1. 首页
  2. 问答
  3. 使用PowerShell检查COM +组件安全角色

使用PowerShell检查COM +组件安全角色

2012-11-07 22 views
0

我有几个利用基于角色的安全性的COM +应用程序。在任何故障排除期间,手动检查每个组件以确保“强制组件级别访问检查”和“为选定项目设置角色明确性”框被检查可能会很痛苦。使用PowerShell检查COM +组件安全角色

下面的脚本已经解决了一半的问题(强制组件级别访问检查),但我正在努力寻找一种方法来编程确定分配给该组件的任何角色是否也启用了其复选框。

任何帮助非常感谢!

Clear-Host; 

$comAdmin = New-Object -com ("COMAdmin.COMAdminCatalog.1"); 
$applications = $comAdmin.GetCollection("Applications") ; 
$applications.Populate() ; 
$appfilter = "ABC"; 

foreach ($application in $applications){ 

    if($application.name.substring(0,3) -eq $appfilter){ 

    try{  
      $components = $applications.GetCollection("Components",$application.key) 
      $components.Populate() 

      foreach ($component in $components){ 

      $componentName = $component.Name; 
       Write-Host $componentName; 

      $accesschecks = $component.Value("ComponentAccessChecksEnabled"); 

      Write-Host "Access Checks Enabled: " -NoNewLine; 
      Switch ($accesschecks){ 
       $true{Write-Host $accesschecks -ForegroundColor Green} 
       $false{Write-Host $accesschecks -ForegroundColor red -BackgroundColor white} 
      } 

      $roles = $applications.GetCollection("Roles",$application.key) ; 
      $roles.Populate(); 
      $rolename = $roles.Item(0).Name; 

      #$roleenabled = !!???!!  

      Write-Host "Role: $rolename Enabled: " -NoNewLine; 
      Switch ($roleenabled){ 
       $true{Write-Host $roleenabled -ForegroundColor Green} 
       $false{Write-Host $roleenabled -ForegroundColor red -BackgroundColor white} 
      } 
      Write-Host; 

      } 
    } 
    catch{} 
    } 
Write-Host "-------------------------------------"; 
}

Example COM+ dialogue showing enabled roles

来源

2012-11-07 Kenny White

回答

1

破解它。如果未在组件安全设置中检查角色框,则该角色未在RolesforComponent集合中列出,就好像根本没有角色一样。也有可能被分配到一个组件多个角色所以需要另一个循环来列举:

Clear-Host; 

$comAdmin = New-Object -com ("COMAdmin.COMAdminCatalog.1"); 
$applications = $comAdmin.GetCollection("Applications") ; 
$applications.Populate() ; 
$appfilter = "ABC"; 

foreach ($application in $applications){ 

    if($application.name.substring(0,3) -eq $appfilter){ 

      try{ 

        Write-Host $application.name -ForegroundColor White; 
        $components = $applications.GetCollection("Components",$application.key) 
       $components.Populate() 

       foreach ($component in $components){ 
       $componentName = $component.Name; 
        $componentID = $component.Value("CLSID"); 
         Write-Host "*"$componentName; 
       $accesschecks = $component.Value("ComponentAccessChecksEnabled"); 
         Write-Host " Access Checks Enabled: " -NoNewLine; 

        Switch ($accesschecks){ 
         $true{Write-Host $accesschecks -ForegroundColor Blue -BackgroundColor Green} 
          $false{Write-Host $accesschecks -ForegroundColor White -BackgroundColor Red} 
          } 
       } 

         $RolesForComponent = $components.GetCollection("RolesForComponent",$component.Value("CLSID")) 
         $RolesForComponent.Populate(); 

         If ($RolesForComponent.Count -eq 0){ 
          Write-Host " " -NoNewLine; 
          Write-Host "Check Roles!" -ForegroundColor White -BackgroundColor Red; 
         } 
         Else{ 
          foreach ($role in $RolesForComponent){ 
       $rolename = $role.Name; 
          Write-Host " " -NoNewLine; 
          Write-Host $rolename -NoNewLine; 
          Write-Host " " -NoNewLine; 
          Write-Host "Role OK" -ForegroundColor Blue -BackgroundColor Green; 
          Write-Host; 
         }   
         } 
      } 

     catch{} 

    } 
    Write-Host "----------------------------------------------------------------------"; 
}

更多的信息在这里MSDN RolesForComponent collection

来源

2012-11-08 15:12:36

相关问题

 相关问题