Set-MsmqQueueACL-允许-无法根据文档使用列表？

Question

我正在尝试使用Powershell v5.1（Win2k16）在Msmq队列上设置ACL，但是即使我在遵循文档，也仍然会遇到错误。

Get-MsmqQueue -Name "s009_ClientsServiceBus" -QueueType Private | Set-MsmqQueueAcl -UserName "domain.com\WfxServiceBus" -Allow Peek,Write

错误：

Set-MsmqQueueACL : Cannot convert 'System.Object[]' to the type
'System.Nullable`1[Microsoft.Msmq.PowerShell.Commands.MessageQueueAccessRights]' required by parameter 'Allow'. Specified method is
not supported.
At line:1 char:128
+ ... t-MsmqQueueAcl -UserName "domain.com\WfxServiceBus" -Allow Peek,Write
+                                                                ~~~~~~~~~~
    + CategoryInfo          : InvalidArgument: (:) [Set-MsmqQueueACL], ParameterBindingException
    + FullyQualifiedErrorId : CannotConvertArgument,Microsoft.Msmq.PowerShell.Commands.SetMSMQQueueACLCommand

该文件显示下面的例子：

Get-MsmqQueue –Name Order* –QueueType Private | Set-MsmqQueueAcl –UserName “REDMOND\madmax” –Allow Delete,Peek,Receive,Send –Deny TakeOwnership

运行该命令（授予的某些参数对于我的环境不正确，但存在相同的错误）...

PS C:\Users\user> Get-MsmqQueue -Name Order* -QueueType Private | Set-MsmqQueueAcl -UserName "REDMOND\madmax" -Allow Delete,Peek,Receive,Send -Deny TakeOwnership 
Set-MsmqQueueACL : Cannot convert 'System.Object[]' to the type
'System.Nullable`1[Microsoft.Msmq.PowerShell.Commands.MessageQueueAccessRights]' required by parameter 'Allow'. Specified method is
not supported.
At line:1 char:100
+ ... cl -UserName "REDMOND\madmax" -Allow Delete,Peek,Receive,Send -Deny T ...
+                                          ~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : InvalidArgument: (:) [Set-MsmqQueueACL], ParameterBindingException
    + FullyQualifiedErrorId : CannotConvertArgument,Microsoft.Msmq.PowerShell.Commands.SetMSMQQueueACLCommand

因此，似乎文档已过期或已更改。.问题是-我该如何处理Powershell？我尝试了很多组合，例如：

.... -Allow "Peek,Send"
.... -Allow "Peek","Send"
.... -Allow 'Peek,Send' 

等等..

如果我仅包括一个选项，即：“发送”或“窥视”，那么它可以正常工作，但是我无法根据文档发送一系列权利。

谢谢！

更新-使用-允许“查看，发送”：

    PS C:\Users\meaton> Get-MsmqQueue -Name "s009_ClientsServiceBus" -QueueType Private | Set-MsmqQueueAcl -UserName "domain.com\WfxServic
eBus" -Allow "Peek,Write"
Set-MsmqQueueACL : Cannot bind parameter 'Allow'. Cannot convert value "Peek,Write" to type
"Microsoft.Msmq.PowerShell.Commands.MessageQueueAccessRights". Error: "Unable to match the identifier name Peek,Write to a valid
enumerator name. Specify one of the following enumerator names and try again:
DeleteMessage, PeekMessage, ReceiveMessage, WriteMessage, DeleteJournalMessage, ReceiveJournalMessage, SetQueueProperties,
GetQueueProperties, DeleteQueue, GetQueuePermissions, GenericWrite, GenericRead, ChangeQueuePermissions, TakeQueueOwnership,
FullControl"
At line:1 char:128
+ ... MsmqQueueAcl -UserName "domain.com\WfxServiceBus" -Allow "Peek,Write"
+                                                              ~~~~~~~~~~~~
    + CategoryInfo          : InvalidArgument: (:) [Set-MsmqQueueACL], ParameterBindingException
    + FullyQualifiedErrorId : CannotConvertArgumentNoMessage,Microsoft.Msmq.PowerShell.Commands.SetMSMQQueueACLCommand

根据错误将其更改为“ PeekMessage，SendMessage”会产生完全相同的错误：

...Set-MsmqQueueACL : Cannot bind parameter 'Allow'. Cannot convert value "PeekMessage,WriteMessage" to type
"Microsoft.Msmq.PowerShell.Commands.MessageQueueAccessRights" due to enumeration values that are not valid. Specify one of....

Answer 1

文档可能缺少引号；它期待一个支持 bitfields 的枚举，所以很可能你会这样做（我的 2016 PS 5.1 机器上没有 msmq cmdlet 或类型，所以我无法测试），使用 bitwise or：

$allows = [Microsoft.Msmq.PowerShell.Commands.MessageQueueAccessRights]::Peek -bor
          [Microsoft.Msmq.PowerShell.Commands.MessageQueueAccessRights]::Send -bor
          [Microsoft.Msmq.PowerShell.Commands.MessageQueueAccessRights]::Receive

Set-MsmqQueueAcl -UserName "REDMOND\madmax" -Allow $allows

它应该通过将所有值放在引号中（即，不是数组，其中包含逗号的字符串）来工作，但是您说您尝试过这种方式但它不起作用；这是否产生了不同的错误？