Fatal编程技术网
  • arrays/
  • Arrays 如何将Get-AdGroupMembership的每个结果发送到我的数组?

Arrays 如何将Get-AdGroupMembership的每个结果发送到我的数组?

arrays powershell active-directory

Arrays 如何将Get-AdGroupMembership的每个结果发送到我的数组?,arrays,powershell,active-directory,active-directory-group,activedirectorymembership,Arrays,Powershell,Active Directory,Active Directory Group,Activedirectorymembership,我正在尝试递归NTFS文件夹结构,并输出一个CSV文件,该文件仅显示每个用户帐户,并且仅对文件夹具有权限。脚本中的所有内容都正确输出,除了发现组并继续使用Get-ADGroupMember枚举该组中的用户的部分。调试时,我可以看到组中的每个用户(即使是嵌套组)都被输出,但我想我没有正确地“排列”命令的每个输出,并将其向前发送到我的“输出”数组 我标记了我遇到问题的部分。任何人能提供的帮助都将不胜感激。谢谢 $Answer = Read-Host 'Do you wish to use an an

我正在尝试递归NTFS文件夹结构,并输出一个CSV文件,该文件仅显示每个用户帐户,并且仅对文件夹具有权限。脚本中的所有内容都正确输出,除了发现组并继续使用Get-ADGroupMember枚举该组中的用户的部分。调试时,我可以看到组中的每个用户(即使是嵌套组)都被输出,但我想我没有正确地“排列”命令的每个输出,并将其向前发送到我的“输出”数组

我标记了我遇到问题的部分。任何人能提供的帮助都将不胜感激。谢谢

$Answer = Read-Host 'Do you wish to use an answer file? File must be named answer.csv and must reside in same directory as script. (Default is [N])'
If ($Answer -eq "y") {
  $AnsFile = Import-Csv answer.csv | Select src,outdir,domain,user,pwd
  $List_Dir = $AnsFile.src
  $OutPath = $AnsFile.outdir
  $DomainName = $AnsFile.domain
  $Admin = $AnsFile.user
  $Pwd = $AnsFile.pwd
  }
Else {
  Do {
  $List_Dir = Read-Host 'Enter the directory path to be searched/recursed'
  $TestList_Dir = Test-Path $List_Dir
    If ($TestList_Dir -eq $True) {Write-Host "List directory checks out..."}
    Else {Write-Host "Incorrect source directory.  Please try again." -foregroundcolor red -backgroundcolor yellow}
   }
  While ($TestList_Dir -eq $False)

  Do {
  $OutPath = Read-Host 'Enter the directory path where the output files will be saved.  Do not add a trailing slash.'
  $TestOutPath = Test-Path $OutPath
    If ($TestOutPath -eq $True) {Write-Host "Output path checks out..."}
    Else {Write-Host "Incorrect output path.  Please try again." -foregroundcolor red -backgroundcolor yellow}
   }
  While ($TestOutPath -eq $False)
  $DomainName = Read-Host 'Enter the non-distinguished name of the Active Directory domain'
  $Admin = Read-Host 'Type in an administrative account with rights to read AD Security Groups'
  $Pwd = Read-Host 'Enter the adminstrative account password'
}

$Folder_Array = @()

write-host "List directory = $List_Dir"
write-host "Output path = $OutPath"
write-host "Domain = $DomainName"
write-host "Admin account = $Admin"
write-host "Password = $Pwd"

Import-Module ActiveDirectory

Add-Type -AssemblyName System.DirectoryServices.AccountManagement
$CType = [DirectoryServices.AccountManagement.ContextType]::Domain
$IDType = [DirectoryServices.AccountManagement.IdentityType]::SamAccountName
$DomainContext = New-Object DirectoryServices.AccountManagement.PrincipalContext -ArgumentList $CType, $DomainName, $Admin, $Pwd

#$pat = "^[a-zA-Z0-9_:.]+$"
$pat = "^[a-zA-Z0-9_:.\]+$]"

get-childitem $List_Dir -recurse | where-object {$_.psIsContainer -eq $true} | foreach-object {
   $a = ($_.FullName)
   $d = $a -match $pat
   $e = (get-acl $_.FullName).Access

    foreach ($e1 in $e) {
      $f = $e1.FileSystemRights
      $g = $e1.AccessControlType
      $SecID = $e1.IdentityReference
        foreach ($Sec in $SecID) {
          $GroupPrincipal = [DirectoryServices.AccountManagement.GroupPrincipal]::FindByIdentity($DomainContext, $IDType, $Sec)
          if ($GroupPrincipal -ne $null) {
            $Sec = $Sec.ToString()
            $Sec = $Sec.Split("\")[1]
            Get-AdGroupMember $Sec -Recursive | ForEach-Object {
              $User = ($_.SamAccountName)
                foreach ($u in $User) {
                $out = new-object psobject 
                $out | add-member noteproperty Path $a
                $out | add-member noteproperty Unix_Safe $d
                $out | Add-Member NoteProperty UserAccount $u
                $out | add-member noteproperty Permission $f
                $out | add-member noteproperty AccessType $g

                $Folder_Array += $out  
                }
             }
           }
           else {
          $e2 = $Sec.ToString()
          $e2 = $e2.split("\")[1]
          $out = new-object psobject 
          $out | add-member noteproperty Path $a
          $out | add-member noteproperty Unix_Safe $d
          $out | Add-Member NoteProperty UserAccount $e2
          $out | add-member noteproperty Permission $f
          $out | add-member noteproperty AccessType $g

          $Folder_Array += $out
          }
         }
        }
}

$Folder_Array | Select Path,UserAccount,Permission,AccessType,Unix_Safe | Export-Csv "$OutPath\folderonly.csv" -NoTypeInformation
问题不在于你怎么做,而在于你什么时候做。让我解释一下

       Get-AdGroupMember $Sec -Recursive | ForEach-Object {
          $User = ($_.SamAccountName)
            foreach ($u in $User) {
              $e2 = $u
            }
         }
       }
*************************************************************************** $out=新对象psobject $out |添加成员noteproperty路径$a $out |添加成员noteproperty Unix_Safe$d $out |添加成员NoteProperty用户帐户$e2 $out |添加成员noteproperty权限$f $out |添加成员noteproperty访问类型$g

$Folder_Array+=$out 考虑到这一点,如果是一个组,您将为该组选择所有用户,并将用户数组设置为
$User
,然后遍历该数组,并将每个用户一次分配给
$e2
。完成后,创建对象,并将该对象添加到数组中进行输出

假设该组有3个用户,Tom、Dick和Harvey(Harry很忙,他派了他的兄弟)。所以现在:

然后循环将每个分配给
$e2
,基本上就是这样(这里有一些伪代码):

先生,你真是个天才!你救了我的命。我编辑了上面的代码,以反映我在您的帮助下所做的更改。非常感谢!将第二个$out=New对象和它的所有add成员移动到$e2=$e2.split之后。否则,每次迭代一个组时,都会向数组中添加一个备用对象。正确;所做的更改。我在操作脚本中做得很正确,但在这个网站上编辑时出错了。再次感谢! 
      else {
      $e2 = $Sec.ToString()
      $e2 = $e2.split("\")[1]
      }
     }
    }

$User = @("Tom","Dick","Harvey")

If(is a group){
$User = Get-ADGroup |select -expand samaccountname
ForEach($u in $User){
$e2 = "Tom"
<Next item in array>
$e2 = "Dick"
<next item in array>
$e2 = "Harvey"
<No more items in array, end ForEach>

ForEach($User in $e2){
    $Folder_Array += [PSCustomObject][Ordered]@{
        'Path' = $a
        'Unix_Safe' = $d
        'UserAccount' = $User
        'Permission' = $f
        'AccessType' = $g
    }
}