expandcollapse popup; #FUNCTION# ==================================================================================================================== ; Name...........: _SetObjectSecurity ; Description ...: Sets the security info of an object ; Syntax.........: _SetObjectSecurity($oName, $_SE_OBJECT_TYPE, $SECURITY_INFORMATION, $pOwner = 0, $pGroup = 0, $Dacl = 0,$Sacl = 0) ; Parameters ....: $oName - The name or handle to the object. This can be a path to a file or folder, a registry key, ; + a service name, a process handle, etc. See the comments on the _SE_OBJECT_TYPE enum for more info. ; $_SE_OBJECT_TYPE - The type of the object to set permissions. This must be one of the values of the ; +_SE_OBJECT_TYPE enum. The default is $SE_FILE_OBJECT (a file or folder). ; $SECURITY_INFORMATION - A combination of the Security information constants. This combination must match the ; +info to set. ie, to set the owner and the Dacl it must be BitOR($OWNER_SECURITY_INFORMATION,$DACL_SECURITY_INFORMATION) ; $pOwner (Optional) - A pointer to a SID that identifies the owner of the object. ; $pGroup (Optional) - A pointer to a SID that identifies the primary group of the object. ; $Dacl (Optional) - A pointer to the new DACL for the object. ; $Sacl (Optional) - A pointer to the new SACL for the object. ; Return values .: Success - 1 ; Failure - 0 and sets @error ; Author ........: FredAI ; Modified.......: ; Remarks .......: ; Related .......: _SetObjectSecurityDescriptor ; Link ..........: ; Example .......: ; =============================================================================================================================== Func _SetObjectSecurity($oName, $_SE_OBJECT_TYPE, $SECURITY_INFORMATION, $pOwner = 0, $pGroup = 0, $Dacl = 0, $Sacl = 0) Local $aCall If $ResourcesState = 0 Then _InitiatePermissionResources() If $Dacl And Not _IsValidAcl($Dacl) Then Return 0 If $Sacl And Not _IsValidAcl($Sacl) Then Return 0 If IsPtr($oName) Then ; If it's a handle object $aCall = DllCall($h__Advapi32Dll,'dword','SetSecurityInfo','handle',$oName,'dword',$_SE_OBJECT_TYPE, _ 'dword',$SECURITY_INFORMATION,'ptr',$pOwner,'ptr',$pGroup,'ptr',$Dacl,'ptr',$Sacl) Else ;If it's a named object If $_SE_OBJECT_TYPE = $SE_REGISTRY_KEY Then $oName = _Security_RegKeyName($oName) $aCall = DllCall($h__Advapi32Dll,'dword','SetNamedSecurityInfoW','str',$oName,'dword',$_SE_OBJECT_TYPE, _ 'dword',$SECURITY_INFORMATION,'ptr',$pOwner,'ptr',$pGroup,'ptr',$Dacl,'ptr',$Sacl) EndIf If @error Then Return SetError(1,0,0) If $aCall[0] And $pOwner Then ; If failed, set owner and try again If _SetObjectOwner($oName, $_SE_OBJECT_TYPE,_SidToStringSid($pOwner)) Then _ Return _SetObjectSecurity($oName, $_SE_OBJECT_TYPE, $SECURITY_INFORMATION - 1, 0, $pGroup, $Dacl, $Sacl) EndIf Return SetError($aCall[0] , 0, Number($aCall[0] = 0)) EndFunc ;==> _SetObjectSecurity Adam
Dellroc Posted April 18, 2018 Posted April 18, 2018 Please tell me where I was wrong. I can not assign a right to a service. #include <Array.au3> #include <Permissions.au3> #include <Security.au3> Opt('MustDeclareVars',1) Opt('TrayIconHide',1) Global $gDACL Global $gPerm[0][3] Global $tAr Global $tAr = _Security__LookupAccountName('Test') Global $tPerm[1][3]=[[$tAr[0],1,131581]] ;~ _ArrayDisplay($tPerm,'$tPerm') If _SetObjectPermissions('AdobeARMservice', $SE_SERVICE, $tPerm) = 1 Then ConsoleWrite('Good'&@error&@CRLF) Else ConsoleWrite('Bad '&@error&@CRLF) EndIf $gDACL = _GetObjectDACL('\\'&@ComputerName&'\AdobeARMservice',$SE_SERVICE) _MergeDaclToArray($gDACL, $gPerm) For $i=0 To UBound($gPerm)-1 $gPerm[$i][0] = _Security__SidToStringSid($gPerm[$i][0]) $tAr = _Security__LookupAccountSid($gPerm[$i][0]) $gPerm[$i][0] = $tAr[1]&'\'&$tAr[0] ; Domain\Username Next _ArrayDisplay($gPerm,'$gPerm')
YawStar Posted April 19, 2018 Posted April 19, 2018 Thank Adam. I replaced _SetObjectSecurity Function. But still not working.
AdamUL Posted April 19, 2018 Posted April 19, 2018 (edited) Your welcome, sorry it didn't help. I did some more searching in the UDF, and there are quite a few DllCall function calls that are not using the Unicode function. Right now, I do not have time to search through the whole UDF to find them. You can search on DllCall in SciTE and then google the function name in the DLLCall. You should get the MSDN page for the function, and at the bottom of the page it will tell if there is a Unicode version of the function. Usually it will be the function name ending with a capital W. If there is a Unicode version, replace function name with that one in the DllCall. Usually you just have to add a capital "W" to the end of the name. Sorry, I can not do more right now. Adam Edited April 20, 2018 by AdamUL missing words
AdamUL Posted April 24, 2018 Posted April 24, 2018 @YawStar I tried updating the DllCalls with the Unicode function names, and it did not work. After I updated the names, and started a test script, the script caused AutoIt to crash. Most likely, there something else in the dll call that needs to be changed, but I'm not sure what that is. Adam
AdamUL Posted April 24, 2018 Posted April 24, 2018 (edited) @YawStar I changed the data types in the dll call, and was able to get some test scripts to work without issue. I have attached the updated UDF. Please test to see if it works for you. Permissions-Unicode.au3 Adam Edited May 1, 2018 by AdamUL YawStar 1
YawStar Posted April 25, 2018 Posted April 25, 2018 (edited) Thank @AdamUL It is working now. Have a nice day. Edited April 25, 2018 by YawStar
YawStar Posted April 25, 2018 Posted April 25, 2018 (edited) @AdamUL If you have time, may i have next question? When I get Object Owner using this udf $ObjOwner = _GetObjectOwner("D:\test.txt") MsgBox(0, "Owner", $ObjOwner) The Output Message is S-1-5-32-545 I know it is Administrators but how can i convert S-1-5-32-545 to Administrators. I want to convert StringSid to String. Edited April 25, 2018 by YawStar
AdamUL Posted April 25, 2018 Posted April 25, 2018 Glad the UDF is working for you. Use _Security__LookupAccountSid. Here's an example script. #RequireAdmin #include <Security.au3> #Include <Permissions.au3> _InitiatePermissionResources() Global $oOwner = _GetObjectOwner("D:\test.txt") Global $aAcct = _Security__LookupAccountSid($oOwner) Global $sAcct = "" If IsArray($aAcct) Then $sAcct = ($aAcct[1] <> "" ? $aAcct[1] & "\" : "" ) & $aAcct[0] MsgBox(0, "Owner", $sAcct) _ClosePermissionResources() Adam
Shark007 Posted November 24, 2019 Posted November 24, 2019 (edited) For quite some time now, Windows has locked-down most system files and many registry keys to TrustedInstaller. I had a need to disable some OS files (by adding .bak) and edit some Registry Keys and this UDF allowed that, with a few modifications to meet my needs. Edited February 2, 2021 by Shark007
Valnurat Posted May 14, 2020 Posted May 14, 2020 How do you use this UDF to get the permissions on a folder? I 'm looking for the groups and users added to a folder. Yours sincerely Kenneth.
AdamUL Posted May 15, 2020 Posted May 15, 2020 Sorry, but currently I do not know of any functions in this UDF that will give the individual permissions directly. You can read them with the UDF. I have examples in this thread that show how to search for a user or group and change their permissions. Functions would need to be created to show the individual permissions. Adam
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now