want to obtain the ACL list of a file path through win_acl and then delete
all users except for the three users: System, Administrators, and Service.
However, it seems to be unsuccessful. So, I tried to get the JSON format
using PowerShell commands and then import variables to execute.
- name: Get current ACL settings on the D
ansible.windows.win_shell: |
(Get-Acl -Path d:).Access | Where-Object {$
*.IdentityReference.Value -notmatch "Administrators|SYSTEM|SERVICE"}|
Select-Object FileSystemRights, AccessControlType, IdentityReference |
ForEach-Object {$identityReference = $*.IdentityReference -replace '\', ''
$jsonObj = @{
FileSystemRights = $
*.FileSystemRights.ToString()AccessControlType = $*
.AccessControlType.ToString()
IdentityReference = $identityReference
}
$jsonObj | ConvertTo-Json
}
register: current_acl_settings
- name: debug: var: current_acl_settings.stdout_lines
During the process of setting variables, special characters were escaped,
which has troubled me for a long time.
ok: [43.248.136.219] => { "acl_settings": [ "{", " \"AccessControlType\":
\"Allow\",", " \"IdentityReference\": \"CREATOR OWNER\",", "
\"FileSystemRights\": \"FullControl\"", "}", "{", " \"AccessControlType\":
\"Allow\",", " \"IdentityReference\": \"BUILTIN\\\\Users\",", "
\"FileSystemRights\": \"AppendData\"", "}", "{", " \"AccessControlType\":
\"Allow\",", " \"IdentityReference\": \"BUILTIN\\\\Users\",", "
\"FileSystemRights\": \"CreateFiles\"", "}" ]
}
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/a7ec7f38-0c74-49da-b8ea-9faad7763010n%40googlegroups.com.
