Set-MsmqQueueACL - 允许 - 不能按照文档使用列表?
Set-MsmqQueueACL - Allow - can't use list as per docs?
我正在尝试使用 Powershell v5.1 (Win2k16) 在 Msmq 队列上设置 ACL - 但即使我按照文档进行操作 - 我仍然收到错误。
Get-MsmqQueue -Name "s009_ClientsServiceBus" -QueueType Private | Set-MsmqQueueAcl -UserName "domain.com\WfxServiceBus" -Allow Peek,Write
错误:
Set-MsmqQueueACL : Cannot convert 'System.Object[]' to the type
'System.Nullable`1[Microsoft.Msmq.PowerShell.Commands.MessageQueueAccessRights]' required by parameter 'Allow'. Specified method is
not supported.
At line:1 char:128
+ ... t-MsmqQueueAcl -UserName "domain.com\WfxServiceBus" -Allow Peek,Write
+ ~~~~~~~~~~
+ CategoryInfo : InvalidArgument: (:) [Set-MsmqQueueACL], ParameterBindingException
+ FullyQualifiedErrorId : CannotConvertArgument,Microsoft.Msmq.PowerShell.Commands.SetMSMQQueueACLCommand
Docs 显示以下示例:
Get-MsmqQueue –Name Order* –QueueType Private | Set-MsmqQueueAcl –UserName “REDMOND\madmax” –Allow Delete,Peek,Receive,Send –Deny TakeOwnership
运行(假设某些参数对我的环境不正确,但同样的错误)...
PS C:\Users\user> Get-MsmqQueue -Name Order* -QueueType Private | Set-MsmqQueueAcl -UserName "REDMOND\madmax" -Allow Delete,Peek,Receive,Send -Deny TakeOwnership
Set-MsmqQueueACL : Cannot convert 'System.Object[]' to the type
'System.Nullable`1[Microsoft.Msmq.PowerShell.Commands.MessageQueueAccessRights]' required by parameter 'Allow'. Specified method is
not supported.
At line:1 char:100
+ ... cl -UserName "REDMOND\madmax" -Allow Delete,Peek,Receive,Send -Deny T ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidArgument: (:) [Set-MsmqQueueACL], ParameterBindingException
+ FullyQualifiedErrorId : CannotConvertArgument,Microsoft.Msmq.PowerShell.Commands.SetMSMQQueueACLCommand
所以文档似乎已过时,或者发生了一些变化..问题是 - 我如何使用 Powershell 做我需要做的事情?我尝试了很多组合,例如:
.... -Allow "Peek,Send"
.... -Allow "Peek","Send"
.... -Allow 'Peek,Send'
等..
如果我只包括一个选项,即:'Send' 或 'Peek' 那么它工作正常,但我无法按照文档发送一组权限。
谢谢!
更新 - 使用 -Allow "Peek, Send":
PS C:\Users\meaton> Get-MsmqQueue -Name "s009_ClientsServiceBus" -QueueType Private | Set-MsmqQueueAcl -UserName "domain.com\WfxServic
eBus" -Allow "Peek,Write"
Set-MsmqQueueACL : Cannot bind parameter 'Allow'. Cannot convert value "Peek,Write" to type
"Microsoft.Msmq.PowerShell.Commands.MessageQueueAccessRights". Error: "Unable to match the identifier name Peek,Write to a valid
enumerator name. Specify one of the following enumerator names and try again:
DeleteMessage, PeekMessage, ReceiveMessage, WriteMessage, DeleteJournalMessage, ReceiveJournalMessage, SetQueueProperties,
GetQueueProperties, DeleteQueue, GetQueuePermissions, GenericWrite, GenericRead, ChangeQueuePermissions, TakeQueueOwnership,
FullControl"
At line:1 char:128
+ ... MsmqQueueAcl -UserName "domain.com\WfxServiceBus" -Allow "Peek,Write"
+ ~~~~~~~~~~~~
+ CategoryInfo : InvalidArgument: (:) [Set-MsmqQueueACL], ParameterBindingException
+ FullyQualifiedErrorId : CannotConvertArgumentNoMessage,Microsoft.Msmq.PowerShell.Commands.SetMSMQQueueACLCommand
根据错误将其更改为 "PeekMessage,SendMessage" 会产生完全相同的错误:
...Set-MsmqQueueACL : Cannot bind parameter 'Allow'. Cannot convert value "PeekMessage,WriteMessage" to type
"Microsoft.Msmq.PowerShell.Commands.MessageQueueAccessRights" due to enumeration values that are not valid. Specify one of....
文档可能缺少引号;它期待 an enum that supports bitfields,所以很可能你会这样做(我的 2016 PS 5.1 盒子上没有 msmq cmdlet 或类型,所以我无法测试),使用按位 or:
$allows = [Microsoft.Msmq.PowerShell.Commands.MessageQueueAccessRights]::Peek -bor
[Microsoft.Msmq.PowerShell.Commands.MessageQueueAccessRights]::Send -bor
[Microsoft.Msmq.PowerShell.Commands.MessageQueueAccessRights]::Receive
Set-MsmqQueueAcl -UserName "REDMOND\madmax" -Allow $allows
它应该通过将所有值放在引号中来工作(也就是说,不是数组,而是一个带逗号的字符串),但是你说你那样试过并且它没有用;这会产生不同的错误吗?
我正在尝试使用 Powershell v5.1 (Win2k16) 在 Msmq 队列上设置 ACL - 但即使我按照文档进行操作 - 我仍然收到错误。
Get-MsmqQueue -Name "s009_ClientsServiceBus" -QueueType Private | Set-MsmqQueueAcl -UserName "domain.com\WfxServiceBus" -Allow Peek,Write
错误:
Set-MsmqQueueACL : Cannot convert 'System.Object[]' to the type
'System.Nullable`1[Microsoft.Msmq.PowerShell.Commands.MessageQueueAccessRights]' required by parameter 'Allow'. Specified method is
not supported.
At line:1 char:128
+ ... t-MsmqQueueAcl -UserName "domain.com\WfxServiceBus" -Allow Peek,Write
+ ~~~~~~~~~~
+ CategoryInfo : InvalidArgument: (:) [Set-MsmqQueueACL], ParameterBindingException
+ FullyQualifiedErrorId : CannotConvertArgument,Microsoft.Msmq.PowerShell.Commands.SetMSMQQueueACLCommand
Docs 显示以下示例:
Get-MsmqQueue –Name Order* –QueueType Private | Set-MsmqQueueAcl –UserName “REDMOND\madmax” –Allow Delete,Peek,Receive,Send –Deny TakeOwnership
运行(假设某些参数对我的环境不正确,但同样的错误)...
PS C:\Users\user> Get-MsmqQueue -Name Order* -QueueType Private | Set-MsmqQueueAcl -UserName "REDMOND\madmax" -Allow Delete,Peek,Receive,Send -Deny TakeOwnership
Set-MsmqQueueACL : Cannot convert 'System.Object[]' to the type
'System.Nullable`1[Microsoft.Msmq.PowerShell.Commands.MessageQueueAccessRights]' required by parameter 'Allow'. Specified method is
not supported.
At line:1 char:100
+ ... cl -UserName "REDMOND\madmax" -Allow Delete,Peek,Receive,Send -Deny T ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidArgument: (:) [Set-MsmqQueueACL], ParameterBindingException
+ FullyQualifiedErrorId : CannotConvertArgument,Microsoft.Msmq.PowerShell.Commands.SetMSMQQueueACLCommand
所以文档似乎已过时,或者发生了一些变化..问题是 - 我如何使用 Powershell 做我需要做的事情?我尝试了很多组合,例如:
.... -Allow "Peek,Send"
.... -Allow "Peek","Send"
.... -Allow 'Peek,Send'
等..
如果我只包括一个选项,即:'Send' 或 'Peek' 那么它工作正常,但我无法按照文档发送一组权限。
谢谢!
更新 - 使用 -Allow "Peek, Send":
PS C:\Users\meaton> Get-MsmqQueue -Name "s009_ClientsServiceBus" -QueueType Private | Set-MsmqQueueAcl -UserName "domain.com\WfxServic
eBus" -Allow "Peek,Write"
Set-MsmqQueueACL : Cannot bind parameter 'Allow'. Cannot convert value "Peek,Write" to type
"Microsoft.Msmq.PowerShell.Commands.MessageQueueAccessRights". Error: "Unable to match the identifier name Peek,Write to a valid
enumerator name. Specify one of the following enumerator names and try again:
DeleteMessage, PeekMessage, ReceiveMessage, WriteMessage, DeleteJournalMessage, ReceiveJournalMessage, SetQueueProperties,
GetQueueProperties, DeleteQueue, GetQueuePermissions, GenericWrite, GenericRead, ChangeQueuePermissions, TakeQueueOwnership,
FullControl"
At line:1 char:128
+ ... MsmqQueueAcl -UserName "domain.com\WfxServiceBus" -Allow "Peek,Write"
+ ~~~~~~~~~~~~
+ CategoryInfo : InvalidArgument: (:) [Set-MsmqQueueACL], ParameterBindingException
+ FullyQualifiedErrorId : CannotConvertArgumentNoMessage,Microsoft.Msmq.PowerShell.Commands.SetMSMQQueueACLCommand
根据错误将其更改为 "PeekMessage,SendMessage" 会产生完全相同的错误:
...Set-MsmqQueueACL : Cannot bind parameter 'Allow'. Cannot convert value "PeekMessage,WriteMessage" to type
"Microsoft.Msmq.PowerShell.Commands.MessageQueueAccessRights" due to enumeration values that are not valid. Specify one of....
文档可能缺少引号;它期待 an enum that supports bitfields,所以很可能你会这样做(我的 2016 PS 5.1 盒子上没有 msmq cmdlet 或类型,所以我无法测试),使用按位 or:
$allows = [Microsoft.Msmq.PowerShell.Commands.MessageQueueAccessRights]::Peek -bor
[Microsoft.Msmq.PowerShell.Commands.MessageQueueAccessRights]::Send -bor
[Microsoft.Msmq.PowerShell.Commands.MessageQueueAccessRights]::Receive
Set-MsmqQueueAcl -UserName "REDMOND\madmax" -Allow $allows
它应该通过将所有值放在引号中来工作(也就是说,不是数组,而是一个带逗号的字符串),但是你说你那样试过并且它没有用;这会产生不同的错误吗?