Arrays 如何将Get-AdGroupMembership的每个结果发送到我的数组?
我正在尝试递归NTFS文件夹结构,并输出一个CSV文件,该文件仅显示每个用户帐户,并且仅对文件夹具有权限。脚本中的所有内容都正确输出,除了发现组并继续使用Get-ADGroupMember枚举该组中的用户的部分。调试时,我可以看到组中的每个用户(即使是嵌套组)都被输出,但我想我没有正确地“排列”命令的每个输出,并将其向前发送到我的“输出”数组 我标记了我遇到问题的部分。任何人能提供的帮助都将不胜感激。谢谢Arrays 如何将Get-AdGroupMembership的每个结果发送到我的数组?,arrays,powershell,active-directory,active-directory-group,activedirectorymembership,Arrays,Powershell,Active Directory,Active Directory Group,Activedirectorymembership,我正在尝试递归NTFS文件夹结构,并输出一个CSV文件,该文件仅显示每个用户帐户,并且仅对文件夹具有权限。脚本中的所有内容都正确输出,除了发现组并继续使用Get-ADGroupMember枚举该组中的用户的部分。调试时,我可以看到组中的每个用户(即使是嵌套组)都被输出,但我想我没有正确地“排列”命令的每个输出,并将其向前发送到我的“输出”数组 我标记了我遇到问题的部分。任何人能提供的帮助都将不胜感激。谢谢 $Answer = Read-Host 'Do you wish to use an an
$Answer = Read-Host 'Do you wish to use an answer file? File must be named answer.csv and must reside in same directory as script. (Default is [N])'
If ($Answer -eq "y") {
$AnsFile = Import-Csv answer.csv | Select src,outdir,domain,user,pwd
$List_Dir = $AnsFile.src
$OutPath = $AnsFile.outdir
$DomainName = $AnsFile.domain
$Admin = $AnsFile.user
$Pwd = $AnsFile.pwd
}
Else {
Do {
$List_Dir = Read-Host 'Enter the directory path to be searched/recursed'
$TestList_Dir = Test-Path $List_Dir
If ($TestList_Dir -eq $True) {Write-Host "List directory checks out..."}
Else {Write-Host "Incorrect source directory. Please try again." -foregroundcolor red -backgroundcolor yellow}
}
While ($TestList_Dir -eq $False)
Do {
$OutPath = Read-Host 'Enter the directory path where the output files will be saved. Do not add a trailing slash.'
$TestOutPath = Test-Path $OutPath
If ($TestOutPath -eq $True) {Write-Host "Output path checks out..."}
Else {Write-Host "Incorrect output path. Please try again." -foregroundcolor red -backgroundcolor yellow}
}
While ($TestOutPath -eq $False)
$DomainName = Read-Host 'Enter the non-distinguished name of the Active Directory domain'
$Admin = Read-Host 'Type in an administrative account with rights to read AD Security Groups'
$Pwd = Read-Host 'Enter the adminstrative account password'
}
$Folder_Array = @()
write-host "List directory = $List_Dir"
write-host "Output path = $OutPath"
write-host "Domain = $DomainName"
write-host "Admin account = $Admin"
write-host "Password = $Pwd"
Import-Module ActiveDirectory
Add-Type -AssemblyName System.DirectoryServices.AccountManagement
$CType = [DirectoryServices.AccountManagement.ContextType]::Domain
$IDType = [DirectoryServices.AccountManagement.IdentityType]::SamAccountName
$DomainContext = New-Object DirectoryServices.AccountManagement.PrincipalContext -ArgumentList $CType, $DomainName, $Admin, $Pwd
#$pat = "^[a-zA-Z0-9_:.]+$"
$pat = "^[a-zA-Z0-9_:.\]+$]"
get-childitem $List_Dir -recurse | where-object {$_.psIsContainer -eq $true} | foreach-object {
$a = ($_.FullName)
$d = $a -match $pat
$e = (get-acl $_.FullName).Access
foreach ($e1 in $e) {
$f = $e1.FileSystemRights
$g = $e1.AccessControlType
$SecID = $e1.IdentityReference
foreach ($Sec in $SecID) {
$GroupPrincipal = [DirectoryServices.AccountManagement.GroupPrincipal]::FindByIdentity($DomainContext, $IDType, $Sec)
if ($GroupPrincipal -ne $null) {
$Sec = $Sec.ToString()
$Sec = $Sec.Split("\")[1]
Get-AdGroupMember $Sec -Recursive | ForEach-Object {
$User = ($_.SamAccountName)
foreach ($u in $User) {
$out = new-object psobject
$out | add-member noteproperty Path $a
$out | add-member noteproperty Unix_Safe $d
$out | Add-Member NoteProperty UserAccount $u
$out | add-member noteproperty Permission $f
$out | add-member noteproperty AccessType $g
$Folder_Array += $out
}
}
}
else {
$e2 = $Sec.ToString()
$e2 = $e2.split("\")[1]
$out = new-object psobject
$out | add-member noteproperty Path $a
$out | add-member noteproperty Unix_Safe $d
$out | Add-Member NoteProperty UserAccount $e2
$out | add-member noteproperty Permission $f
$out | add-member noteproperty AccessType $g
$Folder_Array += $out
}
}
}
}
$Folder_Array | Select Path,UserAccount,Permission,AccessType,Unix_Safe | Export-Csv "$OutPath\folderonly.csv" -NoTypeInformation
问题不在于你怎么做,而在于你什么时候做。让我解释一下
Get-AdGroupMember $Sec -Recursive | ForEach-Object {
$User = ($_.SamAccountName)
foreach ($u in $User) {
$e2 = $u
}
}
}
***************************************************************************
$out=新对象psobject
$out |添加成员noteproperty路径$a
$out |添加成员noteproperty Unix_Safe$d
$out |添加成员NoteProperty用户帐户$e2
$out |添加成员noteproperty权限$f
$out |添加成员noteproperty访问类型$g
$Folder_Array+=$out
考虑到这一点,如果是一个组,您将为该组选择所有用户,并将用户数组设置为$User
,然后遍历该数组,并将每个用户一次分配给$e2
。完成后,创建对象,并将该对象添加到数组中进行输出
假设该组有3个用户,Tom、Dick和Harvey(Harry很忙,他派了他的兄弟)。所以现在:
然后循环将每个分配给$e2
,基本上就是这样(这里有一些伪代码):
先生,你真是个天才!你救了我的命。我编辑了上面的代码,以反映我在您的帮助下所做的更改。非常感谢!将第二个$out=New对象和它的所有add成员移动到$e2=$e2.split之后。否则,每次迭代一个组时,都会向数组中添加一个备用对象。正确;所做的更改。我在操作脚本中做得很正确,但在这个网站上编辑时出错了。再次感谢!
else {
$e2 = $Sec.ToString()
$e2 = $e2.split("\")[1]
}
}
}
$User = @("Tom","Dick","Harvey")
If(is a group){
$User = Get-ADGroup |select -expand samaccountname
ForEach($u in $User){
$e2 = "Tom"
<Next item in array>
$e2 = "Dick"
<next item in array>
$e2 = "Harvey"
<No more items in array, end ForEach>
ForEach($User in $e2){
$Folder_Array += [PSCustomObject][Ordered]@{
'Path' = $a
'Unix_Safe' = $d
'UserAccount' = $User
'Permission' = $f
'AccessType' = $g
}
}