powershell - 使用 -ErrorAction STOP 时,Remove-CalendarEvents 失败
问题描述
使用 Remove-CalendarEvents -PreviewOnly 时,我可以检索会议事件,甚至可以在测试帐户上删除它们。但是,当我在命令中添加 -ErrorAction Stop 时,我在 AD 帐户上收到了以前没有引发任何错误的新错误。
try\catch 块用于捕获在找不到用户邮箱时引发的错误。这部分有效。然而 try\catch 也捕捉到一个新的错误:
The "ErrorAction" parameter can't be used on the "Remove-CalendarEvents" cmdlet because it isn't present in the role definition for the current user. Check
the management roles assigned to you, and try again.
At C:\Users\O365ExchangeAdmin\AppData\Local\Temp\tmp_waex0o3a.tea\tmp_waex0o3a.tea.psm1:55507 char:9
+ $steppablePipeline.End()
+ ~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : PermissionDenied: (:) [Remove-CalendarEvents], CmdletAccessDeniedException
+ FullyQualifiedErrorId : [Server=CY4PR0101MB2935,RequestId=ba4d86db-d362-432d-9892-4ea92b503356,TimeStamp=7/18/2019 7:18:03 PM] [FailureCategory=Cmdlet-C
mdletAccessDeniedException] 896C46A1,Microsoft.Exchange.Management.StoreTasks.RemoveCalendarEvents
+ PSComputerName : outlook.office365.com
当我删除 -ErrorAction STOP 参数时,命令成功完成,并让我查看会议事件。但是,如果我没有 -ErrorAction STOP,那么当我的脚本在帐户上失败时我无法登录,因为它没有邮箱。
Try{
$output = Remove-EXOCalendarEvents -Identity $user.UserPrincipalName -QueryStartDate (Get-Date) -PreviewOnly -CancelOrganizedMeetings -Confirm:$false
}Catch [System.Management.Automation.RemoteException] {
LogWrite "$($user.Name) could not be found, most likely they do not have a mailbox"
}
同样删除 [System.Management.Automation.RemoteException] 不会改变结果。
非常感谢您提供的任何帮助,谢谢!
解决方案
您收到的错误是您无权使用该特定参数运行该命令。在 Exchange Server 中,此类权限是通过使用管理角色来管理的。您可以查看这篇文章以了解更多信息。
要检查您是否能够使用特定参数运行任何 cmdlet,您可以使用以下脚本:
# Define what you're looking for
$user = 'john.doe@contoso.com'
$cmdlet = 'Remove-CalendarEvents'
$param = 'ErrorAction'
# Find all your assignments
$assignments = Get-ManagementRoleAssignment -RoleAssignee $user -Delegating $false
# Find cmdlets you can run and filter only the one you specified
$assignments.role | Foreach-Object {Get-ManagementRoleEntry "$_\*" | Where-Object {$_.Name -eq $cmdlet -and $_.Parameters -contains $param}}
在最后一行中,我们正在迭代分配给您的所有角色并检查角色条目。它们的格式是RoleName\CmdletName我们使用*(通配符)来获取所有内容。在最后一个管道之后,您仅使用Where-Objectcmdlet过滤您想要的结果。
推荐阅读
- python - 如何将嵌套字典中的值映射到 Pydantic 模型?
- flutter - 颤振语言环境日期字符串到日期时间
- java - How can the contents of two for loops be write next to each other?
- reactjs - How to rewrite setState from class component to useState in functional component?
- docker - rebuild / restart docker-compose service from inside the same docker-compose project
- reactjs - Enzyme.mount throws "TypeError: form.subscribe is not a function" for react-final-form component when React is mocked by jest
- c - Getting Segmentation Fault: 11, on get_string
- amazon-web-services - I sent it to https when I requested axios, but it will be transferred to http
- c++ - How to create and write a file into a folder on the same directory?
- python - paypal-checkout-serversdk with Django