Compare commits

...

2 Commits

Author SHA1 Message Date
Karl-Wilfried Zimmer
5d6f617b8d snap 2024-07-14 20:42:01 +02:00
Karl-Wilfried Zimmer
651e0c435e snap 2024-07-14 20:41:49 +02:00
2 changed files with 89 additions and 0 deletions

View File

@ -54,6 +54,9 @@ if($PSBoundParameters.ContainsKey("ProjectName")){
$member = $rs | Where-Object Name -Match ".*-RO"
Add-ADGroupMember -Identity $target -Members $member
}
$folder = New-Item -Path $projPath -ItemType Directory
$ReadTarget = $acls | Where-Object Name -Match ".*-RO"
$WriteTarget = $acls | Where-Object Name -Match ".*-RW"

86
NewProject2.ps1 Normal file
View File

@ -0,0 +1,86 @@
[CmdletBinding()]
param (
[string]
$ProjectName,
[string]
$Server
)
. .\Variables.ps1
$ret=$null
$acls=$null
$rs=$null
$projPath=$BaseDirectory+$ProjectName
Write-Host $projPath
$testFolder = Test-Path -Path $projPath -PathType Container
if($testFolder){
throw "Directory already exists. Not creating Folder or Share"
}
if($PSBoundParameters.ContainsKey("ProjectName")){
if($PSBoundParameters.ContainsKey("Server")){
$ret = New-ADGroup -Path $Projects -Server $Server -Name $ProjectName -GroupCategory Security -GroupScope Global -PassThru
#$ret = Get-ADGroup $ProjectName -SearchBase $Projects -Server $Server
$acls = . .\AddProjectACL.ps1 -ProjectName $ProjectName -Server $Server
$rs = . .\AddProjectRoles.ps1 -ProjectName $ProjectName -Server $Server
#$ret | Add-ADGroupMember -Members $acl,$r
$acls | ForEach-Object {add-ADGroupMember -Identity $ret -Members $_ -Server $Server}
$rs | ForEach-Object {Add-ADGroupMember -Identity $ret -Members $_ -Server $Server}
} else {
$ret = New-ADGroup -Path $Projects -Name $ProjectName -GroupCategory Security -GroupScope Global -PassThru
#$ret = Get-ADGroup $ProjectName -SearchBase $Projects
$acls = . .\AddProjectACL.ps1 -ProjectName $ProjectName
$rs = . .\AddProjectRoles.ps1 -ProjectName $ProjectName
#$ret | Add-ADGroupMember -Members $acl,$r
$acls | ForEach-Object {Add-ADGroupMember -Identity $ret -Members $_}
$rs | ForEach-Object {Add-ADGroupMember -Identity $ret -Members $_}
}
if($PSBoundParameters.ContainsKey("Server")){
$target = $acls | Where-Object Name -Match ".*-RW"
$member = $rs | Where-Object Name -Match ".*-RW"
Add-ADGroupMember -Identity $target -Members $member -Server $Server
$target = $acls | Where-Object Name -Match ".*-RO"
$member = $rs | Where-Object Name -Match ".*-RO"
Add-ADGroupMember -Identity $target -Members $member -Server $Server
} else {
$target = $acls | Where-Object Name -Match ".*-RW"
$member = $rs | Where-Object Name -Match ".*-RW"
Add-ADGroupMember -Identity $target -Members $member
$target = $acls | Where-Object Name -Match ".*-RO"
$member = $rs | Where-Object Name -Match ".*-RO"
Add-ADGroupMember -Identity $target -Members $member
}
$folder = New-Item -Path $projPath -ItemType Directory
$ReadTarget = $acls | Where-Object Name -Match ".*-RO"
$WriteTarget = $acls | Where-Object Name -Match ".*-RW"
Write-Host $ReadTarget.Name
Write-Host $WriteTarget.Name
$FolderACL= Get-Acl -Path $folder
$rid = $ReadTarget.Name
$wid = $WriteTarget.Name
$fsrr = "Read"
$fsrr = "Write"
$type = "Allow"
$fsarar = $rid,$fsrr,$type
$fsaraw = $wid,$fsrw,$type
$fileSystemAccessRuleR = New-Object -TypeName System.Security.AccessControl.FileSystemAccessRule -ArgumentList $fileSystemAccessRuleArgumentList
$fileSystemAccessRuleW = New-Object -TypeName System.Security.AccessControl.FileSystemAccessRule -ArgumentList $fileSystemAccessRuleArgumentList
$FolderACL.SetAccessRule($fileSystemAccessRuleR)
$FolderACL.SetAccessRule($fileSystemAccessRuleW)
return $ret
}
throw "ProjectName parameter needs to be set"