FileSystemRights未部署

时间:2016-07-26 09:43:19

标签: powershell filesystems

我正在编写一个函数来将路径A中的ACL等同于路径B(路径A也可以是服务器A和服务器B上的路径B)。几乎一切都按预期工作,用户被部署到目标路径,但FileSystemRights没有部署,即使我在函数内硬编码“FullControl”。

之前我从未在PowerShell中使用过ACL,并从此处复制了大部分代码:https://technet.microsoft.com/en-us/library/ff730951.aspx?f=255&MSPPError=-2147217396

为什么我的FileSystemRights没有部署?

Process {
# get ACL from source path
    $gacl = get-acl $SourcePath | select -ExpandProperty Access | % { 
    $ErrorActionPreference = "SilentlyContinue"
    [string]$user = ($_.IdentityReference).Value.split('\')[1] 
    [string]$AccessType = $_.AccessControlType
    $FSRights = $_.FileSystemRights

    if (!$user) { Write-Warning "User not found. Skipping ACL settings for this user. Username: $(($_.IdentityReference).Value)`n"}
    else{
    # Create ACL Object
    $colRights = [System.Security.AccessControl.FileSystemRights]"FullControl"
    $InheritanceFlag = [System.Security.AccessControl.InheritanceFlags]::None 
    $PropagationFlag = [System.Security.AccessControl.PropagationFlags]::None 
    $objType =[System.Security.AccessControl.AccessControlType]$AccessType
    $objUser = New-Object System.Security.Principal.NTAccount($user) 
    $objACE = New-Object System.Security.AccessControl.FileSystemAccessRule($objUser, $colRights, $InheritanceFlag, $PropagationFlag, $objType)

    # Set the ACL
    Write-Host "Setting ACL for User: $User on $DestinationPath" -ForegroundColor Green
    $objACL = get-acl $DestinationPath
    $ErrorActionPreference = "Stop"
    Try {
        $objACL.AddAccessRule($objACE)
        $sacl = set-acl $DestinationPath $objACL
        Write-Host "Success!`n" -ForegroundColor Green
    } Catch {
        Write-Host "Failed! ErrorMessage:" -ForegroundColor Red
        $_.Exception.Message
    }}
}}

1 个答案:

答案 0 :(得分:0)

我放弃了这一点,决定只使用一个模块,为我提供技巧。我使用了以下模块:https://gallery.technet.microsoft.com/scriptcenter/1abd77a5-9c0b-4a2b-acef-90dbb2b84e85

这就是结束功能。很容易:

function Equate-ACL {
param(
    [Parameter(Mandatory=$true,Position=0)]
    [string]$SourcePath,
    [Parameter(Mandatory=$true,Position=1)]
    [string]$DestinationPath
)
    if(!(get-module NTFSSecurity)) { import-module NTFSSecurity }
    $ErrorActionPreference = "Stop"
    Try {
        $SourcePath | Get-NTFSAccess | Add-NTFSAccess $DestinationPath
    } Catch {
        Write-Warning "Konnte ACL von $Sourcepath nicht auf $Destinationpath setzen."
    }
}
相关问题
最新问题