' Globals Dim Mj,Mn,Bld,Sec,Network ' Init Security and Network objects InitSecurity '--See for more constants MSDN: Example Code for Adding an ACE to a File--- Const ADS_PATH_FILE = 1 Const ADS_SD_FORMAT_IID = 1 ' Const ADS_RIGHT_GENERIC_READ = &h80000000 Const ADS_RIGHT_GENERIC_WRITE = &h40000000 Const ADS_RIGHT_GENERIC_EXECUTE = &h20000000 Const ADS_RIGHT_GENERIC_ALL = &h10000000 ' Const ADS_ACEFLAG_UNKNOWN = &h1 Const ADS_ACEFLAG_INHERIT_ACE = &h2 ' Const ADS_ACETYPE_ACCESS_ALLOWED = &H0 Const ADS_ACETYPE_ACCESS_DENIED = &H1 ' ' File Specific Access Rights ' Const DELETE = &H10000 Const READ_CONTROL = &H20000 Const WRITE_DAC = &H40000 Const WRITE_OWNER = &H80000 Const SYNCHRONIZE = &H100000 Const STANDARD_RIGHTS_REQUIRED = &HF0000 STANDARD_RIGHTS_READ = READ_CONTROL STANDARD_RIGHTS_WRITE = READ_CONTROL STANDARD_RIGHTS_EXECUTE = READ_CONTROL Const STANDARD_RIGHTS_ALL = &H1F0000 Const SPECIFIC_RIGHTS_ALL = &HFFFF ' ' AccessMask constants for FILE ACEs ' Const FILE_READ_DATA = &H1 ' file & pipe Const FILE_LIST_DIRECTORY = &H1 ' directory Const FILE_WRITE_DATA = &H2 ' file & pipe Const FILE_ADD_FILE = &H2 ' directory Const FILE_APPEND_DATA = &H4 ' file Const FILE_ADD_SUBDIRECTORY = &H4 ' directory Const FILE_CREATE_PIPE_INSTANCE = &H4 ' named pipe Const FILE_READ_EA = &H8 ' file & directory Const FILE_WRITE_EA = &H10 ' file & directory Const FILE_EXECUTE = &H20 ' file Const FILE_TRAVERSE = &H20 ' directory Const FILE_DELETE_CHILD = &H40 ' directory Const FILE_READ_ATTRIBUTES = &H80 ' all Const FILE_WRITE_ATTRIBUTES = &H100 ' all FILE_ALL_ACCESS = STANDARD_RIGHTS_REQUIRED Or SYNCHRONIZE Or &H1FF FILE_GENERIC_READ = STANDARD_RIGHTS_READ Or _ FILE_READ_DATA Or _ FILE_READ_ATTRIBUTES Or _ FILE_READ_EA Or _ SYNCHRONIZE FILE_GENERIC_WRITE = STANDARD_RIGHTS_WRITE Or _ FILE_WRITE_DATA Or _ FILE_WRITE_ATTRIBUTES Or _ FILE_WRITE_EA Or _ FILE_APPEND_DATA Or _ SYNCHRONIZE FILE_GENERIC_EXECUTE = STANDARD_RIGHTS_EXECUTE Or _ FILE_READ_ATTRIBUTES Or _ FILE_EXECUTE Or _ SYNCHRONIZE function getVersionFromString(productVersion,Mj,Mn,Bld) function getOSVer(Mj,Mn,Bld) function Is2k function IsXP function Is2k3 function GetSecObj function GetSD(sec, path) sub SetSD(sec, sd, path) ' convert OctetString (byte array) to Hex string ' convert Sid hex string to string Function HexSidToString(HexSid) ' convert Sid to string Function SidToString(Sid) function GetObjectSid(Domain,Trustee) function GetSid(Trustee) function MapGeneric(f) function CmpAce(ace,a,Sid) function IsAceAlreadyExists(Dacl, Ace) Sub ReorderDacl(Dacl,UserName) Sub SetFileAccess(AceType, PathName, UserName, Permissions) Sub AllowFileAccess(PathName, UserName, Permissions) Sub DenyFileAccess(PathName, UserName, Permissions) Sub RemoveFileAccess(PathName, UserName) Sub InitSecurity '------------------------------------ ' read parameters from standard input '------------------------------------ Sub ReadParams Params.RemoveAll Do While Not WScript.StdIn.AtEndOfStream Param = Trim(WScript.StdIn.ReadLine) Pos = InStr(Param, "=") Name = Mid(Param, 1, Pos - 1) Value = Mid(Param, Pos + 1) Params.Add Name, Value Loop End Sub Sub PrintParams(OutputFileName)