powershell 如何以编程方式关闭或打开“Windows功能”

jm2pwxwz  于 2022-12-23  发布在  Shell
关注(0)|答案(2)|浏览(174)

尝试更新Windows功能时;当我将UseShellExecute更新为“true”时;“Process对象必须将UseShellExecute属性设置为false才能重定向IO流。”我收到错误。当我将其设置为False时;无法更新,该怎么做?您还有其他建议吗?

static void InstallIISSetupFeature()
        {
            var featureNames = new List<string>() {

                 "IIS-WebServerRole",
                "IIS-WebServer",
                "IIS-CommonHttpFeatures",
                "IIS-HttpErrors",
                "IIS-HttpRedirect",
                "IIS-ApplicationDevelopment",
                "IIS-Security",
                "IIS-RequestFiltering",
                "IIS-NetFxExtensibility",
                "IIS-NetFxExtensibility45",
                "IIS-HealthAndDiagnostics",
                "IIS-HttpLogging",
                "IIS-LoggingLibraries",
                "IIS-RequestMonitor",
                "IIS-HttpTracing",
                "IIS-URLAuthorization",
                "IIS-IPSecurity",
                "IIS-Performance",
                "IIS-HttpCompressionDynamic",
                "IIS-WebServerManagementTools",
                "IIS-ManagementScriptingTools",
                "IIS-IIS6ManagementCompatibility",
                "IIS-Metabase",
                "IIS-HostableWebCore","IIS-StaticContent", 
                "IIS-DefaultDocument",
                "IIS-DirectoryBrowsing",
                "IIS-WebDAV",
                "IIS-WebSockets",
                "IIS-ApplicationInit",
                "IIS-ASPNET",
                "IIS-ASPNET45",
                "IIS-ASP",
                "IIS-CGI",
                "IIS-ISAPIExtensions",
                "IIS-ISAPIFilter",
                "IIS-ServerSideIncludes",
                "IIS-CustomLogging",
                "IIS-BasicAuthentication",
                "IIS-HttpCompressionStatic",
                "IIS-ManagementConsole",
                "IIS-ManagementService",
                "IIS-WMICompatibility",
                "IIS-LegacyScripts",
                "IIS-LegacySnapIn",
                "IIS-FTPServer",
                "IIS-FTPSvc",
                "IIS-FTPExtensibility",
                "IIS-CertProvider",
                "IIS-WindowsAuthentication",
                "IIS-DigestAuthentication",
                "IIS-ClientCertificateMappingAuthentication",
                "IIS-IISCertificateMappingAuthentication",
                "IIS-ODBCLogging",
                "NetFx4-AdvSrvs",
                "NetFx4Extended-ASPNET45",
                "NetFx3",
                "WAS-WindowsActivationService",
                "WCF-HTTP-Activation",
                "WCF-HTTP-Activation45",
                "WCF-MSMQ-Activation45",
                "WCF-NonHTTP-Activation",
                "WCF-Pipe-Activation45",
                "WCF-TCP-Activation45",
                "WCF-TCP-PortSharing45",
                "WCF-Services45",
            };
               ManagementObjectSearcher obj = new ManagementObjectSearcher("select * from Win32_OperatingSystem");
                foreach (ManagementObject wmi in obj.Get())
                {
                    string Name = wmi.GetPropertyValue("Caption").ToString();
                    Name = Regex.Replace(Name.ToString(), "[^A-Za-z0-9 ]", "");
                    if (Name.Contains("Server 2008 R2") || Name.Contains("Windows 7"))
                    {
                        featureNames.Add("IIS-ASPNET");
                        featureNames.Add("IIS-NetFxExtensibility");
                        featureNames.Add("WCF-HTTP-Activation");
                        featureNames.Add("WCF-MSMQ-Activation");
                        featureNames.Add("WCF-Pipe-Activation");
                        featureNames.Add("WCF-TCP-Activation");
                        featureNames.Add("WCF-TCP-Activation");
                    }
                    string Version = (string)wmi["Version"];
                    string Architecture = (string)wmi["OSArchitecture"];
                }         
            foreach (var featureName in featureNames)
            {
                Run(string.Format("dism/online/Enable-Feature:{0}", featureName));
            }
         
        }  
        static void Run(string arguments)
        {
            try
            {
                string systemPath = Path.Combine(Environment.ExpandEnvironmentVariables("%windir%"), "system32");

                var dism = new Process();
                dism.StartInfo.WorkingDirectory = systemPath;
                dism.StartInfo.Arguments = arguments;
                dism.StartInfo.FileName = "dism.exe";
                dism.StartInfo.Verb = "runas";

                dism.StartInfo.UseShellExecute = true;
                dism.StartInfo.RedirectStandardOutput = true;
                dism.Start();
                var result = dism.StandardOutput.ReadToEnd();
                dism.WaitForExit();
            }
            catch (Exception ex)
            {
            }

        }`

我尝试使用dism.exe和cmd.exe更新该功能,当它出现授权错误时,我使用了Verb属性'

fnvucqvd

fnvucqvd1#

  • 由于使用.Verb = "RunAs"需要.UseShellExecute = true,并且由于后者不能与RedirectStandardOutput = true组合,因此您不能 * 直接 * 在内存中捕获提升的进程的输出。
  • 看起来系统本身,通过考虑安全性的设计,阻止了非提升进程直接捕获提升进程的输出
    *解决方法通过 *shell间接 * 启动目标可执行文件(在您的情况下是dism.exe),然后使用后者的重定向功能(>)**将目标可执行文件的输出(总是)捕获到 * 文件 * 中,如下所示。
string systemPath = Path.Combine(Environment.ExpandEnvironmentVariables("%windir%"), "system32");

// Create a temp. file to capture the elevated process' output in.
string tempOutFile = Path.GetTempFileName();

var dism = new Process();
dism.StartInfo.WorkingDirectory = systemPath;
// Use cmd.exe as the executable, and pass it a command line via /c
dism.StartInfo.FileName = "cmd.exe" ;
// Use a ">" redirection to capture the elevated process' output.
// Use "2> ..." to also capture *stderr* output.
// Append "2>&1" to capture *both* stdout and stderr in the file targeted with ">"
dism.StartInfo.Arguments = 
  String.Format(
    "/c {0} {1} > \"{2}\"", 
    "dism.exe", arguments, tempOutFile
  );
dism.StartInfo.Verb = "RunAs";
dism.StartInfo.UseShellExecute = true;

dism.Start();
dism.WaitForExit();
// Read the temp. file in which the output was captured...
var result = File.ReadAllText(tempOutFile);
// ... and delete it.
File.Delete(tempOutFile);
juzqafwq

juzqafwq2#

首先,你可以使用WindowsPrincipal::IsInRole()来检查你是否在高架运行,详细信息见Microsoft Learn
其次,这可能是使用原生PS比cmdlet方法更容易的情况之一(诚然,仍然不是很好)。
如果脚本应在客户机和服务器操作系统上运行:使用Get-WmiObjectGet-CimInstance获取对您正在运行的对象的引用。ActiveDirectory也具有该信息(在operatingSystem属性中)。
对于服务器,请使用ServerManager模块中的Get-WindowsFeature。对于客户端,请使用DISM模块中带开关-OnlineGet-WindowsOptionalFeature,如果确实需要支持6.3.xxxx之前的操作系统,则可以从具有该开关的计算机复制该开关,并将其添加到$Env:Path之前的C:\Windows和C:\Windows\System32。
对于任一平台,只需传递要配置的特性列表。
如果在一个(二进制)cmdlet中,你必须调用外部工具,那么它们的优势就大部分消失了。也许可以使用托管API访问Windows CBS来避免这种情况,但即使这样,基于脚本的方法也会更快地获得更多结果,特别是因为你可以在dism.exe周围快速打包。

相关问题