最近改InstallAnyWhere脚本,其提供的action中可以调用系统的command或script,windows下就是CMD命令和BAT,有些实用命令记录一下。
?
创建用户test,密码为password:
net user test password /ADD
?
删除用户test:
net user test /delete
?
授权用户对某目录d:\Program Files\Applian的访问权限(full access):
cacls "d:\Program Files\Applian" /t /e /g test:f
windows command-line 命令授权账户的权限为Log On As A Service,
ntrights.exe +r SeServiceLogonRight -u domain\accountname
Granting SeServiceLogonRight to domain\accountname ... successful
如果在CMD运行遇到以下错误,关闭wiNdows ?UAC功能或让CMD运行在admin用户下(run as admin)
Granting SeServiceLogonRight to domain\accountname?? OpenPolicy:
***Error*** OpenPolicy -1073741790
?
ntrights命令需要单独从微软网站下载,属于Resource Kit Tools包,主要功能就是给service授权,能授权的功能如下,该命令运行需要administrator权限:
?
SeAssignPrimaryTokenPrivilege: Replace a process level token SeAuditPrivilege: Generate security audits SeBackupPrivilege: Back up files and directories SeBatchLogonRight: Log on as a batch job SeChangeNotifyPrivilege: Bypass traverse checking SeCreatePagefilePrivilege: Create a paging file SeCreatePermanentPrivilege: Create permanent shared objects SeCreateTokenPrivilege: Create a token object SeDebugPrivilege: Debug programs SeIncreaseBasePriorityPrivilege: Increase scheduling priority SeIncreaseQuotaPrivilege: Increase quotas SeInteractiveLogonRight: Log on locally SeLoadDriverPrivilege: Load and unload device drivers SeLockMemoryPrivilege: Lock pages in memory SeMachineAccountPrivilege: Add workstations to domain SeNetworkLogonRight: Access this computer from the network SeProfileSingleProcessPrivilege: Profile single process SeRemoteShutdownPrivilege: Force shutdown from a remote system SeRestorePrivilege: Restore files and directories SeSecurityPrivilege: Manage auditing and security log SeServiceLogonRight: Log on as a service SeShutdownPrivilege: Shut down the system SeSystemEnvironmentPrivilege: Modify firmware environment values SeSystemProfilePrivilege: Profile system performance SeSystemTimePrivilege: Change the system time SeTakeOwnershipPrivilege: Take ownership of files or other objects SeTcbPrivilege: Act as part of the operating system SeUnsolicitedInputPrivilege: Read unsolicited input from a terminal device
?
用管理员权限运行某些命令的方式为:
runas /user:administrator cmd.exe
相当于windows版的sudo,运行后需要手工输入管理员密码。
?
本文出自 “祝坤荣” 博客,请务必保留此出处