从文本文件重新访问

Re-acl from text file

这个难倒我了。我正在尝试使用 PowerShell 执行此操作,但它不一定是...

基本上,我有一个文本文件,其中包含已迁移的大型目录结构的 ACL 信息(我意识到内容有很多不足之处,但我们无法再访问原始文件系统,所以这是我们必须处理什么)。

我需要生成一个批处理文件来重新访问新的(复制的)文件系统。

所以简而言之,我需要像这样转换文本(抱歉滚动,但我试图保留行间距):

Path: \Share.Domain.com\Directory01$\Subdirectory01


AccessToString : DOMAIN\Group01-Knuckleheads Allow  ReadAndExecute, Synchronize
     BUILTIN\Administrators 



Path: \Share.Domain.com\Directory02$\Subdirectory01


AccessToString : DOMAIN\Different-Group02 Allow  FullControl
                 BUILTIN\Administrators Allow  FullControl

进入新文件(或相同的文件,并不重要),内容如下:

ICacls "\Share.Domain.com\Directory01$\Subdirectory01" /Grant "DOMAIN\Group01-Knuckleheads":(OI)(CI)R,X,S /t /c /l /q /inheritance:r
ICacls "\Share.Domain.com\Directory01$\Subdirectory01" /Grant "BUILTIN\Administrators":(OI)(CI)F /t /c /l /q /inheritance:r
ICacls "\Share.Domain.com\Directory02$\Subdirectory01" /Grant "DOMAIN\Different-Group02":(OI)(CI)F /c /l /q /inheritance:r
ICacls "\Share.Domain.com\Directory02$\Subdirectory01" /Grant "BUILTIN\Administrators":(OI)(CI)F /c /l /q /inheritance:r

我对解决这个问题的半悲催尝试仍在进行中,但我意识到这个敌人比我的魔力更强大:

    #$ACLs = Get-Content C:\Scripts\Test\AndTest.txt
    #ForEach-Object ($ACL in $ACLs)
    #{
    #Figure out how to break strings into variables....
    #}
    #Declare Var - Need to populate from the imported text file
    $FilePath = "\Share.Domain.com\Directory01$\Subdirectory01"
    $GroupName = "DOMAIN\Domain Admins"
    $TestPerm = "ReadAndExecute"
    If ($TestPerm = "FullControl"){$Perms = "F"}
    Elseif ($TestPerm = "ReadAndExecute"){$Perms = "RX"}
    Elseif ($TestPerm = "Modify"){$Perms = "M"}
    Elseif ($TestPerm = "Deny"){$Perms = "D"}
    Elseif ($TestPerm = "Read"){$Perms = "R"}
    Elseif ($TestPerm = "Write"){$Perms = "W"}
    cls
    #Build icacls string -Test Output
    Write-Host "ICacls ""$FilePath"" /Grant ""$GroupName"":(OI)(CI)$Perms /t /c /l /q /inheritance:r"
    #Write icacls batch file
    #Out-File "C:\Scripts\Test\re-acl.cmd" "ICacls ""$FilePath"" /Grant ""$GroupName"":(OI)(CI)$Perms /t /c /l /q /inheritance:r"

我意识到这里有很多工作要做,我才刚刚开始弄明白。例如,我在想我需要将权限列出到一个数组中并构建字符串。也必然会有特殊权限等...

但现在,我正在尝试弄清楚如何导入文本文件,然后将其分解为变量...就像我说的,我在 Powershell 中工作,但它真的可以是任何东西... VB 或 Python 也许?

非常感谢!

好的,我认为您的大部分问题是解析文本,所以这就是我在这里提供的主要帮助。我确实构建了字符串,如果您想要包含更多权限,您应该能够弄清楚如何将它们添加到 switch。为此,我们希望将整个文本文件作为一个大的多行字符串读取。然后我们根据关键字 "Path:" 将其分成块。然后对于每条记录,我将路径作为字符串获取,获取权限,并解析出帐户、allow/deny 和个人访问。然后我将访问转换为 icacls 接受的短版本,并将参数构建为格式化字符串。

我输出到主机,但是一旦你觉得它看起来对你满意,你就可以删除 Write-Host " 和尾随的 " 它就会执行它(假设 icacls 是在您所在的同一文件夹中,或在 PATH 环境变量中)。

$Text = Get-Content C:\Scripts\Test\AndTest.txt -Raw
$Records = $Text -split "(?s)(Path:.*?)(?=Path:|$)"|?{$_}
#Loop through each file/ACL
ForEach($Record in $Records){
    $FilePath = ($Record -split "[\r\n]+")[0].Substring(6)
    $PermRecords = ($Record -split "(?s)AccessToString : "|Select -skip 1) -split "[\r\n]+"|?{$_}
    $Perms = $PermRecords|?{$_ -match "(.*\.*?)\s+(Allow|Deny)(.*)$"}|%{[pscustomobject]@{'Account'=$Matches[1].Trim();'Type'=$Matches[2];'Perms'=$Matches[3].Trim()}}
    #Loop through each perm for the current file
    $Perms | %{
        #Convert friendly names to abbreviations
        $ShortPerms = ''
        Switch -regex ($_.Perms){
            "FullControl" {$ShortPerms = "F";Continue}
            "ReadAndExecute" {$ShortPerms += "RX,"}
            "Synchronize" {$ShortPerms += "S,"}
            "Modify" {$ShortPerms += "M,"}
            "Read(?=,|$)" {$ShortPerms += "R,"}
            "Write" {$ShortPerms += "W,"}
        }
        $ShortPerms = $ShortPerms.TrimEnd(',')
        $Arguments = '"{0}" /{4} "{1}":(OI)(CI)({2}) /t /c /l /q /inheritance:r' -f $FilePath, $_.Account, $ShortPerms,$(If($_.Type -eq 'Allow'){'Grant'}else{'Deny'})
        write-host "& ICAcls $Arguments"
    }
}

如果 -Raw 参数对您不起作用,您可以使用

解决这个问题
(Get-Content C:\Scripts\Test\AndTest.txt) -join "`r`n"

如果您有任何疑问或问题,请告诉我。