我想写两个脚本,它们可以是vbs或ms-dos命令。
首先是给文件夹设置用户权限(相当于:右键文件夹,属性,安全,编辑,添加,
NT AUTHORITY\NETWORK SERVICE
)。
其次是设置一个权限作为服务运行,相当于点击点击是:
Control Panel / Administrative Tools / Local Security Policy
;左侧:Local Policies / User Rights Assignment
;右侧:Log on as a service -> add Network Service
作为拥有权限的用户。
有人可以帮我做吗?
ms dos 命令:
文件夹权限:
CACLS path_of_folder /E /T /C /G "userName":F
以服务权限登录:
ntrights -u "userName" +r SeServiceLogonRight
这太令人沮丧了,我们没有适用于 Windows Server 2008 及更高版本的 ntrights 工具。我已经建立了一个有效的 vbscript。
Username = <domain\username>
Dim oShell
Set oShell = CreateObject ("WScript.Shell")
oShell.Run "secedit /export /cfg config.inf", 0, true
oShell.Run "secedit /import /cfg config.inf /db database.sdb", 0, true
FileName = "config.inf"
OrgStr = "SeServiceLogonRight ="
RepStr = "SeServiceLogonRight = " & Username & ","
Set inputFile = CreateObject("Scripting.FileSystemObject").OpenTextFile("config.inf", 1,1,-1)
strInputFile = inputFile.ReadAll
inputFile.Close
Set inputFile = Nothing
Set outputFile = CreateObject("Scripting.FileSystemObject").OpenTextFile("config.inf",2,1,-1)
outputFile.Write (Replace(strInputFile,OrgStr,RepStr))
outputFile.Close
Set outputFile = Nothing
oShell.Run "secedit /configure /db database.sdb /cfg config.inf",0,true
set oShell= Nothing
Set obj = CreateObject("Scripting.FileSystemObject")
obj.DeleteFile("config.inf")
obj.DeleteFile("database.sdb")
关于你的第二个要求——如果你同意开源程序,我写的 PrivMan 工具可能会满足你的需求: