Whoami / ? -> To get the Help
whoami /All > mydetails.txt -> It will get all the details of the user Eg: User SID and etc
Saturday, January 29, 2011
Backup and Restore of Share & NTFS Permissions
This topic was originally posted to the AskDS blog and has been added to the wiki to allow for community editing.
From time to time we are asked how to backup and restore NTFS file system permissions as well as network share permissions. KB article 125996 talks about the network share piece of it, but it does not talk about NTFS permissions.
One thing that has made the NTFS permissions piece of this simpler is the Icacls tool. Icacls was developed for Windows Vista as a replacement for tools such as Cacls, Xcacls, and Xcacls.vbs. It was also included in Service Pack 2 for Windows Server 2003 and Windows Server 2008.
Backup and Restore of Share Permissions
To backup share permissions, export the Shares registry key.
Open Regedit to the following location:
HKLM\SYSTEM\CurrentControlSet\Services\LanmanServer\Shares
Right-click the Shares registry key and select Export. Give it a file name such as shareperms.reg.
When you want to restore the permissions, double-click shareperms.reg to import it back into the registry.
Use the Reg tool to backup the registry key from the command line:
reg export HKLM\SYSTEM\CurrentControlSet\Services\LanmanServer\Shares shareperms.reg
If you need to restore it at some point, just run:
reg import shareperms.reg
Backup and Restore of NTFS Permissions
Use this command to backup NTFS permissions:
icacls d:\data /save ntfsperms.txt /t /c
The /T switch allows it to get subfolder permissions too. The /C switch allows it to continue even if errors are encountered (although errors will still be displayed).
Use this command to restore them:
icacls d:\ /restore ntfsperms.txt
Note that in the command to save the permissions, I specified the target folder D:\Data, but when I restored them, I specified just D:\ as the target. Icacls is a little funky like that, and here’s why.
If you open the text file with the exported permissions (ntfsperms.txt in the above example), you’ll see that Icacls uses relative paths (in bold below). Underneath the relative paths are the permissions for the folders in Security Descriptor Definition Language (SDDL) format.
data
D:AI(A;ID;FA;;;BA)(A;OICIIOID;GA;;;BA)(A;ID;FA;;;SY)(A;OICIIOID;GA;;;SY)(A;OICIID;0x1200a9;;;BU)(A;ID;0x1301bf;;;AU)(A;OICIIOID;SDGXGWGR;;;AU)
data\folder1
D:AI(A;ID;FA;;;BA)(A;OICIIOID;GA;;;BA)(A;ID;FA;;;SY)(A;OICIIOID;GA;;;SY)(A;OICIID;0x1200a9;;;BU)(A;ID;0x1301bf;;;AU)(A;OICIIOID;SDGXGWGR;;;AU)
data\folder2
D:AI(A;ID;FA;;;BA)(A;OICIIOID;GA;;;BA)(A;ID;FA;;;SY)(A;OICIIOID;GA;;;SY)(A;OICIID;0x1200a9;;;BU)(A;ID;0x1301bf;;;AU)(A;OICIIOID;SDGXGWGR;;;AU)
Had I specified D:\Data in the command to restore the permissions, it would have failed looking for a D:\Data\Data folder:
D:\>icacls d:\data /restore perms.txt
d:\data\data: The system cannot find the file specified.
Successfully processed 0 files; Failed processing 1 files
You might think specifying D:\ as the target in the restore command may somehow mess up the permissions on other folders at that level, but as you can see from the ntfsperms.txt output file, it only has information about the Data folder and subfolders, so that is all it will change.
This artical Posted in Microsoft for my reference i am posting here
for more information on this : http://social.technet.microsoft.com/wiki/contents/articles/how-to-back-up-and-restore-ntfs-and-share-permissions.aspx
From time to time we are asked how to backup and restore NTFS file system permissions as well as network share permissions. KB article 125996 talks about the network share piece of it, but it does not talk about NTFS permissions.
One thing that has made the NTFS permissions piece of this simpler is the Icacls tool. Icacls was developed for Windows Vista as a replacement for tools such as Cacls, Xcacls, and Xcacls.vbs. It was also included in Service Pack 2 for Windows Server 2003 and Windows Server 2008.
Backup and Restore of Share Permissions
To backup share permissions, export the Shares registry key.
Open Regedit to the following location:
HKLM\SYSTEM\CurrentControlSet\Services\LanmanServer\Shares
Right-click the Shares registry key and select Export. Give it a file name such as shareperms.reg.
When you want to restore the permissions, double-click shareperms.reg to import it back into the registry.
Use the Reg tool to backup the registry key from the command line:
reg export HKLM\SYSTEM\CurrentControlSet\Services\LanmanServer\Shares shareperms.reg
If you need to restore it at some point, just run:
reg import shareperms.reg
Backup and Restore of NTFS Permissions
Use this command to backup NTFS permissions:
icacls d:\data /save ntfsperms.txt /t /c
The /T switch allows it to get subfolder permissions too. The /C switch allows it to continue even if errors are encountered (although errors will still be displayed).
Use this command to restore them:
icacls d:\ /restore ntfsperms.txt
Note that in the command to save the permissions, I specified the target folder D:\Data, but when I restored them, I specified just D:\ as the target. Icacls is a little funky like that, and here’s why.
If you open the text file with the exported permissions (ntfsperms.txt in the above example), you’ll see that Icacls uses relative paths (in bold below). Underneath the relative paths are the permissions for the folders in Security Descriptor Definition Language (SDDL) format.
data
D:AI(A;ID;FA;;;BA)(A;OICIIOID;GA;;;BA)(A;ID;FA;;;SY)(A;OICIIOID;GA;;;SY)(A;OICIID;0x1200a9;;;BU)(A;ID;0x1301bf;;;AU)(A;OICIIOID;SDGXGWGR;;;AU)
data\folder1
D:AI(A;ID;FA;;;BA)(A;OICIIOID;GA;;;BA)(A;ID;FA;;;SY)(A;OICIIOID;GA;;;SY)(A;OICIID;0x1200a9;;;BU)(A;ID;0x1301bf;;;AU)(A;OICIIOID;SDGXGWGR;;;AU)
data\folder2
D:AI(A;ID;FA;;;BA)(A;OICIIOID;GA;;;BA)(A;ID;FA;;;SY)(A;OICIIOID;GA;;;SY)(A;OICIID;0x1200a9;;;BU)(A;ID;0x1301bf;;;AU)(A;OICIIOID;SDGXGWGR;;;AU)
Had I specified D:\Data in the command to restore the permissions, it would have failed looking for a D:\Data\Data folder:
D:\>icacls d:\data /restore perms.txt
d:\data\data: The system cannot find the file specified.
Successfully processed 0 files; Failed processing 1 files
You might think specifying D:\ as the target in the restore command may somehow mess up the permissions on other folders at that level, but as you can see from the ntfsperms.txt output file, it only has information about the Data folder and subfolders, so that is all it will change.
This artical Posted in Microsoft for my reference i am posting here
for more information on this : http://social.technet.microsoft.com/wiki/contents/articles/how-to-back-up-and-restore-ntfs-and-share-permissions.aspx
Saturday, January 22, 2011
Exchange Bulk Mailbox Rights Export Script
on error resume next
ServerName="DomainControlarName"
Const ForReading = 1
Set oFSO = CreateObject("scripting.filesystemobject")
set oLogPermissions = oFSO.CreateTextFile("C:\Scripts\permissions.csv")
oLogPermissions.WriteLine "DN,Trustee,AccessMask,ACEType,ACEFlags,Flags,ObjectType,InheritedObjectType"
Set oTF = oFSO.OpenTextFile("C:\Scripts\mailbox.txt",ForReading,True)
Do While Not otf.AtEndOfStream
DN = otf.ReadLine
sUserADsPath = "LDAP://"& ServerName &"/" & DN
'msgbox sUserADsPath
Set myUser = GetObject(sUserADsPath)
myuser.GetInfoEx Array("msExchMailboxSecurityDescriptor"),0
Set oSecurityDescriptor = myuser.Get("msExchMailboxSecurityDescriptor")
Set dacl = oSecurityDescriptor.DiscretionaryAcl
For Each ace In dacl
oLogPermissions.WriteLine chr(34) & DN & chr(34) &"," & ace.Trustee &"," & decodeaccessmask(ace.AccessMask) &"," & ace.AceType &"," & decodeAceFlags(ace.AceFlags) &"," & ace.Flags &"," & ace.ObjectType &"," & ace.InheritedObjectType
Next
Loop
oLogPermissions.close
oTF.close
msgbox "All Permissions are written to file..."
Function decodeAccessMask(m)
Dim s
'If m AND 1048576 Then s = s + "Synchronize;"
If m AND 524288 Then s = s + "Take Ownership;"
If m AND 262144 Then s = s + "Change Permissions;"
If m AND 131072 Then s = s + "Read Permissions;"
If m AND 65536 Then s = s + "Delete Permissions;"
If m AND 256 Then s = s + "Write Attr;"
'If m AND 128 Then s = s + "Read Attr;"
'If m AND 64 Then s = s + "Delete Dir;"
'If m AND 32 Then s = s + "Execute;"
'If m AND 16 Then s = s + "Write ExtAttr;"
'If m AND 8 Then s = s + "Read ExtAttr;"
If m AND 4 Then s = s + "Assocaited External Account;"
'If m AND 2 Then s = s + "Write;"
If m AND 1 Then s = s + "Full Mailbox Access;"
decodeAccessMask = s &"(" & m & ")"
End Function
Function decodeAceFlags(m)
Dim s
If m AND 16 Then s = s + "Has been inherited;"
If m AND 8 Then s = s + "Not effective will be inherited;"
If m AND 4 Then s = s + "Children will not pass on;"
If m AND 2 Then s = s + "Containers will inherit and pass on;"
If m AND 1 Then s = s + "Non-containers will inherit and pass on;"
decodeAceFlags = s &"(" & m & ")"
End Function
ServerName="DomainControlarName"
Const ForReading = 1
Set oFSO = CreateObject("scripting.filesystemobject")
set oLogPermissions = oFSO.CreateTextFile("C:\Scripts\permissions.csv")
oLogPermissions.WriteLine "DN,Trustee,AccessMask,ACEType,ACEFlags,Flags,ObjectType,InheritedObjectType"
Set oTF = oFSO.OpenTextFile("C:\Scripts\mailbox.txt",ForReading,True)
Do While Not otf.AtEndOfStream
DN = otf.ReadLine
sUserADsPath = "LDAP://"& ServerName &"/" & DN
'msgbox sUserADsPath
Set myUser = GetObject(sUserADsPath)
myuser.GetInfoEx Array("msExchMailboxSecurityDescriptor"),0
Set oSecurityDescriptor = myuser.Get("msExchMailboxSecurityDescriptor")
Set dacl = oSecurityDescriptor.DiscretionaryAcl
For Each ace In dacl
oLogPermissions.WriteLine chr(34) & DN & chr(34) &"," & ace.Trustee &"," & decodeaccessmask(ace.AccessMask) &"," & ace.AceType &"," & decodeAceFlags(ace.AceFlags) &"," & ace.Flags &"," & ace.ObjectType &"," & ace.InheritedObjectType
Next
Loop
oLogPermissions.close
oTF.close
msgbox "All Permissions are written to file..."
Function decodeAccessMask(m)
Dim s
'If m AND 1048576 Then s = s + "Synchronize;"
If m AND 524288 Then s = s + "Take Ownership;"
If m AND 262144 Then s = s + "Change Permissions;"
If m AND 131072 Then s = s + "Read Permissions;"
If m AND 65536 Then s = s + "Delete Permissions;"
If m AND 256 Then s = s + "Write Attr;"
'If m AND 128 Then s = s + "Read Attr;"
'If m AND 64 Then s = s + "Delete Dir;"
'If m AND 32 Then s = s + "Execute;"
'If m AND 16 Then s = s + "Write ExtAttr;"
'If m AND 8 Then s = s + "Read ExtAttr;"
If m AND 4 Then s = s + "Assocaited External Account;"
'If m AND 2 Then s = s + "Write;"
If m AND 1 Then s = s + "Full Mailbox Access;"
decodeAccessMask = s &"(" & m & ")"
End Function
Function decodeAceFlags(m)
Dim s
If m AND 16 Then s = s + "Has been inherited;"
If m AND 8 Then s = s + "Not effective will be inherited;"
If m AND 4 Then s = s + "Children will not pass on;"
If m AND 2 Then s = s + "Containers will inherit and pass on;"
If m AND 1 Then s = s + "Non-containers will inherit and pass on;"
decodeAceFlags = s &"(" & m & ")"
End Function
Run-As Script
set WshShell = WScript.CreateObject("WScript.Shell")
WshShell.run "runas /user:Domain\Username %comspec%" 'Open command prompt
WScript.Sleep 1000
WshShell.SendKeys "password" 'send password
WshShell.SendKeys "{ENTER}"
WScript.Sleep 1000 'Open AD Users & Computers
WshShell.SendKeys Chr(34) + "C:\Program Files\Exchsrvr\bin\users and computers.msc" + Chr(34)
WshShell.SendKeys "{ENTER}"
WshShell.SendKeys "exit" 'Close command prompt
WshShell.SendKeys "{ENTER}"
WScript.Sleep 1000 set
wshshell = nothing
Search Valid Users in AD
Const ForReading = 1
Const ForAppending = 8
Set objFSO = CreateObject("Scripting.FileSystemObject")
Set objTextFile = objFSO.OpenTextFile("NameList.txt", ForReading)
Do Until objTextFile.AtEndOfStream
strObjectName = objTextFile.Readline
strRootSearch = "DC=Contoso,DC=net"
Set objConnection = CreateObject("ADODB.Connection")
objConnection.Open "Provider=ADsDSOObject;"
Set objCommand = CreateObject("ADODB.Command")
objCommand.ActiveConnection = objConnection
objCommand.CommandText = _
";(&((objectCategory=user)(objectCategory=group))" &_
"(samAccountName=" & strObjectName & "));samAccountName,distinguishedName;subtree"
Set objRecordSet = objCommand.Execute
If objRecordset.RecordCount = 0 Then
intReturnValue=0
Set objFSO1 = CreateObject("Scripting.FileSystemObject")
Set objTextFile1 = objFSO1.OpenTextFile("Output.csv", ForAppending, True)
objTextFile1.WriteLine(strObjectName & vbTab & "Object does not exist")
objTextFile1.Close
Else
objRecordSet.MoveFirst
intReturnValue=1
Set objUser = GetObject ("LDAP://" & objRecordSet.Fields("distinguishedName").Value & "")
arrAttributes = Array("mail")
objUser.GetInfoEx arrAttributes, 0
On Error Resume Next
strDescription = objUser.Get("mail")
If Err.Number <> 0 Then
strDescription = "No Email Address"
Err.Clear
End If
Set objFSO1 = CreateObject("Scripting.FileSystemObject")
Set objTextFile1 = objFSO1.OpenTextFile("Output.csv", ForAppending, True)
objTextFile1.WriteLine(strObjectName & vbTab & "Object exists" & vbTab & strDescription
objTextFile1.Close
End If
objConnection.Close
Loop
Const ForAppending = 8
Set objFSO = CreateObject("Scripting.FileSystemObject")
Set objTextFile = objFSO.OpenTextFile("NameList.txt", ForReading)
Do Until objTextFile.AtEndOfStream
strObjectName = objTextFile.Readline
strRootSearch = "DC=Contoso,DC=net"
Set objConnection = CreateObject("ADODB.Connection")
objConnection.Open "Provider=ADsDSOObject;"
Set objCommand = CreateObject("ADODB.Command")
objCommand.ActiveConnection = objConnection
objCommand.CommandText = _
"
"(samAccountName=" & strObjectName & "));samAccountName,distinguishedName;subtree"
Set objRecordSet = objCommand.Execute
If objRecordset.RecordCount = 0 Then
intReturnValue=0
Set objFSO1 = CreateObject("Scripting.FileSystemObject")
Set objTextFile1 = objFSO1.OpenTextFile("Output.csv", ForAppending, True)
objTextFile1.WriteLine(strObjectName & vbTab & "Object does not exist")
objTextFile1.Close
Else
objRecordSet.MoveFirst
intReturnValue=1
Set objUser = GetObject ("LDAP://" & objRecordSet.Fields("distinguishedName").Value & "")
arrAttributes = Array("mail")
objUser.GetInfoEx arrAttributes, 0
On Error Resume Next
strDescription = objUser.Get("mail")
If Err.Number <> 0 Then
strDescription = "No Email Address"
Err.Clear
End If
Set objFSO1 = CreateObject("Scripting.FileSystemObject")
Set objTextFile1 = objFSO1.OpenTextFile("Output.csv", ForAppending, True)
objTextFile1.WriteLine(strObjectName & vbTab & "Object exists" & vbTab & strDescription
objTextFile1.Close
End If
objConnection.Close
Loop
Mutilple Computers Ping Script
NOTE: Do NOT name the script as 'ping.vbs' as it will use 'ping.vbs' to ping the hosts instead of 'ping' command.
Set objShell = CreateObject("WScript.Shell")
If not objFSO.FileExists("servers.txt") THEN
wscript.echo "Please create a file named 'servers.txt' with one PC name to be pingedper line,"&_ vbcrlf&"with a hard return at the end of each line." wscript.quit end if tempobj="temp.txt"
Set objTextFile = objFSO.OpenTextFile("Server.txt", ForReading)
logfile="results.csv"
Set ofile=objFSO.CreateTextFile(logfile,True)
strText = objTextFile.ReadAll
objTextFile.Close
wscript.echo "Ping batch starting, please be patient. This could take some time to"&_ vbcrlf&"finish, depending on the number of hosts to check. You "_ &"will be "&vbcrlf&"notified upon the completion of this script."
ofile.WriteLine ","&"Ping Report -- Date: " & Now() & vbCrLf
arrComputers = Split(strText, vbCrLF)
for each item in arrcomputers
objShell.Run "cmd /c ping -n 1 -w 1000 " & item & " >temp.txt", 0, True
Set tempfile = objFSO.OpenTextFile(tempobj,ForReading)
Do Until tempfile.AtEndOfStream
temp=tempfile.readall
striploc = InStr(temp,"[")
If striploc=0 Then
strip=""
strip=Mid(temp,striploc,16)
strip=Replace(strip,"[",vbTab)
strip=Replace(strip,"]",vbTab)
strip=Replace(strip,"w",vbTab)
strip=Replace(strip," ",vbTab)
End If
If InStr(temp, "Reply from") Then
ofile.writeline item &strip& vbTab &"Online."
ElseIf InStr(temp, "Request timed out.") Then
ofile.writeline item &strip& vbTab &"No response (Offline)."
ELSEIf InStr(temp, "try again") Then
ofile.writeline item &strip& vbTab & "Unknown host (no DNS entry)."
End If
Loop
Next
tempfile.close objfso.deletefile(tempobj)
ofile.writeline ofile.writeline ","&"Ping batch complete "&now()
wscript.echo "Ping batch completed. The results will now be displayed."
More Info : http://www.msfn.org/board/topic/104877-vbscript-ping-multiple-ip-addresses-and-machine-names/
Const ForReading = 1
Set objShell = CreateObject("WScript.Shell")
If not objFSO.FileExists("servers.txt") THEN
wscript.echo "Please create a file named 'servers.txt' with one PC name to be pingedper line,"&_ vbcrlf&"with a hard return at the end of each line." wscript.quit end if tempobj="temp.txt"
Set objTextFile = objFSO.OpenTextFile("Server.txt", ForReading)
logfile="results.csv"
Set ofile=objFSO.CreateTextFile(logfile,True)
strText = objTextFile.ReadAll
objTextFile.Close
wscript.echo "Ping batch starting, please be patient. This could take some time to"&_ vbcrlf&"finish, depending on the number of hosts to check. You "_ &"will be "&vbcrlf&"notified upon the completion of this script."
ofile.WriteLine ","&"Ping Report -- Date: " & Now() & vbCrLf
arrComputers = Split(strText, vbCrLF)
for each item in arrcomputers
objShell.Run "cmd /c ping -n 1 -w 1000 " & item & " >temp.txt", 0, True
Set tempfile = objFSO.OpenTextFile(tempobj,ForReading)
Do Until tempfile.AtEndOfStream
temp=tempfile.readall
striploc = InStr(temp,"[")
If striploc=0 Then
strip=""
strip=Mid(temp,striploc,16)
strip=Replace(strip,"[",vbTab)
strip=Replace(strip,"]",vbTab)
strip=Replace(strip,"w",vbTab)
strip=Replace(strip," ",vbTab)
End If
If InStr(temp, "Reply from") Then
ofile.writeline item &strip& vbTab &"Online."
ElseIf InStr(temp, "Request timed out.") Then
ofile.writeline item &strip& vbTab &"No response (Offline)."
ELSEIf InStr(temp, "try again") Then
ofile.writeline item &strip& vbTab & "Unknown host (no DNS entry)."
End If
Loop
Next
tempfile.close objfso.deletefile(tempobj)
ofile.writeline ofile.writeline ","&"Ping batch complete "&now()
wscript.echo "Ping batch completed. The results will now be displayed."
More Info : http://www.msfn.org/board/topic/104877-vbscript-ping-multiple-ip-addresses-and-machine-names/
Subscribe to:
Posts (Atom)