我正试图对照凭证管理器检查是否有任何";域";条目,如果";域";条目DOESN";T存在,则会出现一个弹出窗口,供用户输入用户名和密码。如果它存在,那么简单地停止脚本。
假设此PowerShell脚本在windows登录时运行,以便在windows凭据管理器中不存在域凭据的情况下添加域凭据,然后映射网络驱动器。如果脚本检测到Windows凭据管理器中没有添加域凭据,则它将提示用户输入。
我很困惑我的逻辑哪里错了,当代码运行时,它忽略了IF语句,并继续弹出username&密码,即使Windows凭据管理器中有域用户并运行cmdkey/add和net use命令。
我正在使用Intune部署此脚本,并且我在没有IF语句的情况下对其进行了测试,它运行良好。在再次测试IF语句之前,我正在尝试先使其工作。
这是我的代码:
[System.Reflection.Assembly]::LoadWithPartialName("System.Windows.Forms")
$error.clear()
try {
cmdkey /list | foreach {
if($_ -match 'Domain')
{
[PSCustomObject]@{Account = $matches.1}
[System.Windows.Forms.MessageBox]::Show("Already exist!")
}
else {
# Captures username
#-------------------------------------------------------------------------
Add-Type -AssemblyName System.Windows.Forms
Add-Type -AssemblyName System.Drawing
$form = New-Object System.Windows.Forms.Form
$form.Text = "Enter Username"
$form.Size = New-Object System.Drawing.Size(300,200)
$form.StartPosition = "CenterScreen"
$OKButton = New-Object System.Windows.Forms.Button
$OKButton.Location = New-Object System.Drawing.Point(75,120)
$OKButton.Size = New-Object System.Drawing.Size(75,23)
$OKButton.Text = "OK"
$OKButton.DialogResult = [System.Windows.Forms.DialogResult]::OK
$form.AcceptButton = $OKButton
$form.Controls.Add($OKButton)
$CancelButton = New-Object System.Windows.Forms.Button
$CancelButton.Location = New-Object System.Drawing.Point(150,120)
$CancelButton.Size = New-Object System.Drawing.Size(75,23)
$CancelButton.Text = "Cancel"
$CancelButton.DialogResult = [System.Windows.Forms.DialogResult]::Cancel
$form.CancelButton = $CancelButton
$form.Controls.Add($CancelButton)
$label = New-Object System.Windows.Forms.Label
$label.Location = New-Object System.Drawing.Point(10,20)
$label.Size = New-Object System.Drawing.Size(280,20)
$label.Text = "Enter Username: "
$form.Controls.Add($label)
$textBox = New-Object System.Windows.Forms.TextBox
$textBox.Location = New-Object System.Drawing.Point(10,40)
$textBox.Size = New-Object System.Drawing.Size(260,20)
$form.Controls.Add($textBox)
$form.Topmost = $True
$form.Add_Shown({$textBox.Select()})
$result = $form.ShowDialog()
if ($result -eq [System.Windows.Forms.DialogResult]::OK)
{
$x = $textBox.Text
$x
}
# Captures password
#-------------------------------------------------------------------------
Add-Type -AssemblyName System.Windows.Forms
Add-Type -AssemblyName System.Drawing
$form = New-Object System.Windows.Forms.Form
$form.Text = "Enter Password"
$form.Size = New-Object System.Drawing.Size(300,200)
$form.StartPosition = "CenterScreen"
$OKButton = New-Object System.Windows.Forms.Button
$OKButton.Location = New-Object System.Drawing.Point(75,120)
$OKButton.Size = New-Object System.Drawing.Size(75,23)
$OKButton.Text = "OK"
$OKButton.DialogResult = [System.Windows.Forms.DialogResult]::OK
$form.AcceptButton = $OKButton
$form.Controls.Add($OKButton)
$CancelButton = New-Object System.Windows.Forms.Button
$CancelButton.Location = New-Object System.Drawing.Point(150,120)
$CancelButton.Size = New-Object System.Drawing.Size(75,23)
$CancelButton.Text = "Cancel"
$CancelButton.DialogResult = [System.Windows.Forms.DialogResult]::Cancel
$form.CancelButton = $CancelButton
$form.Controls.Add($CancelButton)
$label = New-Object System.Windows.Forms.Label
$label.Location = New-Object System.Drawing.Point(10,20)
$label.Size = New-Object System.Drawing.Size(280,20)
$label.Text = "Enter Password: "
$form.Controls.Add($label)
$textBox = New-Object System.Windows.Forms.TextBox
$textBox.Location = New-Object System.Drawing.Point(10,40)
$textBox.Size = New-Object System.Drawing.Size(260,20)
$form.Controls.Add($textBox)
$form.Topmost = $True
$form.Add_Shown({$textBox.Select()})
$result = $form.ShowDialog()
if ($result -eq [System.Windows.Forms.DialogResult]::OK)
{
$x2 = $textBox.Text
$x2
}
cmdkey.exe /add:ae7msd-dc /user:$x /pass:$x2
net use U: "\SERVERFOLDER" /persistent:yes
break
}
}
}
catch { [System.Windows.Forms.MessageBox]::Show("Not Working!") }
if (!$error) {
[System.Windows.Forms.MessageBox]::Show("IT'S DONE!")
}
这是当没有域用户添加到Windows凭据管理器时,我在Powershell编辑器上得到的输出:
PS C:Usershadi> C:tempadd-cred.ps1
GAC Version Location
--- ------- --------
True v4.0.30319 C:WINDOWSMicrosoft.NetassemblyGAC_MSILSystem.Windows.Formsv4.0_4.0.0.0__b77a5c561934e089System.Windows.Forms.dll
hmohsen
Abc!2345
CMDKEY: Credential added successfully.
The command completed successfully.
OK
这是我在运行脚本时得到的,即使已经有一个域用户添加到windows凭据管理器中:
PS C:Usershadi> C:tempadd-cred.ps1
GAC Version Location
--- ------- --------
True v4.0.30319 C:WINDOWSMicrosoft.NetassemblyGAC_MSILSystem.Windows.Formsv4.0_4.0.0.0__b77a5c561934e089System.Windows.Forms.dll
hmohsen
Abc!2345
CMDKEY: Credential added successfully.
net : System error 85 has occurred.
At C:tempadd-cred.ps1:124 char:2
+ net use U: "\SERVERFOLDER" /persistent:yes
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : NotSpecified: (System error 85 has occurred.:String) [], RemoteException
+ FullyQualifiedErrorId : NativeCommandError
The local device name is already in use.
OK
我的目标是在Windows凭据管理器中有域用户的条目时停止脚本,但脚本仍在运行。这个逻辑是有缺陷的,但我该如何修复它呢!
代码的问题在于以下语句:
cmdkey /list | foreach {
if($_ -match 'Domain')
if语句永远不会计算为true,因为匹配永远不会为true。
cmdkey /list命令返回一个格式化字符串数组。要匹配的字符串应该是Type: Domain(可能在前面和后面都有空格(。
将您的代码更改为以下内容应该会得到正确的匹配:
cmdkey /list | ForEach-Object {
if($_ -like '*Type: Domain*')
{
[PSCustomObject]@{Account = $matches.1}
[System.Windows.Forms.MessageBox]::Show("Already exist!")
}