Can't find the information you are looking for here? Then leave a message over on our WinBatch Tech Support Forum.
keywords: wntAccessAdd Windows 7 Win7 Share Advanced Sharing Network File and Folder Sharing Everyone
But I have problem with Win7:
For all shared folders (that have Everyone) it just:
How can I make the change in the "Network File and Folder Sharing" section?
Details:
; replace Everyone or Authenticated user by Domain Users with the same right ErrorMode(@OFF) LastError() perm = wntAccessGet("",share,user,100,0) ErrorMode(@CANCEL) err=LastError() If err == 530 text =StrCat(text,"%@CRLF%%@TAB%%@TAB%Access Denied getting to %share%. We will skip checking this share") EndIf If err == 530 Then Goto _nextshare rights = GetAccess(perm) rights = StrReplace(rights, "(","") rights = StrReplace(rights, ")","") ErrorMode(@OFF) LastError() aa = wntAccessAdd("",share,l_domain,100,rights,0) ErrorMode(@CANCEL) If aa == @TRUE ; Message (" "," We got 'Domain Users' implemented %aaa%"), let remove Everyone or Authenticated Users aaa = wntAccessDel("",share,user,100) If aaa == @FALSE text =StrCat(text,"%@CRLF%%@TAB%%@TAB%Cannot remove %user% from %share% share") Else text =StrCat(text,"%@CRLF%%@TAB%%@TAB%%user% in %share% share was replaced by %l_domain% ") EndIf Else text =StrCat(text,"%@CRLF%%@TAB%%@TAB%Cannot add %l_domain% to %share% share") EndIf :_nextshare
; Test script for setting share permissions on Win 7 DebugTrace(@ON , 'trace_wntaccessadd.txt') user = '' ; Everyone SID domainuser = '' ; Domain user SID domain = '' rights = 'DirShare:Full' ; Full Permission AddExtender('WWWNT34i.DLL') list = wntShareList(domain, 1 | 16, 0) share = AskItemlist('List of Shares',list, @TAB, @UNSORTED, @SINGLE) If share == '' Pause('notice','must chose a valid share') Exit EndIf ; Get permissions from everyone ( only used for debugging ) perm = wntAccessGet( domain, share, user, 100, 1 ) ; Set DirShare:Full permissions for domain user aa = wntAccessAdd( domain, share, domainuser, 100, perm, 1 ) ; Confirm permissions for domain user CHECK = wntAccessGet( domain, share, domainuser, 100, 1 ) Pause('Notice',StrCat(' Please confirm that the user', domainuser, ' has been sucessfully added to the share ', share)) Exit
************************************************************ *** Debug Initialized *** ============================== Fri 4/8/2011 10:34:16 AM WinBatch 32 2009C WIL DLL 6.09cic D:\UGS_TOOLS\ww304\Shared_Folder_Fix\Deana_test.wbt Windows platform: NT, Version: 6.1, build: 7600 ErrorMode: @CANCEL ============================== user = 'S-1-1-0' (0) VALUE STRING => "S-1-1-0" domainuser = 'S-1-5-21-954228201-601818101-482762101-513' (0) VALUE STRING => "S-1-5-21-954228201-601818101-482762101-513" domain = '' (0) VALUE STRING => "" rights = 'DirShare:Full' (0) VALUE STRING => "DirShare:Full" ----- Extender loaded: C:\Program Files (x86)\WinBatch\SYSTEM\WWWNT34i.DLL (file Version: 39021,0,0,1) AddExtender('WWWNT34i.DLL') (0) VALUE Int => 1 list = wntShareList(domain, 1 | 16, 0) (0) VALUE STRING => "ADMIN$ C$ Change_domain D$ F$ good_tools Password Photo Rename_system SAP-AD system_name Users" share = AskItemlist('List of Shares',list, @TAB, @UNSORTED, @SINGLE) (3417) VALUE UNICODE => Photo If share == '' (3417) End OPERATOR perm = wntAccessGet( domain, share, user, 100, 1 ) (3417) VALUE STRING => "0:3:2032127|" aa = wntAccessAdd( domain, share, domainuser, 100, perm, 1 ) (3417) VALUE Int => 1 CHECK = wntAccessGet( domain, share, domainuser, 100, 1 ) (3417) VALUE STRING => "0:3:2032127|" Pause('Notice',StrCat(' Please confirm that the user', domainuser, ' has been sucessfully added to the share ', share)) (4821) VALUE Int => 1 Exit (4821) VALUE Int => 0 --- NORMAL termination --- ;;;END OF JOB;;;Still seeing [Everyone] in the "Network File and Folder Sharing" section, even after rebooting the system.
The wntaccessAdd function is effecting the Advanced Sharing but not the NTFS permissions. Hrmm, now we need to figure out how to set both, but more research is needed.
http://technet.microsoft.com/en-us/library/cc726004.aspx
Managing Permissions for Shared Folders
http://technet.microsoft.com/en-us/library/cc753731.aspx
I suspect you also need to set file permissions? Note: If both share permissions and file system permissions are set for a shared folder, the more restrictive permissions apply when connecting to the shared folder.
We tested whacking the directory permissions, it does appear to clear "Everyone" share permissions
AddExtender("WWWNT34i.DLL") strShare = "temp" resource = wntShareInfo("", strShare, 0, 1) wntAccessDel("", strShare, "everyone", 100, 0) wntAccessDel("", resource, "everyone", 300, 0) ;; Probably not needed but in case it is, it can easily be added back in. Dir_Read_Win7 = "0:3:1179817|" wntAccessAdd("", resource, "everyone", 300, Dir_Read_Win7)
So, Apparently you have to delete the NTFS (300) permissions to completely remove user share permissions from a share on Windows 7. The traditional share permissions (100) will not get it done by themselves. MSFT is vague about all this but does mention a 'dual' share permission setup on Windows 7.
I suspect that a careful examination of the relevant API documentation will reveal all and suggest some possible modifications to the extenders permission related functions. The extender is scheduled for some unrelated development work in the near future and this issue can be examined in greater detail at that time.
Article ID: W17999
Filename: wntAccessAdd Share Problem on Windows 7.txt
File Created: 2011:04:13:08:51:02
Last Updated: 2011:04:13:08:51:02