【发布时间】:2019-01-10 20:08:19
【问题描述】:
我正在尝试限制此脚本的递归深度,该脚本生成文件夹列表、关联的安全组以及每个组的成员。我正在使用 PowerShell 5.1。
我已尝试在第 18 行添加 -Depth 3(如下所示),但我仍然获得所有级别。我尝试在运行脚本时在命令行上添加-Depth 3,但出现错误。
这是我用来运行脚本的命令:
./Get_folder_acls_depth_test.ps1 -Path I:\dir_name -Recurse | Export-Csv c:\temp\dir_name.csv
我也试过了,但是出错了:
./Get_folder_acls_depth_test.ps1 -Path I:\dir_name -Recurse -Depth 3 | Export-Csv c:\temp\dir_name.csv
[CmdletBinding()]
Param(
[ValidateScript({Test-Path $_ -PathType Container})]
[Parameter(Mandatory=$true)]
[string]$Path,
[switch]$Recurse
)
Write-Verbose "$(Get-Date): Script begins!"
Write-Verbose "Getting domain name..."
$Domain = (Get-ADDomain).NetBIOSName
Write-Verbose "Getting ACLs for folder $Path"
if ($Recurse) {
Write-Verbose "...and all sub-folders"
Write-Verbose "Gathering all folder names, this could take a long time on bigger folder trees..."
$Folders = Get-ChildItem -Path $Path -Directory -Recurse -Depth 3
} else {
$Folders = Get-Item -Path $Path
}
Write-Verbose "Gathering ACL's for $($Folders.Count) folders..."
foreach ($Folder in $Folders) {
Write-Verbose "Working on $($Folder.FullName)..."
$ACLs = Get-Acl $Folder.FullName | ForEach-Object { $_.Access }
foreach ($ACL in $ACLs) {
if ($ACL.IdentityReference -match "\\") {
if ($ACL.IdentityReference.Value.Split("\")[0].ToUpper() -eq $Domain.ToUpper()) {
$Name = $ACL.IdentityReference.Value.Split("\")[1]
if ((Get-ADObject -Filter 'SamAccountName -eq $Name').ObjectClass -eq "group") {
foreach ($User in (Get-ADGroupMember $Name -Recursive | Select -ExpandProperty Name)) {
$Result = New-Object PSObject -Property @{
Path = $Folder.Fullname
Group = $Name
User = $User
FileSystemRights = $ACL.FileSystemRights
AccessControlType = $ACL.AccessControlType
Inherited = $ACL.IsInherited
}
$Result | Select Path,Group,User,FileSystemRights
}
} else {
$Result = New-Object PSObject -Property @{
Path = $Folder.Fullname
Group = ""
User = Get-ADUser $Name | Select -ExpandProperty Name
FileSystemRights = $ACL.FileSystemRights
AccessControlType = $ACL.AccessControlType
Inherited = $ACL.IsInherited
}
$Result | Select Path,Group,User,FileSystemRights
}
} else {
$Result = New-Object PSObject -Property @{
Path = $Folder.Fullname
Group = ""
User = $ACL.IdentityReference.Value
FileSystemRights = $ACL.FileSystemRights
AccessControlType = $ACL.AccessControlType
Inherited = $ACL.IsInherited
}
$Result | Select Path,Group,User,FileSystemRights
}
}
}
}
Write-Verbose "$(Get-Date): Script completed!"
脚本适用于获得所有级别,我只想将其限制为 2-4 级。
【问题讨论】:
-
将
-Depth传递给您的脚本会出错,因为您的脚本没有定义参数$Depth。不过,脚本中的Get-ChildItem -Path $Path -Directory -Recurse -Depth 3语句应该可以工作。 -
尝试隔离问题。仅使用
$Folders = Get-ChildItem -Path $Path -Directory -Recurse -Depth 3(已定义路径)是否仍返回超过 3 个文件夹深度? -
这个Q&A 提供了一些限制特定深度(不是2-4 等范围)的答案。
-
Ansgar Wiechers,我尝试添加:[string]$Path, [switch]$Recurse, [switch]$Depth 然后在命令行上使用 -Depth 选项,但这导致错误“在C:\Temp\Get_folder_acls_depth_test.ps1:6 char:21 + [switch]$Recurse + ~ Missing ')' in function parameter list. At C:\Temp\Get_folder_acls_depth_test.ps1:8 char:1 + ) + ~ Unexpected token ')' 在表达式或语句中。+ CategoryInfo : ParserError: (:) [], ParseException + FullyQualifiedErrorId : MissingEndParenthesisInFunctionParameterList"
-
Sage Pourpre,感谢您的建议,我运行了 Get-ChildItem -Path I:\dir_name -Directory -Recurse -Depth 3 | export-csv c:\temp... 它仍然导致所有级别。我搜索了 get-childitem -recurse -depth,但在网上找不到太多。至少现在我知道这不是剧本!谢谢!
标签: powershell get-childitem powershell-v5.1