Re: Printer permission

From: Allison (athys@city.lethbridge.ab.ca)
Date: 09/09/02

• Next message: Mohsin: "SSPI Compatibility problem in Win2000"
• Previous message: Consultant®: "Re: Net send pop up messages from foreign systems"
• In reply to: Corrado Lorefice: "Printer permission"
• Next in thread: Corrado Lorefice: "Re: Printer permission"
• Reply: Corrado Lorefice: "Re: Printer permission"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

From: "Allison" <athys@city.lethbridge.ab.ca>
Date: Mon, 9 Sep 2002 14:39:21 -0600

Once you register the adssecurity.dll you can use the SecurityDescriptor to set permissions.

While the following applies to a file... I imagine you can substitute 'FILE' (LINE7) for 'PRINTER'...

Const ADS_RIGHT_GENERIC_READ = &H80000000
Const ADS_RIGHT_GENERIC_EXECUTE = &H20000000
Const ADS_ACETYPE_ACCESS_ALLOWED = 0

Set sec = CreateObject("ADsSecurity")

Set sd = sec.GetSecurityDescriptor("file://c:\public\specs")
Set dacl = sd.DiscretionaryAcl

'-- Show the ACEs in the DACL ----
For Each ace In dacl
  wscript.echo ace.Trustee
  wscript.echo ace.AccessMask
  wscript.echo ace.AceType
Next

Set ace = CreateObject("AccessControlEntry")
ace.Trustee = "ARCADIABAY\jsmith"
ace.AccessMask = ADS_RIGHT_GENERIC_READ Or ADS_RIGHT_GENERIC_EXECUTE
ace.AceType = ADS_ACETYPE_ACCESS_ALLOWED

dacl.AddAce ace
sd.DiscretionaryAcl = dacl
sec.SetSecurityDescriptor sd
"Corrado Lorefice" <corrado.lorefice@phoenixspa.it> wrote in message news:b28d01c254ce$f94ca0a0$36ef2ecf@tkmsftngxa12...
> How can i modify printer security permission from a vb
> script or create a security descriptor from vb (haven't
> found example anywhere) ?
>
> thanx
> corrado

• Next message: Mohsin: "SSPI Compatibility problem in Win2000"
• Previous message: Consultant®: "Re: Net send pop up messages from foreign systems"
• In reply to: Corrado Lorefice: "Printer permission"
• Next in thread: Corrado Lorefice: "Re: Printer permission"
• Reply: Corrado Lorefice: "Re: Printer permission"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages Re: Printer permission ... SecurityDescriptor to set permissions. ... >For Each ace In dacl ... >> script or create a security descriptor from vb (haven't ... (microsoft.public.win2000.security) Re: Customizable security in NTFS? Needs to be extensible & dynamic ... immediate access to the folder for the user. ... implementation is used when computing effective access rights. ... user a member of a group results in the user becoming "security ... ACEs to a DACL on NTFS] can be assigned dynamically in the file system on ... (microsoft.public.development.device.drivers) Re: Process access across logon session. ... > the Process Kernel Object and dump it programmatically. ... > localsystem and local administrators, ... > If you own the process, you can add more security principals to the DACL ... (microsoft.public.security) Re: Process access across logon session. ... > the Process Kernel Object and dump it programmatically. ... > localsystem and local administrators, ... > If you own the process, you can add more security principals to the DACL ... (microsoft.public.win2000.security) RE: Insecure Default Service DACLs in Windows 2003 ... Unless my understanding of SDDL is way off, ... Perhaps you are confusing the SACL with the DACL? ... Program Manager, Microsoft Solutions for Security ... Security on Microsoft Windows 2000 and Windows Server 2003, MCSA, ... (Bugtraq)

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint