windows 如何从批处理脚本测试用户的有效权限?
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/7894604/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
How can I test effective permissions of a user from a batch script?
提问by Jared
I need to test the effective permissions of a specific user(i.e. not necessarily the current user) from within a batch script and take action (provide a warning) based on that. I'd like to have a subroutine I could call to check privileges against a specified file or directory so I could test that something only an administrator should be able to access (and thus warn that too high of permissions are granted) and check that data directories in my apps path can be accessed (otherwise too low of permissions). I'd like this to work in XP, 2008, and win7.
我需要从批处理脚本中测试特定用户(即不一定是当前用户)的有效权限,并基于此采取措施(提供警告)。我想要一个子例程,我可以调用它来检查指定文件或目录的权限,以便我可以测试只有管理员才能访问的内容(从而警告授予的权限太高)并检查该数据可以访问我的应用程序路径中的目录(否则权限太低)。我希望它在 XP、2008 和 win7 中工作。
By the way, I have figured out how to parse "net localgroup Administrators", but I don't think this is sufficient for my needs.
顺便说一下,我已经想出了如何解析“net localgroup Administrators”,但我认为这不足以满足我的需求。
回答by gmo
@Jared,
@贾里德,
For your needs, I think with a simple copyand %errorlevel%you can have what you want.
对于你的需求,我想用一个简单的copy,%errorlevel%你就可以拥有你想要的。
copy %tempFile% %yourProtectedDir%
if %errorlevel% == 1 goto sorryYouFail
if %errorlevel% == 0 goto youAreIn
...
del %tempFile% /Q
Or, to check for any user, do the same but with a windows protected folder...
或者,要检查任何用户,请执行相同操作,但使用 Windows 保护的文件夹...
copy %tempFile% %windir%\system32
if %errorlevel% == 1 goto youDontHaveAdminPrivileges
if %errorlevel% == 0 goto howdyThereAdmin
...
del %tempFile% /Q
If you need to test other user try with the runasoption...
如果您需要测试其他用户,请尝试使用该runas选项...
@Lizz
@丽兹
This script check windows version, and elevate a temporary file to run a specific one with ADMIN RIGHTS.
此脚本检查 Windows 版本,并提升临时文件以使用管理员权限运行特定文件。
@echo off
title Detect and run file with Admin privileges
set yourFile=yourFileNameAsAdmin.bat
set privileges=no
VER | FINDSTR /IL "6.2." > NUL
IF %ERRORLEVEL% EQU 0 (
SET winVersion=8
SET privileges=yes
)
VER | FINDSTR /IL "6.1." > NUL
IF %ERRORLEVEL% EQU 0 (
SET winVersion=7
SET privileges=yes
)
VER | FINDSTR /IL "6.0." > NUL
IF %ERRORLEVEL% EQU 0 (
SET winVersion=Vista
SET privileges=yes
)
if "%privileges%"=="no" goto SkipElevation
If "%privileges%"=="yes" goto Elevation
:SkipElevation
call %CD%\%yourFile%
goto End
:Elevation
PushD "%~dp0"
If Exist "%~0.ELEVATED" Del /f "%~0.ELEVATED"
Set CMD_Args=%0 %*
Set CMD_Args=%CMD_Args:"=\"%
Set ELEVATED_CMD=PowerShell -Command (New-Object -com 'Shell.Application').ShellExecute('%yourFile%', '/%cd:~0,1% %CMD_Args%', '', 'runas')
Echo %ELEVATED_CMD% >> "%~0.ELEVATED"
call %ELEVATED_CMD%
Del /f "%~0.ELEVATED"
goto End
:End
Echo -------------------------------
Echo All done!
Pause
goto EOF
Note: If yourFileNameAsAdmin.batuse RELATIVE path to files, remember to enableextensions and the local dir at the beginning of the file:
注意:如果yourFileNameAsAdmin.bat使用文件的相对路径,请记住在文件开头启用扩展名和本地目录:
@echo off
@setlocal enableextensions
@cd /d "%~dp0"
::...your code here
Hope that helps!...
希望有帮助!...
As adition related info...
作为附加相关信息...
With the command netyou get a lot of info about users and goups, and also can you work with them.
使用该命令,net您可以获得有关用户和组的大量信息,并且您还可以与他们一起工作。
e.g.
例如
NET USER
网络用户
- net usersList off all users.
- net users [name]Detail info about a specific user, including all the groups that he belongs.
- net help usersfor more...
- net users列出所有用户。
- net users [name]有关特定用户的详细信息,包括他所属的所有组。
- net help users更多...
NET LOCALGROUP
网络本地组
- net localgroupList all groups.
- net localgroup [groupName]Detail info about a specific group, including all the users that belongs to that grup.
- net help localgroupfor more...
- net localgroup列出所有组。
- net localgroup [groupName]有关特定组的详细信息,包括属于该组的所有用户。
- net help localgroup更多...
