多个比较运算符输出错误的结果powershell
这是我的剧本:多个比较运算符输出错误的结果powershell,powershell,comparison-operators,Powershell,Comparison Operators,这是我的剧本: #set the root search path $rootPath = "c:\test\path\" #get a list of all directories and subdirectories in the root path $shares = Get-ChildItem -Path $rootPath -Directory #create empty array to store custom properties later $obj = @() #fo
#set the root search path
$rootPath = "c:\test\path\"
#get a list of all directories and subdirectories in the root path
$shares = Get-ChildItem -Path $rootPath -Directory
#create empty array to store custom properties later
$obj = @()
#for every folder you find.....
foreach ($share in $shares) {
#finds all security principals for each share on fileserver that has permissions explicitly assigned
$notInherited = Get-Acl -Path $share.FullName | select -ExpandProperty Access | Where-Object {$_.IsInherited -eq $false}
#for every security principal that has explicit permissions assigned....
foreach ($member in $notInherited) {
#extract the identity of the resource from the IdentityReference field and convert it to a string object
[string]$identity = $member.IdentityReference
#test to see if the extracted resource contains a \ anywhere in the name to ensure we're looking for domain objects
if ($identity -like '*\*') {
#retrieve the SAM of the resource by splitting the string object at the \ and returning the 1 field
$samAccountName = $identity.Split('\')[1]
#filter out all domain related groups like domain admins, domain users, domain controllers, domain computers
if ($samAccountName -notlike 'Domain*' -or $samAccountName -notlike 'Administrators') {
#return AD object info for the resource using it's SAM
$ADObject = Get-ADObject -Filter ('SamAccountName -eq "{0}"' -f $SamAccountName)
#test to ensure we're only retrieving groups and not users who are explicitly assigned
if ($ADObject.ObjectClass -eq 'group') {
#create a PS object and append it's properties to the empty array created earlier
#assign custom fields to the object (FolderName maps to the share name and GroupName maps to name of group that has access to the share)
$obj += [pscustomobject] @{
'GroupName' = $ADObject.Name
'FolderName' = $share.Name
}
}
}
}
}
}
#output the contents of the object to the console
Write-Output $obj | ft -AutoSize | out-file C:\Scripts\test02.txt
我想知道为什么这一行会产生错误的结果:
if ($samAccountName -notlike 'Domain*' -or $samAccountName -notlike 'Administrators')
我希望输出不包括任何明确添加了“管理员”或以“域”开头的任何组的文件夹。如果我删除第二部分进行测试,以便它只检查“Domain*”,则输出是正确的。我也需要过滤掉管理员组。我遗漏了什么?您的请求:
if ($samAccountName -notlike 'Domain*' -or $samAccountName notlike 'Administrators')
字面意思是“不像X”或“不像Y”
我想你要找的是:
if (!($samAccountName -like 'Domain*' -or $samAccountName -like 'Administrators'))
{写入主机“是”}
这样,如果$samAccountName类似于'Domain*'-或$samAccountName``类似于'Administrators',则返回TRUE,然后返回!将其转换为false
因此,如果满足任一条件,则结果为false,并且代码块不会运行。因此,如果用户是域*或用户是管理员,它将不会输出“是”。尝试-而不是-或
if($samAccountName-不类似于'domain*'-和$samAccountName-不类似于'Administrators')
lol失败。我可以发誓我做到了——第一次,它没有起作用……无论如何,这解决了我的问题。谢谢