欢迎您访问程序员文章站本站旨在为大家提供分享程序员计算机编程知识!
您现在的位置是: 首页  >  网络运营

win2003 服务器磁盘权限安全设置批处理

程序员文章站 2022-11-27 20:24:59
复制代码 代码如下: @echo off title c盘权限批量处理-2010.7.1 echo ----------------------------- echo 萬...
复制代码 代码如下:

@echo off
title c盘权限批量处理-2010.7.1
echo -----------------------------
echo 服务器c盘权限设置
echo
echo -----------------------------
:menu
echo.
echo [1] 删除c盘的everyone的权限
echo [2] 删除c盘的所有的users的访问权限
echo [3] 添加iis_wpg的访问权限
echo [4] 添加iis_wpg的访问权限[.net专用]
echo [5] 添加iis_wpg的访问权限[装了macfee的软件专用]
echo [6] 添加users的访问权限
echo [7] 删除c盘windows下的所有的危险文件夹
echo [8] 删除系统危险文件的访问权限,只留管理组成员
echo [9] 注册表相关设定
echo [10] 将c盘权限还原为默认[需重启]
echo [0] 退出
echo.
@echo 请选择?
@echo 输入上面的选项回车
@echo off
set /p menu=

if %menu% == 0 goto exit
if %menu% == 1 goto 1
if %menu% == 2 goto 2
if %menu% == 3 goto 3
if %menu% == 4 goto 4
if %menu% == 5 goto 5
if %menu% == 6 goto 6
if %menu% == 7 goto 7
if %menu% == 8 goto 8
if %menu% == 9 goto 9
if %menu% == 10 goto 10

:1
echo 删除c盘的everyone的权限
cacls "%systemdrive%" /r "creator owner" /e
cacls "%systemdrive%" /r "everyone" /e
cacls "%systemroot%" /r "everyone" /e
cacls "%systemdrive%/documents and settings" /r "everyone" /e
cacls "%systemdrive%/documents and settings/all users" /r "everyone" /e
cacls "%systemdrive%/documents and settings/all users/documents" /r "everyone" /e
echo.
echo 删除c盘的everyone的权限 ………………ok!
echo.
goto menu

:2
echo 删除c盘的所有的users的访问权限
cacls "%systemdrive%" /r "users" /e
cacls "%systemdrive%/program files" /r "users" /e
cacls "%systemdrive%/documents and settings" /r "users" /e
cacls "%systemroot%" /r "users" /e
cacls "%systemroot%/addins" /r "users" /e
cacls "%systemroot%/apppatch" /r "users" /e
cacls "%systemroot%/connection wizard" /r "users" /e
cacls "%systemroot%/debug" /r "users" /e
cacls "%systemroot%/driver cache" /r "users" /e
cacls "%systemroot%/help" /r "users" /e
cacls "%systemroot%/iis temporary compressed files" /r "users" /e
cacls "%systemroot%/java" /r "users" /e
cacls "%systemroot%/msagent" /r "users" /e
cacls "%systemroot%/mui" /r "users" /e
cacls "%systemroot%/repair" /r "users" /e
cacls "%systemroot%/resources" /r "users" /e
cacls "%systemroot%/security" /r "users" /e
cacls "%systemroot%/system" /r "users" /e
cacls "%systemroot%/tapi" /r "users" /e
cacls "%systemroot%/temp" /r "users" /e
cacls "%systemroot%/twain_32" /r "users" /e
cacls "%systemroot%/web" /r "users" /e
cacls "%systemroot%/winsxs" /r "users" /e
cacls "%systemroot%/system32/3com_dmi" /r "users" /e
cacls "%systemroot%/system32/administration" /r "users" /e
cacls "%systemroot%/system32/cache" /r "users" /e
cacls "%systemroot%/system32/catroot2" /r "users" /e
cacls "%systemroot%/system32/com" /r "users" /e
cacls "%systemroot%/system32/config" /r "users" /e
cacls "%systemroot%/system32/dhcp" /r "users" /e
cacls "%systemroot%/system32/drivers" /r "users" /e
cacls "%systemroot%/system32/export" /r "users" /e
cacls "%systemroot%/system32/icsxml" /r "users" /e
cacls "%systemroot%/system32/lls" /r "users" /e
cacls "%systemroot%/system32/logfiles" /r "users" /e
cacls "%systemroot%/system32/microsoftpassport" /r "users" /e
cacls "%systemroot%/system32/mui" /r "users" /e
cacls "%systemroot%/system32/oobe" /r "users" /e
cacls "%systemroot%/system32/shellext" /r "users" /e
cacls "%systemroot%/system32/wbem" /r "users" /e
echo.
echo 删除c盘的所有的users的访问权限 ………………ok!
echo.
goto menu


:7
echo 删除c盘windows下的所有的危险文件夹
attrib %systemroot%/web/printers -s -r -h
del %systemroot%\web\printers\*.* /s /q /f
rd %systemroot%\web\printers /s /q

attrib %systemroot%\help\iishelp -s -r -h
del %systemroot%\help\iishelp\*.* /s /q /f
rd %systemroot%\help\iishelp /s /q

attrib %systemroot%\system32\inetsrv\iisadmpwd -s -r -h
del %systemroot%\system32\inetsrv\iisadmpwd\*.* /s /q /f
rd %systemroot%\system32\inetsrv\iisadmpwd /s /q
echo.
echo 删除c盘windows下的所有的危险文件夹 ………………ok!
echo.
goto menu


:8
echo 给系统危险文件设置权限设定
cacls "c:\boot.ini" /t /c /e /g administrators:f
cacls "c:\boot.ini" /d guests:f /e

cacls "c:\autoexec.bat" /t /c /e /g administrators:f
cacls "c:\autoexec.bat" /d guests:f /e

cacls "%systemroot%/system32/net.exe" /t /c /e /g administrators:f
cacls "%systemroot%/system32/net.exe" /d guests:f /e

cacls "%systemroot%/system32/net1.exe" /t /c /e /g administrators:f
cacls "%systemroot%/system32/net1.exe" /d guests:f /e

cacls "%systemroot%/system32/cmd.exe" /t /c /e /g administrators:f
cacls "%systemroot%/system32/cmd.exe" /d guests:f /e

cacls "%systemroot%/system32/ftp.exe" /t /c /e /g administrators:f
cacls "%systemroot%/system32/ftp.exe" /d guests:f /e

cacls "%systemroot%/system32/netstat.exe" /t /c /e /g administrators:f
cacls "%systemroot%/system32/netstat.exe" /d guests:f /e

cacls "%systemroot%/system32/regedit.exe" /t /c /e /g administrators:f
cacls "%systemroot%/system32/regedit.exe" /d guests:f /e

cacls "%systemroot%/system32/at.exe" /t /c /e /g administrators:f
cacls "%systemroot%/system32/at.exe" /d guests:f /e

cacls "%systemroot%/system32/attrib.exe" /t /c /e /g administrators:f
cacls "%systemroot%/system32/attrib.exe" /d guests:f /e

cacls "%systemroot%/system32/format.com" /t /c /e /g administrators:f
cacls "%systemroot%/system32/format.com" /d guests:f /e

cacls "%systemroot%/system32/logoff.exe" /t /c /e /g administrators:f

cacls "%systemroot%/system32/shutdown.exe" /g administrators:f
cacls "%systemroot%/system32/shutdown.exe" /d guests:f /e

cacls "%systemroot%/system32/telnet.exe" /t /c /e /g administrators:f
cacls "%systemroot%/system32/telnet.exe" /d guests:f /e

cacls "%systemroot%/system32/wscript.exe" /t /c /e /g administrators:f
cacls "%systemroot%/system32/wscript.exe" /d guests:f /e

cacls "%systemroot%/system32/doskey.exe" /t /c /e /g administrators:f
cacls "%systemroot%/system32/doskey.exe" /d guests:f /e

cacls "%systemroot%/system32/help.exe" /t /c /e /g administrators:f
cacls "%systemroot%/system32/help.exe" /d guests:f /e

cacls "%systemroot%/system32/ipconfig.exe" /t /c /e /g administrators:f
cacls "%systemroot%/system32/ipconfig.exe" /d guests:f /e

cacls "%systemroot%/system32/nbtstat.exe" /t /c /e /g administrators:f
cacls "%systemroot%/system32/nbtstat.exe" /d guests:f /e

cacls "%systemroot%/system32/print.exe" /t /c /e /g administrators:f
cacls "%systemroot%/system32/print.exe" /d guests:f /e

cacls "%systemroot%/system32/xcopy.exe" /t /c /e /g administrators:f
cacls "%systemroot%/system32/xcopy.exe" /d guests:f /e

cacls "%systemroot%/system32/edit.com" /t /c /e /g administrators:f
cacls "%systemroot%/system32/edit.com" /d guests:f /e

cacls "%systemroot%/system32/regedt32.exe" /t /c /e /g administrators:f
cacls "%systemroot%/system32/regedt32.exe" /d guests:f /e

cacls "%systemroot%/system32/reg.exe" /t /c /e /g administrators:f
cacls "%systemroot%/system32/reg.exe" /d guests:f /e

cacls "%systemroot%/system32/register.exe" /t /c /e /g administrators:f
cacls "%systemroot%/system32/register.exe" /d guests:f /e

cacls "%systemroot%/system32/replace.exe" /t /c /e /g administrators:f
cacls "%systemroot%/system32/replace.exe" /d guests:f /e

cacls "%systemroot%/system32/nwscript.exe" /t /c /e /g administrators:f
cacls "%systemroot%/system32/nwscript.exe" /d guests:f /e

cacls "%systemroot%/system32/share.exe" /t /c /e /g administrators:f
cacls "%systemroot%/system32/share.exe" /d guests:f /e

cacls "%systemroot%/system32/ping.exe" /t /c /e /g administrators:f
cacls "%systemroot%/system32/ping.exe" /d guests:f /e

cacls "%systemroot%/system32/ipsec6.exe" /t /c /e /g administrators:f
cacls "%systemroot%/system32/ipsec6.exe" /d guests:f /e

cacls "%systemroot%/system32/netsh.exe" /t /c /e /g administrators:f
cacls "%systemroot%/system32/netsh.exe" /d guests:f /e

cacls "%systemroot%/system32/debug.exe" /t /c /e /g administrators:f
cacls "%systemroot%/system32/debug.exe" /d guests:f /e

cacls "%systemroot%/system32/route.exe" /t /c /e /g administrators:f
cacls "%systemroot%/system32/route.exe" /d guests:f /e

cacls "%systemroot%/system32/tracert.exe" /t /c /e /g administrators:f
cacls "%systemroot%/system32/tracert.exe" /d guests:f /e

cacls "%systemroot%/system32/powercfg.exe" /t /c /e /g administrators:f
cacls "%systemroot%/system32/powercfg.exe" /d guests:f /e

cacls "%systemroot%/system32/nslookup.exe" /t /c /e /g administrators:f
cacls "%systemroot%/system32/nslookup.exe" /d guests:f /e

cacls "%systemroot%/system32/arp.exe" /t /c /e /g administrators:f
cacls "%systemroot%/system32/arp.exe" /d guests:f /e

cacls "%systemroot%/system32/rsh.exe" /t /c /e /g administrators:f
cacls "%systemroot%/system32/rsh.exe" /d guests:f /e

cacls "%systemroot%/system32/netdde.exe" /t /c /e /g administrators:f
cacls "%systemroot%/system32/netdde.exe" /d guests:f /e

cacls "%systemroot%/system32/mshta.exe" /t /c /e /g administrators:f
cacls "%systemroot%/system32/mshta.exe" /d guests:f /e

cacls "%systemroot%/system32/mountvol.exe" /t /c /e /g administrators:f
cacls "%systemroot%/system32/mountvol.exe" /d guests:f /e

cacls "%systemroot%/system32/tftp.exe" /t /c /e /g administrators:f
cacls "%systemroot%/system32/tftp.exe" /d guests:f /e

cacls "%systemroot%/system32/setx.exe" /t /c /e /g administrators:f
cacls "%systemroot%/system32/setx.exe" /d guests:f /e

cacls "%systemroot%/system32/find.exe" /t /c /e /g administrators:f
cacls "%systemroot%/system32/find.exe" /d guests:f /e

cacls "%systemroot%/system32/finger.exe" /t /c /e /g administrators:f
cacls "%systemroot%/system32/finger.exe" /d guests:f /e

cacls "%systemroot%/system32/where.exe" /t /c /e /g administrators:f
cacls "%systemroot%/system32/where.exe" /d guests:f /e

cacls "%systemroot%/system32/regsvr32.exe" /t /c /e /g administrators:f
cacls "%systemroot%/system32/regsvr32.exe" /d guests:f /e

cacls "%systemroot%/system32/cacls.exe" /t /c /e /g administrators:f
cacls "%systemroot%/system32/cacls.exe" /d guests:f /e

cacls "%systemroot%/system32/sc.exe" /t /c /e /g administrators:f
cacls "%systemroot%/system32/sc.exe" /d guests:f /e

cacls "%systemroot%/system32/shadow.exe" /t /c /e /g administrators:f
cacls "%systemroot%/system32/shadow.exe" /d guests:f /e

cacls "%systemroot%/system32/runas.exe" /t /c /e /g administrators:f
cacls "%systemroot%/system32/runas.exe" /d guests:f /e

cacls "%systemroot%/system32/wshom.ocx" /t /c /e /g administrators:f
cacls "%systemroot%/system32/wshom.ocx" /d guests:f /e

cacls "%systemroot%/system32/wshext.dll" /t /c /e /g administrators:f
cacls "%systemroot%/system32/wshext.dll" /d guests:f /e

cacls "%systemroot%/system32/shell32.dll" /t /c /e /g administrators:f
cacls "%systemroot%/system32/shell32.dll" /d guests:f /e

cacls "%systemroot%/system32/zipfldr.dll" /t /c /e /g administrators:f
cacls "%systemroot%/system32/zipfldr.dll" /d guests:f /e

cacls "%systemroot%/pchealth/helpctr/binaries/msconfig.exe" /t /c /e /g administrators:f
cacls "%systemroot%/pchealth/helpctr/binaries/msconfig.exe" /d guests:f /e

cacls "%systemroot%/notepad.exe" /t /c /e /g administrators:f
cacls "%systemroot%/notepad.exe" /d guests:f /e

cacls "%systemroot%/regedit.exe" /t /c /e /g administrators:f
cacls "%systemroot%/regedit.exe" /d guests:f /e

cacls "%systemroot%/winhelp.exe" /t /c /e /g administrators:f
cacls "%systemroot%/winhelp.exe" /d guests:f /e

cacls "%systemroot%/winhlp32.exe" /t /c /e /g administrators:f
cacls "%systemroot%/winhlp32.exe" /d guests:f /e

cacls "%systemroot%/system32/notepad.exe" /t /c /e /g administrators:f
cacls "%systemroot%/system32/notepad.exe" /d guests:f /e

cacls "%systemroot%/system32/edlin.exe" /t /c /e /g administrators:f
cacls "%systemroot%/system32/edlin.exe" /d guests:f /e

cacls "%systemroot%/system32/posix.exe" /t /c /e /g administrators:f
cacls "%systemroot%/system32/posix.exe" /d guests:f /e

cacls "%systemroot%/system32/atsvc.exe" /t /c /e /g administrators:f
cacls "%systemroot%/system32/atsvc.exe" /d guests:f /e

cacls "%systemroot%/system32/qbasic.exe" /t /c /e /g administrators:f
cacls "%systemroot%/system32/qbasic.exe" /t /c /e /g administrators:f

cacls "%systemroot%/system32/runonce.exe" /t /c /e /g administrators:f
cacls "%systemroot%/system32/runonce.exe" /d guests:f /e

cacls "%systemroot%/system32/syskey.exe" /t /c /e /g administrators:f
cacls "%systemroot%/system32/syskey.exe" /d guests:f /e

cacls "%systemroot%/system32/cscript.exe" /t /c /e /g administrators:f
cacls "%systemroot%/system32/cscript.exe" /d guests:f /e
echo.
echo 给系统危险文件设置权限设定 ………………ok!
echo.
goto menu

:9
echo 注册表相关设定
reg delete hkey_classes_root\wscript.shell /f
reg delete hkey_classes_root\wscript.shell.1 /f
reg delete hkey_classes_root\shell.application /f
reg delete hkey_classes_root\shell.application.1 /f
reg delete hkey_classes_root\wscript.network /f
reg delete hkey_classes_root\wscript.network.1 /f
regsvr32 /s /u wshom.ocx
regsvr32 /s /u wshext.dll
regsvr32 /s /u shell32.dll
regsvr32 /s /u zipfldr.dll
echo.
echo 注册表相关设定 ………………ok!
echo.
goto menu


:3
echo 添加iis_wpg的访问权限
cacls "%systemroot%" /g iis_wpg:r /e
cacls "%systemdrive%/program files/common files" /g iis_wpg:r /e

cacls "%systemroot%/downloaded program files" /g iis_wpg:c /e
cacls "%systemroot%/help" /g iis_wpg:c /e
cacls "%systemroot%/iis temporary compressed files" /g iis_wpg:c /e
cacls "%systemroot%/offline web pages" /g iis_wpg:c /e
cacls "%systemroot%/system32" /g iis_wpg:c /e
cacls "%systemroot%/tasks" /g iis_wpg:c /e
cacls "%systemroot%/temp" /g iis_wpg:c /e
cacls "%systemroot%/web" /g iis_wpg:c /e
echo.
echo 添加iis_wpg的访问权限 ………………ok!
echo.
goto menu


:4
echo 添加iis_wpg的访问权限[.net专用]
cacls "%systemroot%/assembly" /g iis_wpg:c /e
cacls "%systemroot%/microsoft.net" /g iis_wpg:c /e
echo.
echo 添加iis_wpg的访问权限[.net专用] ………………ok!
echo.
goto menu

:5
echo 添加iis_wpg的访问权限[装了macfee的软件专用]
cacls "%systemdrive%/program files/network associates" /g iis_wpg:r /e
echo.
echo 添加iis_wpg的访问权限[装了macfee的软件专用] ………………ok!
echo.
goto menu

:6
echo 添加users的访问权限
cacls "%systemroot%/temp" /g users:c /e
echo.
echo 添加users的访问权限 ………………ok!
echo.
goto menu

:10
echo 将c盘权限还原为默认
secedit /configure /db %systemroot%\security\database\cvtfs.sdb /cfg "%systemroot%\security\templates\setup security.inf" /areas filestore
goto menu

:exit

exit

将上面代码保存为xx.bat 即可设置服务器磁盘安全
其实青云的批处理也不错的,大家可以根据需要选择下载地址

上一篇: Ubuntu 18.04上安装 phpMyAdmin的详细教程

下一篇: 城墙作为防御性建筑,在中国历史上又是如何发展的?

推荐阅读