创建WMI实例时为什么会出现严重错误?

时间:2017-05-31 03:10:59

标签: powershell wmi powershell-v4.0 wmi-query

我有一个脚本,用于根据转换为字符串的ACL输出创建自定义WMI类的实例。这最终是通过该WMI类查询权限。

这个过程的主要内容是:

ShellExecute()

返回以下错误:

ShellExecuteA(NULL, "edit", path.c_str(), NULL, NULL, SW_SHOWNORMAL);

我将Security.AccessControl.FileSystemAccessRule转换为字符串的方式似乎存在问题,因为使用下面的代码并提供文字字符串会创建一个没有问题的实例,并带有适当的值:

    [cmdletbinding()] 


param([Parameter(ValueFromPipeline=$True, 
    ValueFromPipelineByPropertyName=$True)]$Computer = '.')  

$shares = gwmi -Class win32_share -ComputerName $computer | select -ExpandProperty Name  

foreach ($share in $shares) {  
    $acl = $null  
    #Write-Host $share -ForegroundColor Green  
    #Write-Host $('-' * $share.Length) -ForegroundColor Green  

    $objShareSec = Get-WMIObject -Class Win32_LogicalShareSecuritySetting -Filter "name='$Share'"  -ComputerName $computer 

    try {  
        $SD = $objShareSec.GetSecurityDescriptor().Descriptor    

        foreach($ace in $SD.DACL){  

            $UserName = $ace.Trustee.Name      
            If ($ace.Trustee.Domain -ne $Null) {$UserName = "$($ace.Trustee.Domain)\$UserName"}    
            If ($ace.Trustee.Name -eq $Null) {$UserName = $ace.Trustee.SIDString }     

            [Array]$ACL += New-Object Security.AccessControl.FileSystemAccessRule($UserName, $ace.AccessMask, $ace.AceType)



            for( $i = 1; $i -lt $ACL.Length; $i++)
            {
              $permission = $ACL[$i] | Out-String

              Write-Host "permission for $share is $permission"

              Set-WmiInstance -Class TestShare -Puttype CreateOnly -Argument @{Name = $share; Permissions = $permission}
            }


            } #end foreach ACE            
        } # end try  
    catch  
        { 
        Write-host "Failed to create or update instance for share $share"
        Write-Host ""       
         }  
    #$ACL  
   # Write-Host $('=' * 50)  
    } # end foreach $share

我已经查看了与返回的错误相关的technet论坛帖子,但问题似乎总是在尝试创建一个未创建的类的实例。这个班肯定在那里。有没有办法转换Security.AccessControl.FileSystemAccessRule而不会遇到这种情况,或者以不同的方式将该信息存储在自定义WMI类的实例中?

编辑:$ permission的示例输出,转换为字符串

    Set-WmiInstance : Critical error 
At ...\GetShares.ps1:35 char:15
+ ... Set-WmiInstance -Class LDLocalShare -Puttype CreateOnly - ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : InvalidOperation: (:) [Set-WmiInstance], ManagementException
    + FullyQualifiedErrorId : SetWMIManagementException,Microsoft.PowerShell.Commands.SetWmiInstance

1 个答案:

答案 0 :(得分:0)

要创建对象,您可以通过以管理员身份运行以下代码段来执行此操作:

$WMI_Class = ""
 $WMI_Class = New-Object System.Management.ManagementClass("Root\cimv2", $null, $null)
 $WMI_Class.name = 'TestShare'
 $WMI_Class.Properties.Add("Name", [System.Management.CimType]::String, $false)
 $WMI_Class.Properties["Name"].Qualifiers.Add("key", $true)
 $WMI_Class.Properties.Add("Permissions", [System.Management.CimType]::String, $false)
 $WMI_Class.Put()

您可以通过创建虚拟对象来测试它(也应该以管理员身份运行):

Set-WmiInstance -Class TestShare -Puttype CreateOnly -Argument @{Name = 'test';Permissions = 'x'}

然后你的代码应该可以正常使用set-wmiinstance的这个小改动:

 Set-WmiInstance -Class TestShare -Puttype CreateOnly -Argument @{Name = $share;Permissions = $permission.Replace("`r`n","`n")}

但是,我已将共享名称定义为键,并且属性没有写限定符。因此,您将无法稍后为同一共享修改该对象

相关问题
最新问题