[英]Powershell Get-Acl for folders without access permissions
I wrote a script, which gives me all the permissions of a folder + subfolders for a user/group.我写了一个脚本,它为我提供了用户/组的文件夹+子文件夹的所有权限。 However, the script only works, if my user has at least read permissions on all these folders.但是,该脚本仅适用于我的用户至少对所有这些文件夹具有读取权限的情况。 If he has no permissions, get-acl is denied.如果他没有权限,则拒绝 get-acl。 Is there any way to work around this, as I don't want to manually switch my user everytime I execute this script.有什么办法可以解决这个问题,因为我不想每次执行这个脚本时都手动切换我的用户。
Can I execute a powershell script with a different user?我可以使用不同的用户执行 powershell 脚本吗? And if yes, how?如果是,如何?
Thank you in advance, Colin提前谢谢你,科林
You have a few options that I can think of:你有几个我能想到的选择:
Option 1: Create a helper file with the actual code you want to run and call it script.ps1 for instance:选项 1:使用要运行的实际代码创建一个帮助文件,例如将其命名为 script.ps1:
[array]$users = "user1","user2","user3"
foreach($user in $users){
$creds = Get-Credential -UserName $user -Message "Enter the Users Password"
$Session = New-PSSession -Credential $creds
Invoke-Command -Session $Session -FilePath C:\Path\to\some\script.ps1
}
Option 2: Run a job for each user.选项 2:为每个用户运行一个作业。 After every task is finished, the new user credentials will be asked.每项任务完成后,将询问新的用户凭据。 Just add the code to the scriptblock只需将代码添加到脚本块
[array]$users = "user1","user2","user3"
foreach($user in $users){
$creds = Get-Credential -UserName $user -Message "Enter the Users Password"
$target = $user
$job = Start-Job -scriptblock {
param ($username)
Get-Acl C:\Users\$user #Bla bla the rest of your script
} -Args $user -credential $creds
do{
#Wait for the job to finish
}until($job.State -ne "Running")
Write-Host "Job finished with state $($job.State)"
}
Hope this helps!希望这可以帮助!
Note that the creds object can also be automated, if you don't wish to type all the time.请注意,如果您不想一直输入,creds 对象也可以自动化。 (Security principles not taken into account ;) ) (不考虑安全原则;))
$users = @()
$users += @{
username = "User1"
password = "Pass123!"
}
$users += @{
username = "User2"
password = "Pass123!"
}
foreach($user in $users){
$creds = New-Object System.Management.Automation.PSCredential($user.username,($user.password | ConvertTo-SecureString -AsPlainText -Force))
#Add the rest of the script from the chosen option
}
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.