473,320 Members | 1,988 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

Join Bytes to post your question to a community of 473,320 software developers and data experts.

Create a dir where all the users have the right to write

How can I programatically do the equivalent of the following:
cacls "C:\Program Files\test" /T /G Everyone:f ?

Thanks,
Viv
Jul 21 '05 #1
15 3253
On Tue, 22 Jun 2004 11:21:11 +0200, Viviana Vc <vc*******@hotmail.com>
wrote:
How can I programatically do the equivalent of the following:
cacls "C:\Program Files\test" /T /G Everyone:f ?
I'm just getting around to a minor variant of the question. I'll be
trying to do it from an old version of InstallShield, so I plan to
call the InstallShield function to execute run an external exe. From
straight Win 32, I would try ShellExecute (simpler) and then
CreateProcess.

I've started by experimenting with a DOS prompt. So far, I can't find
a set of arguments that will eliminate all prompts.

Thanks,
Viv


-----------------------------------------
To reply to me, remove the underscores (_) from my email address (and please indicate which newsgroup and message).

Robert E. Zaret, eMVP
PenFact, Inc.
500 Harrison Ave., Suite 3R
Boston, MA 02118
www.penfact.com
Jul 21 '05 #2
Hi Robert,

I also have to create this dir from within InstallShield, so first I
tried to find if InstallShield offers a way to do this, but seems not,
so I'll have to call an external exe to do this.

You should be aware that calling with CreateProcess or ShellExecute the
command:
cacls "C:\Program Files\test" /T /G Everyone:f
is not a good idea because:
a) - cacls it's asking for the user input ("Are you sure? y/n")
b) - "Everyone" is localized, so it won't work on a non-english OS !!!

To solve the above problems I found in MSDNL the following articles:
for a): "How to Use CACLS.EXE in a Batch File"
for b): "Creating a DACL" -> for programatically change the security of
the directory

Maybe this helps you also (I'm now investigating the second article),
Viv

On Wed, 23 Jun 2004 13:14:00 -0400, r_z_aret@pen_fact.com wrote :
On Tue, 22 Jun 2004 11:21:11 +0200, Viviana Vc <vc*******@hotmail.com>
wrote:
How can I programatically do the equivalent of the following:
cacls "C:\Program Files\test" /T /G Everyone:f ?


I'm just getting around to a minor variant of the question. I'll be
trying to do it from an old version of InstallShield, so I plan to
call the InstallShield function to execute run an external exe. From
straight Win 32, I would try ShellExecute (simpler) and then
CreateProcess.

I've started by experimenting with a DOS prompt. So far, I can't find
a set of arguments that will eliminate all prompts.

Thanks,
Viv


-----------------------------------------
To reply to me, remove the underscores (_) from my email address (and please indicate which newsgroup and message).

Robert E. Zaret, eMVP
PenFact, Inc.
500 Harrison Ave., Suite 3R
Boston, MA 02118
www.penfact.com


Jul 21 '05 #3
Viviana Vc in news:2j*************@uni-berlin.de wrote:
b) - "Everyone" is localized, so it won't work on a non-english OS !!!


No, it's not localized. At least, not in the Italian version (which is what
I have); these are left untranslated:

Administrator
Administrators
Guest
Guests
Users
Power Users
Everyone
Backup Operators

These are translated:

Local Service
Network Service

.... and possibily others I don't recall right now.

--
ColdShine

"Experience is a hard teacher: she gives the test first, the lesson
afterwards." - Vernon Sanders law
Jul 21 '05 #4
btw, if the directory is already created, what would be the function
that I need to call to change the directory's security attributes?

I know that I could directly create the directory with it's needed
security attributes using CreateDirectory(), but let's assume it was
already created and in this case I just need to change it's attr., what
function should I use?

Thx,
Viv
On Thu, 24 Jun 2004 12:18:04 +0200, Viviana Vc <vc*******@hotmail.com>
wrote :
Hi Robert,

I also have to create this dir from within InstallShield, so first I
tried to find if InstallShield offers a way to do this, but seems not,
so I'll have to call an external exe to do this.

You should be aware that calling with CreateProcess or ShellExecute the
command:
cacls "C:\Program Files\test" /T /G Everyone:f
is not a good idea because:
a) - cacls it's asking for the user input ("Are you sure? y/n")
b) - "Everyone" is localized, so it won't work on a non-english OS !!!

To solve the above problems I found in MSDNL the following articles:
for a): "How to Use CACLS.EXE in a Batch File"
for b): "Creating a DACL" -> for programatically change the security of
the directory

Maybe this helps you also (I'm now investigating the second article),
Viv

On Wed, 23 Jun 2004 13:14:00 -0400, r_z_aret@pen_fact.com wrote :
On Tue, 22 Jun 2004 11:21:11 +0200, Viviana Vc <vc*******@hotmail.com>
wrote:
How can I programatically do the equivalent of the following:
cacls "C:\Program Files\test" /T /G Everyone:f ?


I'm just getting around to a minor variant of the question. I'll be
trying to do it from an old version of InstallShield, so I plan to
call the InstallShield function to execute run an external exe. From
straight Win 32, I would try ShellExecute (simpler) and then
CreateProcess.

I've started by experimenting with a DOS prompt. So far, I can't find
a set of arguments that will eliminate all prompts.

Thanks,
Viv


-----------------------------------------
To reply to me, remove the underscores (_) from my email address (and please indicate which newsgroup and message).

Robert E. Zaret, eMVP
PenFact, Inc.
500 Harrison Ave., Suite 3R
Boston, MA 02118
www.penfact.com


Jul 21 '05 #5
On Thu, 24 Jun 2004 12:18:04 +0200, Viviana Vc <vc*******@hotmail.com>
wrote:
Hi Robert,

I also have to create this dir from within InstallShield, so first I
tried to find if InstallShield offers a way to do this, but seems not,
so I'll have to call an external exe to do this.
I just tried LaunchAppAndWait (InstallShield function), with no
success, using the following (adapted from the article you cited):
svWork = "echo y| cacls svDir /e /g everyone:f";
LaunchAppAndWait( svWork, "", WAIT );
No effect. Just in case, I also tried using svWork as the argument and
"" as the command line. No effect. I suspect the problem is the
characters (echo y|) preceding the actual command.

The article mentions xcacl, and says it is part of the NT resource
kit. So I suppose I could get and use it. But would it work under Win
2K and Win XP? I'ld much rather stick with something that ships _with_
the operating system.

You should be aware that calling with CreateProcess or ShellExecute the
command:
cacls "C:\Program Files\test" /T /G Everyone:f
is not a good idea because:
a) - cacls it's asking for the user input ("Are you sure? y/n")
b) - "Everyone" is localized, so it won't work on a non-english OS !!!

To solve the above problems I found in MSDNL the following articles:
for a): "How to Use CACLS.EXE in a Batch File"
for b): "Creating a DACL" -> for programatically change the security of
the directory

Maybe this helps you also (I'm now investigating the second article),
Viv

On Wed, 23 Jun 2004 13:14:00 -0400, r_z_aret@pen_fact.com wrote :
On Tue, 22 Jun 2004 11:21:11 +0200, Viviana Vc <vc*******@hotmail.com>
wrote:
How can I programatically do the equivalent of the following:
cacls "C:\Program Files\test" /T /G Everyone:f ?


I'm just getting around to a minor variant of the question. I'll be
trying to do it from an old version of InstallShield, so I plan to
call the InstallShield function to execute run an external exe. From
straight Win 32, I would try ShellExecute (simpler) and then
CreateProcess.

I've started by experimenting with a DOS prompt. So far, I can't find
a set of arguments that will eliminate all prompts.

Thanks,
Viv


-----------------------------------------
To reply to me, remove the underscores (_) from my email address (and please indicate which newsgroup and message).

Robert E. Zaret, eMVP
PenFact, Inc.
500 Harrison Ave., Suite 3R
Boston, MA 02118
www.penfact.com


-----------------------------------------
To reply to me, remove the underscores (_) from my email address (and please indicate which newsgroup and message).

Robert E. Zaret, eMVP
PenFact, Inc.
500 Harrison Ave., Suite 3R
Boston, MA 02118
www.penfact.com
Jul 21 '05 #6
I believe the correct syntax for this is:

svWork = "cacls";
svCmd="svDir /e /g everyone:f";
LaunchAppAndWait( svWork, svCmd, WAIT );

Just a thought,
Drew

<r_z_aret@pen_fact.com> wrote in message
news:mu********************************@4ax.com...
On Thu, 24 Jun 2004 12:18:04 +0200, Viviana Vc <vc*******@hotmail.com>
wrote:
Hi Robert,

I also have to create this dir from within InstallShield, so first I
tried to find if InstallShield offers a way to do this, but seems not,
so I'll have to call an external exe to do this.
I just tried LaunchAppAndWait (InstallShield function), with no
success, using the following (adapted from the article you cited):
svWork = "echo y| cacls svDir /e /g everyone:f";
LaunchAppAndWait( svWork, "", WAIT );
No effect. Just in case, I also tried using svWork as the argument and
"" as the command line. No effect. I suspect the problem is the
characters (echo y|) preceding the actual command.

The article mentions xcacl, and says it is part of the NT resource
kit. So I suppose I could get and use it. But would it work under Win
2K and Win XP? I'ld much rather stick with something that ships _with_
the operating system.

You should be aware that calling with CreateProcess or ShellExecute the
command:
cacls "C:\Program Files\test" /T /G Everyone:f
is not a good idea because:
a) - cacls it's asking for the user input ("Are you sure? y/n")
b) - "Everyone" is localized, so it won't work on a non-english OS !!!

To solve the above problems I found in MSDNL the following articles:
for a): "How to Use CACLS.EXE in a Batch File"
for b): "Creating a DACL" -> for programatically change the security of
the directory

Maybe this helps you also (I'm now investigating the second article),
Viv

On Wed, 23 Jun 2004 13:14:00 -0400, r_z_aret@pen_fact.com wrote :
On Tue, 22 Jun 2004 11:21:11 +0200, Viviana Vc <vc*******@hotmail.com>
wrote:

How can I programatically do the equivalent of the following:
cacls "C:\Program Files\test" /T /G Everyone:f ?

I'm just getting around to a minor variant of the question. I'll be
trying to do it from an old version of InstallShield, so I plan to
call the InstallShield function to execute run an external exe. From
straight Win 32, I would try ShellExecute (simpler) and then
CreateProcess.

I've started by experimenting with a DOS prompt. So far, I can't find
a set of arguments that will eliminate all prompts.
Thanks,
Viv

-----------------------------------------
To reply to me, remove the underscores (_) from my email address (and please indicate which newsgroup and message).
Robert E. Zaret, eMVP
PenFact, Inc.
500 Harrison Ave., Suite 3R
Boston, MA 02118
www.penfact.com


-----------------------------------------
To reply to me, remove the underscores (_) from my email address (and

please indicate which newsgroup and message).
Robert E. Zaret, eMVP
PenFact, Inc.
500 Harrison Ave., Suite 3R
Boston, MA 02118
www.penfact.com

Jul 21 '05 #7
Success! A bit of a kludge (so suggestions welcome), but it works.

I added the following lines to my InstallShield script:
------
// SetAcc.bat is a BATch file that issues the command
// echo y| cacls %1 /e /g everyone:f
// See MSDN Knowledge Base article 135268 ("How to Use
CACLS.EXE in a BatchFile")
// Also, see 24 - 30 Jun 04 thread called
// "Create a dir where all the users have the right to write"
in
// comp.os.ms-windows.programmer.win32 and other fine
newsgroups
// The file must be in uncompressed setup files.
// svWork = SUPPORTDIR ^ "cacls.bat";
svWork = SRCDIR ^ "setacc.bat";
// BATch file will parse arg into pieces if it includes
embedded spaces
LongPathToShortPath( svDir );
if (!PFFileExists( SRCDIR, "setacc.bat", "ShowDialogs" ))then
MessageBox( "Can't find setacc.bat", WARNING );
else
if (LaunchAppAndWait( svWork, svDir, WAIT ) != 1) then
MessageBox( "Attempt to set access failed", INFO );
endif;
endif;
------

Here is the "source" for setacc.bat:
------
@echo off

REM BATch file to give everyone full access to specified folder
REM - to be invoked from an InstallShield script

REM See MSDN Knowledge Base article 135268 ("How to Use CACLS.EXE in a
BatchFile")
REM See also a 24-30 June 2004 thread called
REM "AlsoCreate a dir where all the users have the right to write"
REM in comp.os.ms-windows.programmer.win32 and other fine
newsgroups

REM Caller needs to put quotation marks around the argument, or pass
REM only short paths (with no embedded blanks), or it won't be
REM parsed as one argument. Thus, the following line should not.

echo y| cacls %1 /e /g everyone:f
------

I sort of want to move setacc.bat to the compressed files, so it isn't
visible on the distribution CD. But just moving it didn't work,
because then I couldn't invoke it. I vaguely remember InstallShield
functions that explicitly uncompress files, so a script could use
them. On the other hand, it could be a legitimate tool for some users.

I briefly tried writing a program, to replace the batch file. But the
functions used to control access seem too complex to be worth
conquering for this project. And that would still require an auxiliary
file. Maybe if I got that program working I could then use the same
code in an InstallShield script. Maybe someday/

On Thu, 24 Jun 2004 15:54:26 -0400, r_z_aret@pen_fact.com wrote:
On Thu, 24 Jun 2004 12:18:04 +0200, Viviana Vc <vc*******@hotmail.com>
wrote:
Hi Robert,

I also have to create this dir from within InstallShield, so first I
tried to find if InstallShield offers a way to do this, but seems not,
so I'll have to call an external exe to do this.


I just tried LaunchAppAndWait (InstallShield function), with no
success, using the following (adapted from the article you cited):
svWork = "echo y| cacls svDir /e /g everyone:f";
LaunchAppAndWait( svWork, "", WAIT );
No effect. Just in case, I also tried using svWork as the argument and
"" as the command line. No effect. I suspect the problem is the
characters (echo y|) preceding the actual command.

The article mentions xcacl, and says it is part of the NT resource
kit. So I suppose I could get and use it. But would it work under Win
2K and Win XP? I'ld much rather stick with something that ships _with_
the operating system.

You should be aware that calling with CreateProcess or ShellExecute the
command:
cacls "C:\Program Files\test" /T /G Everyone:f
is not a good idea because:
a) - cacls it's asking for the user input ("Are you sure? y/n")
b) - "Everyone" is localized, so it won't work on a non-english OS !!!

To solve the above problems I found in MSDNL the following articles:
for a): "How to Use CACLS.EXE in a Batch File"
for b): "Creating a DACL" -> for programatically change the security of
the directory

Maybe this helps you also (I'm now investigating the second article),
Viv

On Wed, 23 Jun 2004 13:14:00 -0400, r_z_aret@pen_fact.com wrote :
On Tue, 22 Jun 2004 11:21:11 +0200, Viviana Vc <vc*******@hotmail.com>
wrote:

How can I programatically do the equivalent of the following:
cacls "C:\Program Files\test" /T /G Everyone:f ?

I'm just getting around to a minor variant of the question. I'll be
trying to do it from an old version of InstallShield, so I plan to
call the InstallShield function to execute run an external exe. From
straight Win 32, I would try ShellExecute (simpler) and then
CreateProcess.

I've started by experimenting with a DOS prompt. So far, I can't find
a set of arguments that will eliminate all prompts.
Thanks,
Viv

-----------------------------------------
To reply to me, remove the underscores (_) from my email address (and please indicate which newsgroup and message).

Robert E. Zaret, eMVP
PenFact, Inc.
500 Harrison Ave., Suite 3R
Boston, MA 02118
www.penfact.com


-----------------------------------------
To reply to me, remove the underscores (_) from my email address (and please indicate which newsgroup and message).

Robert E. Zaret, eMVP
PenFact, Inc.
500 Harrison Ave., Suite 3R
Boston, MA 02118
www.penfact.com


-----------------------------------------
To reply to me, remove the underscores (_) from my email address (and please indicate which newsgroup and message).

Robert E. Zaret, eMVP
PenFact, Inc.
500 Harrison Ave., Suite 3R
Boston, MA 02118
www.penfact.com
Jul 21 '05 #8
Hi,

As already said I chose to write an external tool that is called from
within IS:

I actually found a sample in MSDNL "Creating a DACL" where is a simple
sample that I used so my code looks like:

#define _WIN32_WINNT 0x0500

#include <windows.h>
#include <sddl.h>
#include <stdio.h>

BOOL CreateMyDACL(SECURITY_ATTRIBUTES *);

void main()
{
SECURITY_ATTRIBUTES sa;

sa.nLength = sizeof(SECURITY_ATTRIBUTES);
sa.bInheritHandle = FALSE;

if (!CreateMyDACL(&sa))
{
// Error encountered; generate message and exit.
printf("Failed CreateMyDACL\n");
exit(1);
}
if (0 == CreateDirectory(TEXT("C:\\MyFolder"), &sa))
{
// Error encountered; generate message and exit.
printf("Failed CreateDirectory\n");
exit(1);
}

// Free the memory allocated for the SECURITY_DESCRIPTOR.
if (NULL != LocalFree(sa.lpSecurityDescriptor))
{
// Error encountered; generate message and exit.
printf("Failed LocalFree\n");
exit(1);
}
}
BOOL CreateMyDACL(SECURITY_ATTRIBUTES * pSA)
{
TCHAR * szSD = TEXT("D:") // Discretionary ACL
TEXT("(A;OICI;GA;;;WD)"); // Allow full control to everyone for that directory !!!

if (NULL == pSA)
return FALSE;

return ConvertStringSecurityDescriptorToSecurityDescripto r(
szSD,
SDDL_REVISION_1,
&(pSA->lpSecurityDescriptor),
NULL);
}

HTH,
Viv

On Wed, 30 Jun 2004 14:35:27 -0400, r_z_aret@pen_fact.com wrote :
Success! A bit of a kludge (so suggestions welcome), but it works.

I added the following lines to my InstallShield script:
------
// SetAcc.bat is a BATch file that issues the command
// echo y| cacls %1 /e /g everyone:f
// See MSDN Knowledge Base article 135268 ("How to Use
CACLS.EXE in a BatchFile")
// Also, see 24 - 30 Jun 04 thread called
// "Create a dir where all the users have the right to write"
in
// comp.os.ms-windows.programmer.win32 and other fine
newsgroups
// The file must be in uncompressed setup files.
// svWork = SUPPORTDIR ^ "cacls.bat";
svWork = SRCDIR ^ "setacc.bat";
// BATch file will parse arg into pieces if it includes
embedded spaces
LongPathToShortPath( svDir );
if (!PFFileExists( SRCDIR, "setacc.bat", "ShowDialogs" ))then
MessageBox( "Can't find setacc.bat", WARNING );
else
if (LaunchAppAndWait( svWork, svDir, WAIT ) != 1) then
MessageBox( "Attempt to set access failed", INFO );
endif;
endif;
------

Here is the "source" for setacc.bat:
------
@echo off

REM BATch file to give everyone full access to specified folder
REM - to be invoked from an InstallShield script

REM See MSDN Knowledge Base article 135268 ("How to Use CACLS.EXE in a
BatchFile")
REM See also a 24-30 June 2004 thread called
REM "AlsoCreate a dir where all the users have the right to write"
REM in comp.os.ms-windows.programmer.win32 and other fine
newsgroups

REM Caller needs to put quotation marks around the argument, or pass
REM only short paths (with no embedded blanks), or it won't be
REM parsed as one argument. Thus, the following line should not.

echo y| cacls %1 /e /g everyone:f
------

I sort of want to move setacc.bat to the compressed files, so it isn't
visible on the distribution CD. But just moving it didn't work,
because then I couldn't invoke it. I vaguely remember InstallShield
functions that explicitly uncompress files, so a script could use
them. On the other hand, it could be a legitimate tool for some users.

I briefly tried writing a program, to replace the batch file. But the
functions used to control access seem too complex to be worth
conquering for this project. And that would still require an auxiliary
file. Maybe if I got that program working I could then use the same
code in an InstallShield script. Maybe someday/

On Thu, 24 Jun 2004 15:54:26 -0400, r_z_aret@pen_fact.com wrote:
On Thu, 24 Jun 2004 12:18:04 +0200, Viviana Vc <vc*******@hotmail.com>
wrote:
Hi Robert,

I also have to create this dir from within InstallShield, so first I
tried to find if InstallShield offers a way to do this, but seems not,
so I'll have to call an external exe to do this.


I just tried LaunchAppAndWait (InstallShield function), with no
success, using the following (adapted from the article you cited):
svWork = "echo y| cacls svDir /e /g everyone:f";
LaunchAppAndWait( svWork, "", WAIT );
No effect. Just in case, I also tried using svWork as the argument and
"" as the command line. No effect. I suspect the problem is the
characters (echo y|) preceding the actual command.

The article mentions xcacl, and says it is part of the NT resource
kit. So I suppose I could get and use it. But would it work under Win
2K and Win XP? I'ld much rather stick with something that ships _with_
the operating system.

You should be aware that calling with CreateProcess or ShellExecute the
command:
cacls "C:\Program Files\test" /T /G Everyone:f
is not a good idea because:
a) - cacls it's asking for the user input ("Are you sure? y/n")
b) - "Everyone" is localized, so it won't work on a non-english OS !!!

To solve the above problems I found in MSDNL the following articles:
for a): "How to Use CACLS.EXE in a Batch File"
for b): "Creating a DACL" -> for programatically change the security of
the directory

Maybe this helps you also (I'm now investigating the second article),
Viv

On Wed, 23 Jun 2004 13:14:00 -0400, r_z_aret@pen_fact.com wrote :

On Tue, 22 Jun 2004 11:21:11 +0200, Viviana Vc <vc*******@hotmail.com>
wrote:

>How can I programatically do the equivalent of the following:
>cacls "C:\Program Files\test" /T /G Everyone:f ?

I'm just getting around to a minor variant of the question. I'll be
trying to do it from an old version of InstallShield, so I plan to
call the InstallShield function to execute run an external exe. From
straight Win 32, I would try ShellExecute (simpler) and then
CreateProcess.

I've started by experimenting with a DOS prompt. So far, I can't find
a set of arguments that will eliminate all prompts.

>
>Thanks,
>Viv

-----------------------------------------
To reply to me, remove the underscores (_) from my email address (and please indicate which newsgroup and message).

Robert E. Zaret, eMVP
PenFact, Inc.
500 Harrison Ave., Suite 3R
Boston, MA 02118
www.penfact.com


-----------------------------------------
To reply to me, remove the underscores (_) from my email address (and please indicate which newsgroup and message).

Robert E. Zaret, eMVP
PenFact, Inc.
500 Harrison Ave., Suite 3R
Boston, MA 02118
www.penfact.com


-----------------------------------------
To reply to me, remove the underscores (_) from my email address (and please indicate which newsgroup and message).

Robert E. Zaret, eMVP
PenFact, Inc.
500 Harrison Ave., Suite 3R
Boston, MA 02118
www.penfact.com


Jul 21 '05 #9
On Thu, 01 Jul 2004 11:14:28 +0200, Viviana Vc <vc*******@hotmail.com>
wrote:
Hi,

As already said I chose to write an external tool that is called from
within IS:
I missed this. To clarify, does "external tool" mean "executable
file"? If so, then that is slightly neater than using a BATch file.

Either way, thanks for posting your solution. Sure is nice to have
clear, directly related, sample code. I may try to translate the code
into something that can be used within InstallShield. And it may be
useful some place else.

I actually found a sample in MSDNL "Creating a DACL" where is a simple
sample that I used so my code looks like:

#define _WIN32_WINNT 0x0500

#include <windows.h>
#include <sddl.h>
#include <stdio.h>

BOOL CreateMyDACL(SECURITY_ATTRIBUTES *);

void main()
{
SECURITY_ATTRIBUTES sa;

sa.nLength = sizeof(SECURITY_ATTRIBUTES);
sa.bInheritHandle = FALSE;

if (!CreateMyDACL(&sa))
{
// Error encountered; generate message and exit.
printf("Failed CreateMyDACL\n");
exit(1);
}
if (0 == CreateDirectory(TEXT("C:\\MyFolder"), &sa))
{
// Error encountered; generate message and exit.
printf("Failed CreateDirectory\n");
exit(1);
}

// Free the memory allocated for the SECURITY_DESCRIPTOR.
if (NULL != LocalFree(sa.lpSecurityDescriptor))
{
// Error encountered; generate message and exit.
printf("Failed LocalFree\n");
exit(1);
}
}
BOOL CreateMyDACL(SECURITY_ATTRIBUTES * pSA)
{
TCHAR * szSD = TEXT("D:") // Discretionary ACL
TEXT("(A;OICI;GA;;;WD)"); // Allow full control to everyone for that directory !!!

if (NULL == pSA)
return FALSE;

return ConvertStringSecurityDescriptorToSecurityDescripto r(
szSD,
SDDL_REVISION_1,
&(pSA->lpSecurityDescriptor),
NULL);
}

HTH,
Viv

On Wed, 30 Jun 2004 14:35:27 -0400, r_z_aret@pen_fact.com wrote :
Success! A bit of a kludge (so suggestions welcome), but it works.

I added the following lines to my InstallShield script:
------
// SetAcc.bat is a BATch file that issues the command
// echo y| cacls %1 /e /g everyone:f
// See MSDN Knowledge Base article 135268 ("How to Use
CACLS.EXE in a BatchFile")
// Also, see 24 - 30 Jun 04 thread called
// "Create a dir where all the users have the right to write"
in
// comp.os.ms-windows.programmer.win32 and other fine
newsgroups
// The file must be in uncompressed setup files.
// svWork = SUPPORTDIR ^ "cacls.bat";
svWork = SRCDIR ^ "setacc.bat";
// BATch file will parse arg into pieces if it includes
embedded spaces
LongPathToShortPath( svDir );
if (!PFFileExists( SRCDIR, "setacc.bat", "ShowDialogs" ))then
MessageBox( "Can't find setacc.bat", WARNING );
else
if (LaunchAppAndWait( svWork, svDir, WAIT ) != 1) then
MessageBox( "Attempt to set access failed", INFO );
endif;
endif;
------

Here is the "source" for setacc.bat:
------
@echo off

REM BATch file to give everyone full access to specified folder
REM - to be invoked from an InstallShield script

REM See MSDN Knowledge Base article 135268 ("How to Use CACLS.EXE in a
BatchFile")
REM See also a 24-30 June 2004 thread called
REM "AlsoCreate a dir where all the users have the right to write"
REM in comp.os.ms-windows.programmer.win32 and other fine
newsgroups

REM Caller needs to put quotation marks around the argument, or pass
REM only short paths (with no embedded blanks), or it won't be
REM parsed as one argument. Thus, the following line should not.

echo y| cacls %1 /e /g everyone:f
------

I sort of want to move setacc.bat to the compressed files, so it isn't
visible on the distribution CD. But just moving it didn't work,
because then I couldn't invoke it. I vaguely remember InstallShield
functions that explicitly uncompress files, so a script could use
them. On the other hand, it could be a legitimate tool for some users.

I briefly tried writing a program, to replace the batch file. But the
functions used to control access seem too complex to be worth
conquering for this project. And that would still require an auxiliary
file. Maybe if I got that program working I could then use the same
code in an InstallShield script. Maybe someday/

On Thu, 24 Jun 2004 15:54:26 -0400, r_z_aret@pen_fact.com wrote:
On Thu, 24 Jun 2004 12:18:04 +0200, Viviana Vc <vc*******@hotmail.com>
wrote:

Hi Robert,

I also have to create this dir from within InstallShield, so first I
tried to find if InstallShield offers a way to do this, but seems not,
so I'll have to call an external exe to do this.

I just tried LaunchAppAndWait (InstallShield function), with no
success, using the following (adapted from the article you cited):
svWork = "echo y| cacls svDir /e /g everyone:f";
LaunchAppAndWait( svWork, "", WAIT );
No effect. Just in case, I also tried using svWork as the argument and
"" as the command line. No effect. I suspect the problem is the
characters (echo y|) preceding the actual command.

The article mentions xcacl, and says it is part of the NT resource
kit. So I suppose I could get and use it. But would it work under Win
2K and Win XP? I'ld much rather stick with something that ships _with_
the operating system.
You should be aware that calling with CreateProcess or ShellExecute the
command:
cacls "C:\Program Files\test" /T /G Everyone:f
is not a good idea because:
a) - cacls it's asking for the user input ("Are you sure? y/n")
b) - "Everyone" is localized, so it won't work on a non-english OS !!!

To solve the above problems I found in MSDNL the following articles:
for a): "How to Use CACLS.EXE in a Batch File"
for b): "Creating a DACL" -> for programatically change the security of
the directory

Maybe this helps you also (I'm now investigating the second article),
Viv

On Wed, 23 Jun 2004 13:14:00 -0400, r_z_aret@pen_fact.com wrote :

>On Tue, 22 Jun 2004 11:21:11 +0200, Viviana Vc <vc*******@hotmail.com>
>wrote:
>
>>How can I programatically do the equivalent of the following:
>>cacls "C:\Program Files\test" /T /G Everyone:f ?
>
>I'm just getting around to a minor variant of the question. I'll be
>trying to do it from an old version of InstallShield, so I plan to
>call the InstallShield function to execute run an external exe. From
>straight Win 32, I would try ShellExecute (simpler) and then
>CreateProcess.
>
>I've started by experimenting with a DOS prompt. So far, I can't find
>a set of arguments that will eliminate all prompts.
>
>>
>>Thanks,
>>Viv
>
>-----------------------------------------
>To reply to me, remove the underscores (_) from my email address (and please indicate which newsgroup and message).
>
>Robert E. Zaret, eMVP
>PenFact, Inc.
>500 Harrison Ave., Suite 3R
>Boston, MA 02118
>www.penfact.com

-----------------------------------------
To reply to me, remove the underscores (_) from my email address (and please indicate which newsgroup and message).

Robert E. Zaret, eMVP
PenFact, Inc.
500 Harrison Ave., Suite 3R
Boston, MA 02118
www.penfact.com


-----------------------------------------
To reply to me, remove the underscores (_) from my email address (and please indicate which newsgroup and message).

Robert E. Zaret, eMVP
PenFact, Inc.
500 Harrison Ave., Suite 3R
Boston, MA 02118
www.penfact.com


-----------------------------------------
To reply to me, remove the underscores (_) from my email address (and please indicate which newsgroup and message).

Robert E. Zaret, eMVP
PenFact, Inc.
500 Harrison Ave., Suite 3R
Boston, MA 02118
www.penfact.com
Jul 21 '05 #10
Hi,

Yes, the extrenal tool is an exe file.
btw, see my other post as with the cacls tool you might get in trouble
because the "Everyone" is localized, so for instance on a german system
it is "Jeder".

Viv
On Fri, 02 Jul 2004 08:54:50 -0400, r_z_aret@pen_fact.com wrote :
On Thu, 01 Jul 2004 11:14:28 +0200, Viviana Vc <vc*******@hotmail.com>
wrote:
Hi,

As already said I chose to write an external tool that is called from
within IS:


I missed this. To clarify, does "external tool" mean "executable
file"? If so, then that is slightly neater than using a BATch file.

Either way, thanks for posting your solution. Sure is nice to have
clear, directly related, sample code. I may try to translate the code
into something that can be used within InstallShield. And it may be
useful some place else.

I actually found a sample in MSDNL "Creating a DACL" where is a simple
sample that I used so my code looks like:

#define _WIN32_WINNT 0x0500

#include <windows.h>
#include <sddl.h>
#include <stdio.h>

BOOL CreateMyDACL(SECURITY_ATTRIBUTES *);

void main()
{
SECURITY_ATTRIBUTES sa;

sa.nLength = sizeof(SECURITY_ATTRIBUTES);
sa.bInheritHandle = FALSE;

if (!CreateMyDACL(&sa))
{
// Error encountered; generate message and exit.
printf("Failed CreateMyDACL\n");
exit(1);
}
if (0 == CreateDirectory(TEXT("C:\\MyFolder"), &sa))
{
// Error encountered; generate message and exit.
printf("Failed CreateDirectory\n");
exit(1);
}

// Free the memory allocated for the SECURITY_DESCRIPTOR.
if (NULL != LocalFree(sa.lpSecurityDescriptor))
{
// Error encountered; generate message and exit.
printf("Failed LocalFree\n");
exit(1);
}
}
BOOL CreateMyDACL(SECURITY_ATTRIBUTES * pSA)
{
TCHAR * szSD = TEXT("D:") // Discretionary ACL
TEXT("(A;OICI;GA;;;WD)"); // Allow full control to everyone for that directory !!!

if (NULL == pSA)
return FALSE;

return ConvertStringSecurityDescriptorToSecurityDescripto r(
szSD,
SDDL_REVISION_1,
&(pSA->lpSecurityDescriptor),
NULL);
}

HTH,
Viv

On Wed, 30 Jun 2004 14:35:27 -0400, r_z_aret@pen_fact.com wrote :
Success! A bit of a kludge (so suggestions welcome), but it works.

I added the following lines to my InstallShield script:
------
// SetAcc.bat is a BATch file that issues the command
// echo y| cacls %1 /e /g everyone:f
// See MSDN Knowledge Base article 135268 ("How to Use
CACLS.EXE in a BatchFile")
// Also, see 24 - 30 Jun 04 thread called
// "Create a dir where all the users have the right to write"
in
// comp.os.ms-windows.programmer.win32 and other fine
newsgroups
// The file must be in uncompressed setup files.
// svWork = SUPPORTDIR ^ "cacls.bat";
svWork = SRCDIR ^ "setacc.bat";
// BATch file will parse arg into pieces if it includes
embedded spaces
LongPathToShortPath( svDir );
if (!PFFileExists( SRCDIR, "setacc.bat", "ShowDialogs" ))then
MessageBox( "Can't find setacc.bat", WARNING );
else
if (LaunchAppAndWait( svWork, svDir, WAIT ) != 1) then
MessageBox( "Attempt to set access failed", INFO );
endif;
endif;
------

Here is the "source" for setacc.bat:
------
@echo off

REM BATch file to give everyone full access to specified folder
REM - to be invoked from an InstallShield script

REM See MSDN Knowledge Base article 135268 ("How to Use CACLS.EXE in a
BatchFile")
REM See also a 24-30 June 2004 thread called
REM "AlsoCreate a dir where all the users have the right to write"
REM in comp.os.ms-windows.programmer.win32 and other fine
newsgroups

REM Caller needs to put quotation marks around the argument, or pass
REM only short paths (with no embedded blanks), or it won't be
REM parsed as one argument. Thus, the following line should not.

echo y| cacls %1 /e /g everyone:f
------

I sort of want to move setacc.bat to the compressed files, so it isn't
visible on the distribution CD. But just moving it didn't work,
because then I couldn't invoke it. I vaguely remember InstallShield
functions that explicitly uncompress files, so a script could use
them. On the other hand, it could be a legitimate tool for some users.

I briefly tried writing a program, to replace the batch file. But the
functions used to control access seem too complex to be worth
conquering for this project. And that would still require an auxiliary
file. Maybe if I got that program working I could then use the same
code in an InstallShield script. Maybe someday/

On Thu, 24 Jun 2004 15:54:26 -0400, r_z_aret@pen_fact.com wrote:

On Thu, 24 Jun 2004 12:18:04 +0200, Viviana Vc <vc*******@hotmail.com>
wrote:

>Hi Robert,
>
>I also have to create this dir from within InstallShield, so first I
>tried to find if InstallShield offers a way to do this, but seems not,
>so I'll have to call an external exe to do this.

I just tried LaunchAppAndWait (InstallShield function), with no
success, using the following (adapted from the article you cited):
svWork = "echo y| cacls svDir /e /g everyone:f";
LaunchAppAndWait( svWork, "", WAIT );
No effect. Just in case, I also tried using svWork as the argument and
"" as the command line. No effect. I suspect the problem is the
characters (echo y|) preceding the actual command.

The article mentions xcacl, and says it is part of the NT resource
kit. So I suppose I could get and use it. But would it work under Win
2K and Win XP? I'ld much rather stick with something that ships _with_
the operating system.

>
>You should be aware that calling with CreateProcess or ShellExecute the
>command:
>cacls "C:\Program Files\test" /T /G Everyone:f
>is not a good idea because:
>a) - cacls it's asking for the user input ("Are you sure? y/n")
>b) - "Everyone" is localized, so it won't work on a non-english OS !!!
>
>To solve the above problems I found in MSDNL the following articles:
>for a): "How to Use CACLS.EXE in a Batch File"
>for b): "Creating a DACL" -> for programatically change the security of
>the directory
>
>Maybe this helps you also (I'm now investigating the second article),
>Viv
>
>On Wed, 23 Jun 2004 13:14:00 -0400, r_z_aret@pen_fact.com wrote :
>
>>On Tue, 22 Jun 2004 11:21:11 +0200, Viviana Vc <vc*******@hotmail.com>
>>wrote:
>>
>>>How can I programatically do the equivalent of the following:
>>>cacls "C:\Program Files\test" /T /G Everyone:f ?
>>
>>I'm just getting around to a minor variant of the question. I'll be
>>trying to do it from an old version of InstallShield, so I plan to
>>call the InstallShield function to execute run an external exe. From
>>straight Win 32, I would try ShellExecute (simpler) and then
>>CreateProcess.
>>
>>I've started by experimenting with a DOS prompt. So far, I can't find
>>a set of arguments that will eliminate all prompts.
>>
>>>
>>>Thanks,
>>>Viv
>>
>>-----------------------------------------
>>To reply to me, remove the underscores (_) from my email address (and please indicate which newsgroup and message).
>>
>>Robert E. Zaret, eMVP
>>PenFact, Inc.
>>500 Harrison Ave., Suite 3R
>>Boston, MA 02118
>>www.penfact.com

-----------------------------------------
To reply to me, remove the underscores (_) from my email address (and please indicate which newsgroup and message).

Robert E. Zaret, eMVP
PenFact, Inc.
500 Harrison Ave., Suite 3R
Boston, MA 02118
www.penfact.com

-----------------------------------------
To reply to me, remove the underscores (_) from my email address (and please indicate which newsgroup and message).

Robert E. Zaret, eMVP
PenFact, Inc.
500 Harrison Ave., Suite 3R
Boston, MA 02118
www.penfact.com


-----------------------------------------
To reply to me, remove the underscores (_) from my email address (and please indicate which newsgroup and message).

Robert E. Zaret, eMVP
PenFact, Inc.
500 Harrison Ave., Suite 3R
Boston, MA 02118
www.penfact.com


Jul 21 '05 #11
Viviana Vc in news:2k************@uni-berlin.de wrote:
btw, see my other post as with the cacls tool you might get in trouble
because the "Everyone" is localized, so for instance on a german system
it is "Jeder".


I don't think so... look at the names listed here:

http://support.microsoft.com/default...b;EN-US;163846

on my Italian localized system, I can use all of these English user/group
names, when setting file/folder access rights. For example, I always have to
type "Administrators" instead of whatever it would translate to.

Altrough the KB refers to Windows NT4, I guess the names have been kept
backwards-compatible in following Windows versions.

--
ColdShine

"Experience is a hard teacher: she gives the test first, the lesson
afterwards." - Vernon Sanders law
Jul 21 '05 #12
Can you use a subdirectory of All Users\Application Data?

"Viviana Vc" <vc*******@hotmail.com> wrote in message
news:2k************@uni-berlin.de...
Hi,

Yes, the extrenal tool is an exe file.
btw, see my other post as with the cacls tool you might get in trouble
because the "Everyone" is localized, so for instance on a german system
it is "Jeder".

Viv
On Fri, 02 Jul 2004 08:54:50 -0400, r_z_aret@pen_fact.com wrote :
On Thu, 01 Jul 2004 11:14:28 +0200, Viviana Vc <vc*******@hotmail.com>
wrote:
Hi,

As already said I chose to write an external tool that is called from
within IS:


I missed this. To clarify, does "external tool" mean "executable
file"? If so, then that is slightly neater than using a BATch file.

Either way, thanks for posting your solution. Sure is nice to have
clear, directly related, sample code. I may try to translate the code
into something that can be used within InstallShield. And it may be
useful some place else.

I actually found a sample in MSDNL "Creating a DACL" where is a simple
sample that I used so my code looks like:

#define _WIN32_WINNT 0x0500

#include <windows.h>
#include <sddl.h>
#include <stdio.h>

BOOL CreateMyDACL(SECURITY_ATTRIBUTES *);

void main()
{
SECURITY_ATTRIBUTES sa;

sa.nLength = sizeof(SECURITY_ATTRIBUTES);
sa.bInheritHandle = FALSE;

if (!CreateMyDACL(&sa))
{
// Error encountered; generate message and exit.
printf("Failed CreateMyDACL\n");
exit(1);
}
if (0 == CreateDirectory(TEXT("C:\\MyFolder"), &sa))
{
// Error encountered; generate message and exit.
printf("Failed CreateDirectory\n");
exit(1);
}

// Free the memory allocated for the SECURITY_DESCRIPTOR.
if (NULL != LocalFree(sa.lpSecurityDescriptor))
{
// Error encountered; generate message and exit.
printf("Failed LocalFree\n");
exit(1);
}
}
BOOL CreateMyDACL(SECURITY_ATTRIBUTES * pSA)
{
TCHAR * szSD = TEXT("D:") // Discretionary ACL
TEXT("(A;OICI;GA;;;WD)"); // Allow full control to everyone for that directory !!!
if (NULL == pSA)
return FALSE;

return ConvertStringSecurityDescriptorToSecurityDescripto r(
szSD,
SDDL_REVISION_1,
&(pSA->lpSecurityDescriptor),
NULL);
}

HTH,
Viv

On Wed, 30 Jun 2004 14:35:27 -0400, r_z_aret@pen_fact.com wrote :

Success! A bit of a kludge (so suggestions welcome), but it works.

I added the following lines to my InstallShield script:
------
// SetAcc.bat is a BATch file that issues the command
// echo y| cacls %1 /e /g everyone:f
// See MSDN Knowledge Base article 135268 ("How to Use
CACLS.EXE in a BatchFile")
// Also, see 24 - 30 Jun 04 thread called
// "Create a dir where all the users have the right to write"
in
// comp.os.ms-windows.programmer.win32 and other fine
newsgroups
// The file must be in uncompressed setup files.
// svWork = SUPPORTDIR ^ "cacls.bat";
svWork = SRCDIR ^ "setacc.bat";
// BATch file will parse arg into pieces if it includes
embedded spaces
LongPathToShortPath( svDir );
if (!PFFileExists( SRCDIR, "setacc.bat", "ShowDialogs" ))then
MessageBox( "Can't find setacc.bat", WARNING );
else
if (LaunchAppAndWait( svWork, svDir, WAIT ) != 1) then
MessageBox( "Attempt to set access failed", INFO );
endif;
endif;
------

Here is the "source" for setacc.bat:
------
@echo off

REM BATch file to give everyone full access to specified folder
REM - to be invoked from an InstallShield script

REM See MSDN Knowledge Base article 135268 ("How to Use CACLS.EXE in a
BatchFile")
REM See also a 24-30 June 2004 thread called
REM "AlsoCreate a dir where all the users have the right to write"
REM in comp.os.ms-windows.programmer.win32 and other fine
newsgroups

REM Caller needs to put quotation marks around the argument, or pass
REM only short paths (with no embedded blanks), or it won't be
REM parsed as one argument. Thus, the following line should not.

echo y| cacls %1 /e /g everyone:f
------

I sort of want to move setacc.bat to the compressed files, so it isn't
visible on the distribution CD. But just moving it didn't work,
because then I couldn't invoke it. I vaguely remember InstallShield
functions that explicitly uncompress files, so a script could use
them. On the other hand, it could be a legitimate tool for some users.

I briefly tried writing a program, to replace the batch file. But the
functions used to control access seem too complex to be worth
conquering for this project. And that would still require an auxiliary
file. Maybe if I got that program working I could then use the same
code in an InstallShield script. Maybe someday/

On Thu, 24 Jun 2004 15:54:26 -0400, r_z_aret@pen_fact.com wrote:

>On Thu, 24 Jun 2004 12:18:04 +0200, Viviana Vc <vc*******@hotmail.com>
>wrote:
>
>>Hi Robert,
>>
>>I also have to create this dir from within InstallShield, so first I
>>tried to find if InstallShield offers a way to do this, but seems not,>>so I'll have to call an external exe to do this.
>
>I just tried LaunchAppAndWait (InstallShield function), with no
>success, using the following (adapted from the article you cited):
> svWork = "echo y| cacls svDir /e /g everyone:f";
> LaunchAppAndWait( svWork, "", WAIT );
>No effect. Just in case, I also tried using svWork as the argument and
>"" as the command line. No effect. I suspect the problem is the
>characters (echo y|) preceding the actual command.
>
>The article mentions xcacl, and says it is part of the NT resource
>kit. So I suppose I could get and use it. But would it work under Win
>2K and Win XP? I'ld much rather stick with something that ships _with_
>the operating system.
>
>>
>>You should be aware that calling with CreateProcess or ShellExecute the>>command:
>>cacls "C:\Program Files\test" /T /G Everyone:f
>>is not a good idea because:
>>a) - cacls it's asking for the user input ("Are you sure? y/n")
>>b) - "Everyone" is localized, so it won't work on a non-english OS !!!>>
>>To solve the above problems I found in MSDNL the following articles:
>>for a): "How to Use CACLS.EXE in a Batch File"
>>for b): "Creating a DACL" -> for programatically change the security of>>the directory
>>
>>Maybe this helps you also (I'm now investigating the second article),
>>Viv
>>
>>On Wed, 23 Jun 2004 13:14:00 -0400, r_z_aret@pen_fact.com wrote :
>>
>>>On Tue, 22 Jun 2004 11:21:11 +0200, Viviana Vc <vc*******@hotmail.com>>>>wrote:
>>>
>>>>How can I programatically do the equivalent of the following:
>>>>cacls "C:\Program Files\test" /T /G Everyone:f ?
>>>
>>>I'm just getting around to a minor variant of the question. I'll be
>>>trying to do it from an old version of InstallShield, so I plan to
>>>call the InstallShield function to execute run an external exe. From
>>>straight Win 32, I would try ShellExecute (simpler) and then
>>>CreateProcess.
>>>
>>>I've started by experimenting with a DOS prompt. So far, I can't find>>>a set of arguments that will eliminate all prompts.
>>>
>>>>
>>>>Thanks,
>>>>Viv
>>>
>>>-----------------------------------------
>>>To reply to me, remove the underscores (_) from my email address (and please indicate which newsgroup and message).>>>
>>>Robert E. Zaret, eMVP
>>>PenFact, Inc.
>>>500 Harrison Ave., Suite 3R
>>>Boston, MA 02118
>>>www.penfact.com
>
>-----------------------------------------
>To reply to me, remove the underscores (_) from my email address (and please indicate which newsgroup and message).>
>Robert E. Zaret, eMVP
>PenFact, Inc.
>500 Harrison Ave., Suite 3R
>Boston, MA 02118
>www.penfact.com

-----------------------------------------
To reply to me, remove the underscores (_) from my email address (and please indicate which newsgroup and message).
Robert E. Zaret, eMVP
PenFact, Inc.
500 Harrison Ave., Suite 3R
Boston, MA 02118
www.penfact.com


-----------------------------------------
To reply to me, remove the underscores (_) from my email address (and please indicate which newsgroup and message).
Robert E. Zaret, eMVP
PenFact, Inc.
500 Harrison Ave., Suite 3R
Boston, MA 02118
www.penfact.com

Jul 21 '05 #13
Might be that you are right. I haven't tried myself, but I read about
this on other newsgroups (InstallShield newsgroups).

On Mon, 5 Jul 2004 19:41:58 +0200, "ColdShine"
<co**********************@hotmail.com> wrote :
Viviana Vc in news:2k************@uni-berlin.de wrote:
btw, see my other post as with the cacls tool you might get in trouble
because the "Everyone" is localized, so for instance on a german system
it is "Jeder".


I don't think so... look at the names listed here:

http://support.microsoft.com/default...b;EN-US;163846

on my Italian localized system, I can use all of these English user/group
names, when setting file/folder access rights. For example, I always have to
type "Administrators" instead of whatever it would translate to.

Altrough the KB refers to Windows NT4, I guess the names have been kept
backwards-compatible in following Windows versions.


Jul 21 '05 #14
This would have been an idea, but we wanted to have the same structure
relative to our binaries dir for all OSes, so this dir to be alway
../test (where . is let's say c:\program files\myapp). Anyhow that
directory doesn't contain vital info.

On Mon, 5 Jul 2004 16:19:18 -0700, "Alexander Grigoriev"
<al***@earthlink.net> wrote :
Can you use a subdirectory of All Users\Application Data?

"Viviana Vc" <vc*******@hotmail.com> wrote in message
news:2k************@uni-berlin.de...
Hi,

Yes, the extrenal tool is an exe file.
btw, see my other post as with the cacls tool you might get in trouble
because the "Everyone" is localized, so for instance on a german system
it is "Jeder".

Viv
On Fri, 02 Jul 2004 08:54:50 -0400, r_z_aret@pen_fact.com wrote :
>On Thu, 01 Jul 2004 11:14:28 +0200, Viviana Vc <vc*******@hotmail.com>
>wrote:
>
>>Hi,
>>
>>As already said I chose to write an external tool that is called from
>>within IS:
>
>I missed this. To clarify, does "external tool" mean "executable
>file"? If so, then that is slightly neater than using a BATch file.
>
>Either way, thanks for posting your solution. Sure is nice to have
>clear, directly related, sample code. I may try to translate the code
>into something that can be used within InstallShield. And it may be
>useful some place else.
>
>>
>>I actually found a sample in MSDNL "Creating a DACL" where is a simple
>>sample that I used so my code looks like:
>>
>>#define _WIN32_WINNT 0x0500
>>
>>#include <windows.h>
>>#include <sddl.h>
>>#include <stdio.h>
>>
>>BOOL CreateMyDACL(SECURITY_ATTRIBUTES *);
>>
>>void main()
>>{
>> SECURITY_ATTRIBUTES sa;
>>
>> sa.nLength = sizeof(SECURITY_ATTRIBUTES);
>> sa.bInheritHandle = FALSE;
>>
>> if (!CreateMyDACL(&sa))
>> {
>> // Error encountered; generate message and exit.
>> printf("Failed CreateMyDACL\n");
>> exit(1);
>> }
>> if (0 == CreateDirectory(TEXT("C:\\MyFolder"), &sa))
>> {
>> // Error encountered; generate message and exit.
>> printf("Failed CreateDirectory\n");
>> exit(1);
>> }
>>
>> // Free the memory allocated for the SECURITY_DESCRIPTOR.
>> if (NULL != LocalFree(sa.lpSecurityDescriptor))
>> {
>> // Error encountered; generate message and exit.
>> printf("Failed LocalFree\n");
>> exit(1);
>> }
>>}
>>
>>
>>BOOL CreateMyDACL(SECURITY_ATTRIBUTES * pSA)
>>{
>> TCHAR * szSD = TEXT("D:") // Discretionary ACL
>> TEXT("(A;OICI;GA;;;WD)"); // Allow full control to everyonefor that directory !!! >>
>> if (NULL == pSA)
>> return FALSE;
>>
>> return ConvertStringSecurityDescriptorToSecurityDescripto r(
>> szSD,
>> SDDL_REVISION_1,
>> &(pSA->lpSecurityDescriptor),
>> NULL);
>>}
>>
>>HTH,
>>Viv
>>
>>On Wed, 30 Jun 2004 14:35:27 -0400, r_z_aret@pen_fact.com wrote :
>>
>>>Success! A bit of a kludge (so suggestions welcome), but it works.
>>>
>>>I added the following lines to my InstallShield script:
>>>------
>>> // SetAcc.bat is a BATch file that issues the command
>>> // echo y| cacls %1 /e /g everyone:f
>>> // See MSDN Knowledge Base article 135268 ("How to Use
>>>CACLS.EXE in a BatchFile")
>>> // Also, see 24 - 30 Jun 04 thread called
>>> // "Create a dir where all the users have the right to write"
>>>in
>>> // comp.os.ms-windows.programmer.win32 and other fine
>>>newsgroups
>>> // The file must be in uncompressed setup files.
>>>// svWork = SUPPORTDIR ^ "cacls.bat";
>>> svWork = SRCDIR ^ "setacc.bat";
>>> // BATch file will parse arg into pieces if it includes
>>>embedded spaces
>>> LongPathToShortPath( svDir );
>>> if (!PFFileExists( SRCDIR, "setacc.bat", "ShowDialogs" ))then
>>> MessageBox( "Can't find setacc.bat", WARNING );
>>> else
>>> if (LaunchAppAndWait( svWork, svDir, WAIT ) != 1) then
>>> MessageBox( "Attempt to set access failed", INFO );
>>> endif;
>>> endif;
>>>------
>>>
>>>Here is the "source" for setacc.bat:
>>>------
>>>@echo off
>>>
>>>REM BATch file to give everyone full access to specified folder
>>>REM - to be invoked from an InstallShield script
>>>
>>>REM See MSDN Knowledge Base article 135268 ("How to Use CACLS.EXE in a
>>>BatchFile")
>>>REM See also a 24-30 June 2004 thread called
>>>REM "AlsoCreate a dir where all the users have the right to write"
>>>REM in comp.os.ms-windows.programmer.win32 and other fine
>>>newsgroups
>>>
>>>REM Caller needs to put quotation marks around the argument, or pass
>>>REM only short paths (with no embedded blanks), or it won't be
>>>REM parsed as one argument. Thus, the following line should not.
>>>
>>>echo y| cacls %1 /e /g everyone:f
>>>------
>>>
>>>I sort of want to move setacc.bat to the compressed files, so it isn't
>>>visible on the distribution CD. But just moving it didn't work,
>>>because then I couldn't invoke it. I vaguely remember InstallShield
>>>functions that explicitly uncompress files, so a script could use
>>>them. On the other hand, it could be a legitimate tool for some users.
>>>
>>>I briefly tried writing a program, to replace the batch file. But the
>>>functions used to control access seem too complex to be worth
>>>conquering for this project. And that would still require an auxiliary
>>>file. Maybe if I got that program working I could then use the same
>>>code in an InstallShield script. Maybe someday/
>>>
>>>On Thu, 24 Jun 2004 15:54:26 -0400, r_z_aret@pen_fact.com wrote:
>>>
>>>>On Thu, 24 Jun 2004 12:18:04 +0200, Viviana Vc <vc*******@hotmail.com>
>>>>wrote:
>>>>
>>>>>Hi Robert,
>>>>>
>>>>>I also have to create this dir from within InstallShield, so first I
>>>>>tried to find if InstallShield offers a way to do this, but seemsnot, >>>>>so I'll have to call an external exe to do this.
>>>>
>>>>I just tried LaunchAppAndWait (InstallShield function), with no
>>>>success, using the following (adapted from the article you cited):
>>>> svWork = "echo y| cacls svDir /e /g everyone:f";
>>>> LaunchAppAndWait( svWork, "", WAIT );
>>>>No effect. Just in case, I also tried using svWork as the argument and
>>>>"" as the command line. No effect. I suspect the problem is the
>>>>characters (echo y|) preceding the actual command.
>>>>
>>>>The article mentions xcacl, and says it is part of the NT resource
>>>>kit. So I suppose I could get and use it. But would it work under Win
>>>>2K and Win XP? I'ld much rather stick with something that ships _with_
>>>>the operating system.
>>>>
>>>>>
>>>>>You should be aware that calling with CreateProcess or ShellExecutethe >>>>>command:
>>>>>cacls "C:\Program Files\test" /T /G Everyone:f
>>>>>is not a good idea because:
>>>>>a) - cacls it's asking for the user input ("Are you sure? y/n")
>>>>>b) - "Everyone" is localized, so it won't work on a non-english OS!!! >>>>>
>>>>>To solve the above problems I found in MSDNL the following articles:
>>>>>for a): "How to Use CACLS.EXE in a Batch File"
>>>>>for b): "Creating a DACL" -> for programatically change the securityof >>>>>the directory
>>>>>
>>>>>Maybe this helps you also (I'm now investigating the second article),
>>>>>Viv
>>>>>
>>>>>On Wed, 23 Jun 2004 13:14:00 -0400, r_z_aret@pen_fact.com wrote :
>>>>>
>>>>>>On Tue, 22 Jun 2004 11:21:11 +0200, Viviana Vc<vc*******@hotmail.com> >>>>>>wrote:
>>>>>>
>>>>>>>How can I programatically do the equivalent of the following:
>>>>>>>cacls "C:\Program Files\test" /T /G Everyone:f ?
>>>>>>
>>>>>>I'm just getting around to a minor variant of the question. I'll be
>>>>>>trying to do it from an old version of InstallShield, so I plan to
>>>>>>call the InstallShield function to execute run an external exe. From
>>>>>>straight Win 32, I would try ShellExecute (simpler) and then
>>>>>>CreateProcess.
>>>>>>
>>>>>>I've started by experimenting with a DOS prompt. So far, I can'tfind >>>>>>a set of arguments that will eliminate all prompts.
>>>>>>
>>>>>>>
>>>>>>>Thanks,
>>>>>>>Viv
>>>>>>
>>>>>>-----------------------------------------
>>>>>>To reply to me, remove the underscores (_) from my email address(and please indicate which newsgroup and message). >>>>>>
>>>>>>Robert E. Zaret, eMVP
>>>>>>PenFact, Inc.
>>>>>>500 Harrison Ave., Suite 3R
>>>>>>Boston, MA 02118
>>>>>>www.penfact.com
>>>>
>>>>-----------------------------------------
>>>>To reply to me, remove the underscores (_) from my email address (andplease indicate which newsgroup and message). >>>>
>>>>Robert E. Zaret, eMVP
>>>>PenFact, Inc.
>>>>500 Harrison Ave., Suite 3R
>>>>Boston, MA 02118
>>>>www.penfact.com
>>>
>>>-----------------------------------------
>>>To reply to me, remove the underscores (_) from my email address (andplease indicate which newsgroup and message). >>>
>>>Robert E. Zaret, eMVP
>>>PenFact, Inc.
>>>500 Harrison Ave., Suite 3R
>>>Boston, MA 02118
>>>www.penfact.com
>
>-----------------------------------------
>To reply to me, remove the underscores (_) from my email address (andplease indicate which newsgroup and message). >
>Robert E. Zaret, eMVP
>PenFact, Inc.
>500 Harrison Ave., Suite 3R
>Boston, MA 02118
>www.penfact.com


Jul 21 '05 #15
I think All Users is there even starting from Windows 98 (it's under Windows
directory in Win9x).

"Viviana Vc" <vc*******@hotmail.com> wrote in message
news:2k************@uni-berlin.de...
This would have been an idea, but we wanted to have the same structure
relative to our binaries dir for all OSes, so this dir to be alway
./test (where . is let's say c:\program files\myapp). Anyhow that
directory doesn't contain vital info.

On Mon, 5 Jul 2004 16:19:18 -0700, "Alexander Grigoriev"
<al***@earthlink.net> wrote :
Can you use a subdirectory of All Users\Application Data?

"Viviana Vc" <vc*******@hotmail.com> wrote in message
news:2k************@uni-berlin.de...
Hi,

Yes, the extrenal tool is an exe file.
btw, see my other post as with the cacls tool you might get in trouble
because the "Everyone" is localized, so for instance on a german system
it is "Jeder".

Viv
On Fri, 02 Jul 2004 08:54:50 -0400, r_z_aret@pen_fact.com wrote :

>On Thu, 01 Jul 2004 11:14:28 +0200, Viviana Vc <vc*******@hotmail.com>
>wrote:
>
>>Hi,
>>
>>As already said I chose to write an external tool that is called from
>>within IS:
>
>I missed this. To clarify, does "external tool" mean "executable
>file"? If so, then that is slightly neater than using a BATch file.
>
>Either way, thanks for posting your solution. Sure is nice to have
>clear, directly related, sample code. I may try to translate the code
>into something that can be used within InstallShield. And it may be
>useful some place else.
>
>>
>>I actually found a sample in MSDNL "Creating a DACL" where is a simple >>sample that I used so my code looks like:
>>
>>#define _WIN32_WINNT 0x0500
>>
>>#include <windows.h>
>>#include <sddl.h>
>>#include <stdio.h>
>>
>>BOOL CreateMyDACL(SECURITY_ATTRIBUTES *);
>>
>>void main()
>>{
>> SECURITY_ATTRIBUTES sa;
>>
>> sa.nLength = sizeof(SECURITY_ATTRIBUTES);
>> sa.bInheritHandle = FALSE;
>>
>> if (!CreateMyDACL(&sa))
>> {
>> // Error encountered; generate message and exit.
>> printf("Failed CreateMyDACL\n");
>> exit(1);
>> }
>> if (0 == CreateDirectory(TEXT("C:\\MyFolder"), &sa))
>> {
>> // Error encountered; generate message and exit.
>> printf("Failed CreateDirectory\n");
>> exit(1);
>> }
>>
>> // Free the memory allocated for the SECURITY_DESCRIPTOR.
>> if (NULL != LocalFree(sa.lpSecurityDescriptor))
>> {
>> // Error encountered; generate message and exit.
>> printf("Failed LocalFree\n");
>> exit(1);
>> }
>>}
>>
>>
>>BOOL CreateMyDACL(SECURITY_ATTRIBUTES * pSA)
>>{
>> TCHAR * szSD = TEXT("D:") // Discretionary ACL
>> TEXT("(A;OICI;GA;;;WD)"); // Allow full control to everyone
for that directory !!!
>>
>> if (NULL == pSA)
>> return FALSE;
>>
>> return ConvertStringSecurityDescriptorToSecurityDescripto r(
>> szSD,
>> SDDL_REVISION_1,
>> &(pSA->lpSecurityDescriptor),
>> NULL);
>>}
>>
>>HTH,
>>Viv
>>
>>On Wed, 30 Jun 2004 14:35:27 -0400, r_z_aret@pen_fact.com wrote :
>>
>>>Success! A bit of a kludge (so suggestions welcome), but it works.
>>>
>>>I added the following lines to my InstallShield script:
>>>------
>>> // SetAcc.bat is a BATch file that issues the command
>>> // echo y| cacls %1 /e /g everyone:f
>>> // See MSDN Knowledge Base article 135268 ("How to Use
>>>CACLS.EXE in a BatchFile")
>>> // Also, see 24 - 30 Jun 04 thread called
>>> // "Create a dir where all the users have the right to
write" >>>in
>>> // comp.os.ms-windows.programmer.win32 and other fine
>>>newsgroups
>>> // The file must be in uncompressed setup files.
>>>// svWork = SUPPORTDIR ^ "cacls.bat";
>>> svWork = SRCDIR ^ "setacc.bat";
>>> // BATch file will parse arg into pieces if it includes
>>>embedded spaces
>>> LongPathToShortPath( svDir );
>>> if (!PFFileExists( SRCDIR, "setacc.bat", "ShowDialogs" ))then >>> MessageBox( "Can't find setacc.bat", WARNING );
>>> else
>>> if (LaunchAppAndWait( svWork, svDir, WAIT ) != 1) then
>>> MessageBox( "Attempt to set access failed", INFO );
>>> endif;
>>> endif;
>>>------
>>>
>>>Here is the "source" for setacc.bat:
>>>------
>>>@echo off
>>>
>>>REM BATch file to give everyone full access to specified folder
>>>REM - to be invoked from an InstallShield script
>>>
>>>REM See MSDN Knowledge Base article 135268 ("How to Use CACLS.EXE in a >>>BatchFile")
>>>REM See also a 24-30 June 2004 thread called
>>>REM "AlsoCreate a dir where all the users have the right to write" >>>REM in comp.os.ms-windows.programmer.win32 and other fine
>>>newsgroups
>>>
>>>REM Caller needs to put quotation marks around the argument, or pass
>>>REM only short paths (with no embedded blanks), or it won't be
>>>REM parsed as one argument. Thus, the following line should not.
>>>
>>>echo y| cacls %1 /e /g everyone:f
>>>------
>>>
>>>I sort of want to move setacc.bat to the compressed files, so it isn't >>>visible on the distribution CD. But just moving it didn't work,
>>>because then I couldn't invoke it. I vaguely remember InstallShield
>>>functions that explicitly uncompress files, so a script could use
>>>them. On the other hand, it could be a legitimate tool for some users. >>>
>>>I briefly tried writing a program, to replace the batch file. But the >>>functions used to control access seem too complex to be worth
>>>conquering for this project. And that would still require an auxiliary >>>file. Maybe if I got that program working I could then use the same
>>>code in an InstallShield script. Maybe someday/
>>>
>>>On Thu, 24 Jun 2004 15:54:26 -0400, r_z_aret@pen_fact.com wrote:
>>>
>>>>On Thu, 24 Jun 2004 12:18:04 +0200, Viviana Vc <vc*******@hotmail.com> >>>>wrote:
>>>>
>>>>>Hi Robert,
>>>>>
>>>>>I also have to create this dir from within InstallShield, so first I >>>>>tried to find if InstallShield offers a way to do this, but seems

not,
>>>>>so I'll have to call an external exe to do this.
>>>>
>>>>I just tried LaunchAppAndWait (InstallShield function), with no
>>>>success, using the following (adapted from the article you cited):
>>>> svWork = "echo y| cacls svDir /e /g everyone:f";
>>>> LaunchAppAndWait( svWork, "", WAIT );
>>>>No effect. Just in case, I also tried using svWork as the argument and >>>>"" as the command line. No effect. I suspect the problem is the
>>>>characters (echo y|) preceding the actual command.
>>>>
>>>>The article mentions xcacl, and says it is part of the NT resource
>>>>kit. So I suppose I could get and use it. But would it work under Win >>>>2K and Win XP? I'ld much rather stick with something that ships _with_ >>>>the operating system.
>>>>
>>>>>
>>>>>You should be aware that calling with CreateProcess or ShellExecutethe
>>>>>command:
>>>>>cacls "C:\Program Files\test" /T /G Everyone:f
>>>>>is not a good idea because:
>>>>>a) - cacls it's asking for the user input ("Are you sure? y/n")
>>>>>b) - "Everyone" is localized, so it won't work on a non-english OS

!!!
>>>>>
>>>>>To solve the above problems I found in MSDNL the following
articles: >>>>>for a): "How to Use CACLS.EXE in a Batch File"
>>>>>for b): "Creating a DACL" -> for programatically change the securityof
>>>>>the directory
>>>>>
>>>>>Maybe this helps you also (I'm now investigating the second
article), >>>>>Viv
>>>>>
>>>>>On Wed, 23 Jun 2004 13:14:00 -0400, r_z_aret@pen_fact.com wrote :
>>>>>
>>>>>>On Tue, 22 Jun 2004 11:21:11 +0200, Viviana Vc

<vc*******@hotmail.com>
>>>>>>wrote:
>>>>>>
>>>>>>>How can I programatically do the equivalent of the following:
>>>>>>>cacls "C:\Program Files\test" /T /G Everyone:f ?
>>>>>>
>>>>>>I'm just getting around to a minor variant of the question. I'll be >>>>>>trying to do it from an old version of InstallShield, so I plan to >>>>>>call the InstallShield function to execute run an external exe. From >>>>>>straight Win 32, I would try ShellExecute (simpler) and then
>>>>>>CreateProcess.
>>>>>>
>>>>>>I've started by experimenting with a DOS prompt. So far, I can't

find
>>>>>>a set of arguments that will eliminate all prompts.
>>>>>>
>>>>>>>
>>>>>>>Thanks,
>>>>>>>Viv
>>>>>>
>>>>>>-----------------------------------------
>>>>>>To reply to me, remove the underscores (_) from my email address

(and please indicate which newsgroup and message).
>>>>>>
>>>>>>Robert E. Zaret, eMVP
>>>>>>PenFact, Inc.
>>>>>>500 Harrison Ave., Suite 3R
>>>>>>Boston, MA 02118
>>>>>>www.penfact.com
>>>>
>>>>-----------------------------------------
>>>>To reply to me, remove the underscores (_) from my email address

(andplease indicate which newsgroup and message).
>>>>
>>>>Robert E. Zaret, eMVP
>>>>PenFact, Inc.
>>>>500 Harrison Ave., Suite 3R
>>>>Boston, MA 02118
>>>>www.penfact.com
>>>
>>>-----------------------------------------
>>>To reply to me, remove the underscores (_) from my email address
(andplease indicate which newsgroup and message).
>>>
>>>Robert E. Zaret, eMVP
>>>PenFact, Inc.
>>>500 Harrison Ave., Suite 3R
>>>Boston, MA 02118
>>>www.penfact.com
>
>-----------------------------------------
>To reply to me, remove the underscores (_) from my email address (and

please indicate which newsgroup and message).
>
>Robert E. Zaret, eMVP
>PenFact, Inc.
>500 Harrison Ave., Suite 3R
>Boston, MA 02118
>www.penfact.com

Jul 21 '05 #16

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

7
by: sanjitg via SQLMonster.com | last post by:
Even Sa account is in sysadmin role it is not able to create users using enterprise manager Also not able to create users from local admin who is alo on sysadmin role But using query analyzer we...
4
by: Omar Vazquez | last post by:
i developed an app in V.B. now i am trying to connect to db2, i think before i must create a user in the database, i made it in the next way. in db2 control center user y groups add new i...
11
by: Marcia Hon | last post by:
Hi, I am trying to create a file for writing: FILE * List_of_Files; char * List = "List_of_Files; if((List_of_Files = fopen(List, "w")) == NULL) { fprintf(stderr, "Cannot write file");
0
by: simpleeshelbee | last post by:
When I went back and looked at what came out to see for my message, I saw that it came out a little different than I need it. I need it like this.... * = asterisks 1st row = 1 *, 9 spaces, 10...
7
by: brig | last post by:
I am reading and thinking that a user (or any object) cannot be created within a procedure. Is that correct? I am new to PL/ SQL, not programming, but do apologize. I have a StdtTable (in SYS)...
1
by: brig | last post by:
Hi All, I have a Table (STDTable) with 3 columns: STDAccount, STDpassword, IRowId. I am getting a user conflicts error when I 'get the next' user info from the table. I am using SQLDeveloper. ...
3
by: marcussilfver | last post by:
How can I set write permissions for a limited user to write values to a certain registrykey. This registrykey is also written to by a administrator (which probably also created the key in the first...
1
by: Munna | last post by:
Hi,, Just put a text box and and label in a usercontrol to create your own login control then add user programmatically using Membership.CreateUser method... Best of luck ------ Munna
3
by: leon.san.email | last post by:
This a modified part of a larger script I made. I couldn't get it working so I made a smaller part of it - hoping to get it working. Well it still doesn't work :( The following code creates the...
3
by: blueskies | last post by:
Hi All, Can someone please advise how to create users and user groups in Access 2007. In 2003 it was simple and straight forward, and at the risk of sounding stupid I can't find the same...
0
by: DolphinDB | last post by:
Tired of spending countless mintues downsampling your data? Look no further! In this article, you’ll learn how to efficiently downsample 6.48 billion high-frequency records to 61 million...
0
by: ryjfgjl | last post by:
ExcelToDatabase: batch import excel into database automatically...
0
isladogs
by: isladogs | last post by:
The next Access Europe meeting will be on Wednesday 6 Mar 2024 starting at 18:00 UK time (6PM UTC) and finishing at about 19:15 (7.15PM). In this month's session, we are pleased to welcome back...
1
isladogs
by: isladogs | last post by:
The next Access Europe meeting will be on Wednesday 6 Mar 2024 starting at 18:00 UK time (6PM UTC) and finishing at about 19:15 (7.15PM). In this month's session, we are pleased to welcome back...
0
by: Vimpel783 | last post by:
Hello! Guys, I found this code on the Internet, but I need to modify it a little. It works well, the problem is this: Data is sent from only one cell, in this case B5, but it is necessary that data...
1
by: PapaRatzi | last post by:
Hello, I am teaching myself MS Access forms design and Visual Basic. I've created a table to capture a list of Top 30 singles and forms to capture new entries. The final step is a form (unbound)...
0
by: CloudSolutions | last post by:
Introduction: For many beginners and individual users, requiring a credit card and email registration may pose a barrier when starting to use cloud servers. However, some cloud server providers now...
1
by: Shællîpôpï 09 | last post by:
If u are using a keypad phone, how do u turn on JavaScript, to access features like WhatsApp, Facebook, Instagram....
0
isladogs
by: isladogs | last post by:
The next Access Europe User Group meeting will be on Wednesday 3 Apr 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM). In this session, we are pleased to welcome former...

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.