日期:2009-07-11  浏览次数:20995 次

Adding Server Operators

Occasionally, you might want to add server operators for the FTP- or

WWW-server with ADSI. The VBScript below (which can also be translated to
ASP) shows an sample way of accomplishing this task.

'
' AddAdmin.vbs - Add an administrator to FTP, W3, NNTP or SMTP Service
'
' Usage: addadmin <FTP | W3 | NNTP | SMTP> <User>
'
'  Without changes the script must run on the local webserver.
'  User in the form <domain>\<user>
'

Option Explicit

Dim iis
Dim acl
Dim sd
Dim ace
Dim acc
Dim arg
Dim net


Set arg = Wscript.Arguments
If arg.count < 1 Then
Wscript.Echo "Usage: addadmin <FTP | W3 | NNTP | SMTP>
<User>"
Wscript.Quit
End If

Set net = CreateObject("Wscript.Network")

Select Case Ucase(arg(0))
Case "FTP" Set iis = GetObject("IIS://" & net.computerName
& "/MSFTPSVC/1")
Case "W3" Set iis = GetObject("IIS://" & net.computerName
& "/W3SVC/1")
Case "NNTP" Set iis = GetObject("IIS://" & net.computerName
& "/NNTPSVC/1")
Case "SMTP" Set iis = GetObject("IIS://" & net.computerName
& "/SmtpSvc/1")
Case Else
Wscript.Echo "Usage: addadmin <FTP | W3 | NNTP | SMTP>
<User>"
Wscript.Quit
End Select

Set sd  = iis.AdminACL
Set acl = sd.DiscretionaryAcl

If arg.Count = 2 Then
Set ace = CreateObject("AccessControlEntry")
ace.Trustee = arg(1)
ace.AccessMask = &HB

I did not find the real permissions (ACTRL_??? bits) description for
AccessMask, but I've copied it from a manual added entry. You can see the
bits running this script without specifying an user

acl.AddAce ace
    iis.AdminAcl = sd
iis.SetInfo
Else
For Each ace In acl
Wscript.Echo ace.Trustee & " (0x" &
Hex(ace.AccessMask) & ")"
Next
End If