wntaccessget error 532

Started by pamsniffer, November 07, 2014, 06:22:38 AM

Previous topic - Next topic

pamsniffer


Dear all

I am using this on a workstation that is connected to a domain and loggged on with normal user right,
I am starting the following script

AddExtender('wwwnt34i.dll',0,'wwwnt64i.dll')

records=wntAccessGet("\\10.10.1.1","\\10.10.1.1\temp",300,0)

pause("test",records")

I get the error 535 eror loooking up secified user/group


With windows explorer i am able to open the share and see the rights

regards PAM


td

You might want to take a look at the extender help file entry for the wntAccessGet function again because you don't have the parameters quite right. The third parameter should be the user or group you wish to list the access rights for and not the type number of the resource you are checking.  The type goes in the fourth parameter with the fifth being optional.

You may also need to replace the dotted ip address in the second parameter with the NetBIOS name of the server.  If memory serves, the function doesn't like ip addresses in share names but I could be wrong about that part.
"No one who sees a peregrine falcon fly can ever forget the beauty and thrill of that flight."
  - Dr. Tom Cade

ChuckC

No, the the IP address is just fine to pass in for the server name, as the underlying Win32 API functions that retrieve the information will accept it.

However, there are also 2 more errors in the parameters that need to be corrected.

1)  The parameter that contains the share name should only be the share name, not a UNC path value that includes the leading "\\" and the host name or IP address.

2)  The object-type value was specified as 300, which is for a directory or file on a NTFS volume.  The O.P. says they want to get the permissions for a share, which would be object-type 100, not 300.

Please note that these corrections would apply to a call to wntAccessList(), and any of the other wntAccess*() / wntAudit*() functions.

Typically, the process of "getting all the permissions" on an object involves 1 call to wntAccessList() to identify all of the security principals that have assigned permissions on the the object, and then, in a loop, a single call to wntAccessGet() for each of the users/groups that were returned in the result list from wntAccessList().

td

Good points.  I was aware of the fact that you can use the IP address in the first parameter.  What I had forgotten was that you can't use a UNC path of any kind in the second parameter.  I guess I should take my own advice and read the manual. 

Thanks Chuck.
"No one who sees a peregrine falcon fly can ever forget the beauty and thrill of that flight."
  - Dr. Tom Cade

ChuckC

Quote from: td on November 12, 2014, 11:35:49 AM
I guess should take my own advice and read the manual. 


LOL... And... You remember what name of my company was when I was self-employed...

td

Yeah,  RTFM ( Consulting Services Inc.) 
"No one who sees a peregrine falcon fly can ever forget the beauty and thrill of that flight."
  - Dr. Tom Cade