堆栈内存溢出
  简体   繁体   English

没有访问权限的文件夹的 Powershell Get-Acl

[英]Powershell Get-Acl for folders without access permissions

 原文  2019-11-28 10:13:28       powershell/ permissions/ active-directory/ credentials/ folder-permissions

问题描述

I wrote a script, which gives me all the permissions of a folder + subfolders for a user/group.我写了一个脚本,它为我提供了用户/组的文件夹+子文件夹的所有权限。 However, the script only works, if my user has at least read permissions on all these folders.但是,该脚本仅适用于我的用户至少对所有这些文件夹具有读取权限的情况。 If he has no permissions, get-acl is denied.如果他没有权限,则拒绝 get-acl。 Is there any way to work around this, as I don't want to manually switch my user everytime I execute this script.有什么办法可以解决这个问题,因为我不想每次执行这个脚本时都手动切换我的用户。

Can I execute a powershell script with a different user?我可以使用不同的用户执行 powershell 脚本吗? And if yes, how?如果是,如何?

Thank you in advance, Colin提前谢谢你,科林

1 个解决方案

解决方案1
 1 已采纳  2019-11-28 11:18:53

You have a few options that I can think of:你有几个我能想到的选择:

Option 1: Create a helper file with the actual code you want to run and call it script.ps1 for instance:选项 1:使用要运行的实际代码创建一个帮助文件,例如将其命名为 script.ps1:

    [array]$users = "user1","user2","user3"

    foreach($user in $users){
        $creds = Get-Credential -UserName $user -Message "Enter the Users Password"
        $Session = New-PSSession -Credential $creds
        Invoke-Command -Session $Session -FilePath C:\Path\to\some\script.ps1
    }

Option 2: Run a job for each user.选项 2:为每个用户运行一个作业。 After every task is finished, the new user credentials will be asked.每项任务完成后,将询问新的用户凭据。 Just add the code to the scriptblock只需将代码添加到脚本块

[array]$users = "user1","user2","user3"

foreach($user in $users){
    $creds = Get-Credential -UserName $user -Message "Enter the Users Password"
    $target = $user
    $job = Start-Job -scriptblock {
    param ($username)
        Get-Acl C:\Users\$user #Bla bla the rest of your script
    } -Args $user -credential $creds
    do{
        #Wait for the job to finish
    }until($job.State -ne "Running")
    Write-Host "Job finished with state $($job.State)"
}

Hope this helps!希望这可以帮助!

Note that the creds object can also be automated, if you don't wish to type all the time.请注意,如果您不想一直输入,creds 对象也可以自动化。 (Security principles not taken into account ;) ) (不考虑安全原则;))

$users = @()
$users += @{
    username = "User1"
    password = "Pass123!"
}
$users += @{
    username = "User2"
    password = "Pass123!"
}

foreach($user in $users){
    $creds = New-Object System.Management.Automation.PSCredential($user.username,($user.password | ConvertTo-SecureString -AsPlainText -Force))
    #Add the rest of the script from the chosen option
}

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 PowerShell-Get-ACL不会返回所有权限 - PowerShell - Get-ACL not returning all permissions Powershell:获取ACL并获取远程文件夹上特定用户的权限 - Powershell : Get-ACL and get permissions for specific user on a remote folder PowerShell设置/获取ACL特殊权限-仅此文件夹设置 - PowerShell Set/Get-ACL Special Permissions - This Folder Only setting 带空格的UNC路径上的Powershell Get-Acl - Powershell Get-Acl on UNC paths with spaces Get-ACL重复组-Powershell - Get-acl repeating groups - Powershell 具有SamAccountName值的PowerShell Get-ACL - PowerShell Get-ACL with SamAccountName values 用于 HKLM:\\SECURITY 问题的 Powershell Get-Acl - Powershell Get-Acl for HKLM:\SECURITY Issues 奇怪的PowerShell Get-ACL权限翻译 - Odd PowerShell Get-ACL permission translations Powershell Get-Acl 所有者参考 - Powershell Get-Acl Owner Reference 当Get-Acl返回“拒绝访问”时,如何使用Powershell更改文件夹的所有者? - How do I change the owner of a folder with Powershell when Get-Acl returns “Access Denied”?
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM