我的脚本可以跨域扫描所有安全组成员,并以这种格式导出到CSV file:Name, username, security group。但我想为域添加另一行,因此格式如下所示:domain\username, name, security group。
我可以获得DN,但我只对domain\username感兴趣。我在互联网上搜索,我找不到任何东西,我不确定这是否可能
$objForest = [System.DirectoryServices.ActiveDirectory.Forest]::GetCurrentForest() $DomainList = @($objForest.Domains | Select-Object Name) $Domains = $DomainList | foreach {$_.Name}
$Groups = Import-Csv C:\ad.csv
$Table = @()
$Record = @{ "Group Name" = "" "Name" = "" "Username" = "" }
Foreach ($Group in $Groups) {
$Arrayofmembers = Get-ADGroupMember -identity $Group.groupad
-recursive -Server $Domain | select name,samaccountname
foreach ($Member in $Arrayofmembers) {
$Record."Group Name" = $Group.ad
$Record."Name" = $Member.name
$Record."UserName" = $Member.samaccountname
$objRecord = New-Object PSObject -property $Record
$Table += $objrecord
}
}
$Table | export-csv "C:\SecurityGroups3.csv" -NoTypeInformation
答案 0 :(得分:1)
如上所述Bum,您可以使用正则表达式获取DC并将其与用户名结合使用:
$username = 'Michael'
$distinguishedName = 'CN=Domain Admins,CN=Users,DC=Fabrikam,DC=com'
$dc = [regex]::Match($distinguishedName, 'DC=([^,|$]+)').Groups[1].Value
$domainuser = '{0}\{1}' -f $dc, $username
$domainuser的输出:
$domainuser
Fabrikam\Michael