SetACL command line automation examples
In this post I provide code snippets for SetACL tool command line automation. Examples of command line instructions were taken from here.
The code presented below is written in VBA for MS Excel.
CreateUserFolder function can create folders on a local or network drive. After user folder is created, the function sets typical access permissions by calling SetACL tool through command line interface (by using Shell function of Excel/VBA).
Pass-in parameters
sUserFolder – full path to the target folder
sLogin – user account name (login name)
'Declare external function 'It will be used to pause execution during asynchronous calls Private Declare Sub Sleep Lib "kernel32" (ByVal dwMilliseconds As Long) ' ' 'Main function Public Function CreateUserFolder(ByVal sUserFolder, ByVal sLogin) Dim boolRC, intRC Dim objFSO, objUserFolder Dim sToolPath, sCommandLine 'We assume that SetACL is stored at the same location as our Excel file sToolPath = Workbooks.Item(1).Path & "\SetACL.exe" Set objFSO = CreateObject("Scripting.FileSystemObject") 'Create user folder On Error Resume Next Set objUserFolder = objFSO.CreateFolder(sUserFolder) boolRC = (Err.Number <> 0) On Error GoTo 0 Set objFSO = Nothing 'Error-handling If boolRC Then CreateUserFolder = False Exit Function End If 'Sync Sleep 250 'Remove inheritance sCommandLine = """" & sToolPath & """ -on """ & sUserFolder & """ -ot file -actn setprot -op ""dacl:p_c;sacl:p_c""" intRC = Shell(sCommandLine, vbHide) 'Shell is asynchronous call - system needs time to process it 'Sync Sleep 1000 'Limited error-handling If intRC = 0 Then CreateUserFolder = False Exit Function End If 'Remove "Users"/"Domain Users" groups sCommandLine = """" & sToolPath & """ -on """ & sUserFolder & """ -ot file -actn trustee " sCommandLine = sCommandLine & "-trst ""n1:users;ta:remtrst;w:dacl"" " sCommandLine = sCommandLine & "-actn trustee -trst ""n1:domain users;ta:remtrst;w:dacl""" intRC = Shell(sCommandLine, vbHide) 'Shell is an asynchronous call - system needs time to process it 'Sync Sleep 1000 'Limited error-handling If intRC = 0 Then CreateUserFolder = False Exit Function End If 'Add Modify user permissions sCommandLine = """" & sToolPath & """ -on """ & sUserFolder & """ -ot file -actn ace " sCommandLine = sCommandLine & "-ace ""n:" & sLogin & ";p:change""" intRC = Shell(sCommandLine, vbHide) 'Shell is an asynchronous call - system needs time to process it 'Sync Sleep 1000 'Limited error-handling If intRC = 0 Then CreateUserFolder = False Exit Function End If 'Deny Delete Folder user permissions sCommandLine = """" & sToolPath & """ -on """ & sUserFolder & """ -ot file -actn ace " sCommandLine = sCommandLine & "-ace ""n:" & sLogin & ";p:delete;i:np;m:deny;w:dacl""" intRC = Shell(sCommandLine, vbHide) 'Shell is an asynchronous call - system needs time to process it 'Sync Sleep 1000 'Limited error-handling If intRC = 0 Then CreateUserFolder = False Exit Function End If CreateUserFolder = True End Function