Today I have had to deal with an environment where I had to fix a lot of sysvol permissions, with a lot of different policies with different permissions.
I had begun doing it by hand using samba-tool ntacl set sddl-ACL patg, but I soon realized this was a nightmare . Thus I invested some time in creating a small script on python that at least did part of this for me:
04 | command = "samba-tool ntacl set " |
06 | for dirname, dirnames, filenames in os.walk(wp): |
07 | os.system(command + "\"" + arg + "\" " + "\"" + dirname + "\"") |
08 | files = [f for f in os.listdir(dirname) if os.path.isfile(os.path.join(dirname,f))] |
10 | os.system(command + "\"" + arg + "\" " + "\"" + dirname + "/" + f + "\"") |
With this at least I had to do it once per policy. Once done, I just created a bash script that got the path and the sddl from samba-tool ntacl sysvolcheck (and run the script above until this command were ok:
02 | until samba-tool ntacl sysvolcheck 2>/dev/null |
05 | DIR=$(samba-tool ntacl sysvolcheck 2>&1 | grep ERROR | cut -d" " -f12) |
06 | PERM=$(samba-tool ntacl sysvolcheck 2>&1 | grep ERROR | cut -d" " -f19) |
Hope this is useful if you were looking for this.
P.S. You can find the code in my github under GPLv2 as ever
Me gusta esto:
Me gusta Cargando...
Relacionado