我正在尝试创建一个多用途报告来查询共享权限和有权访问的组成员。
所有数据都显示在屏幕上的表格中,或输出到文件中,但我遇到了 Convertto-HTML / CSV 的问题。显然是因为没有使用原始属性。我尝试的一切都失败了...任何人都能够找出问题或解决方案? You can see the screenshot here
Function Get-Membr {
$Groups = Get-Acl $UNC |
Select-Object -ExpandProperty Access |
Where-Object { (-not $_.IsInherited) -and ('NT AUTHORITY\SYSTEM','BUILTIN\Administrators','CREATOR OWNER','BUILTIN\Users' -notcontains $_.IdentityReference) } |
Select-Object -Exp IdentityReference
foreach ($Group in $Groups)
{ $group | ft Value,Name,Department #| ConvertTo-HTML
$group.Translate('System.Security.Principal.SecurityIdentifier').Value |
Get-ADGroupMember -ErrorAction SilentlyContinue |
Get-ADObject -Properties name, Department |
select name, Department |
ft -HideTableHeaders Value,Name,Department #| ConvertTo-HTML #| out-file -append $tmp
}
}
编辑/更新: 我能够通过以下方式解决问题:
Function Get-Membr {
$Groups = Get-Acl $UNC |
Select-Object -ExpandProperty Access |
Where-Object { (-not $_.IsInherited) -and ('NT AUTHORITY\SYSTEM','BUILTIN\Administrators','CREATOR OWNER','BUILTIN\Users' -notcontains $_.IdentityReference) } |
Select-Object -Exp IdentityReference
$global:Results2 = foreach ($Group in $Groups){
$group.Translate('System.Security.Principal.SecurityIdentifier').Value |
Get-ADGroupMember -ErrorAction SilentlyContinue | Select-Object -Property @{l="GroupName";e={$Group}}, Name, @{name="Description";expression={(Get-ADUser -Identity $_.SamAccountName -Properties Description).Description}},@{name="Enabled";expression={((Get-ADUser $_.SamAccountName).Enabled)}},@{name="- - Action - -";e={(get-aduser -identity $_.Manager -properties DisplayName).DisplayName}}
}
}