Permissions

用於從 CSV 使用者列表創建文件夾的 Powershell 腳本

  • September 12, 2020

我找到了一個創建文件夾(如果它們不存在)並添加適當權限的 powershell 腳本。下面是 PS1 文件(由其他人創建)


##################################################################################
#
#
#  Script name: SetFolderPermission.ps1
#  Author:      goude@powershell.nu
#  Homepage:    www.powershell.nu
#
#
##################################################################################

param ([string]$Path, [string]$Access, [string]$Permission = ("Modify"), [switch]$help)

function GetHelp() {

$HelpText = @"

DESCRIPTION:
NAME: SetFolderPermission.ps1
Sets FolderPermissions for User on a Folder.
Creates folder if not exist.

PARAMETERS: 
-Path           Folder to Create or Modify (Required)
-User           User who should have access (Required)
-Permission     Specify Permission for User, Default set to Modify (Optional)
-help           Prints the HelpFile (Optional)

SYNTAX:
./SetFolderPermission.ps1 -Path C:\Folder\NewFolder -Access Domain\UserName -Permission FullControl

Creates the folder C:\Folder\NewFolder if it doesn't exist.
Sets Full Control for Domain\UserName

./SetFolderPermission.ps1 -Path C:\Folder\NewFolder -Access Domain\UserName

Creates the folder C:\Folder\NewFolder if it doesn't exist.
Sets Modify (Default Value) for Domain\UserName

./SetFolderPermission.ps1 -help

Displays the help topic for the script

Below Are Available Values for -Permission

"@
$HelpText

[system.enum]::getnames([System.Security.AccessControl.FileSystemRights])

}

function CreateFolder ([string]$Path) {

   # Check if the folder Exists

   if (Test-Path $Path) {
       Write-Host "Folder: $Path Already Exists" -ForeGroundColor Yellow
   } else {
       Write-Host "Creating $Path" -Foregroundcolor Green
       New-Item -Path $Path -type directory | Out-Null
   }
}

function SetAcl ([string]$Path, [string]$Access, [string]$Permission) {

   # Get ACL on FOlder

   $GetACL = Get-Acl $Path

   # Set up AccessRule

   $Allinherit = [system.security.accesscontrol.InheritanceFlags]"ContainerInherit, ObjectInherit"
   $Allpropagation = [system.security.accesscontrol.PropagationFlags]"None"
   $AccessRule = New-Object system.security.AccessControl.FileSystemAccessRule($Access, $Permission, $AllInherit, $Allpropagation, "Allow")

   # Check if Access Already Exists

   if ($GetACL.Access | Where { $_.IdentityReference -eq $Access}) {

       Write-Host "Modifying Permissions For: $Access" -ForeGroundColor Yellow

       $AccessModification = New-Object system.security.AccessControl.AccessControlModification
       $AccessModification.value__ = 2
       $Modification = $False
       $GetACL.ModifyAccessRule($AccessModification, $AccessRule, [ref]$Modification) | Out-Null
   } else {

       Write-Host "Adding Permission: $Permission For: $Access"

       $GetACL.AddAccessRule($AccessRule)
   }

   Set-Acl -aclobject $GetACL -Path $Path

   Write-Host "Permission: $Permission Set For: $Access" -ForeGroundColor Green
}

if ($help) { GetHelp }

if ($Path -AND $Access -AND $Permission) { 
   CreateFolder $Path 
   SetAcl $Path $Access $Permission
}

要執行此腳本,我使用此命令。./SetFolderPermission.ps1 -Path E:\TestFolder\UsernameX -Access Domain\UsernameX -權限修改

我怎樣才能做到這一點,以便我可以只使用一個命令並呼叫它來從 CSV 文件創建文件夾?

這應該可以解決問題:-

# 讀入使用者列表
$ListofUsers=獲取內容“UserList.csv”
foreach($ListofUsers 中的 $User)
{
SetFolderPermission.ps1 -Path E:\TestFolder\$User
}

我會稍微修改 Gary 的命令,並使用 Import-Csv

# Read in List of Users
$rows=Import-Csv "UserList.csv"
foreach ($row in $rows) {
 $UsernameX = $row.UserName
 ./SetFolderPermission.ps1 -Path E:\TestFolder\$UsernameX -Access Domain\$UsernameX -Permission modify
}

引用自:https://serverfault.com/questions/178227