VBSCript之GenerateSDDL函數(shù)(權(quán)限設(shè)置)

    自己寫的一個函數(shù)和應(yīng)用實例，用于設(shè)置對象的相關(guān)權(quán)限，需要的朋友可以參考下
    代碼如下:
    Function GenerateSDDL(AccountName, AccessFlag, AccessType, AccessMask)
     Dim Accounts, ObjWMI, ObjSID, ObjTru, ObjACE
     Const SET_DACL_PRESENT = &H8004
     Set ObjWMI = GetObject("winmgmts:" & "{impersonationLevel=impersonate, (Security)}!\\.\root\cimv2")
     Set Accounts = ObjWMI.ExecQuery("SELECT * FROM Win32_Account WHERE Name='" & AccountName & "'")
     For Each Account In Accounts
      StrSID = Account.SID
     Next
     Set ObjSID = ObjWMI.Get("Win32_SID.SID='"& StrSID &"'")
     Set ObjTru = ObjWMI.Get("Win32_Trustee").SpawnInstance_()
     ObjTru.Domain  = ObjSID.ReferencedDomainName
     ObjTru.Name   = ObjSID.AccountName
     ObjTru.SID   = ObjSID.BinaryRepresentation
     ObjTru.SidLength = ObjSID.SidLength
     ObjTru.SIDString = ObjSID.Sid
     Set ObjACE = ObjWMI.Get("Win32_ACE").SpawnInstance_()
     ObjACE.Trustee   = ObjTru
     ObjACE.AceType   = AccessType
     ObjACE.AccessMask  = AccessMask
     ObjACE.AceFlags  = AccessFlag
     Set GenerateSDDL = ObjWMI.Get("Win32_SecurityDescriptor").SpawnInstance_()
     GenerateSDDL.Owner   = ObjTru
     GenerateSDDL.DACL   = Array(ObjACE)
     GenerateSDDL.ControlFlags = SET_DACL_PRESENT
    End Function
    例子：
    代碼如下:
    strPath = "d:\\1.txt"
    Set ObjWMI = GetObject("winmgmts:" & "{impersonationLevel=impersonate, (Security)}!\\.\root\cimv2")
    Set ObjSec = ObjWMI.Get("Win32_LogicalFileSecuritySetting.Path='" & strPath & "'")
    ObjSec.SetSecurityDescriptor(GenerateSDDL("everyone", &H0, &H1, &H100E0))