Próbuję znaleźć sposób na wiadomość " Le Repertuire Suivant $ Path3 Est Au Niveau 3, Il N'a Pas Besoin d'Etre Modifie. " Kiedy mam coś w Colum 3.

Ale kiedy znalazł coś w kolumnie 3, należy ustawić ponownie ACL z kolumny 2.

W tym przykładzie ustawił 3 razy ACL na "BOUM2", mój plik ".csv":

Level1,Level2,Level3
Bada1,,
Bada1,,
Bada2,Boum1,
Bada2,Boum2,Eureka1
Bada2,Boum2,Eureka2
Bada2,Boum2,Eureka3

Mój kod:

## Set Acl to directory ##
Import-Csv $ImportCsv -Delimiter ',' | ForEach-Object { $_.Level2; $_.Level3 }`
    {
    ## Set DL Group from name dir ##
    $Dir   = $_.Level2.ToUpper()
    $Dir2  = $_.Level3.ToUpper()
    $Path2 = [IO.Path]::Combine($Path, $Dir)
    $Path3 = [IO.Path]::Combine($Path, $Dir, $Dir2)
    If      ( $_.Level3 -contains "*" )                                                                   #                                                                                                  
        {                                                                                                 # 
        Write-output "Le repertoire suivant $Path3 est au niveau 3, il n'a pas besoin d'etre modifie."    #  <- This part doesn't work
        exit                                                                                              #   
        }                                                                                                 #     
    ElseIf  ( $_.Level2 -contains '#RECYCLE' )
        {
        Write-output "Le repertoire suivant $Path2  n'a pas besoin d'etre modifie."
        }
    Else
        {
        ## Get DL Group from name dir ## 

        Write-output "Modification des ACL sur: $Path2"
        $Acl   = Get-Acl -Path "$Path2"
        $DirCT = Get-ADGroup "DL`_$Dir`_$NameSrv`_CT" | ForEach-Object { $_.Name }
        $DirM  = Get-ADGroup "DL_$Dir`_$NameSrv`_M"   | ForEach-Object { $_.Name }
        $DirL  = Get-ADGroup "DL_$Dir`_$NameSrv`_L"   | ForEach-Object { $_.Name }
        $DirR  = Get-ADGroup "DL_$Dir`_$NameSrv`_R"   | ForEach-Object { $_.Name }

        # Heritance disable ##
        $isProtected = $true
        $preserveInheritance = $true
        $Acl.SetAccessRuleProtection($isProtected, $preserveInheritance)
        Set-Acl -Path $Path2 -AclObject $Acl
        
        ## Rule for all groups ##
        $AccessRule = New-Object System.Security.AccessControl.FileSystemAccessRule("$NetBIOSName\$DirCT","FullControl","Allow")
        $acl.SetAccessRule($AccessRule)
        $AccessRule = New-Object System.Security.AccessControl.FileSystemAccessRule("$NetBIOSName\$DirM","Modify","Allow")
        $acl.SetAccessRule($AccessRule)
        $AccessRule = New-Object System.Security.AccessControl.FileSystemAccessRule("$NetBIOSName\$DirL","ReadAndExecute","Allow")
        $acl.SetAccessRule($AccessRule)
        $AccessRule = New-Object System.Security.AccessControl.FileSystemAccessRule("$NetBIOSName\$DirR","Read","Deny")
        $acl.SetAccessRule($AccessRule)
        Set-Acl -Path $Path2 -AclObject $acl
        
        ## Remove BUILTIN\Utilisateurs ##
        $acl.Access | Where-Object {$_.IdentityReference -eq "BUILTIN\Utilisateurs"} | Foreach-Object {$acl.RemoveAccessRule($_) | Out-Null}
        Set-Acl -Path $Path2 -AclObject $acl
        }
    }

Dziękujemy za poświęcenie czasu na przeczytanie i z góry podziękować.

1
Murphy BZH 23 październik 2020, 13:43

1 odpowiedź

Najlepsza odpowiedź

Otrzymałem rozwiązanie z kontaktu:

$strCSV = @'
Level1,Level2,Level3
Bada1,,
Bada1,,
Bada2,Boum1,
Bada2,#RECYCLE,
Bada2,Boum2,Eureka1
Bada2,Boum2,Eureka2
Bada2,Boum2,Eureka3
'@

$Path = $env:TEMP

$objCSV = $strCSV | ConvertFrom-Csv -Delimiter ','
## Set Acl to directory ##
$objCSV | ForEach-Object {
    ## Set DL Group from name dir ##
    $Dir   = $_.Level2.ToUpper()
    $Dir2  = $_.Level3.ToUpper()
    $Path2 = [IO.Path]::Combine($Path, $Dir)
    $Path3 = [IO.Path]::Combine($Path, $Dir, $Dir2)
    If(-not [System.String]::IsNullOrEmpty($_.Level3) )                                                                                                                                                                     
    {                                                                                                  
        Write-output "Le repertoire suivant $Path3 est au niveau 3, il n'a pas besoin d'etre modifie."                                                                                         #   
    }                                                                                                    
    ElseIf($_.Level2 -like '#RECYCLE' )
    {
        Write-output "Le repertoire suivant $Path2  n'a pas besoin d'etre modifie."
    }
    Else
    {
        ## Get DL Group from name dir ## 

        Write-output "Modification des ACL sur: $Path2"
    }
}
0
Murphy BZH 26 październik 2020, 20:40