根据部分名称解锁AD帐户

时间:2015-06-06 08:25:44

标签: powershell active-directory

我希望快速解锁AD帐户。我想输入部分名称,例如唐纳德

让它返回,例如

唐纳德鸭子锁定了

唐纳德多诺万残疾人

启用了donald davids

然后选择例如唐纳德鸭被解锁

所以我需要列出相关帐户,包括锁定帐户,并快速选择锁定帐户。

到目前为止,我在下面。它不会显示锁定的帐户,我无法对输出进行操作。

$name = read-host 'Whats the name'

Get-Aduser -Filter "name -like '$name*'" | select name,enabled  | Format-List

2 个答案:

答案 0 :(得分:2)

您可以尝试两种可能的解决方案。我目前没有AD,因此未经测试。

GUI 

$name = Read-Host 'Whats the name'

Get-ADUser -Filter "name -like '$name*'" | Select-Object Name, SamAccountName, Enabled | #Get users
Out-GridView -OutputMode Single -Title "Select the user you want to unlock" | #Create menu
ForEach-Object {
    #Unlock selected user
    "Unlocking $($_.Name)"
    Unlock-ADAccount -Identity $_.SamAccountName
}

CLI 

$users = @(Get-ADUser -Filter "name -like '$name*'")
if($users.Count -gt 0) {
    #Create menu
    Write-Host "Matching users:"
    Write-Host "---------------"

    $i = 1
    $users | ForEach-Object {
        Write-Host ("{0}. {1} - {2} - {3}" -f $i, $_.Name, $_.SamAccountName, $_.Enabled)
        $i++
    }

    #Select a user
    $selecteduser = Read-Host "Please select the user you would like to unlock (1-$($users.Count))"
    while ($selecteduser -lt 1 -or $selecteduser -gt $users.Count) {
        Write-Host "Invalid user selected, try again." -ForegroundColor Red
        $selecteduser = Read-Host "Please select the user you would like to unlock (1-$($users.Count))"
    }

    #Unlock selected user
    Unlock-ADAccount -Identity ($users[$selecteduser-1])

} else {
    Write-Host "No matching users found"
}

答案 1 :(得分:0)

如果您只是想快速解锁与部分名称匹配的锁定帐户,我会做以下事情:

function Invoke-SimpleUnlock {
  [CmdletBinding()]
  Param(
    [Parameter()][string]$Name = ''
  )

  Get-ADUser -Filter "name -like '$Name*'" -Property LockedOut |
    ? { $_.LockedOut } |
    Unlock-ADAccount -Confirm
}

以上内容将从通过参数-Name提供的字符串开始获取所有已锁定的AD帐户(如果省略该参数,则为全部),然后提示您解锁它们(-Confirm)。 / p>

如果您想要在继续​​解锁帐户之前找到匹配用户及其状态的列表,您可以修改此功能:

function Invoke-SimpleUnlock {
  [CmdletBinding()]
  Param(
    [Parameter()][string]$Name = ''
  )

  $users = Get-ADUser -Filter "name -like '$Name*'" -Property LockedOut

  $users | select Name, @{n='Status';e={
    if (-not $_.Enabled) {
      'Disabled'
    } elseif ($_.LockedOut) {
      'Locked'
    } else {
      'Enabled'
    }
  }} | sort Name | Format-Table -AutoSize

  $users | ? { $_.LockedOut } | Unlock-ADAccount -Confirm
}
相关问题
最新问题