堆栈内存溢出
  简体   繁体   English

删除 MSMQ 队列权限

[英]Remove MSMQ Queue Permissions

 原文  2016-04-18 10:42:21       powershell/ msmq

问题描述

I want to remove all of the permissions on an MSMQ queue before we set the new permissions, this will be deployed via Octopus.我想在设置新权限之前删除 MSMQ 队列上的所有权限,这将通过 Octopus 进行部署。 This is so that we can be sure that no legacy permissions can exist and be sure that the permissions will be the same.这样我们就可以确保不存在任何遗留权限,并确保权限相同。

$QueueName = "MyQueue"
$QueuePermissions = Get-MsmqQueue -Name $QueueName | Get-MsmqQueueACL
$QueueUsers = $QueuePermissions.AccountName | Get-Unique
foreach ($User in $QueueUsers)
  if ($User -like 'MyDomain*'){
    #Something like
    $QueueName | Set-MsmqQueueACL -UserName $User -Remove
  }

Unfortunately I need to create a CSV list of permissions for Set-MsmqQueueACL to be removed.不幸的是,我需要为要删除的 Set-MsmqQueueACL 创建一个 CSV 权限列表。 How can I get this?我怎样才能得到这个?

I'm fairly new to PowerShell so anyhelp would be appreciated.我对 PowerShell 还很陌生,所以任何帮助都将不胜感激。

Thanks!谢谢!

2 个解决方案

解决方案1
 1  2016-04-18 15:11:37

First of all, delete queues and recreate is the more reliable approach.首先,删除队列并重新创建是更可靠的方法。

I assume you have a reason that requires you to not delete them.我假设您有理由要求您不要删除它们。 Here is an approach I think suit you best.这是我认为最适合您的方法。

Using MessageQueue.ResetPermissions Method from System.Messing.MessageQueue使用System.Messing.MessageQueue 中的MessageQueue.ResetPermissions方法

Code example for powershell: powershell的代码示例:

$QueueName = ".\private$\MyQueue"
Add-Type -AssemblyName System.Messaging
$Q = [System.Messaging.MessageQueue]($QueueName)
$Q.ResetPermissions()

Note: This method put queue permission back to default where only creator has full access to the queue.注意:此方法将队列权限恢复为默认值,只有创建者才能完全访问队列。 My powershell is using an automation account that created these queues thus it would take away fine from this point.我的 powershell 正在使用创建这些队列的自动化帐户,因此从这一点来看它会很好。 However, in my past experience if all the queue permissions are messed, and you don't have an account that have full control of the queue, you might end up have to remove the physical queue file from storage and restart MSMQ service to clean it up.但是,根据我过去的经验,如果所有队列权限都被弄乱了,并且您没有完全控制队列的帐户,则最终可能必须从存储中删除物理队列文件并重新启动 MSMQ 服务来清理它向上。 Thus I'd urge you to maintain consistence of the permission so your later operations on the queue can be performed without problem.因此,我敦促您保持权限的一致性,以便您以后对队列的操作可以毫无问题地执行。

解决方案2
 0  2016-04-19 08:29:22

I have created a solution that appears to work, as mentioned above I am no PowerShell expert but it may help someone else in the future:我创建了一个似乎有效的解决方案,如上所述,我不是 PowerShell 专家,但将来可能会帮助其他人:

$Queue= "MyQueueName"
#remove old permissions
$QueuePermissions = Get-MsmqQueue -Name $Queue | Get-MsmqQueueACL
$QueueUsers = $QueuePermissions.AccountName | Get-Unique
foreach ($User in $QueueUsers)
{
    Write-Output "Permissions found for user: $User"
    $tst = $QueuePermissions | where {$_.AccountName -eq $User}
    $tst = $tst | Select -ExpandProperty Right
    foreach ($Permission in $tst)    
    {
        Write-Output "Removing permissions: $Permission"
        $thisQueue | Set-MsmqQueueAcl -UserName $User -Remove $Permission | Out-Null
    }
}

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 在脚本中设置MSMQ队列的权限 - Setting permissions on a MSMQ queue in a script 如何获取MSMQ专用队列的当前权限? - How to get the current permissions for an MSMQ private queue? 如何授予用户在MSMQ中创建新队列的权限 - How can I give a user permissions to Create a new Queue in MSMQ 监视 MSMQ 传出队列? - monitoring the MSMQ outgoing queue? 如何重命名MSMQ队列 - How to rename MSMQ queue 群集专用MSMQ队列上的设置权限 - Setpermission on clustered private MSMQ queue 如何设置 MSMQ 集群队列的权限? - How to set permissions on MSMQ Cluster queues? 如何以编程方式读取 MSMQ 队列的权限? - How to programmatically read permissions on MSMQ queues? 使用Powershell删除MSMQ存储限制 - Remove MSMQ storage limits with powershell 在 Powershell 2.0 中清除公共 MSMQ 队列 - Purge a public MSMQ queue in Powershell 2.0
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM