作为初学者,我遇到了一项相当简单的任务。我需要编写一个ps脚本,将文件复制到不同组中的用户 - 每个组获取不同的文件。所有文件都在网络位置,因此我不需要在他们的计算机上执行任何操作。
首先想法是获取所有活跃用户的变量,然后检查他们属于哪些组。如果它们属于三个组中的一个,则脚本会将必要的文件复制到其网络位置。管理人员有一个小组存在问题,因为他们属于我感兴趣的两个小组,但我可以用条件解决这个问题。
我为此编写的大部分代码都是下面的snipets,试图测试PS:
$Source = Get-ADUser -LDAPFilter "(&(objectCategory=person)(objectClass=user)(!userAccountControl:1.2.840.113556.1.4.803:=2))" #Import active users as a source variable
foreach ($user in $Source) #for every user in source get his groups
{
$UserGroups = get-aduser $user -Properties memberof | select -expand memberof
If ($user.IsMember("LDAP://" + ) -eq $False)
{
Write-Host "He is a member!"
}
我知道这并不多,我一直在网上寻找一个合适的例子超过一个星期,现在没有运气。
答案 0 :(得分:0)
以下是如何测试组成员身份的示例:
$targetGroup1 = "Administrators"
$targetGroup2 = "Domain Users"
Get-ADUser -Filter * -Properties MemberOf | ForEach-Object {
if(($_.MemberOf -match "CN=$targetGroup1") -and ($_.MemberOf -match "CN=$targetGroup2")) {
"$($_.Name) is a member both groups"
"copying files from a special location"
} elseif($_.MemberOf -match "CN=$targetGroup1") {
"$($_.Name) is a member of $targetGroup1"
"copying files from source1"
} elseif($_.MemberOf -match "CN=$targetGroup2") {
"$($_.Name) is a member of $targetGroup2"
"copying files from source2"
}
}
答案 1 :(得分:0)
这样的事情可能(代码未经测试):
Import-Module ActiveDirectory
$groupOneMembers = Get-AdGroupMember Group1 | Select-Object -ExpandProperty SamAccountName
$groupTwoMembers = Get-AdGroupMember Group2 | Select-Object -ExpandProperty SamAccountName
$groupThreeMembers = Get-AdGroupMember Group3 | Select-Object -ExpandProperty SamAccountName
foreach($member in $groupOneMembers) {
Copy-Item -Recurse \\server\GroupOneFiles \\server\Users\$member
}
foreach($member in $groupTwoMembers) {
Copy-Item -Recurse \\server\GroupOneFiles \\server\Users\$member
}
foreach($member in $groupThreeMembers) {
Copy-Item -Recurse \\server\GroupOneFiles \\server\Users\$member
}