PowerShell有关输入PS会话和设置权限的问题

时间:2018-05-10 08:50:26

标签: powershell sysinternals

我目前正在创建一个脚本来创建一个文件夹,然后创建一个AD组并将它们链接在一起。然后,我连接到数据中心的服务器以设置权限。

为此,我需要输入PSSession并找到该文件夹​​并设置权限。不幸的是,它没有用。任何帮助将不胜感激。

脚本

#Get ADM Credentials
$Cred = Get-Credential

# PowerShell's New-Item creates a folder
$Name = Read-Host "What is the name of the folder?"
$Location = Read-Host "What is the folder path? i.e B:\Collaboration\"
New-Item -Path $Location -Name $Name -ItemType "directory"
#Invoke-Item $Location

# Powershell creates an AD group
$Groupname = Read-Host "What is the group name? i.e. SS COLLABORATION BEN"
New-ADGroup -path "OU=StorSimple Centralisation Groups,OU=Groups,OU=Northgate PLC,DC=northgatevehiclehire,DC=net" -Name $Groupname -GroupCategory Security -GroupScope Global -DisplayName $Groupname -Description "Access to $Location" -Credential $cred


#Connect to StudFS01
$Folderpath = Read-Host "What is the path of the folder in StudFS e drive? i.e. Vehicle Sales\TOM Information" 
Enter-PSSession -ComputerName Studfs01 -Credential $Cred
Start-Sleep -Seconds 10
Set-Location -Path E:\CentralisedData\Data\$folderpath

#Set Permissions
$rule=new-object System.Security.AccessControl.FileSystemAccessRule ("northgatevehiclehire.net\Domain Admins","FullControl","Allow")
$rule2=new-object System.Security.AccessControl.FileSystemAccessRule ("northgatevehiclehire.net\StorSimple Centralisation Administrators","FullControl","Allow")
$rule3=new-object System.Security.AccessControl.FileSystemAccessRule ("$Groupname","Modify","Allow")
$acl = Get-ACL E:\CentralisedData\Data\$folderpath
$acl.SetAccessRule($rule,$rule2,$rule3)
Set-ACL -Path E:\CentralisedData\Data\$folderpath -AclObject $acl

错误我得到的是

设置位置:找不到驱动器。一个名为' E'不存在。 在C:\ Users \ ben.curtis-haigh \ Documents \ New Security Group Script.ps1:19 char:1 + Set-Location -Path E:\ CentralisedData \ Data \ $ folderpath + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~~     + CategoryInfo:ObjectNotFound:(E:String)[Set-Location],DriveNotFoundException     + FullyQualifiedErrorId:DriveNotFound,Microsoft.PowerShell.Commands.SetLocationCommand

Get-ACL:无法找到驱动器。一个名为' E'不存在。 在C:\ Users \ ben.curtis-haigh \ Documents \ New Security Group Script.ps1:25 char:8 + $ acl = Get-ACL E:\ CentralisedData \ Data \ $ folderpath + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~     + CategoryInfo:ObjectNotFound:(E:String)[Get-Acl],DriveNotFoundException     + FullyQualifiedErrorId:DriveNotFound,Microsoft.PowerShell.Commands.GetAclCommand

您无法在空值表达式上调用方法。 在C:\ Users \ ben.curtis-haigh \ Documents \ New Security Group Script.ps1:26 char:1 + $ acl.SetAccessRule($ rule,$ rule2,$ rule3) + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~     + CategoryInfo:InvalidOperation:(:) [],RuntimeException     + FullyQualifiedErrorId:InvokeMethodOnNull

Set-Acl:无法将参数绑定到参数' AclObject'因为它是null。 在C:\ Users \ ben.curtis-haigh \ Documents \ New Security Group Script.ps1:27 char:62 + Set-ACL -Path E:\ CentralisedData \ Data \ $ folderpath -AclObject $ acl + ~~~~     + CategoryInfo:InvalidData :( :) [Set-Acl],ParameterBindingValidationException     + FullyQualifiedErrorId:ParameterArgumentValidationErrorNullNotAllowed,Microsoft.PowerShell.Commands.SetAclCommand`

由于

2 个答案:

答案 0 :(得分:0)

而不是用于交互式使用的Enter-PSSession,您需要建立一个新的PSSession,然后对它使用Invoke-Command。像这样:

$PSSession = New-PSSession -ComputerName Studfs01 -Credential $Cred

Invoke-Command -Session $PSSession -ScriptBlock {
  <CODE TO EXECUTE ON REMOTE SYSTEM HERE>
}

如果需要传递参数/变量,则有两种选择。最简单的(在较新版本的PowerShell中)是这样的using语句:

$PSSession = New-PSSession -ComputerName Studfs01 -Credential $Cred

Invoke-Command -Session $PSSession -ScriptBlock {
   Set-Location -Path E:\CentralisedData\Data\$using:Folderpath
}

另一种选择是使用-ArgumentList传递参数并在脚本块中使用Param(),如下所示:

$PSSession = New-PSSession -ComputerName Studfs01 -Credential $Cred

Invoke-Command -Session $PSSession -ArgumentList $Folderpath -ScriptBlock {
   Param($Folderpath)
   Set-Location -Path E:\CentralisedData\Data\$Folderpath
}

答案 1 :(得分:0)

    Instead of Enter-PSSession which is meant for interactive use, you need to establish a new PSSession and then use Invoke-Command against it. Something like this:

$PSSession = New-PSSession -ComputerName Studfs01 -Credential $Cred

Invoke-Command -Session $PSSession -ScriptBlock {
  <CODE TO EXECUTE ON REMOTE SYSTEM HERE>
}
If you need to pass parameters/variables, you have two choices. The easiest (in newer versions of PowerShell) is the using statement like this:

$PSSession = New-PSSession -ComputerName Studfs01 -Credential $Cred

Invoke-Command -Session $PSSession -ScriptBlock {
   Set-Location -Path E:\CentralisedData\Data\$using:Folderpath
}
Another option is to pass your arguments with -ArgumentList and use Param() in the script block like this:

$PSSession = New-PSSession -ComputerName Studfs01 -Credential $Cred

Invoke-Command -Session $PSSession -ArgumentList $Folderpath -ScriptBlock {
   Param($Folderpath)
   Set-Location -Path E:\CentralisedData\Data\$Folderpath
}
相关问题
最新问题