我正在尝试创建一个脚本来设置文件夹的特定(高级)访问权限。但是我一直遇到同样的错误。我似乎无法弄清楚,我希望你们有一个解决方案。 这是我得到的错误:
New-Object : Cannot find an overload for "FileSystemAccessRule" and the argument count: "5". At line:14 char:17
这是我拥有的powershell代码:
$folder = "\\netwerk\data\tablet\Test2"
$ReadGroup = "netwerk\ACR_Test2_R"
$WriteGroup = "netwerk\ACR_Test2_RW"
$acl = Get-Acl $folder
$ReadallowString = 'ExecuteFile','ListDirectory','Read','ReadData','ReadAndExecute','ReadExtendedAttributes','ReadPermissions'
$WriteallowString = 'AppendData','CreateDirectories','CreateFiles','DeleteSubdirectoriesAndFiles','ExecuteFile','ListDirectory','Modify','Read','ReadAndExecute','ReadExtendedAttributes','ReadPermissions','Traverse','Write','WriteAttributes','WriteData','WriteExtendedAttributes'
$ReaddenyString = 'Delete','TakeOwnership','ChangePermissions'
$WritedenyString = 'Delete','TakeOwnership','ChangePermissions'
$AllowVar =[System.Security.AccessControl.AccessControlType]::Allow
$DenyVar =[System.Security.AccessControl.AccessControlType]::Deny
$AceAllowRead = New-Object Security.AccessControl.FileSystemAccessRule($ReadGroup, $ReadallowString, $inherit, $propagation, $AllowVar)
$AceAllowWrite = New-Object Security.AccessControl.FileSystemAccessRule($WriteGroup, $WriteallowString, $inherit, $propagation, $AllowVar)
$AceDenyRead = New-Object Security.AccessControl.FileSystemAccessRule($ReadGroup, $ReaddenyString, $inherit, $propagation, $DenyVar)
$AceDenyWrite = New-Object Security.AccessControl.FileSystemAccessRule($WriteGroup, $WritedenyString, $inherit, $propagation, $DenyVar)
$inherit = [system.security.accesscontrol.InheritanceFlags]"ContainerInherit, ObjectInherit"
$propagation = [system.security.accesscontrol.PropagationFlags]"None"
$acl.AddAccessRule($AceAllowRead)
$acl.AddAccessRule($AceDenyRead)
$acl.AddAccessRule($AceAllowWrite)
$acl.AddAccessRule($AceDenyWrite)
Set-Acl $folder $acl
好像它在我正在创建FileSystemAccessRule的部分跳了
答案 0 :(得分:2)
我认为您的问题在于您的脚本中变量$ inherit和$ propagation的位置。它们应该在你打电话之前宣布。 试试这个:
$folder = "\\netwerk\data\tablet\Test2"
$ReadGroup = "netwerk\ACR_Test2_R"
$WriteGroup = "netwerk\ACR_Test2_RW"
$acl = Get-Acl $folder
$ReadallowString = 'ExecuteFile','ListDirectory','Read','ReadData','ReadAndExecute','ReadExtendedAttributes','ReadPermissions'
$WriteallowString = 'AppendData','CreateDirectories','CreateFiles','DeleteSubdirectoriesAndFiles','ExecuteFile','ListDirectory','Modify','Read','ReadAndExecute','ReadExtendedAttributes','ReadPermissions','Traverse','Write','WriteAttributes','WriteData','WriteExtendedAttributes'
$ReaddenyString = 'Delete','TakeOwnership','ChangePermissions'
$WritedenyString = 'Delete','TakeOwnership','ChangePermissions'
$AllowVar =[System.Security.AccessControl.AccessControlType]::Allow
$DenyVar =[System.Security.AccessControl.AccessControlType]::Deny
$inherit = [system.security.accesscontrol.InheritanceFlags]"ContainerInherit, ObjectInherit"
$propagation = [system.security.accesscontrol.PropagationFlags]"None"
$AceAllowRead = New-Object Security.AccessControl.FileSystemAccessRule($ReadGroup, $ReadallowString, $inherit, $propagation, $AllowVar)
$AceAllowWrite = New-Object Security.AccessControl.FileSystemAccessRule($WriteGroup, $WriteallowString, $inherit, $propagation, $AllowVar)
$AceDenyRead = New-Object Security.AccessControl.FileSystemAccessRule($ReadGroup, $ReaddenyString, $inherit, $propagation, $DenyVar)
$AceDenyWrite = New-Object Security.AccessControl.FileSystemAccessRule($WriteGroup, $WritedenyString, $inherit, $propagation, $DenyVar)
$acl.AddAccessRule($AceAllowRead)
$acl.AddAccessRule($AceDenyRead)
$acl.AddAccessRule($AceAllowWrite)
$acl.AddAccessRule($AceDenyWrite)
Set-Acl $folder $acl