이 섹션의 PowerShell 스크립트를 사용하여 환경의 역할 지정 및 역할 취소를 자세히 설명하는 감사 보고서를 생성하는 프로세스를 자동화할 수 있습니다.
다음 스크립트를 복사하여 AuditReportRoleAssignment.bat
를 생성합니다. 이 래퍼 뱃치 스크립트는 이 시나리오에서 나중에 제공되는 소스 코드인 PowerShell 스크립트 AuditReportRoleAssignment.ps1
을 호출합니다.
주:
AuditReportRoleAssignment.bat
를 실행하기 위한 입력 매개변수는 username
, password
또는 password_file
, service_url
입니다.스크립트: AuditReportRoleAssignment.bat
@echo off set paramRequiredMessage=Syntax: AuditReportRoleAssignment.bat USERNAME PASSWORD/PASSWORD_FILE URL if "%~1" == "" ( echo User Name is missing. echo %paramRequiredMessage% exit /b 1 ) if "%~2" == "" ( echo Password or Password_File is missing. echo %paramRequiredMessage% exit /b 1 ) if "%~3" == "" ( echo URL is missing. echo %paramRequiredMessage% exit /b 1 ) PowerShell.exe -File AuditReportRoleAssignment.ps1 %*
스크립트: AuditReportRoleAssignment.ps1
# EPM Automate Role Assignment Audit Report Script $username=$args[0] $password=$args[1] $url=$args[2] # Generic variables $date=$(get-date -f dd_MM_yy_HH_mm_ss) $datedefaultformat=$(get-date) $logdir="./logs/" $logfile="$logdir/epmautomate-provisionauditreport-" + $date + ".log" $reportdir="./reports/" $provisionreport="provreport-audittest-" + $date + ".csv" $provisionreporttemp="./provreport-audittest-temp.csv" $provisionreportunique="./provreport-audittest-unique.csv" $provisionreportbaselineunique="./provreport-audittest-baseline-unique.csv" function EchoAndLogMessage { $message=$args[0] echo "$message" echo "$message" >> $logfile } function Init { $logdirexists=Test-Path $logdir if (!($logdirexists)) { mkdir $logdir 2>&1 | out-null } $logfileexists=Test-Path $logfile if ($logfileexists) { rm $logfile 2>&1 | out-null } $reportdirexists=Test-Path $reportdir if (!($reportdirexists)) { mkdir $reportdir 2>&1 | out-null } } function PostProcess { rm $provisionreporttemp mv -Force $provisionreportunique $provisionreportbaselineunique } function ProcessCommand { $op=$args echo "EPM Automate operation: epmautomate.bat $op" >> $logfile epmautomate.bat $op >> $logfile 2>&1 if ($LASTEXITCODE -ne 0) { echo "EPM Automate operation failed: epmautomate.bat $op. See $logfile for details." exit } } function RunEpmAutomateCommands { EchoAndLogMessage "Running EPM Automate commands to generate the audit report." ProcessCommand login $username $password $url ProcessCommand provisionreport $provisionreport ProcessCommand downloadfile $provisionreport ProcessCommand deletefile $provisionreport ProcessCommand logout } function CreateProvisionReportTempFile { # Loop through iteration csv file and parse Get-Content $provisionreport | ForEach-Object { $elements=$_.split(',') echo "$($elements[0]),$($elements[2])" >> $provisionreporttemp } } function CreateUniqueElementsFile { gc $provisionreporttemp | sort | get-unique > $provisionreportunique } function CheckBaselineAndCreateAuditReport { $provisionreportbaselineuniqueexists=Test-Path $provisionreportbaselineunique if (!($provisionreportbaselineuniqueexists)) { EchoAndLogMessage "Could not find a baseline audit report to compare with. Audit report will be created next time you run test." } else { CreateAuditReport } } function CreateAuditReport { $auditreport=$reportdir + "auditreport-"+ $date + ".txt" $additions = @() $deletions = @() EchoAndLogMessage "Comparing previous audit report with the current one." $compare=compare-object (get-content $provisionreportunique) (get-content $provisionreportbaselineunique) $compare | foreach { if ($_.sideindicator -eq '<=') { $additions += $_.inputobject } elseif ($_.sideindicator -eq '=>') { $deletions += $_.inputobject } } echo "Provisioning Audit Report for $datedefaultformat" > $auditreport echo "------------------------------------------------" >> $auditreport if ($additions.count -ne 0) { echo " " >> $auditreport echo "Additions:" >> $auditreport foreach($element in $additions) { echo "$element" >> $auditreport } } if ($deletions.count -ne 0) { echo " " >> $auditreport echo "Deletions:" >> $auditreport foreach($element in $deletions) { echo "$element" >> $auditreport } } if (($additions.count -eq 0) -and ($deletions.count -eq 0)) { echo " " >> $auditreport echo "No changes from last audit report." >> $auditreport } EchoAndLogMessage "Role audit report generated: $auditreport." } Init EchoAndLogMessage "Starting EPMAutomate role audit report generation" RunEpmAutomateCommands CreateProvisionReportTempFile CreateUniqueElementsFile CheckBaselineAndCreateAuditReport PostProcess EchoAndLogMessage "EPMAutomate role audit report completed"