Invoke-Command and Enter-PSsession - Diffrences
这里的Invoke-command和Enter-PSsession有什么区别?
大家好
我试图弄清楚Powershell脚本中invoke-Command和Enter-PSsession的情况。我都可以运行相同的代码,但是在我的Invoke-Command中,我收到一条错误消息。
设计要执行的代码是:
这段代码是一个较大的控制器的一部分,我们使用第一行支持在文件服务器上创建共享。
该位被写为控制器的一部分,它是原始控制器的直接副本。顶部变量仅用于脚本运行,并且已设置该变量以说明问题并进行故障排除。
我的研究导致我的问题是最后3行,如下所示,因为它在Invoke-Command中运行。我看不到为什么,在Invoke-command中不起作用,因为它在PSsession中可以正常工作。
我想这是第二次通过凭据的问题,但随后它还会给PSsession带来错误。如果不正确,请说明原因:-)
1 2 3 | $ACL = New-Object System.Security.AccessControl.FileSystemAccessRule($($usergroup.SamAccountName),"Modify","ContainerInherit,ObjectInherit","None","Allow") $RootACL.AddAccessRule($ACL) Set-Acl -Path $Path$sharename -AclObject $RootACL -ErrorAction 'Stop' |
我输入Enter-Pssesscion的代码:(正在工作)
在远程服务器上输入PSsession(使用Enter-PSsession -computername Server 1 -Credential $ Credential)后,此代码正在运行。
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 | $Credential = (Get-Credential -Credential user1) ## For test only - Below ## $PSComputerName ="server1" $Drive ="e:\" $DriveLetter = ($Drive -split":")[0] $Usergroup = Import-Clixml -Path"C:\\UserGroup.xml" $Path ="\\\\$PSComputerName\\$DriveLetter$\" $Sharename ="User1test" #$textbox1.Text $users ="user1","User2" ## For test only - Above ## if (-not (Test-Path -Path ($Drive + $Sharename))) { New-Item -ItemType directory -Path ($Drive + $Sharename) -ErrorAction 'Stop' | Out-Null $RootACL = Get-Acl -Path ($Drive + $Sharename) -ErrorAction 'Stop' $RootACL.SetAccessRuleProtection($false, $true) } Else { $RootACL = Get-Acl -Path ($Drive + $Sharename) -ErrorAction 'Stop' $RootACL.SetAccessRuleProtection($false, $true) } $ACL = New-Object System.Security.AccessControl.FileSystemAccessRule($($usergroup.SamAccountName),"Modify","ContainerInherit,ObjectInherit","None","Allow") $RootACL.AddAccessRule($ACL) Set-Acl -Path $Path$sharenavn -AclObject $RootACL -ErrorAction 'Stop' |
我的invoke-command代码:(不起作用)
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 | $Credential = (Get-Credential -Credential user1) $PSComputerName ="server1" $Drive ="e:\" $DriveLetter = ($Drive -split":")[0] $Usergroup = Import-Clixml -Path"I:\\9514 - Drift\\Powershell Scripts\\Project\\Oprydning af Shares og AD grupper\\CreateFileShare\\UserGroup.xml" $Path ="\\\\$PSComputerName\\($DriveLetter)$\" $sharename ="User1test" #$textbox1.Text $users ="user1","user2" Invoke-Command -ScriptBlock { param ( [String]$Sharename, [String]$Drive ) if (-not (Test-Path -Path ($Drive + $Sharename))) { New-Item -ItemType directory -Path ($Drive + $Sharename) -ErrorAction 'Stop' | Out-Null $RootACL = Get-Acl -Path ($Drive + $Sharename) -ErrorAction 'Stop' $RootACL.SetAccessRuleProtection($false, $true) } Else { $RootACL = Get-Acl -Path ($Drive + $Sharename) -ErrorAction 'Stop' $RootACL.SetAccessRuleProtection($false, $true) } $ACL = New-Object System.Security.AccessControl.FileSystemAccessRule($($usergroup.SamAccountName),"Modify","ContainerInherit,ObjectInherit","None","Allow") $RootACL.AddAccessRule($ACL) Set-Acl -Path $Path$sharename -AclObject $RootACL -ErrorAction 'Stop' } -ComputerName $PSComputerName -ArgumentList $sharename,$Drive,$Usergroup -Credential:$Credential -ErrorAction 'Stop' |
我收到以下错误:
1 2 3 4 5 6 7 8 9 | Exception calling".ctor" with"5" argument(s):"Value cannot be null. Parameter name: identity" At C:\\Script.ps1:11 char:1 + Invoke-Command -ScriptBlock { + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + CategoryInfo : InvalidOperation: (:) [New-Object], MethodInvocationException + FullyQualifiedErrorId : ConstructorInvokedThrowException,Microsoft.PowerShell.Commands.NewObjectCommand + PSComputerName : Server1 |
这是违规行
1 | $ACL = New-Object System.Security.AccessControl.FileSystemAccessRule($($usergroup.SamAccountName),"Modify","ContainerInherit,ObjectInherit","None","Allow") |
似乎$($ usergroup.SamAccountName)包含空值。
这是因为,在ArgumentList中发送参数时,无法在脚本块外部使用变量的名称。 可以通过将新变量分配给参数的值并使用它来访问参数。 另外,您可以直接使用$ Args []语法。
1 | $usergroup = $Args[2] # Third argument |
其他参数类似。
您还设置了两个参数作为参数,但没有设置第三个参数。 如果还添加了第三个参数($ usergroup),它可能会起作用。 但是我建议按如下方式更改您的代码以使其工作。 这使参数在Invoke-Command上传递给-ArgumentList时非常明显。
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 | $Credential = (Get-Credential -Credential user1) $PSComputerName ="server1" $Drive ="e:\" $DriveLetter = ($Drive -split":")[0] $Usergroup = Import-Clixml -Path"I:\\9514 - Drift\\Powershell Scripts\\Project\\Oprydning af Shares og AD grupper\\CreateFileShare\\UserGroup.xml" $Path ="\\\\$PSComputerName\\($DriveLetter)$\" $sharename ="User1test" #$textbox1.Text $users ="user1","user2" Invoke-Command -ScriptBlock { # Assign variables from Arguments $Sharename = $Args[0] $Drive = $Args[1] $Usergroup = $Args[2] if (-not (Test-Path -Path ($Drive + $Sharename))) { New-Item -ItemType directory -Path ($Drive + $Sharename) -ErrorAction 'Stop' | Out-Null $RootACL = Get-Acl -Path ($Drive + $Sharename) -ErrorAction 'Stop' $RootACL.SetAccessRuleProtection($false, $true) } Else { $RootACL = Get-Acl -Path ($Drive + $Sharename) -ErrorAction 'Stop' $RootACL.SetAccessRuleProtection($false, $true) } $ACL = New-Object System.Security.AccessControl.FileSystemAccessRule($($usergroup.SamAccountName),"Modify","ContainerInherit,ObjectInherit","None","Allow") $RootACL.AddAccessRule($ACL) Set-Acl -Path $Path$sharename -AclObject $RootACL -ErrorAction 'Stop' } -ComputerName $PSComputerName -ArgumentList $sharename,$Drive,$Usergroup -Credential:$Credential -ErrorAction 'Stop' |