Created
June 27, 2025 15:29
-
-
Save justaguywhocodes/9229f5c4ef5fe189f18bbdac74ad6a94 to your computer and use it in GitHub Desktop.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
$VarD=$null | |
$VarS=$null | |
$ResultsD=$null | |
$ResultsS=$null | |
$Service="mslldp" | |
$AddPermissions="(A;;CCLCSWLOCRRC;;;SU)" | |
$VarAccount="SU" | |
[string]$RawResults=sc.exe sdshow $Service | |
$RegexPatternALL='(D:)(\(.*\))(S:)(\(.*\))|(S:)(\(.*\))|(D:)(\(.*\))' | |
# Match 0 is the complete string | |
# Match 1 is the D: label if both sections are present | |
# Match 2 is the D: section permissions if both sections are present | |
# Match 3 is the S: label if both sections are present | |
# Match 4 is the S: section permissions if both sections are present | |
# Match 5 is the S: label if only the S: section is present | |
# Match 6 is the S: section permissions if only the S: section is present | |
# Match 7 is the D: label if only the D: section is present | |
# Match 8 is the D: section permissions if only the D: section is present | |
$RawResults -match $RegexPatternALL | out-null | |
#$Matches | |
# Find the D: section | |
if ($null -eq $matches[1]){ | |
$VarD=$Matches[8] | |
} | |
else { | |
$VarD=$Matches[2] | |
} | |
#Find the S: section | |
if ($null -eq $Matches[3]) { | |
$VarS=$Matches[6] | |
} | |
else { | |
$VarS=$Matches[4] | |
} | |
# Split the results into individual items then strip out the open and close parenthesis from all objects. | |
if ($null -ne $VarD){ | |
[array]$ResultsD=$VarD -split '\)\(' | foreach-object {$_ -replace "\(", ""} | foreach-object {$_ -replace "\)", ""} | |
} | |
if ($null -ne $VarS){ | |
[array]$ResultsS=$VarS -split '\)\(' | foreach-object {$_ -replace "\(", ""} | foreach-object {$_ -replace "\)", ""} | |
} | |
write-output "`nD:" | |
$ResultsD | |
write-output "`nS:" | |
$ResultsS | |
# Build new SD permission string so to confirm if the values are parsed correctly. | |
$ExistingPermissions=$null | |
if ($null -ne $ResultsD){ | |
# This is the first element in the array | |
$ExistingPermissions=$ExistingPermissions + "D:" | |
for ($i=0; $i -lt $ResultsD.count; $i++) { | |
$ExistingPermissions=$ExistingPermissions + "(" + $ResultsD[$i] + ")" | |
} | |
} | |
if ($null -ne $ResultsS){ | |
$ExistingPermissions=$ExistingPermissions + "S:" | |
for ($i=0; $i -lt $ResultsS.count; $i++) { | |
$ExistingPermissions=$ExistingPermissions + "(" + $ResultsS[$i] + ")" | |
} | |
} | |
write-output "`nParsed permissions:" | |
$ExistingPermissions | |
write-output "`nOriginal permissions:" | |
$RawResults.trim() | |
# Compare the newly build results with the original results (trimming whitespace). | |
# Only add the new permissions if we could properly build a string with the existing data which matched the original permission string. | |
if ($ExistingPermissions -eq $RawResults.trim()) { | |
Write-Output "`nCorrectly identified existing permissions." | |
# Make sure that the permissions we are setting are not already in the existing permission string. | |
if ($ExistingPermissions -notmatch $VarAccount){ | |
write-output "`nBuilding new permissions string..." | |
$NewPermissions=$null | |
if ($null -ne $ResultsD){ | |
# This is the first element in the array | |
$NewPermissions=$NewPermissions + "D:" | |
for ($i=0; $i -lt $ResultsD.count; $i++) { | |
$NewPermissions=$NewPermissions + "(" + $ResultsD[$i] + ")" | |
} | |
$NewPermissions=$NewPermissions + $AddPermissions | |
} | |
if ($null -ne $ResultsS){ | |
$NewPermissions=$NewPermissions + "S:" | |
for ($i=0; $i -lt $ResultsS.count; $i++) { | |
$NewPermissions=$NewPermissions + "(" + $ResultsS[$i] + ")" | |
} | |
} | |
write-output "`nNew permissions string will be:" | |
$NewPermissions | |
# sc.exe sdset $service $NewPermissions | |
} | |
else { | |
write-output "Permissions for this account already exist. Please review." | |
exit 1 | |
} | |
} | |
else { | |
write-output "`nUnable to properly parse the permission results. Please review." | |
exit 1 | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment