echo off rem Aug 11/2004 P.Wilkins CP3 GA, fix Q00935508 and protect MMFS, database rem Merged with 2.02 version May 18/2004 rem CP3 version without ref to Web Anonymous Users group rem Revised Mar 23/2004 since on Server 2003, "Everyone" no longer includes "Anonymous Logon" rem Revised Mar 4/2004 rem This batch file adjusts permissions on files and folders on a CallPilot server rem It is intended to be run after CallPilot software has been installed on the server. Running it again is OK. title PermFix echo Adjusting permissions on folders for CallPilot, please wait ... rem Create a file to answer Yes to a prompt from the cacls command mkdir D:\temp >NUL 2>NUL cacls D:\temp /T /E /G Users:F >NUL 2>NUL echo Y>D:\temp\yesfile.txt rem to allow SSL downloading of certificate, we currently need to be able to execute cmd.exe cacls %WINDIR%\System32\cmd.exe /E /G "Anonymous Logon":R >NUL 2>NUL rem to allow IIS logging, give anonymous users change access to IIS www log folder cacls %WINDIR%\System32\LogFiles\W3SVC1 /T /E /P "Anonymous Logon":C >NUL 2>NUL rem now tighten up access to web folders cacls "C:\Inetpub" /T /P Administrators:F NUL 2>NUL cacls "C:\Inetpub" /T /E /G System:F >NUL 2>NUL cacls "C:\Inetpub" /T /E /G Everyone:R >NUL 2>NUL cacls "C:\Inetpub" /T /E /G "Anonymous Logon":R >NUL 2>NUL cacls "D:\Inetpub" /T /P Administrators:F NUL 2>NUL cacls "D:\Inetpub" /T /E /G System:F >NUL 2>NUL cacls "D:\Inetpub" /T /E /G Everyone:R >NUL 2>NUL cacls "D:\Inetpub" /T /E /G "Anonymous Logon":R >NUL 2>NUL cacls D:\asrlex /T /E /G Administrators:F >NUL 2>NUL cacls D:\asrlex /T /E /G System:F >NUL 2>NUL cacls D:\asrlex /T /E /P Everyone:R >NUL 2>NUL cacls D:\asrlex /T /E /G "Anonymous Logon":R >NUL 2>NUL cacls D:\DSP /T /E /G Administrators:F >NUL 2>NUL cacls D:\DSP /T /E /G System:F >NUL 2>NUL cacls D:\DSP /T /E /P Everyone:R >NUL 2>NUL cacls D:\DSP /T /E /G "Anonymous Logon":R >NUL 2>NUL cacls D:\Nortel /T /E /G Administrators:F >NUL 2>NUL cacls D:\Nortel /T /E /G System:F >NUL 2>NUL cacls D:\Nortel /T /E /P Everyone:R >NUL 2>NUL cacls D:\Nortel /T /E /G "Anonymous Logon":R >NUL 2>NUL cacls D:\SQLAny /T /E /G Administrators:F >NUL 2>NUL cacls D:\SQLAny /T /E /G System:F >NUL 2>NUL cacls D:\SQLAny /T /E /P Everyone:R >NUL 2>NUL cacls D:\SQLAny /T /E /G "Anonymous Logon":R >NUL 2>NUL cacls C:\CallPilot /T /E /G Administrators:F >NUL 2>NUL cacls C:\CallPilot /T /E /G System:F >NUL 2>NUL cacls C:\CallPilot /T /E /P Everyone:R >NUL 2>NUL cacls C:\CallPilot /T /E /G "Anonymous Logon":R >NUL 2>NUL rem now relax restrictions as necessary for certain CallPilot features to work cacls "C:\Inetpub\wwwroot\cpmgr\autoaddfiles" /T /E /P Guests:C >NUL 2>NUL rem Give Guests Modify access to Upload folder to fix Q00935508 cacls "C:\Inetpub\wwwroot\cpmgr\Upload" /T /E /P Guests:C >NUL 2>NUL rem SSL feature requires that Everyone have Full Control over SSL folder cacls "C:\Inetpub\wwwroot\cpmgr\SSL" /T /E /P Everyone:F >NUL 2>NUL cacls "C:\Inetpub\wwwroot\cpmgr\SSL" /T /E /G "Anonymous Logon":F >NUL 2>NUL cacls "C:\Inetpub\wwwroot\cpmgr\SSL" /T /E /P Guests:F >NUL 2>NUL cacls "C:\Inetpub\wwwroot\cpmgr\preferences\options" /T /E /P Guests:C >NUL 2>NUL rem Appbuilder and other features using file transfer require that cpfilexfer acct get full access to FileTransfer cacls D:\Nortel\FileTransfer /E /G cpfilexfer:F >NUL 2>NUL rem remove Everyone Read access to MMFS files and database file rem (These files contain confidential customer data and need to be protected) rem do this by replacing ACL with Administrators F, System F cacls D:\VS1T /G Administrators:F NUL 2>NUL cacls D:\VS1T /E /G System:F >NUL 2>NUL cacls D:\VS1V /G Administrators:F NUL 2>NUL cacls D:\VS1V /E /G System:F >NUL 2>NUL cacls D:\VS1B /G Administrators:F NUL 2>NUL cacls D:\VS1B /E /G System:F >NUL 2>NUL cacls E:\VS102T /G Administrators:F NUL 2>NUL cacls E:\VS102T /E /G System:F >NUL 2>NUL cacls E:\VS102V /G Administrators:F NUL 2>NUL cacls E:\VS102V /E /G System:F >NUL 2>NUL cacls E:\VS102B /G Administrators:F NUL 2>NUL cacls E:\VS102B /E /G System:F >NUL 2>NUL cacls F:\VS103T /G Administrators:F NUL 2>NUL cacls F:\VS103T /E /G System:F >NUL 2>NUL cacls F:\VS103V /G Administrators:F NUL 2>NUL cacls F:\VS103V /E /G System:F >NUL 2>NUL cacls F:\VS103B /G Administrators:F NUL 2>NUL cacls F:\VS103B /E /G System:F >NUL 2>NUL cacls D:\Nortel\database\bluedat1.db /G Administrators:F NUL 2>NUL cacls D:\Nortel\database\bluedat1.db /E /G System:F >NUL 2>NUL del D:\temp\yesfile.txt >NUL 2>NUL