By David Wiseman (Administrator)Created 23 Feb 2008
My Rating:
Vote
Rating:
Not Rated
Views:5085
Downloads:57

List the System Access Control List of an OU

Language:  VBScript

Compatibility

Windows XP Yes Windows 2003 Yes
Windows 2000 Yes Windows NT Unknown
Vista Unknown Windows 2008 Unknown
Description

Returns information found on the System Access Control List (SACL) for the Students OU in Active Directory.

Code

Line Numbers: On  Off      Plain Text
Const SE_SACL_PROTECTED = &H2000 
Const ADS_SECURITY_INFO_OWNER = &H1 
Const ADS_SECURITY_INFO_GROUP = &H2
Const ADS_OPTION_SECURITY_MASK =&H3
Const ADS_SECURITY_INFO_DACL = &H4 
Const ADS_SECURITY_INFO_SACL = &H8
 
Set objContainer = GetObject _
    ("LDAP://ou=Students,dc=wisesoft,dc=co,dc=uk")
 
objContainer.SetOption ADS_OPTION_SECURITY_MASK, ADS_SECURITY_INFO_OWNER _
    Or ADS_SECURITY_INFO_GROUP Or ADS_SECURITY_INFO_DACL _
    Or ADS_SECURITY_INFO_SACL
  
Set objNtSecurityDescriptor = objContainer.Get("ntSecurityDescriptor")
 
intNtSecurityDescriptorControl = objNtSecurityDescriptor.Control
 
WScript.Echo "Auditing Tab"
strMessage = "Allow inheritable auditing entries from" & _ 
    "the parent to propogate to this object and all child objects "
If (intNtSecurityDescriptorControl And SE_SACL_PROTECTED) Then
    Wscript.Echo strMessage & "is disabled."
Else
    WScript.Echo strMessage & "is enabled."
End If
WScript.Echo 
 
Set objSacl = objNtSecurityDescriptor.SystemAcl
DisplayAceInformation objSacl, "SACL"
 
Sub DisplayAceInformation(SecurityStructure, strType)
    Const ADS_ACETYPE_SYSTEM_AUDIT = &H2 
    Const ADS_ACETYPE_SYSTEM_AUDIT_OBJECT = &H7 
  
    intAceCount = 0
    For Each objAce In SecurityStructure
        strTrustee = Mid(objAce.Trustee,1,12)
        If StrComp(strTrustee, "NT AUTHORITY", 1) <> 0 Then
            intAceCount = intAceCount + 1
            WScript.Echo strType & " permission entry: " & intAceCount
            WScript.Echo "Name: " & objAce.Trustee
 
            intAceType = objAce.AceType
            WScript.Echo "ACETYPE IS: " & intAceType
            If (intAceType = ADS_ACETYPE_SYSTEM_AUDIT or _
                intAceType = ADS_ACETYPE_SYSTEM_AUDIT_OBJECT) Then
                WScript.StdOut.Write "Type: Success or Failure Audit"
            Else
                WScript.StdOut.Write "Audit Type Unknown."
            End If
            ReadBitsInAccessMask(objAce.AccessMask)
            WScript.Echo 
        End If
    Next
End Sub
 
Sub ReadBitsInAccessMask(AccessMask)
    Const ADS_RIGHT_DELETE = &H10000
    Const ADS_RIGHT_READ_CONTROL = &H20000
    Const ADS_RIGHT_WRITE_DAC = &H40000
    Const ADS_RIGHT_WRITE_OWNER = &H80000
    Const ADS_RIGHT_DS_CREATE_CHILD = &H1
    Const ADS_RIGHT_DS_DELETE_CHILD = &H2
    Const ADS_RIGHT_ACTRL_DS_LIST = &H4
    Const ADS_RIGHT_DS_SELF = &H8
    Const ADS_RIGHT_DS_READ_PROP = &H10
    Const ADS_RIGHT_DS_WRITE_PROP = &H20
    Const ADS_RIGHT_DS_DELETE_TREE = &H40
    Const ADS_RIGHT_DS_LIST_OBJECT = &H80
    Const ADS_RIGHT_DS_CONTROL_ACCESS = &H100
 
    WScript.Echo VbCrLf & "Standard Access Rights"
    If (AccessMask And ADS_RIGHT_DELETE) Then _
        WScript.Echo vbTab & "-Delete an object."
    If (AccessMask And ADS_RIGHT_READ_CONTROL) Then _
        WScript.Echo vbTab & "-Read permissions."
    If (AccessMask And ADS_RIGHT_WRITE_DAC) Then _
        WScript.Echo vbTab & "-Write permissions."
    If (AccessMask And ADS_RIGHT_WRITE_OWNER) Then _
        WScript.Echo vbTab & "-Modify owner."
  
    WScript.Echo VbCrLf & "Directory Service Specific Access Rights"
    If (AccessMask And ADS_RIGHT_DS_CREATE_CHILD) Then _
        WScript.Echo vbTab & "-Create child objects."
    If (AccessMask And ADS_RIGHT_DS_DELETE_CHILD) Then _
        WScript.Echo vbTab & "-Delete child objects."
    If (AccessMask And ADS_RIGHT_ACTRL_DS_LIST) Then _
        WScript.Echo vbTab & "-Enumerate an object."
    If (AccessMask And ADS_RIGHT_DS_READ_PROP) Then _
        WScript.Echo vbTab & "-Read the properties of an object."
    If (AccessMask And ADS_RIGHT_DS_WRITE_PROP) Then _
        WScript.Echo vbTab & "-Write the properties of an object."
    If (AccessMask And ADS_RIGHT_DS_DELETE_TREE) Then _
        WScript.Echo vbTab & "-Delete a tree of objects"
    If (AccessMask And ADS_RIGHT_DS_LIST_OBJECT) Then _
        WScript.Echo vbTab & "-List a tree of objects."
 
    WScript.Echo VbCrLf & "Control Access Rights"
    If (AccessMask And ADS_RIGHT_DS_CONTROL_ACCESS) + _
        (AccessMask And ADS_RIGHT_DS_SELF) = 0 Then
            WScript.Echo "-None"
    Else 
        If (AccessMask And ADS_RIGHT_DS_CONTROL_ACCESS) Then _
            WScript.Echo vbTab & "-Extended access rights."
        If (AccessMask And ADS_RIGHT_DS_SELF) Then
            WScript.Echo vbTab & "-Active Directory must validate a property "
            WScript.Echo vbTab & " write operation beyond the schema " & _
                "definition "
            WScript.Echo vbTab & " for the attribute."
        End If
    End If
End Sub

 


Got a useful script? Click here to upload!


 

  Post Comment
Order By:  
User Comments
      
qzyfffff
Posted On: 1/12/2019 8:22:52 AM

offwhite yeezy boost 350 yeezy 500 vans outlet replica rolex jordans balenciaga adidas shoes jordan 6 adidas ultra boost westbrook shoes adidas tubular shadow chrome hearts nike flyknit racer michael kors outlet nfl jerseys cheap nba jerseys off white shoes jordan shoes michael kors handbags balenciaga fila nike air max 2018 fila shoes cheap nfl jerseys nike air max 2017 adidas yeezy fila disruptor nike air huarache curry 4 shoes golden goose outlet golden goose fila nike hyperdunk hermes handbags bag yeezy hermes handbags for sale goyard crazy explosive coach handbags nike sneakers for men kyrie irving shoes pandora bracelet off white fake rolex michael kors handbags kobe sneakers moncler jackets cheap jordans nike react yeezy boost 350 golden goose outlet adidas tubular nike kd 11 nike react louboutin shoes balenciaga triple s yeezy boost 350 v2 yeezy boost 350 v2 adidas shoes outlet off white clothing jordan shoes adidas stan smith sneakers adidas nmd r1 lebron 16 nike flyknit nike polo shirts kd shoes kd 11 lebron 16 shoes nike cortez men nfl store red bottoms hermes handbags lebron 16 shoes james harden shoes yeezy boost 350 golden goose outlet michael kors outlet online goyard bag air max 2019 adidas ultra boost uncaged lacoste online shop goyard handbags cat boots goyard bag balenciaga nike air max lebron 11 hermes belt michael kors handbags tory burch shoes nike huarache air max 270 hermes belts for men adidas tubular balenciaga shoes yeezy boost 350 coach outlet caterpillar boots adidas ultra boost fake rolex hogan outlet online golden goose kate spade handbags air jordan 4 yeezy shoes nike shoes red bottom shoes lacoste polo kd shoes lebron james shoes timberland outlet nike sneakers for women nike air max 90 yeezy shoes yeezy shoes curry 5 yeezy shoes adidas nmd off white adidas yeezy kobe shoes off white nike ultra boost fila shoes yeezy shoes fitflops gucci belt yeezy nhl jerseys timberland boots yeezy kd shoes yeezy boost 350 nike epic react hermes belt hermes birkin golden goose sneakers nike vapormax kevin durant shoes adidas zx flux adidas pure boost yeezy boost polo ralph lauren air jordan supreme hoodie valentino shoes nike cortez nike lebron 16 kd 11 shoes asics shoes vapormax jimmy choo shoes chrome hearts coach factory outlet kobe byrant shoes birkin bag adidas stan smith michael kors outlet online michael kors nike air max 2019 nike polo nike shox nike roshe run lacoste outlet adidas crazy explosive michael kors handbags fila shoes goyard handbags mbt shoes curry 4 jordan shoes mbt shoes online coach outlet online fila sneakers off white hoodie yeezy boost 350 v2 calvin klein outlet yeezys cheap jordans adidas tubular longchamp outlet basketball shoes kyrie 3 retro jordans links of london yeezy boost 350 michael kors purses yeezy boost lacoste outlet adidas gazelle yeezy boost 700 air yeezy chrome hearts online curry 4 lebron shoes asics running shoes goyard handbags nike foamposite coach outlet sale air max 2018 hermes belt kyrie 4 shoes jordan retro 6 adidas superstars goyard bags cheap nba jerseys hermes outlet online michael kors outlet air jordans russell westbrook shoes yeezy boost 350 v2 hermes bags jordan 12 lacoste polo shirts longchamp handbags fitflops sale clearance yeezys longchamp kd 10 birkin bag ralph lauren uk jordan 4 golden goose sneakers ysl handbags lacoste polo converse outlet store nike air max nmd valentino ysl longchamp bags converse outlet harden shoes adidas stan smith shoes adidas eqt support yeezy boost fila hogan outlet nike basketball shoes nike air max goyard canada goose jacket coach factory outlet yeezy boost paul george shoes nike epic react retro jordans iniki bape hoodie moncler jacket nike air max jordan shoes cheap mlb jerseys adidas yeezy adidas outlet online canada goose fila yeezy boost 350 air jordan curry 5 balenciaga shoes nike air max 270 stephen curry 5 golden goose nike roshe calvin klein outlet online michael kors outlet michael kors outlet online rolex replica bape hoodie ferragamo belt yeezy boost 350 michael jordan shoes michael kors handbags off white hoodie nike shox for men jordans red bottom heels coach outlet kobe 9 goyard bags ralph lauren uk nmd michael kors outlet hermes online shop jordan retro pure boost golden goose outlet adidas outlet balenciaga shoes fake rolex watches balenciaga sneakers nike air force 1 coach outlet chrome hearts online jordan shoes adidas iniki coach outlet yeezy boost gucci belts golden goose sneakers kd 11 stephen curry 5 nike huarache air jordan 13 birkin bag coach outlet sale goyard wallet michael kors handbags lebron shoes ferragamo belt vans shoes michael kors outlet jordan 13 adidas yeezy boost fila shoes ferragamo belts tory burch outlet nike sneakers kobe 9 lebron 10 yeezy boost 350 v2 lebron 16 adidas shoes online yeezy shoes yeezy boost 500 michael kors jordan 11 cheap jordans links of london outlet store nike max lebron 15 shoes supreme hoodie hermes handbags off white clothing goyard st louis tot reebok outlet air max 90 chrome hearts moncler jackets nike jordans jordan sneakers off white x jordan 1 golden goose sneakers yeezy boost golden goose michael kors factory outlet adidas stan smith nba jerseys coach outlet online adidas superstar golden goose tory burch off white shoes adidas yeezy tory burch sandals yeezy boost 350 yeezy 700 jordans lacoste adidas nmd kyrie 4 golden goose adidas nmd cheap jordans air force 1 yeezy boost kobe basketball shoes birkin bag golden goose outlet michael kors uk reebok shoes jordan 11 retro baseball jerseys 100% real jordans for cheap adidas nmd runner supreme clothing nike air force lebron 16 ferragamo belts louboutin shoes uk moncler outlet jordan retro 12 Kanye West shoes lebron 15 air max christian louboutin off white lacoste polo yeezy shoes michael kors handbags outlet zx flux yeezy boost 350 v2 pandora jewelry kobe 11 adidas eqt kyrie shoes adidas ultra kobe 11 off white clothing yeezy 500 mbt shoes outlet chrome hearts online kobe shoes off white jordan 1 michael kors outlet mlb jerseys