Build 验证本地管理组中的安全组成员身份-正确或错误/失败或通过验证
好了,给你,甜蜜而简单。我需要验证一个组列表是否已添加到新版本中的本地管理组(以及其他内容),以便我可以升级服务器以生产 到目前为止,我可以获取组,并将布尔值输出到远程服务器上的一个文件中,获取该内容(我想我应该通过管道传输它,但不知道如何)。我想做的是返回一组变量,其中包含组名以及本地管理组中是否存在该组。但是事情不是这样的 对不起,我的ifElse条款很简单,我谦逊的技能不是最流畅的。。。以下是我一直使用的代码-提前感谢!:Build 验证本地管理组中的安全组成员身份-正确或错误/失败或通过验证,build,server,verification,Build,Server,Verification,好了,给你,甜蜜而简单。我需要验证一个组列表是否已添加到新版本中的本地管理组(以及其他内容),以便我可以升级服务器以生产 到目前为止,我可以获取组,并将布尔值输出到远程服务器上的一个文件中,获取该内容(我想我应该通过管道传输它,但不知道如何)。我想做的是返回一组变量,其中包含组名以及本地管理组中是否存在该组。但是事情不是这样的 对不起,我的ifElse条款很简单,我谦逊的技能不是最流畅的。。。以下是我一直使用的代码-提前感谢!: $MemberNames = @() $Servers = $Ho
$MemberNames = @()
$Servers = $HostName
foreach ( $Server in $Servers ) {
$Group= [ADSI]"WinNT://$Server/$LocalGroup,group"
$Members = @($Group.psbase.Invoke("Members"))
$Members | ForEach-Object {
$MemberNames += $_.GetType().InvokeMember("Name", 'GetProperty', $null, $_, $null)
}
$ChildGroups | ForEach-Object {
$output = "" | Select-Object Group, InLocalAdmin
$output.Group = $_
$output.InLocalAdmin = $MemberNames -contains $_
Write-Output $output | Export-Csv -Path "c:\VerifyGroups.csv" -Append
#$output.Group "is in the Local Admin Group" $output.InLocalAdmin #| Export-Csv -Path "c:\VerifyGroups.csv" -Append
# }
}
#Validate local admin group membership
Get-Content -Path "c:\VerifyGroups.csv"
ForEach ($_){
if ($string -match "Domain Admins" -and "True") {$ResDomainAdminGrp = "Validation Passed: Domain Admin Group is a member of the Local Admin Group" }
elseif ($string -match "Domain Admins" -and "False") {$ResDomainAdminGrp = "Validation Failed: Domain Admin Group is not a member of the Local Admin Group" }
elseif ($string -match "Enterprise Backup Admins" -and "True") {$ResEntBaKAdmGrp = "Validation Passed: Enterprise Backup Admins is a member of the Local Admin Group" }
elseif ($string -match "Enterprise Backup Admins" -and "False") {$ResEntBaKAdmGrp = "Validation Failed: Enterprise Backup Admins is not a member of the Local Admin Group" }
elseif ($string -match "Enterprise Server Admins" -and "True") {$ResEntSvrAdmGrp = "Validation Passed: Enterprise Server Admins is a member of the Local Admin Group" }
elseif ($string -match "Enterprise Server Admins" -and "False") {$ResEntSvrAdmGrp = "Validation Failed: Enterprise Server Admins is not a member of the Local Admin Group" }
elseif ($string -match "Enterprise SQLDB Admins" -and "True") {$ResEntSQLAdmGrp = "Validation Passed: Enterprise SQLDB Admins is a member of the Local Admin Group" }
elseif ($string -match "Enterprise SQLDB Admins" -and "False") {$ResEntSQLAdmGrp = "Validation Failed: Enterprise SQLDB Admins is not a member of the Local Admin Group" }
elseif ($string -match "Enterprise SVC Admins" -and "True") {$ResEntSVCAdmGrp = "Validation Passed: Enterprise SVC Admins is a member of the Local Admin Group" }
elseif ($string -match "Enterprise SVC Admins" -and "False") {$ResEntSVCAdmGrp = "Validation Failed: Enterprise SVC Admins is not a member of the Local Admin Group" }
else {}
}
好的,经过很多的麻烦之后,我放弃了上面的代码,转而使用这种更简单的方法。有点不那么健壮,但很简单,可以完成任务。。。当然,如果有更多的组需要验证,那么只需添加更多带有相应变量的if语句即可 享受:
$group =[ADSI]"WinNT://./Administrators,group"
$members = @($group.psbase.Invoke("Members"))
$VerAdminGrp01 = ($members | foreach {$_.GetType().InvokeMember("Name", 'GetProperty', $null, $_, $null)}) -contains "Domain Admins"
if($VerAdminGrp01){$ResDomAdmin = "Validation Passed: Domain Admins is a member of the local admin group."}
Else {$ResDomAdmin = "VALIDATION FAILED: Domain Admins is not a member of the local admin group."}
$VerAdminGrp02 = ($members | foreach {$_.GetType().InvokeMember("Name", 'GetProperty', $null, $_, $null)}) -contains "Enterprise Backup Admins"
if($VerAdminGrp02){$ResEntBakAdmin = "Validation Passed: Enterprise Backup Admins is a member of the local admin group."}
Else {$ResEntBakAdmin = "VALIDATION FAILED: Enterprise Backup Admins is not a member of the local admin group."}
通过创建一个要检查的项目数组并在该数组上循环,您可以稍微清理一下
$group =[ADSI]"WinNT://./Administrators,group"
$members = @($group.psbase.Invoke("Members")) | foreach {$_.GetType().InvokeMember("Name", 'GetProperty', $null, $_, $null)}
$List = "Domain Admins","Enterprise Backup Admins"
foreach ($item in $list) {
if ($members -contains $item) {
"Validation Passed: $item is a member of the local admin group."
} else {
"VALIDATION FAILED: $item is not a member of the local admin group."
}
}
任何人任何人布勒?