linking groups implemented and tested

This commit is contained in:
Karl-Wilfried Zimmer 2024-07-14 16:45:30 +02:00
parent a8f94c7d78
commit 9a5552a1e1
3 changed files with 22 additions and 26 deletions

View File

@ -11,17 +11,17 @@ param (
$Read = 'ACL-'+$ProjectName+'-RO'
$Write = 'ACL-'+$ProjectName+'-RW'
$ret=@()
$reta=@()
if($PSBoundParameters.ContainsKey("ProjectName")){
if($PSBoundParameters.ContainsKey("Server")){
$ret += New-ADGroup -Path $ACL -Server $Server -Name $Read -GroupCategory Security -GroupScope Global -PassThru
$ret += New-ADGroup -Path $ACL -Server $Server -Name $Write -GroupCategory Security -GroupScope Global -PassThru
$reta += New-ADGroup -Path $ACL -Server $Server -Name $Read -GroupCategory Security -GroupScope Global -PassThru
$reta += New-ADGroup -Path $ACL -Server $Server -Name $Write -GroupCategory Security -GroupScope Global -PassThru
} else {
$ret += New-ADGroup -Path $ACL -Name $Read -GroupCategory Security -GroupScope Global -PassThru
$ret += New-ADGroup -Path $ACL -Name $Write -GroupCategory Security -GroupScope Global -PassThru
$reta += New-ADGroup -Path $ACL -Name $Read -GroupCategory Security -GroupScope Global -PassThru
$reta += New-ADGroup -Path $ACL -Name $Write -GroupCategory Security -GroupScope Global -PassThru
}
return $ret
return $reta
}
throw "ProjectName parameter needs to be set"

View File

@ -11,18 +11,18 @@ param (
$Read = 'GR-'+$ProjectName+'-RO'
$Write = 'GR-'+$ProjectName+'-RW'
$ret=@()
$retr=@()
if($PSBoundParameters.ContainsKey("ProjectName")){
if($PSBoundParameters.ContainsKey("Server")){
$ret += New-ADGroup -Path $Roles -Server $Server -Name $Read -GroupCategory Security -GroupScope Global -PassThru
$ret += New-ADGroup -Path $Roles -Server $Server -Name $Write -GroupCategory Security -GroupScope Global -PassThru
$retr += New-ADGroup -Path $Roles -Server $Server -Name $Read -GroupCategory Security -GroupScope Global -PassThru
$retr += New-ADGroup -Path $Roles -Server $Server -Name $Write -GroupCategory Security -GroupScope Global -PassThru
} else {
$ret += New-ADGroup -Path $Roles -Name $Read -GroupCategory Security -GroupScope Global -PassThru
$ret += New-ADGroup -Path $Roles -Name $Write -GroupCategory Security -GroupScope Global -PassThru
$retr += New-ADGroup -Path $Roles -Name $Read -GroupCategory Security -GroupScope Global -PassThru
$retr += New-ADGroup -Path $Roles -Name $Write -GroupCategory Security -GroupScope Global -PassThru
}
return $ret
return $retr
}
throw "ProjectName parameter needs to be set"

View File

@ -8,27 +8,23 @@ param (
. .\Variables.ps1
$ret
$acl
$r
if($PSBoundParameters.ContainsKey("ProjectName")){
if($PSBoundParameters.ContainsKey("Server")){
$ret = New-ADGroup -Path $Projects -Server $Server -Name $ProjectName -GroupCategory Security -GroupScope Global -PassThru
$ret = Get-ADGroup $ProjectName -SearchBase $Projects -Server $Server
$acl = . .\AddProjectACL.ps1 -ProjectName $ProjectName -Server $Server
$r = . .\AddProjectRoles.ps1 -ProjectName $ProjectName -Server $Server
#$ret = Get-ADGroup $ProjectName -SearchBase $Projects -Server $Server
$acls = . .\AddProjectACL.ps1 -ProjectName $ProjectName -Server $Server
$rs = . .\AddProjectRoles.ps1 -ProjectName $ProjectName -Server $Server
#$ret | Add-ADGroupMember -Members $acl,$r
$acl | ForEach-Object {add-ADGroupMember -Identity "$ret.DistinguishedName" -Members $_ -Server $Server}
$r | ForEach-Object {Add-ADGroupMember -Identity "$ret.DistinguishedName" -Members $_ -Server $Server}
$acls | ForEach-Object {add-ADGroupMember -Identity $ret -Members $_ -Server $Server}
$rs | ForEach-Object {Add-ADGroupMember -Identity $ret -Members $_ -Server $Server}
} else {
$ret = New-ADGroup -Path $Projects -Name $ProjectName -GroupCategory Security -GroupScope Global -PassThru
$ret = Get-ADGroup $ProjectName -SearchBase $Projects
$acl = . .\AddProjectACL.ps1 -ProjectName $ProjectName
$r = . .\AddProjectRoles.ps1 -ProjectName $ProjectName
#$ret = Get-ADGroup $ProjectName -SearchBase $Projects
$acls = . .\AddProjectACL.ps1 -ProjectName $ProjectName
$rs = . .\AddProjectRoles.ps1 -ProjectName $ProjectName
#$ret | Add-ADGroupMember -Members $acl,$r
$acl | ForEach-Object {Add-ADGroupMember -Identity "$ret.DistinguishedName" -Members $_}
$r | ForEach-Object {Add-ADGroupMember -Identity "$ret.DistinguishedName" -Members $_}
$acls | ForEach-Object {Add-ADGroupMember -Identity $ret -Members $_}
$rs | ForEach-Object {Add-ADGroupMember -Identity $ret -Members $_}
}
return $ret