in reply to Win32::NetResource
Can you post your code, the specific errors? It will be far easier to assist with an example.
Short of that, try Win32::Lanman. UPDATE: also, check out Win32::Perms from Dave Roth for the NTFS permissions.
HTH
--
idnopheq
Apply yourself to new problems without preparation, develop confidence in your ability to to meet situations as they arrise.
Re: Re: Win32::NetResource
by Necos (Friar) on Sep 17, 2001 at 12:32 UTC
|
In "Win32 Perl Scripting: An Administrator's Handbook", Roth writes a section (I believe it's in chapter 3) about Win32::NetResource, Win32::Perms, and Win32::NetAdmin. He mentions that with Win32::NetResource, you can not set user-level share permissions. With Win32::FileSecurity, you can set the permissions on the folder itself. However, those are not the same as the permissions that are allowed when the folder/directory/file/etc. is accessed from a sharepoint (or at least that has been my experience over the last 6 yrs with WinNT.). Please correct me if my thinking is wrong (I could use a slice of humble pie). I looked over the SHARE_INFO_502 C++ structure on MSDN, and it too does not show any way of specifying sharepoint permissions. The only way I know of so far is to set them manually. The program I'm writting right now is for adding lots of users (I can post the module I've written to house most of the code for the server-side.) via RPC. Basically, a student sits down, enters their info, and requests that an account be created. I've seen it done in ASDI, but I wanted to try something different. Also, this setup (after some tweaking), gives me the option of running it on as many servers as I want without adding network traffic (since the RPC.pm only blocks locally). I've been workin on this project for a year now, mainly because the netadmins here in the school district said it can't be done. There are basically 3 parts. The server, the module (Student.pm), and the client. The server is like 6-10 lines (because all the server routines are packed in the module). The module is about 250 lines (because it has routines shared by both server and client). The client portion is also about 250 lines (if you count the routines that are used from the modules, it would amount to about 300-400 lines). If anyone wants to look at this madness code, I'm willing to give it out. It's meant to work with SIS (Student Information System) dumps from the LAUSD system.
Just as a note, I don't believe this is just a Win32::NetResource problem, but something involving the structure of WindowsNT.
Theodore Charles III (aka Necos/Secon)
Network Administrator
Los Angeles High
email->secon_kun@hotmail.com() | [reply] |
|
Humble appologies if my advice was not to your question. Again, if you can post a snippit I might have been more help.
Regardless of that, maybe you'll just have to make systems calls to net share. Or, use Win32::API. IIRC, it is possible to write sharepoints directly to the registry via Win32::Registry, Win32::TieRegistry, or Win32API::Registry. YMMV.
HTH
--
idnopheq
Apply yourself to new problems without preparation, develop confidence in your ability to to meet situations as they arrise.
| [reply] |
|
This is a quote directly from the book (Win32 Perl Programming: The Standard Extensions, page 39):
"The capability to specify user-level permissions (that is, permissions assigned to users and/or groups) on a share is currently not supported under any of the standard Win32 extensions."
Then there is another statement some ways later in the book that reads (page 48):
"Currently, the Win32::NetResource extension is not capable of applying account-based permissions on a network share. Users who need to apply permissions can use the Explorer or Server Manager programs that come with WindowsNT."
This is my subroutine:
sub usr_add {
my $obj = shift;
my $usr = shift;
my $bday = Student::get_attr($obj, 'BDAY_ID');
print STDERR "$bday\n";
my @bday = split(/\x2F/,$bday);
$bday = join("",@bday);
print STDERR "$bday\n";
my $hdir = "";
my @buf2;
my $buf1 = Student::get_attr($obj, 'LN');
print STDERR "$buf1\n";
my $buf2 = Student::get_attr($obj, 'FN');
print STDERR "$buf2\n";
$buf2 =~ s/^\s+//;
$buf2 =~ s/\s+$//;
$buf1 =~ s/^\s+//;
$buf1 =~ s/\s+$//;
@buf2 = split(/\s/, $buf2);
$buf2 = "$buf2[0]";
$buf2 =~ s/^\s+//;
$buf2 =~ s/\s+$//;
$hdir = join(',', $buf1, $buf2);
print STDERR "$hdir\n";
my $hdir_srv = 'd:/' . "$hdir";
print STDERR "$hdir_srv\n";
mkdir($hdir_srv, '0777');
my $student_perms = Win32::FileSecurity::MakeMask( qw( CHANGE GENE
+RIC_WRITE GENERIC_READ GENERIC_EXECUTE ) );
my $staff_perms = Win32::FileSecurity::MakeMask( qw( CHANGE GENERI
+C_WRITE GENERIC_READ GENERIC_EXECUTE ) );
my $admin_perms = Win32::FileSecurity::MakeMask( qw(FULL GENERIC_A
+LL) );
my %hdir_perm_hash;
if ( Win32::FileSecurity::Get($hdir_srv, \%hdir_perm_hash) ) {
print STDERR "$hdir_srv has been opened\n";
}
$hdir_perm_hash{'CLC\\Domain Patricians'} = $staff_perms;
$hdir_perm_hash{'CLC\\Domain Admins'} = $admin_perms;
$hdir_perm_hash{'CLC\\Domain Plebs'} = $student_perms;
delete($hdir_perm_hash{'Everyone'});
if ( Win32::FileSecurity::Set($hdir_srv, \%hdir_perm_hash) ) {
print STDERR "$hdir_srv has been set\n";
}
print "\n";
print STDERR "$usr\n";
return($usr, $bday, $hdir);
}
This code works for everything that I've done so far. The next step after creating the directory and setting local permissions for it is to share it and set the permissions for accessing it through the sharepoint (since it will be the user's home directory, we don't want anyone just accessing it any ole way. I might have to hack together a Win32::Registry routine that sets the permissions in the registry itself (I'm still researching that) if that's possible. More updates to come...
Theodore Charles III
Network Administrator
Los Angeles High
email->secon_kun@hotmail.com() | [reply] [d/l] |
|
|
Re: Re: Win32::NetResource
by Necos (Friar) on Sep 21, 2001 at 06:55 UTC
|
Update: The Registry creates two keys. One for the share (which is what Win32::Netresource does), while the other describes the security set on the sharepoint (I tested this on my Windows2000 workstation, so it may be different on my servers, which run NT 4.0 SP5). The first one was easy to figure out with a chr(hex()) mapping. The second, however, leaves me braindead. I can not figure out what the hell it is. When I do the same map, all I come out with is garbage (control chars and such). Maybe I need to do a different mapping to figure out the security data.
Theodore Charles III
Network Administrator
Los Angeles High
email->secon_kun@hotmail.com() | [reply] |
|
|