从文本文件重新访问
Re-acl from text file
这个难倒我了。我正在尝试使用 PowerShell 执行此操作,但它不一定是...
基本上,我有一个文本文件,其中包含已迁移的大型目录结构的 ACL 信息(我意识到内容有很多不足之处,但我们无法再访问原始文件系统,所以这是我们必须处理什么)。
我需要生成一个批处理文件来重新访问新的(复制的)文件系统。
所以简而言之,我需要像这样转换文本(抱歉滚动,但我试图保留行间距):
Path: \Share.Domain.com\Directory01$\Subdirectory01
AccessToString : DOMAIN\Group01-Knuckleheads Allow ReadAndExecute, Synchronize
BUILTIN\Administrators
Path: \Share.Domain.com\Directory02$\Subdirectory01
AccessToString : DOMAIN\Different-Group02 Allow FullControl
BUILTIN\Administrators Allow FullControl
进入新文件(或相同的文件,并不重要),内容如下:
ICacls "\Share.Domain.com\Directory01$\Subdirectory01" /Grant "DOMAIN\Group01-Knuckleheads":(OI)(CI)R,X,S /t /c /l /q /inheritance:r
ICacls "\Share.Domain.com\Directory01$\Subdirectory01" /Grant "BUILTIN\Administrators":(OI)(CI)F /t /c /l /q /inheritance:r
ICacls "\Share.Domain.com\Directory02$\Subdirectory01" /Grant "DOMAIN\Different-Group02":(OI)(CI)F /c /l /q /inheritance:r
ICacls "\Share.Domain.com\Directory02$\Subdirectory01" /Grant "BUILTIN\Administrators":(OI)(CI)F /c /l /q /inheritance:r
我对解决这个问题的半悲催尝试仍在进行中,但我意识到这个敌人比我的魔力更强大:
#$ACLs = Get-Content C:\Scripts\Test\AndTest.txt
#ForEach-Object ($ACL in $ACLs)
#{
#Figure out how to break strings into variables....
#}
#Declare Var - Need to populate from the imported text file
$FilePath = "\Share.Domain.com\Directory01$\Subdirectory01"
$GroupName = "DOMAIN\Domain Admins"
$TestPerm = "ReadAndExecute"
If ($TestPerm = "FullControl"){$Perms = "F"}
Elseif ($TestPerm = "ReadAndExecute"){$Perms = "RX"}
Elseif ($TestPerm = "Modify"){$Perms = "M"}
Elseif ($TestPerm = "Deny"){$Perms = "D"}
Elseif ($TestPerm = "Read"){$Perms = "R"}
Elseif ($TestPerm = "Write"){$Perms = "W"}
cls
#Build icacls string -Test Output
Write-Host "ICacls ""$FilePath"" /Grant ""$GroupName"":(OI)(CI)$Perms /t /c /l /q /inheritance:r"
#Write icacls batch file
#Out-File "C:\Scripts\Test\re-acl.cmd" "ICacls ""$FilePath"" /Grant ""$GroupName"":(OI)(CI)$Perms /t /c /l /q /inheritance:r"
我意识到这里有很多工作要做,我才刚刚开始弄明白。例如,我在想我需要将权限列出到一个数组中并构建字符串。也必然会有特殊权限等...
但现在,我正在尝试弄清楚如何导入文本文件,然后将其分解为变量...就像我说的,我在 Powershell 中工作,但它真的可以是任何东西... VB 或 Python 也许?
非常感谢!
好的,我认为您的大部分问题是解析文本,所以这就是我在这里提供的主要帮助。我确实构建了字符串,如果您想要包含更多权限,您应该能够弄清楚如何将它们添加到 switch。为此,我们希望将整个文本文件作为一个大的多行字符串读取。然后我们根据关键字 "Path:" 将其分成块。然后对于每条记录,我将路径作为字符串获取,获取权限,并解析出帐户、allow/deny 和个人访问。然后我将访问转换为 icacls 接受的短版本,并将参数构建为格式化字符串。
我输出到主机,但是一旦你觉得它看起来对你满意,你就可以删除 Write-Host " 和尾随的 " 它就会执行它(假设 icacls 是在您所在的同一文件夹中,或在 PATH 环境变量中)。
$Text = Get-Content C:\Scripts\Test\AndTest.txt -Raw
$Records = $Text -split "(?s)(Path:.*?)(?=Path:|$)"|?{$_}
#Loop through each file/ACL
ForEach($Record in $Records){
$FilePath = ($Record -split "[\r\n]+")[0].Substring(6)
$PermRecords = ($Record -split "(?s)AccessToString : "|Select -skip 1) -split "[\r\n]+"|?{$_}
$Perms = $PermRecords|?{$_ -match "(.*\.*?)\s+(Allow|Deny)(.*)$"}|%{[pscustomobject]@{'Account'=$Matches[1].Trim();'Type'=$Matches[2];'Perms'=$Matches[3].Trim()}}
#Loop through each perm for the current file
$Perms | %{
#Convert friendly names to abbreviations
$ShortPerms = ''
Switch -regex ($_.Perms){
"FullControl" {$ShortPerms = "F";Continue}
"ReadAndExecute" {$ShortPerms += "RX,"}
"Synchronize" {$ShortPerms += "S,"}
"Modify" {$ShortPerms += "M,"}
"Read(?=,|$)" {$ShortPerms += "R,"}
"Write" {$ShortPerms += "W,"}
}
$ShortPerms = $ShortPerms.TrimEnd(',')
$Arguments = '"{0}" /{4} "{1}":(OI)(CI)({2}) /t /c /l /q /inheritance:r' -f $FilePath, $_.Account, $ShortPerms,$(If($_.Type -eq 'Allow'){'Grant'}else{'Deny'})
write-host "& ICAcls $Arguments"
}
}
如果 -Raw 参数对您不起作用,您可以使用
解决这个问题
(Get-Content C:\Scripts\Test\AndTest.txt) -join "`r`n"
如果您有任何疑问或问题,请告诉我。
这个难倒我了。我正在尝试使用 PowerShell 执行此操作,但它不一定是...
基本上,我有一个文本文件,其中包含已迁移的大型目录结构的 ACL 信息(我意识到内容有很多不足之处,但我们无法再访问原始文件系统,所以这是我们必须处理什么)。
我需要生成一个批处理文件来重新访问新的(复制的)文件系统。
所以简而言之,我需要像这样转换文本(抱歉滚动,但我试图保留行间距):
Path: \Share.Domain.com\Directory01$\Subdirectory01
AccessToString : DOMAIN\Group01-Knuckleheads Allow ReadAndExecute, Synchronize
BUILTIN\Administrators
Path: \Share.Domain.com\Directory02$\Subdirectory01
AccessToString : DOMAIN\Different-Group02 Allow FullControl
BUILTIN\Administrators Allow FullControl
进入新文件(或相同的文件,并不重要),内容如下:
ICacls "\Share.Domain.com\Directory01$\Subdirectory01" /Grant "DOMAIN\Group01-Knuckleheads":(OI)(CI)R,X,S /t /c /l /q /inheritance:r
ICacls "\Share.Domain.com\Directory01$\Subdirectory01" /Grant "BUILTIN\Administrators":(OI)(CI)F /t /c /l /q /inheritance:r
ICacls "\Share.Domain.com\Directory02$\Subdirectory01" /Grant "DOMAIN\Different-Group02":(OI)(CI)F /c /l /q /inheritance:r
ICacls "\Share.Domain.com\Directory02$\Subdirectory01" /Grant "BUILTIN\Administrators":(OI)(CI)F /c /l /q /inheritance:r
我对解决这个问题的半悲催尝试仍在进行中,但我意识到这个敌人比我的魔力更强大:
#$ACLs = Get-Content C:\Scripts\Test\AndTest.txt
#ForEach-Object ($ACL in $ACLs)
#{
#Figure out how to break strings into variables....
#}
#Declare Var - Need to populate from the imported text file
$FilePath = "\Share.Domain.com\Directory01$\Subdirectory01"
$GroupName = "DOMAIN\Domain Admins"
$TestPerm = "ReadAndExecute"
If ($TestPerm = "FullControl"){$Perms = "F"}
Elseif ($TestPerm = "ReadAndExecute"){$Perms = "RX"}
Elseif ($TestPerm = "Modify"){$Perms = "M"}
Elseif ($TestPerm = "Deny"){$Perms = "D"}
Elseif ($TestPerm = "Read"){$Perms = "R"}
Elseif ($TestPerm = "Write"){$Perms = "W"}
cls
#Build icacls string -Test Output
Write-Host "ICacls ""$FilePath"" /Grant ""$GroupName"":(OI)(CI)$Perms /t /c /l /q /inheritance:r"
#Write icacls batch file
#Out-File "C:\Scripts\Test\re-acl.cmd" "ICacls ""$FilePath"" /Grant ""$GroupName"":(OI)(CI)$Perms /t /c /l /q /inheritance:r"
我意识到这里有很多工作要做,我才刚刚开始弄明白。例如,我在想我需要将权限列出到一个数组中并构建字符串。也必然会有特殊权限等...
但现在,我正在尝试弄清楚如何导入文本文件,然后将其分解为变量...就像我说的,我在 Powershell 中工作,但它真的可以是任何东西... VB 或 Python 也许?
非常感谢!
好的,我认为您的大部分问题是解析文本,所以这就是我在这里提供的主要帮助。我确实构建了字符串,如果您想要包含更多权限,您应该能够弄清楚如何将它们添加到 switch。为此,我们希望将整个文本文件作为一个大的多行字符串读取。然后我们根据关键字 "Path:" 将其分成块。然后对于每条记录,我将路径作为字符串获取,获取权限,并解析出帐户、allow/deny 和个人访问。然后我将访问转换为 icacls 接受的短版本,并将参数构建为格式化字符串。
我输出到主机,但是一旦你觉得它看起来对你满意,你就可以删除 Write-Host " 和尾随的 " 它就会执行它(假设 icacls 是在您所在的同一文件夹中,或在 PATH 环境变量中)。
$Text = Get-Content C:\Scripts\Test\AndTest.txt -Raw
$Records = $Text -split "(?s)(Path:.*?)(?=Path:|$)"|?{$_}
#Loop through each file/ACL
ForEach($Record in $Records){
$FilePath = ($Record -split "[\r\n]+")[0].Substring(6)
$PermRecords = ($Record -split "(?s)AccessToString : "|Select -skip 1) -split "[\r\n]+"|?{$_}
$Perms = $PermRecords|?{$_ -match "(.*\.*?)\s+(Allow|Deny)(.*)$"}|%{[pscustomobject]@{'Account'=$Matches[1].Trim();'Type'=$Matches[2];'Perms'=$Matches[3].Trim()}}
#Loop through each perm for the current file
$Perms | %{
#Convert friendly names to abbreviations
$ShortPerms = ''
Switch -regex ($_.Perms){
"FullControl" {$ShortPerms = "F";Continue}
"ReadAndExecute" {$ShortPerms += "RX,"}
"Synchronize" {$ShortPerms += "S,"}
"Modify" {$ShortPerms += "M,"}
"Read(?=,|$)" {$ShortPerms += "R,"}
"Write" {$ShortPerms += "W,"}
}
$ShortPerms = $ShortPerms.TrimEnd(',')
$Arguments = '"{0}" /{4} "{1}":(OI)(CI)({2}) /t /c /l /q /inheritance:r' -f $FilePath, $_.Account, $ShortPerms,$(If($_.Type -eq 'Allow'){'Grant'}else{'Deny'})
write-host "& ICAcls $Arguments"
}
}
如果 -Raw 参数对您不起作用,您可以使用
(Get-Content C:\Scripts\Test\AndTest.txt) -join "`r`n"
如果您有任何疑问或问题,请告诉我。