Fatal编程技术网
  • powershell/
  • Powershell 带有特定参数的PSObject错误

Powershell 带有特定参数的PSObject错误

powershell

Powershell 带有特定参数的PSObject错误,powershell,Powershell,我有一个powershell脚本,可以对远程服务器上的组成员身份进行一些简单的审核。除了一个组的情况外,输出与预期一致 此脚本中有两个参数,一个用于签入AD的OU和一个用于检查的组名。OU参数返回服务器名称列表,组名称是返回成员的组。这一切都很好,除了一种情况,备份操作员 param([parameter(mandatory=$true)][string]$region,[string]$group) ### Debug flag for viewing output when running

我有一个powershell脚本,可以对远程服务器上的组成员身份进行一些简单的审核。除了一个组的情况外,输出与预期一致

此脚本中有两个参数,一个用于签入AD的OU和一个用于检查的组名。OU参数返回服务器名称列表,组名称是返回成员的组。这一切都很好,除了一种情况,备份操作员

param([parameter(mandatory=$true)][string]$region,[string]$group)

### Debug flag for viewing output when running the script. 
$DEBUG = 1

$self = $myinvocation.mycommand.name

function cmdopts {
    if ($DEBUG) {
       write-host "$self running with options"
       write-host "Region: $region"
       write-host "Group: $group"
    }
 }

 ### Function to handle custom messages to the user. 
 function usageRegion {
     # Removed for brevity
 }

 function usageGroups {
     # Removed for brevity
 }

 ### Cleanup from previous run of the script.
 function cleanup {
    # Removed for brevity
 }

 #### Function to load powershell modules at runtime
 function loadmod { 
     param([string]$name)
     if ( -not(get-module -name $name)) {
         if (get-module -listavailable| where-object { $_.name -eq $name}) {
             import-module -name $name
             $true
         } else { 
             $false
         }
     } else { 
        $true
     }
  }


 ### Main()
 cmdopts

 #### Validate commandline options
 if ( "cnr","nwr","swr","ner","ser","emr","lar","apr" -notcontains $region ) {
     usageRegion
     exit
 }

 if ( "Administrators","Backup Operators","Event Log Readers","Hyper-V Administrators","Power Users",
"Print Operators","Remote Desktop Users" -notcontains $group) {
    usageGroups
    exit
 } else {
     ### We are creating three files for each run, previous runs need to be cleaned up before we start. 
     cleanup

    ### The ActiveDirectory module is a dependency for this script, we use it to get a list of machine names from AD for the OU.
    if ( loadmod -name "activedirectory" ) {
        write-host "Loading ActiveDirectory powershell module..." -foregroundcolor green
    } else {
        write-host "Sorry, you do not have the ActiveDirectory powershell module installed." -foregroundcolor yellow
        write-host "The script cannot contnue." -foregroundcolor yellow
        exit
    } 

    ### Get the list of servers from AD for the OU specified by the user. 
    get-adcomputer -f * -searchbase "ou=$region,ou=servers,dc=domain,dc=com" | select name | out-file "c:\scripts\ps\$region.srvtmp.txt" -append

    ### We need to fix some format issues with the file before continuing

    # Removed for brevity, cleans up the file output from get-adcomputer and sets variable $srvlist
    $srvlist = gc "c:\scripts\ps\$region.srvlist.txt"

    # Store for the return
    $store = @()

    # Fix the group string for the filename
    $filestring = $group
    $filestring = $filestring.replace(' ', '')
    $filestring = $filestring.tolower()

    foreach ( $srv in $srvlist ) {
        if ( $srv -eq "bustedserver" ) {
        # This box hangs and does not tear down WMI when it can't complete, timeout does not work
            write-host "skipping $srv"
        } else {
            $response = test-connection $srv -count 1 -quiet

            ### This does not work super well, might have to try a custom function
            if ($response -eq $false ) {    
                write-host "$srv was offline during test" -foregroundcolor darkmagenta
            } else {
                 write-host "Checking $group on " -nonewline; write-host $srv -foregroundcolor cyan

                 $groupinfo = new-object PSObject

                 $members = gwmi -computer $srv -query "SELECT * FROM Win32_GroupUser WHERE GroupComponent=`"Win32_Group.Domain='$srv',Name='$group'`"" 

                 $members = $members | sort-object -unique

                 $count = 0
                 if ($members -ne $null) {
                     add-member -inputobject $groupinfo -membertype noteproperty -name "Server" -value $srv
                     add-member -inputobject $groupinfo -membertype noteproperty -name "Group" -value $group

                     foreach ($member in $members) {
                         $count += 1
                         $data = $member.partcomponent -split "\,"
                         $domain = ($data[0] -split "=")[1]
                         $name = ($data[1] -split "=")[1]
                         $line = ("$domain\$name").replace("""","")
                         add-member -inputobject $groupinfo -membertype noteproperty -name "Member $count" -value $line
                     }
                  }

                 if ($DEBUG) {
                    write-host $groupinfo
                 }

                $store += $groupinfo
           }
       }
    }
 }

 #$store | export-csv -path "$HOME\desktop\$region-$filestring-audit.csv" -notype
 $store
如果对管理员或远程桌面用户这样的组运行此脚本,则输出如下所示

Server: SERVER1
Group: Remote Desktop Users
Member1: GroupName1
Member2: GroupName2
Member3: GroupName3
如果对组备份操作符运行此脚本,则即使有许多组,也只能得到第一个组。在debug write host语句中,它将显示所有组。打印存储时,它只显示第一个存储。即使有两个或更多,它也会打印

Server: SERVER1
Group: Backup Operators
Member1: GroupName1
如果您能了解为什么这是专门针对“备份操作员”而不是其他人的,我们将不胜感激。

您能分享完整的脚本吗?我怀疑这与您初始化$store变量的方式有关,但如果不查看它是否在其他地方初始化,我无法确定。是v。PS中常见的情况是将某些内容初始化为字符串或数组,而不返回您认为会返回的内容。像这样初始化$store=@I将在MinWhat版本的PowerShell中添加精简版本?