本地组策略图形化工具,添加用户权限分配功能。这将包括常见的用户权限策略设置:
目前版本在优化中,后续会添加更多功能。
# GroupPolicyGUI.ps1
# 需要以管理员权限运行
Add-Type -AssemblyName System.Windows.Forms
Add-Type -AssemblyName System.Drawing
[System.Windows.Forms.Application]::EnableVisualStyles()
# 自动提升管理员权限
function Elevate-Admin {
if (-NOT ([Security.Principal.WindowsPrincipal] [Security.Principal.WindowsIdentity]::GetCurrent()).IsInRole([Security.Principal.WindowsBuiltInRole] "Administrator")) {
$arguments = "-ExecutionPolicy Bypass -NoProfile -File `"$($MyInvocation.MyCommand.Definition)`""
Start-Process -FilePath "powershell.exe" -ArgumentList $arguments -Verb RunAs
exit
}
}
# 获取当前策略值的函数
function Get-CurrentPolicyValue {
param($path, $key)
try {
if (Test-Path $path) {
$value = Get-ItemProperty -Path $path -Name $key -ErrorAction SilentlyContinue
if ($value -and $value.$Key -ne $null) {
return $value.$Key
}
}
return "未设置"
}
catch {
return "访问错误"
}
}
# 获取用户权限分配当前值
function Get-UserRightsValue {
param($policyName)
try {
# 使用secedit导出当前用户权限分配
$tempFile = [System.IO.Path]::GetTempFileName()
secedit /export /cfg $tempFile /areas USER_RIGHTS 2>&1 | Out-Null
if (Test-Path $tempFile) {
$content = Get-Content $tempFile
$policyLine = $content | Where-Object { $_ -like "*$policyName*" }
if ($policyLine) {
$users = $policyLine.Split('=')[1].Trim()
if ([string]::IsNullOrEmpty($users)) {
return "无用户"
}
return $users
}
return "未配置"
}
return "无法读取"
}
catch {
return "错误"
}
finally {
if (Test-Path $tempFile) { Remove-Item $tempFile -Force }
}
}
# 设置用户权限分配
function Set-UserRightsAssignment {
param($policyName, $users)
try {
# 创建临时安全策略文件
$tempFile = [System.IO.Path]::GetTempFileName()
$infContent = @"
[Unicode]
Unicode=yes
[Version]
signature=`"`$CHICAGO`$`"
revision=1
[Privilege Rights]
$policyName = $users
"@
Set-Content -Path $tempFile -Value $infContent -Encoding Unicode
secedit /configure /db secedit.sdb /cfg $tempFile /areas USER_RIGHTS 2>&1 | Out-Null
return $true
}
catch {
Write-Host "设置用户权限失败: $_"
return $false
}
finally {
if (Test-Path $tempFile) { Remove-Item $tempFile -Force }
}
}
# 应用选中策略
function Apply-SelectedPolicies {
$progressBar.Value = 0
$statusLabel.Text = "正在应用策略..."
$total = 0
$applied = 0
# 计算总数
foreach ($tabPage in $tabControl.TabPages) {
$listView = $tabPage.Controls[0]
$total += $listView.CheckedItems.Count
}
if ($total -eq 0) {
$statusLabel.Text = "请先选择要应用的策略"
[System.Windows.Forms.MessageBox]::Show("请至少选择一个策略进行应用", "提示", "OK", "Information")
return
}
foreach ($tabPage in $tabControl.TabPages) {
$listView = $tabPage.Controls[0]
foreach ($item in $listView.CheckedItems) {
$policy = $item.Tag
try {
if ($policy.Type -eq "USER_RIGHTS") {
# 用户权限分配特殊处理
$result = Set-UserRightsAssignment $policy.Key $policy.Value
if ($result) {
$applied++
}
}
else {
# 普通注册表策略
if (-not (Test-Path $policy.Path)) {
New-Item -Path $policy.Path -Force | Out-Null
}
Set-ItemProperty -Path $policy.Path -Name $policy.Key -Value $policy.Value -Type $policy.Type -Force
$applied++
}
$progressBar.Value = ($applied / $total) * 100
$statusLabel.Text = "正在应用: $($policy.Name)... ($applied/$total)"
[System.Windows.Forms.Application]::DoEvents()
# 更新当前值显示
if ($policy.Type -eq "USER_RIGHTS") {
$currentValue = Get-UserRightsValue $policy.Key
}
else {
$currentValue = Get-CurrentPolicyValue $policy.Path $policy.Key
}
$item.SubItems[2].Text = $currentValue
}
catch {
Write-Host "应用策略失败: $($policy.Name) - $_"
}
}
}
# 刷新组策略
$statusLabel.Text = "正在刷新组策略..."
Start-Process -FilePath "gpupdate" -ArgumentList "/force" -Wait -WindowStyle Hidden
$progressBar.Value = 100
$statusLabel.Text = "完成! 已应用 $applied 个策略。"
[System.Windows.Forms.MessageBox]::Show("策略应用完成!`n已成功应用 $applied 个策略。`n建议重启计算机使所有更改生效。", "完成", "OK", "Information")
}
# 备份策略
function Backup-Policies {
$backupDialog = New-Object System.Windows.Forms.SaveFileDialog
$backupDialog.Filter = "注册表文件 (*.reg)|*.reg"
$backupDialog.FileName = "gpo_backup_$(Get-Date -Format 'yyyyMMdd_HHmmss').reg"
$backupDialog.Title = "选择备份位置"
if ($backupDialog.ShowDialog() -eq [System.Windows.Forms.DialogResult]::OK) {
try {
# 备份用户权限分配
$rightsFile = $backupDialog.FileName -replace '\.reg$', '_rights.inf'
secedit /export /cfg $rightsFile /areas USER_RIGHTS 2>&1 | Out-Null
# 备份注册表策略
$regPaths = @(
"HKLM\SOFTWARE\Policies",
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies",
"HKCU\Software\Policies",
"HKCU\Software\Microsoft\Windows\CurrentVersion\Policies"
)
foreach ($regPath in $regPaths) {
try {
$arguments = "export `"$regPath`" `"$($backupDialog.FileName)`" /y"
Start-Process -FilePath "reg" -ArgumentList $arguments -Wait -WindowStyle Hidden
}
catch {
Write-Host "备份 $regPath 失败: $_"
}
}
$statusLabel.Text = "备份已保存到: $($backupDialog.FileName)"
[System.Windows.Forms.MessageBox]::Show("备份成功完成!`n注册表策略: $($backupDialog.FileName)`n用户权限: $rightsFile", "成功", "OK", "Information")
}
catch {
[System.Windows.Forms.MessageBox]::Show("备份失败: $_", "错误", "OK", "Error")
}
}
}
# 恢复策略
function Restore-Policies {
$restoreDialog = New-Object System.Windows.Forms.OpenFileDialog
$restoreDialog.Filter = "配置文件 (*.reg;*.inf)|*.reg;*.inf|所有文件 (*.*)|*.*"
$restoreDialog.Title = "选择要恢复的备份文件"
if ($restoreDialog.ShowDialog() -eq [System.Windows.Forms.DialogResult]::OK) {
$result = [System.Windows.Forms.MessageBox]::Show("确定要恢复备份吗?这将覆盖当前设置。", "确认恢复", "YesNo", "Warning")
if ($result -eq [System.Windows.Forms.DialogResult]::Yes) {
try {
if ($restoreDialog.FileName.EndsWith('.reg')) {
Start-Process -FilePath "reg" -ArgumentList "import `"$($restoreDialog.FileName)`"" -Wait -WindowStyle Hidden
}
elseif ($restoreDialog.FileName.EndsWith('.inf')) {
secedit /configure /db secedit.sdb /cfg "$($restoreDialog.FileName)" /areas USER_RIGHTS 2>&1 | Out-Null
}
$statusLabel.Text = "已从备份恢复策略"
Refresh-PolicyStatus
[System.Windows.Forms.MessageBox]::Show("恢复成功完成! 已刷新策略状态。", "成功", "OK", "Information")
}
catch {
[System.Windows.Forms.MessageBox]::Show("恢复失败: $_", "错误", "OK", "Error")
}
}
}
}
# 刷新策略状态
function Refresh-PolicyStatus {
$statusLabel.Text = "正在刷新策略状态..."
$progressBar.Value = 0
$progressBar.Style = [System.Windows.Forms.ProgressBarStyle]::Marquee
foreach ($tabPage in $tabControl.TabPages) {
$listView = $tabPage.Controls[0]
$totalItems = $listView.Items.Count
$processed = 0
foreach ($item in $listView.Items) {
$policy = $item.Tag
if ($policy.Type -eq "USER_RIGHTS") {
$currentValue = Get-UserRightsValue $policy.Key
}
else {
$currentValue = Get-CurrentPolicyValue $policy.Path $policy.Key
}
$item.SubItems[2].Text = $currentValue
$item.Checked = ($currentValue -eq $policy.Value)
$processed++
$progressBar.Value = ($processed / $totalItems) * 100
[System.Windows.Forms.Application]::DoEvents()
}
}
$progressBar.Style = [System.Windows.Forms.ProgressBarStyle]::Continuous
$progressBar.Value = 100
$statusLabel.Text = "策略状态已刷新"
}
# 用户权限分配编辑器对话框
function Show-UserRightsEditor {
param($policyName, $currentUsers)
$editorForm = New-Object System.Windows.Forms.Form
$editorForm.Text = "编辑用户权限分配: $policyName"
$editorForm.Size = New-Object System.Drawing.Size(500, 400)
$editorForm.StartPosition = "CenterScreen"
$label = New-Object System.Windows.Forms.Label
$label.Location = New-Object System.Drawing.Point(10, 10)
$label.Size = New-Object System.Drawing.Size(460, 30)
$label.Text = "请输入用户或组名称 (多个用户用逗号分隔):"
$editorForm.Controls.Add($label)
$textBox = New-Object System.Windows.Forms.TextBox
$textBox.Location = New-Object System.Drawing.Point(10, 40)
$textBox.Size = New-Object System.Drawing.Size(460, 100)
$textBox.Multiline = $true
$textBox.ScrollBars = "Vertical"
$textBox.Text = $currentUsers
$editorForm.Controls.Add($textBox)
$helpLabel = New-Object System.Windows.Forms.Label
$helpLabel.Location = New-Object System.Drawing.Point(10, 150)
$helpLabel.Size = New-Object System.Drawing.Size(460, 60)
$helpLabel.Text = "示例: `nAdministrators, SYSTEM`n或者: `nDOMAIN\User1, DOMAIN\Group1`n留空表示不分配此权限"
$helpLabel.ForeColor = [System.Drawing.Color]::Gray
$editorForm.Controls.Add($helpLabel)
$okButton = New-Object System.Windows.Forms.Button
$okButton.Location = New-Object System.Drawing.Point(150, 220)
$okButton.Size = New-Object System.Drawing.Size(80, 30)
$okButton.Text = "确定"
$okButton.DialogResult = [System.Windows.Forms.DialogResult]::OK
$editorForm.Controls.Add($okButton)
$cancelButton = New-Object System.Windows.Forms.Button
$cancelButton.Location = New-Object System.Drawing.Point(250, 220)
$cancelButton.Size = New-Object System.Drawing.Size(80, 30)
$cancelButton.Text = "取消"
$cancelButton.DialogResult = [System.Windows.Forms.DialogResult]::Cancel
$editorForm.Controls.Add($cancelButton)
$editorForm.AcceptButton = $okButton
$editorForm.CancelButton = $cancelButton
if ($editorForm.ShowDialog() -eq [System.Windows.Forms.DialogResult]::OK) {
return $textBox.Text.Trim()
}
return $null
}
# 初始化函数定义
Elevate-Admin
# 创建主窗体
$form = New-Object System.Windows.Forms.Form
$form.Text = "组策略图形化管理工具 - 含用户权限分配"
$form.Size = New-Object System.Drawing.Size(1100, 750)
$form.StartPosition = "CenterScreen"
$form.MinimumSize = New-Object System.Drawing.Size(900, 650)
$form.BackColor = [System.Drawing.Color]::FromArgb(240, 240, 240)
# 创建菜单栏
$menuStrip = New-Object System.Windows.Forms.MenuStrip
$fileMenu = New-Object System.Windows.Forms.ToolStripMenuItem("文件(&F)")
$toolsMenu = New-Object System.Windows.Forms.ToolStripMenuItem("工具(&T)")
$helpMenu = New-Object System.Windows.Forms.ToolStripMenuItem("帮助(&H)")
# 文件菜单项
$backupItem = New-Object System.Windows.Forms.ToolStripMenuItem("备份当前设置(&B)")
$restoreItem = New-Object System.Windows.Forms.ToolStripMenuItem("恢复备份(&R)")
$exitItem = New-Object System.Windows.Forms.ToolStripMenuItem("退出(&X)")
# 工具菜单项
$refreshItem = New-Object System.Windows.Forms.ToolStripMenuItem("刷新策略(&R)")
$applyItem = New-Object System.Windows.Forms.ToolStripMenuItem("应用选中策略(&A)")
$userRightsEditorItem = New-Object System.Windows.Forms.ToolStripMenuItem("用户权限编辑器(&U)")
# 帮助菜单项
$aboutItem = New-Object System.Windows.Forms.ToolStripMenuItem("关于(&A)")
# 构建菜单
$fileMenu.DropDownItems.AddRange(@($backupItem, $restoreItem, (New-Object System.Windows.Forms.ToolStripSeparator), $exitItem))
$toolsMenu.DropDownItems.AddRange(@($refreshItem, $applyItem, $userRightsEditorItem))
$helpMenu.DropDownItems.Add($aboutItem)
$menuStrip.Items.AddRange(@($fileMenu, $toolsMenu, $helpMenu))
$form.Controls.Add($menuStrip)
# 创建选项卡控件
$tabControl = New-Object System.Windows.Forms.TabControl
$tabControl.Location = New-Object System.Drawing.Point(10, 30)
$tabControl.Size = New-Object System.Drawing.Size(1060, 500)
$tabControl.Anchor = 'Top, Bottom, Left, Right'
# 策略分类(包含用户权限分配)
$policyCategories = @{
"系统设置" = @(
@{Name="禁用锁屏界面"; Path="HKLM:\SOFTWARE\Policies\Microsoft\Windows\Personalization"; Key="NoLockScreen"; Type="DWORD"; Value=1; Description="禁用Windows锁屏界面"}
@{Name="禁用自动重启"; Path="HKLM:\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU"; Key="NoAutoRebootWithLoggedOnUsers"; Type="DWORD"; Value=1; Description="登录时禁止Windows更新自动重启"}
@{Name="禁用遥测"; Path="HKLM:\SOFTWARE\Policies\Microsoft\Windows\DataCollection"; Key="AllowTelemetry"; Type="DWORD"; Value=0; Description="禁用Windows遥测数据收集"}
)
"用户权限分配" = @(
@{Name="允许本地登录"; Path=""; Key="SeInteractiveLogonRight"; Type="USER_RIGHTS"; Value="Administrators,Users"; Description="允许用户本地登录计算机"}
@{Name="拒绝本地登录"; Path=""; Key="SeDenyInteractiveLogonRight"; Type="USER_RIGHTS"; Value=""; Description="拒绝用户本地登录计算机"}
@{Name="远程桌面服务登录"; Path=""; Key="SeRemoteInteractiveLogonRight"; Type="USER_RIGHTS"; Value="Administrators"; Description="允许通过远程桌面服务登录"}
@{Name="拒绝远程桌面服务登录"; Path=""; Key="SeDenyRemoteInteractiveLogonRight"; Type="USER_RIGHTS"; Value=""; Description="拒绝通过远程桌面服务登录"}
@{Name="作为服务登录"; Path=""; Key="SeServiceLogonRight"; Type="USER_RIGHTS"; Value=""; Description="允许进程作为服务运行"}
@{Name="作为批处理作业登录"; Path=""; Key="SeBatchLogonRight"; Type="USER_RIGHTS"; Value="Administrators"; Description="允许作为批处理作业登录"}
@{Name="调试程序"; Path=""; Key="SeDebugPrivilege"; Type="USER_RIGHTS"; Value="Administrators"; Description="调试程序的权限"}
@{Name="管理审核和安全日志"; Path=""; Key="SeSecurityPrivilege"; Type="USER_RIGHTS"; Value="Administrators"; Description="管理审核和安全日志"}
@{Name="更改系统时间"; Path=""; Key="SeSystemtimePrivilege"; Type="USER_RIGHTS"; Value="Administrators"; Description="更改系统时间"}
@{Name="关闭系统"; Path=""; Key="SeShutdownPrivilege"; Type="USER_RIGHTS"; Value="Administrators,Users"; Description="关闭操作系统"}
)
"用户界面" = @(
@{Name="禁用Cortana"; Path="HKLM:\SOFTWARE\Policies\Microsoft\Windows\Windows Search"; Key="AllowCortana"; Type="DWORD"; Value=0; Description="禁用Cortana语音助手"}
@{Name="隐藏通知区域"; Path="HKLM:\SOFTWARE\Policies\Microsoft\Windows\Explorer"; Key="HideNotificationArea"; Type="DWORD"; Value=1; Description="隐藏通知区域"}
)
"网络设置" = @(
@{Name="启用远程桌面"; Path="HKLM:\SYSTEM\CurrentControlSet\Control\Terminal Server"; Key="fDenyTSConnections"; Type="DWORD"; Value=0; Description="启用远程桌面连接"}
)
"安全设置" = @(
@{Name="禁用UAC"; Path="HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System"; Key="EnableLUA"; Type="DWORD"; Value=0; Description="禁用用户账户控制(UAC)"}
)
}
# 创建选项卡页面
foreach ($category in $policyCategories.Keys) {
$tabPage = New-Object System.Windows.Forms.TabPage
$tabPage.Text = $category
$tabPage.BackColor = [System.Drawing.Color]::White
$listView = New-Object System.Windows.Forms.ListView
$listView.Location = New-Object System.Drawing.Point(10, 10)
$listView.Size = New-Object System.Drawing.Size(1020, 440)
$listView.View = [System.Windows.Forms.View]::Details
$listView.FullRowSelect = $true
$listView.CheckBoxes = $true
$listView.GridLines = $true
$listView.Anchor = 'Top, Bottom, Left, Right'
# 添加列
$listView.Columns.Add("启用", 60) | Out-Null
$listView.Columns.Add("策略名称", 200) | Out-Null
$listView.Columns.Add("当前值", 200) | Out-Null
$listView.Columns.Add("推荐值", 150) | Out-Null
$listView.Columns.Add("策略类型", 100) | Out-Null
$listView.Columns.Add("描述", 250) | Out-Null
# 添加策略项
foreach ($policy in $policyCategories[$category]) {
if ($policy.Type -eq "USER_RIGHTS") {
$currentValue = Get-UserRightsValue $policy.Key
}
else {
$currentValue = Get-CurrentPolicyValue $policy.Path $policy.Key
}
$item = New-Object System.Windows.Forms.ListViewItem("")
$item.SubItems.Add($policy.Name) | Out-Null
$item.SubItems.Add([string]$currentValue) | Out-Null
$item.SubItems.Add($policy.Value) | Out-Null
$item.SubItems.Add($policy.Type) | Out-Null
$item.SubItems.Add($policy.Description) | Out-Null
$item.Tag = $policy
# 对于用户权限分配,检查是否匹配
if ($policy.Type -eq "USER_RIGHTS") {
$item.Checked = ($currentValue -eq $policy.Value)
}
else {
$item.Checked = ($currentValue -eq $policy.Value)
}
$listView.Items.Add($item) | Out-Null
}
$tabPage.Controls.Add($listView)
$tabControl.TabPages.Add($tabPage)
}
# 状态栏
$statusLabel = New-Object System.Windows.Forms.Label
$statusLabel.Location = New-Object System.Drawing.Point(10, 640)
$statusLabel.Size = New-Object System.Drawing.Size(700, 20)
$statusLabel.Text = "就绪 - 双击用户权限策略可编辑具体用户"
$form.Controls.Add($statusLabel)
# 进度条
$progressBar = New-Object System.Windows.Forms.ProgressBar
$progressBar.Location = New-Object System.Drawing.Point(720, 640)
$progressBar.Size = New-Object System.Drawing.Size(350, 20)
$progressBar.Style = [System.Windows.Forms.ProgressBarStyle]::Continuous
$form.Controls.Add($progressBar)
# 按钮区域
$buttonPanel = New-Object System.Windows.Forms.Panel
$buttonPanel.Location = New-Object System.Drawing.Point(10, 540)
$buttonPanel.Size = New-Object System.Drawing.Size(1060, 90)
$buttonPanel.Anchor = 'Bottom, Left, Right'
$applyButton = New-Object System.Windows.Forms.Button
$applyButton.Location = New-Object System.Drawing.Point(20, 10)
$applyButton.Size = New-Object System.Drawing.Size(120, 40)
$applyButton.Text = "应用选中策略"
$applyButton.BackColor = [System.Drawing.Color]::LightGreen
$applyButton.Font = New-Object System.Drawing.Font("Microsoft Sans Serif", 10, [System.Drawing.FontStyle]::Bold)
$backupButton = New-Object System.Windows.Forms.Button
$backupButton.Location = New-Object System.Drawing.Point(160, 10)
$backupButton.Size = New-Object System.Drawing.Size(120, 40)
$backupButton.Text = "备份设置"
$restoreButton = New-Object System.Windows.Forms.Button
$restoreButton.Location = New-Object System.Drawing.Point(300, 10)
$restoreButton.Size = New-Object System.Drawing.Size(120, 40)
$restoreButton.Text = "恢复备份"
$refreshButton = New-Object System.Windows.Forms.Button
$refreshButton.Location = New-Object System.Drawing.Point(440, 10)
$refreshButton.Size = New-Object System.Drawing.Size(120, 40)
$refreshButton.Text = "刷新状态"
$editButton = New-Object System.Windows.Forms.Button
$editButton.Location = New-Object System.Drawing.Point(580, 10)
$editButton.Size = New-Object System.Drawing.Size(150, 40)
$editButton.Text = "编辑用户权限"
$editButton.BackColor = [System.Drawing.Color]::LightBlue
$buttonPanel.Controls.AddRange(@($applyButton, $backupButton, $restoreButton, $refreshButton, $editButton))
$form.Controls.Add($tabControl)
$form.Controls.Add($buttonPanel)
# 事件处理
$applyButton.Add_Click({ Apply-SelectedPolicies })
$backupButton.Add_Click({ Backup-Policies })
$restoreButton.Add_Click({ Restore-Policies })
$refreshButton.Add_Click({ Refresh-PolicyStatus })
$editButton.Add_Click({ Edit-UserRights })
$userRightsEditorItem.Add_Click({ Edit-UserRights })
# 双击编辑用户权限
$tabControl.Add_SelectedIndexChanged({
$currentTab = $tabControl.SelectedTab
if ($currentTab.Text -eq "用户权限分配") {
$listView = $currentTab.Controls[0]
$listView.Add_DoubleClick({
if ($listView.SelectedItems.Count -gt 0) {
$item = $listView.SelectedItems[0]
$policy = $item.Tag
if ($policy.Type -eq "USER_RIGHTS") {
$newUsers = Show-UserRightsEditor $policy.Name $policy.Value
if ($newUsers -ne $null) {
$policy.Value = $newUsers
$item.SubItems[3].Text = $newUsers
$item.Checked = $false
}
}
}
})
}
})
function Edit-UserRights {
$currentTab = $tabControl.SelectedTab
if ($currentTab.Text -eq "用户权限分配" -and $currentTab.Controls[0].SelectedItems.Count -gt 0) {
$item = $currentTab.Controls[0].SelectedItems[0]
$policy = $item.Tag
if ($policy.Type -eq "USER_RIGHTS") {
$newUsers = Show-UserRightsEditor $policy.Name $policy.Value
if ($newUsers -ne $null) {
$policy.Value = $newUsers
$item.SubItems[3].Text = $newUsers
$item.Checked = $false
}
}
}
else {
[System.Windows.Forms.MessageBox]::Show("请在'用户权限分配'选项卡中选择一个策略进行编辑", "提示", "OK", "Information")
}
}
# 其他菜单事件
$backupItem.Add_Click({ Backup-Policies })
$restoreItem.Add_Click({ Restore-Policies })
$refreshItem.Add_Click({ Refresh-PolicyStatus })
$applyItem.Add_Click({ Apply-SelectedPolicies })
$exitItem.Add_Click({ $form.Close() })
$aboutItem.Add_Click({
[System.Windows.Forms.MessageBox]::Show("组策略图形化管理工具 v2.0`n包含用户权限分配功能`n作者: AI Assistant`n创建时间: 2024", "关于")
})
# 初始化
Refresh-PolicyStatus
$form.Add_Shown({$form.Activate()})
# 运行窗体
[System.Windows.Forms.Application]::Run($form)
新增功能:
- 用户权限分配选项卡:包含10个常见的用户权限策略
- 权限编辑器:双击或点击编辑按钮可以修改具体的用户和组分配
- 特殊处理逻辑:用户权限分配使用
secedit命令而不是注册表 - 备份恢复增强:支持用户权限分配的备份和恢复
- 可视化界面:显示当前分配的用户和推荐值
用户权限包括:
- 允许/拒绝本地登录
- 远程桌面服务登录
- 作为服务登录
- 调试程序权限
- 管理审核日志
- 更改系统时间
- 关闭系统权限等
使用方法:
- 在"用户权限分配"选项卡中选择策略
- 双击或点击"编辑用户权限"按钮
- 输入用户或组名称(多个用逗号分隔)
- 应用策略即可生效
现在你可以通过图形界面方便地管理用户权限分配了!
扫一扫
1190
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
