Setting Win32 ACLs/Permissions programaticaly

2 ways 2 do this programatically: Win32::Perms (Perl) ( and SetACL (Command-line) ( Win32::Perms seems to not work in Win-NT for “share” permissions (ok for files & dir. permissions though) & is poorly doc’ed (the authors are pushing a book). “setacl” is a binary (.exe) that works great from the command-line & can be called via gravs / system() in Perl, but you have to have the file setacl.exe on hand, ie. on your user’s box. Win32::Perms isn’t pure Perl – it uses a .dll.

Example (Win32::Perms):

#1: ADD GROUP NAME “$quality_group”.

my $shareObj = new Win32::Perms( “share:\\\\$host\\$app\$” ) or &logNdie(“Could not create shared object (NT4?)”, $dB);
&printLOG(“-Created share-object($shareObj) for \”share:\\\\$host\\$app\$\”, res=$?= \n”);

$shareObj->Add({Account => $quality_group, Mask => FULL});
&printLOG(“-Added acl for \”$quality_group\”, res=$?= \n”);

#2: NOW, REMOVE THE “Everyone” GROUP.

&printLOG(“-Removed acl for \”Everyone\”, res=$?=\n”);


&printLOG(“-Set acl for \”\\\\$host\\$app\$\”, res=$?=\n”);

Example (setacl):

#1: ADD GROUP NAME “$quality_group”.

$! = ”;
`c:/temp/setacl.exe “\\\\$host\\$app\$” /share /set “$quality_group” /full`;
&logNdie(“Could not add acl for \”$quality_group\” ($?:$!)!”) if ($?);

&printLOG(“-Added acl for \”$quality_group\”, res=$?/$!= \n”);

#2: NOW, REMOVE THE “Everyone” GROUP.

$! = ”;
`c:/temp/setacl.exe “\\\\$host\\$app\$” /share /revoke “Everyone” /full`;
&logNdie(“Could not remove acl for \”Everyone\” ($?:$!)!”) if ($?);
&printLOG(“-Removed acl for \”Everyone\”, res=$?/$!=\n”);


Feel Free to Comment (Name/Email/Website optional):

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: