0

我有几个使用基于角色的安全性的 COM+ 应用程序。在任何故障排除期间,手动检查每个组件以确保选中“强制组件级别访问检查”和“为选定项目设置的角色明确设置”框可能会很痛苦。

下面的脚本已经解决了一半的问题(强制执行组件级别访问检查),但我正在努力寻找一种方法来以编程方式确定分配给组件的任何角色是否也启用了它们的复选框。

非常感谢任何帮助!

Clear-Host;

$comAdmin = New-Object -com ("COMAdmin.COMAdminCatalog.1");
$applications = $comAdmin.GetCollection("Applications") ;
$applications.Populate() ;
$appfilter = "ABC";

foreach ($application in $applications){

  if($application.name.substring(0,3) -eq $appfilter){

    try{    
          $components = $applications.GetCollection("Components",$application.key)
          $components.Populate()

          foreach ($component in $components){

            $componentName = $component.Name;
                Write-Host $componentName;

            $accesschecks = $component.Value("ComponentAccessChecksEnabled");

            Write-Host "Access Checks Enabled: " -NoNewLine;
            Switch ($accesschecks){
                $true{Write-Host $accesschecks -ForegroundColor Green}
                $false{Write-Host $accesschecks -ForegroundColor red -BackgroundColor white}
            }   

            $roles = $applications.GetCollection("Roles",$application.key) ;
            $roles.Populate();
            $rolename = $roles.Item(0).Name;

            #$roleenabled = !!???!!     

            Write-Host "Role: $rolename Enabled: " -NoNewLine;
            Switch ($roleenabled){
                $true{Write-Host $roleenabled -ForegroundColor Green}
                $false{Write-Host $roleenabled -ForegroundColor red -BackgroundColor white}
            } 
            Write-Host;

             }
    }
    catch{}
  }
Write-Host "-------------------------------------";
}

显示已启用角色的示例 COM+ 对话框

4

1 回答 1

1

破解它。如果未在组件安全设置中选中角色框,则角色不会列在 RolesforComponent 集合中,就好像根本没有角色一样。此外,可能有多个角色分配给一个组件,因此需要另一个循环来枚举:

Clear-Host;

$comAdmin = New-Object -com ("COMAdmin.COMAdminCatalog.1");
$applications = $comAdmin.GetCollection("Applications") ;
$applications.Populate() ;
$appfilter = "ABC";

foreach ($application in $applications){

    if($application.name.substring(0,3) -eq $appfilter){

            try{  

                    Write-Host $application.name -ForegroundColor White;
                   $components = $applications.GetCollection("Components",$application.key)
                $components.Populate()

                foreach ($component in $components){
                $componentName = $component.Name;
                    $componentID = $component.Value("CLSID");
                        Write-Host "*"$componentName;
                $accesschecks = $component.Value("ComponentAccessChecksEnabled");
                        Write-Host "  Access Checks Enabled: " -NoNewLine;

                  Switch ($accesschecks){
                       $true{Write-Host $accesschecks -ForegroundColor Blue -BackgroundColor Green}
                           $false{Write-Host $accesschecks -ForegroundColor White -BackgroundColor Red}
                            }
                }   

                        $RolesForComponent = $components.GetCollection("RolesForComponent",$component.Value("CLSID"))
                        $RolesForComponent.Populate();

                        If ($RolesForComponent.Count -eq 0){
                            Write-Host "  " -NoNewLine;
                            Write-Host "Check Roles!" -ForegroundColor White -BackgroundColor Red;
                        }
                        Else{
                            foreach ($role in $RolesForComponent){
                $rolename = $role.Name;
                            Write-Host "  " -NoNewLine;
                            Write-Host $rolename -NoNewLine;
                            Write-Host "  " -NoNewLine;
                            Write-Host "Role OK" -ForegroundColor Blue -BackgroundColor Green;
                            Write-Host;
                       }        
                        }
            }

        catch{}

    }
    Write-Host "----------------------------------------------------------------------";
}

更多信息在这里MSDN RolesForComponent 集合

于 2012-11-08T15:12:36.840 回答