windows-nt/Source/XPSP1/NT/admin/dsutils/migrate/scripts/clonelg.vbt
2020-09-26 16:20:57 +08:00

85 lines
1.9 KiB
Plaintext

' clonelg.vbt start
' CloneSecurityPrincipal VBScript
'
' Clone all Local Groups in a domain
'
' Copyright (C) 1999 Microsoft Corporation.
// this is a Visual Basic Script "Template", used in conjunction with the
// MS Visual C++ Preprocessor to overcome some of the source management
// limitations of VBScript. Not perfect, but better than a stick in the eye.
//
// use cl /EP foo.vbt > foo.vbs to expand the template
// this is all our common code.
#include "clonepr.vbi"
const SCRIPT_FILENAME = "clonelg.vbs"
const SCRIPT_SOURCE_NAME = __FILE__
const SCRIPT_DATE = __DATE__
const SCRIPT_TIME = __TIME__
// code common to the scripts that operate on all domain accounts. We
// supply our own definition of ShouldCloneObject. For every object for
// which we return True, that object is cloned.
#include "clonedom.vbi"
Main
wscript.quit(0)
' returns True if the object is a local group and is not well known group
function ShouldCloneObject(byref srcObject)
on error resume next
if ObjectClass(srcObject) = CLASS_LOCAL_GROUP then
' determine if the group is a well known
sid.SetAs ADS_SID_WINNT_PATH, srcObject.AdsPath & "," & srcObject.Class
if Err.Number then DumpErrAndQuit
dim sidString
sidString = sid.GetAs(ADS_SID_SDDL)
if Err.Number then DumpErrAndQuit
'To Stop Cloning Well Known Sids Uncomment 4 lines below
' if HasWellKnownRid(sidString) then
' ShouldCloneObject = False
' exit function
' end if
if IsBuiltInSid( sidString ) then
Echo srcObject.Name & " is a builtin Account."
Echo "BuiltIn Users and Groups cannot be cloned"
ShouldCloneObject = False
exit function
end if
ShouldCloneObject = True
exit function
end if
ShouldCloneObject = False
end function
' clonelg.vbt end