所以我写了一个脚本,我认为它过于复杂,如果它按照我的意愿行事会很好。顺便说一句,这是在PowerShell v2中。我仍然试图让这家公司至少使用v4。
此脚本旨在向用户查询用户ID(samAccountName),并显示该用户在AD中所有群组的成员资格和所有权状态列表。
$Path = Get-ScriptDirectory
$Date = (Get-Date).ToString('yyyy-MM-dd')
$Domain = Get-ADDomain | select -ExpandProperty NetBIOSName
$Username = Read-Host "Input User ID"
$Filename = "$Path\$Domain" + "_" + $Username + "_Groups_" + $Date + ".csv"
$GetContent1 = "$Path" + "GetContent1.csv"
$GetContent2 = "$Path" + "GetContent2.csv"
$Memberships = "$Path\$Domain" + "_" + $Username + "_Memberships_" + $DATE
+ ".csv"
$Ownerships = "$Path\$Domain" + "_" + $Username + "_Ownerships_" + $DATE + ".csv"
$LastFile = "$Path\$Domain" + "_" + $Username + "_Group_Status_" + $DATE + ".csv"
$Owner = Get-AdGroup -Filter {ManagedBy -eq $Username} -Properties samAccountName | select -expandproperty samAccountName
$o = get-aduser -filter { CN -eq $Username } -properties DisplayName, memberof
$o.MemberOf.ToString()
Get-ADUser $Username -Properties Memberof | %{$_.memberof} | %{get-adgroup $_ | select name} | Export-Csv $GetContent1 -NoTypeInformation
Get-AdGroup -Filter {ManagedBy -eq $Username} -Properties samAccountName | %{$_.samAccountName} | %{get-adgroup $_ | select name} | Export-Csv $GetContent2 -NoTypeInformation
$o | select DisplayName, samaccountname, @{name="MemberOf";expression={($_.MemberOf | ForEach { (Get-ADGroup $_).Name }) -join "`n"}}, @{N='Groups Owned';Expression={$Owner -join "`n"}}| Out-GridView
import-csv $GetContent1 | select -Property @{name="MemberOf";expression={$($_.name)}}| Export-Csv $Memberships -NoTypeInformation
import-csv $GetContent2 | select -Property @{name="Owns";expression={$($_.name)}}| Export-Csv $Ownerships -NoTypeInformation
$filea = import-csv $Memberships
$fileb = import-csv $Ownerships
for($i=0;$i -lt $filea.count;$i++){
$filea[$i] | Add-Member -MemberType NoteProperty -Name Owns -Value $fileb[$i].Owns
}
$filea | export-csv $LastFile -NoTypeInformation
Out-GridView部分似乎工作正常。但是,当我合并两个CSV时,我没有得到所有结果。
我相信它是因为会员列表比所有权列表短,所以它看起来只接受第二个CSV中的数据直到第一个CSV数据停止的点(例如如果成员资格字段在列中只有2行数据,则所有权字段将停在2行,即使用户ID拥有30个组的所有权。)
任何人都可以帮我找到解决此问题的方法吗?
答案 0 :(得分:0)
忽略有关文件命名约定的代码,以下将从控制台读取用户名并构建一个文件,其中第一列只是用户名,第二列是组成员身份,第三列是用户的组管理。由于这种格式不是真正的csv,我们通过循环遍历所有组并手动设置前2行来伪造它。
# Set the output file
$file = "C:\temp\test.csv"
#$username = Read-Host -Prompt "Type in a username:"
$groupMemberships = Get-ADUser $Username -Properties Memberof | Select -ExpandProperty memberof | ForEach-Object{Get-ADGroup $_} | Select -ExpandProperty Name
$groupsManaged = Get-AdGroup -Filter {ManagedBy -eq $Username} | ForEach-Object{Get-ADGroup $_} | Select -ExpandProperty Name
# Calculate the longest entry.
$maxEntries = $groupMemberships.count, $groupsManaged.count | Measure-Object -Maximum | Select-Object -ExpandProperty Maximum
# Build the output lines and just use Set-Content since we are not using object that Export-CSV would enjoy.
# Create the header
'"Username","MemberOf","ManagedBy"' | Set-Content $file
# Create the first entry outside the loop since it is special as the only one with username
'"{0}","{1}","{2}"' -f $Username,$groupMemberships[0],$groupsManaged[1] | Add-Content $file
# Arrays are zero based so we adjust the count for that and for skipping the first line.
1..($maxEntries - 1) | ForEach-Object{
'"","{0}","{1}"' -f $groupMemberships[$_],$groupsManaged[$_] | Add-Content $file
}
我们利用PowerShell的一个功能,如果引用不存在的数组元素,则返回null。因此,如果你有更多的成员比管理它不会失败。该文件将与变量包含更多条目的文件一样长。