如何解决使用导入.CSV文件设置ACL
当我在列中找到某些内容时,我尝试找到一种方式来显示消息“ Le repertoire suvenant $ Path3 est au niveau 3,il n'a pas besoin d'etre mod 。” 3。
但是,当他在第3列中发现某物时,他又重新设置了第2列的acl。
在此示例中,他在“ Boum2”(我的“ .csv”文件)上设置了3倍的ACL:
Level1,Level2,Level3
Bada1,Bada1,Bada2,Boum1,Boum2,Eureka1
Bada2,Eureka2
Bada2,Eureka3
我的代码:
## Set Acl to directory ##
Import-Csv $ImportCsv -Delimiter ',' | ForEach-Object { $_.Level2; $_.Level3 }`
{
## Set DL Group from name dir ##
$Dir = $_.Level2.toupper()
$Dir2 = $_.Level3.toupper()
$Path2 = [IO.Path]::Combine($Path,$Dir)
$Path3 = [IO.Path]::Combine($Path,$Dir,$Dir2)
If ( $_.Level3 -contains "*" ) #
{ #
Write-output "Le repertoire suivant $Path3 est au niveau 3,il n'a pas besoin d'etre modifie." # <- This part doesn't work
exit #
} #
ElseIf ( $_.Level2 -contains '#RECYCLE' )
{
Write-output "Le repertoire suivant $Path2 n'a pas besoin d'etre modifie."
}
Else
{
## Get DL Group from name dir ##
Write-output "Modification des ACL sur: $Path2"
$Acl = Get-Acl -Path "$Path2"
$DirCT = Get-ADGroup "DL`_$Dir`_$NameSrv`_CT" | ForEach-Object { $_.Name }
$DirM = Get-ADGroup "DL_$Dir`_$NameSrv`_M" | ForEach-Object { $_.Name }
$DirL = Get-ADGroup "DL_$Dir`_$NameSrv`_L" | ForEach-Object { $_.Name }
$DirR = Get-ADGroup "DL_$Dir`_$NameSrv`_R" | ForEach-Object { $_.Name }
# Heritance disable ##
$isProtected = $true
$preserveInheritance = $true
$Acl.SetAccessRuleProtection($isProtected,$preserveInheritance)
Set-Acl -Path $Path2 -AclObject $Acl
## Rule for all groups ##
$AccessRule = New-Object System.Security.AccessControl.FileSystemAccessRule("$NetBIOSName\$DirCT","FullControl","Allow")
$acl.SetAccessRule($AccessRule)
$AccessRule = New-Object System.Security.AccessControl.FileSystemAccessRule("$NetBIOSName\$DirM","Modify","Allow")
$acl.SetAccessRule($AccessRule)
$AccessRule = New-Object System.Security.AccessControl.FileSystemAccessRule("$NetBIOSName\$DirL","ReadAndExecute","Allow")
$acl.SetAccessRule($AccessRule)
$AccessRule = New-Object System.Security.AccessControl.FileSystemAccessRule("$NetBIOSName\$DirR","Read","Deny")
$acl.SetAccessRule($AccessRule)
Set-Acl -Path $Path2 -AclObject $acl
## Remove BUILTIN\Utilisateurs ##
$acl.Access | Where-Object {$_.IdentityReference -eq "BUILTIN\Utilisateurs"} | Foreach-Object {$acl.RemoveAccessRule($_) | Out-Null}
Set-Acl -Path $Path2 -AclObject $acl
}
}
感谢您抽出时间阅读并提前致谢。
解决方法
我从联系人处收到了解决方案:
$strCSV = @'
Level1,Level2,Level3
Bada1,Bada1,Bada2,Boum1,#RECYCLE,Boum2,Eureka1
Bada2,Eureka2
Bada2,Eureka3
'@
$Path = $env:TEMP
$objCSV = $strCSV | ConvertFrom-Csv -Delimiter ','
## Set Acl to directory ##
$objCSV | ForEach-Object {
## Set DL Group from name dir ##
$Dir = $_.Level2.ToUpper()
$Dir2 = $_.Level3.ToUpper()
$Path2 = [IO.Path]::Combine($Path,$Dir)
$Path3 = [IO.Path]::Combine($Path,$Dir,$Dir2)
If(-not [System.String]::IsNullOrEmpty($_.Level3) )
{
Write-output "Le repertoire suivant $Path3 est au niveau 3,il n'a pas besoin d'etre modifie." #
}
ElseIf($_.Level2 -like '#RECYCLE' )
{
Write-output "Le repertoire suivant $Path2 n'a pas besoin d'etre modifie."
}
Else
{
## Get DL Group from name dir ##
Write-output "Modification des ACL sur: $Path2"
}
}
版权声明:本文内容由互联网用户自发贡献,该文观点与技术仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容, 请发送邮件至 dio@foxmail.com 举报,一经查实,本站将立刻删除。
