icacls

Discussion forum for all Windows batch related topics.

Moderator: DosItHelp

Post Reply
Message
Author
COM1
Posts: 2
Joined: 26 Oct 2017 14:55

icacls

#1 Post by COM1 » 26 Oct 2017 15:21

Little help with icacls please.

I have vbs creating a shell and running the following.....

Code: Select all

                strfolder = InputBox("Please enter a folder")
                set objFSO = CreateObject("Scripting.FileSystemObject") 
                objFSO.CreateFolder "\\folder1\folder1.1\folder1.2\" & strfolder

                Dim objFSO, outFile
                Set objFSO = CreateObject("Scripting.FileSystemObject")
               
                'Open write stream
                Set outFile = objFSO.CreateTextFile("j:\Projects\CreateFolders.cmd", True)

                outFile.WriteLine "md " & strfolder  & "\00CustomerService"
                [color=#0040FF]outFile.WriteLine "icacls " & strFolder & "\00CustomerService" /deny domain\user:R /T[/color]
                outFile.WriteLine "exit"
                outFile.Close

                set shell=createobject("wscript.shell")
                shell.Run "%comspec% /K \\server\dept\Projects\CreateFolders", 1, True

I receive an 800A0401 error Expected end of statement Line 12 Char 70

Any ideas?

aGerman
Expert
Posts: 4678
Joined: 22 Jan 2010 18:01
Location: Germany

Re: icacls

#2 Post by aGerman » 26 Oct 2017 16:00

I think it's rather a VBS problem where string literals have to be enclosed in surrounding quotation marks. That means your current string ends with 00CustomerService" and everything after that last quotation mark will be treated as VBS code (which will fail).
So I assume the line should look like that
outFile.WriteLine "icacls " & strFolder & "\00CustomerService /deny domain\user:R /T"
or if you need the literal quotation marks around the path
outFile.WriteLine "icacls """ & strFolder & "\00CustomerService"" /deny domain\user:R /T"
If this doesn't work please write the line as it should show up in your CreateFolders.cmd

Steffen

COM1
Posts: 2
Joined: 26 Oct 2017 14:55

Re: icacls

#3 Post by COM1 » 27 Oct 2017 10:33

I believe that solved my issue. THANK YOU Steffen!

Now to just adjust permissions for those running the script. They need to be able to change the permissions of the folders they create, but the ACE "Change Permissions" doesn't seem to have an effect on the new folder, even though the ACE is checked

Ed Dyreen
Expert
Posts: 1569
Joined: 16 May 2011 08:21
Location: Flanders(Belgium)
Contact:

Re: icacls

#4 Post by Ed Dyreen » 10 Nov 2017 20:46

COM1 wrote:I believe that solved my issue. THANK YOU Steffen!

Now to just adjust permissions for those running the script. They need to be able to change the permissions of the folders they create, but the ACE "Change Permissions" doesn't seem to have an effect on the new folder, even though the ACE is checked
You may want to try vbsedit then due to the highlighting you won't be making mistakes like that so easily. it's free software.

For the ACE part of your question, unfortunately with my version this option is not available.
I only have options Read/Write/Change/Full so can't help you with that.

I've also enjoyed myself rewriting it a bit, as you can see vbscript screams for some getObjectErr, throwException function. Anyways, I've added the option explicit and beware that if you don't use braces at some point you will run into the the famous: Can't use quotes when calling a Sub error. Using Call in a consistent manner prevents that although it may change the way that parameters are passed, that's not an issue usually performance wise. Also performance wise it's better to make permanent connections and then reuse those rather than to redeclare oFSO every time you use it.

Code: Select all

option explicit

Dim oFSO 	: Set oFSO 	= CreateObject("Scripting.FileSystemObject")
Dim oWshShell 	: Set oWshShell	= createobject("wscript.shell")

On Error resume Next
Call oFSO.CreateFolder( "\\folder1\folder1.1\folder1.2\" & InputBox("Please enter a folder") )
Dim iError : iError = Err.Number
On Error Goto 0

If iError = 0 Then
Rem (
	'Open write stream
	On Error resume Next
	Dim outFile : Set outFile = oFSO.CreateTextFile("j:\Projects\CreateFolders.cmd", True)
	iError = Err.Number
	On Error Goto 0

	If iError = 0 Then
	Rem (
		Call outFile.WriteLine( "md " & strfolder & "\00CustomerService" )
		Call outFile.WriteLine( "icacls " & strFolder & "\00CustomerService" /deny domain\user:R /T )
		Call outFile.WriteLine( "exit" )
		Call outFile.Close()
	Rem )
	End If
Rem )
End if

If iError <> 0 _
Then Call Err.Raise( iError ) _
Else Call oWshShell.Run( "%comspec% /K \\server\dept\Projects\CreateFolders", 1, True )

etcetera....
Check for Acces Denied Error will make your code more robust ( Not that I am doing anything important rather than just suppressing and then raising the error again, but in the future you may want to decide having the script not to just raise an error and well crash.. )

i also see your naming is not very consistent, at one point you use the term 'obj...' for an object but then you use 'outFile' for another object, which is actually a Textstream object. That's a matter of choice but consistency wise I'd just call it oTextstream and put everything in a function as to not dirty global environment

hope it helps

Post Reply