我需要使用(在 win7 上已弃用)Cacls 授予文件夹的完全访问权限。在我看来,我必须使用 cacls 本地化用户名和组名。例如:
cacls foldername /T /E /C /G Users:F
这给了我错误“帐户名称和安全 ID 之间没有完成映射”。下一个命令运行良好(俄语用户 = Пользователи)。
cacls foldername /T /E /C /G Пользователи:F
无论系统语言如何,如何授予文件夹完全权限?
按照
这里的描述使用
xcacls,并使用SID代替名称(您会在这里找到众所周知的SID)
如果您由于某种原因被 cacls 困住,那么
google: cacls sid编辑:无法抗拒学习一些新技巧...... 这个简单的脚本将为您提供给定 PC 上“用户”
(S-1-5-32-545) Set objWMIService = GetObject("winmgmts:\\.\root\cimv2")
Set objAccount = objWMIService.Get ("Win32_SID.SID='S-1-5-32-545'")
Wscript.Echo objAccount.AccountName
将其放入扩展名为 vbs 的文件中(假设
usersName.vbs现在运行:
echo Y|for /f "delims=" %i in ('cscript -Nologo usersName.vbs') do cacls foldername /G "%i":F
完成:-)
编辑:如果名称中有空格,则更正为工作(添加
delims=此代码将本地化 Y/N 和 USERS(或任何 SID)并在所需目录中执行 CACLS,解决原始问题。
@echo off
rem https://learn.microsoft.com/en-US/windows-server/identity/ad-ds/manage/understand-security-identifiers
rem SIDs: S-1-5-32-545 Users; S-1-1-0 Everybody; S-1-5-32-544 Administrators
rem S-1-5-7 no logon; S-1-5-11 Authenticated Users; S-1-5-18 System; S-1-5-10 Self
set userSID=S-1-5-32-545& rem USERS sid
set dirName="%TEMP%\TEST"
rem https://stackoverflow.com/questions/20892882/set-errorlevel-in-windows-batch-file/77643084#77643084
rem try setting errorlevel 1 doesn't work on win9x: verify other 2>nul
REM set errorlevel 1, to check next command
<nul find ""
REM enableExtensions/delayedExp to get !varNm! value on execution
setlocal enableextensions enabledelayedexpansion
if NOT ERRORLEVEL 1 goto :WinNew
echo *** OLD OS: Can't enableextensions ***
ver
goto :FIN
:WinNew
REM Get local language Yes/No/All letters {to answer prompts}
REM https://www.dostips.com/forum/viewtopic.php?p=63518#p63518
set PromptLine=
rem create dummy file [in w9x]: echo x >"%TEMP%\yesnoall#.tmp" >nul
copy /y nul "%TEMP%\yesnoall#.tmp" >nul
rem capture overwrite prompt after "#" ie: ".tmp? [Sí/No/Todos]:"
for /f "tokens=2* delims=#" %%A in ( '^<nul copy /-y nul "%TEMP%\yesnoall#.tmp"'
) do set PromptLine=%%A
rem remove dummy file
del "%TEMP%\yesnoall#.tmp"
rem For testing complicated case [russian], uncomment next line
rem set PromptLine=.tmp [Yes (a?)/No (b??)/All (c??)]:
rem remove spaces for russian
set PromptLine=%PromptLine: =%
rem parse simple case get: A,B,C else complicated case with brackets and parenthesis: A,C,E
for /f "tokens=2-7 delims=[(/)]" %%A in ( "%PromptLine%"
) do if "%%~E" == "" ( set lang_yes=%%A& set lang_no=%%B& set lang_all=%%C
) else ( set lang_yes=%%A& set lang_no=%%C& set lang_all=%%E
)
rem Extract first char
set lang_y=%lang_yes:~0,1%& set lang_n=%lang_no:~0,1%& set lang_a=%lang_all:~0,1%
rem Display results
echo %lang_yes%, %lang_no%, %lang_all%
echo %lang_y%, %lang_n%, %lang_a%
rem https://stackoverflow.com/questions/9113206/cacls-windows-7-full-permissions-local-names
rem https://superuser.com/questions/1176622/regardless-of-windows-language-how-can-i-make-the-icacls-command-set-a-folder-t
rem generate temp sid2user.VBS script to get local language userSID name
( echo\Set objWMIService = GetObject("winmgmts:\\.\root\cimv2"^)
echo\Wscript.Echo objWMIService.Get("Win32_SID.SID='%userSID%'" ^).AccountName
) > "%TEMP%\sid2user.vbs"
rem set lang_user to userSID local language name
for /F "delims=" %%i in ('cscript -Nologo "%TEMP%\sid2user.vbs"') do set lang_user=%%i
rem remove temp vbs file
del "%TEMP%\sid2user.vbs"
echo "%lang_user%":F
rem set permissions in local language
echo %lang_y%|cacls /t /l /c "%dirName%" /G "%lang_user%":F
:FIN
pause