Welcome, guest | Sign In | My Account | Store | Cart

A script that sets an object's DACL on an NTFS partition, getting users from the active directory. Dependencies: * Tim Golden's active directory module http://timgolden.me.uk/python/active_directory.html * fileacl.exe http://www.microsoft.com/downloads/details.aspx?FamilyID=723F64EA-34F0-4E6D-9A72-004D35DE4E64&displaylang=en

Python, 24 lines
 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
import os
import sys
import time
import subprocess
import active_directory

def set_perms(username):
    return subprocess.Popen(['fileacl', r'd:\users\%s' % username, '/S', r'%s:F' % username,
                             '/REPLACE', '/PROTECT'], stderr=subprocess.PIPE, stdout=subprocess.PIPE).communicate()

def get_users():
    return [str(user.cn) for user in active_directory.search ("objectCategory='Person'", "objectClass='User'")]

if __name__ == '__main__':
    while True:
        logfile = open('userperms_log.txt', 'a')
        logfile.write('\n\n\n' + time.ctime(time.time()) + '\n')
        sys.stdout = logfile
        for user in get_users():
            results = '\n'.join(list(set_perms(user)))
            if 'Error Bad trustee' in results:
                print results, '\n'
        logfile.close()
        time.sleep(5)