powershell

时间:2016-09-08 08:06:01

标签: windows powershell office365

我需要做的是使用$ userID中匹配的Employee ID(如果存在),将$ O365Users与Enabled属性中的每个Username关联的License属性进行比较。使用标准嵌套ForEach(上面)我们使用此脚本来帮助管理我们的本地Active Directory和MSOL(Microsoft Online - Office 365)对象。我的问题是:我有一个与foreach循环相关的问题,所以同一个对象返回多个(永远)我想逐行为每个用户做

Import-Module ActiveDirectory
Import-Module MSOnline

$password = ConvertTo-SecureString 'PASSWORD' -AsPlainText -Force
$LiveCred = New-Object System.Management.Automation.PSCredential ("username@domain.com", $password)
New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://ps.outlook.com/powershell/ -Credential $LiveCred -Authentication Basic -AllowRedirection

Connect-MsolService -Credential $Livecred

$O365Users = Get-MsolUser -All
ForEach ($O365User in $O365Users)
{
  $userID = Import-CSV "c:\Export\list.csv"
  $ADuser = Get-ADUser -Filter "EmployeeID -eq $($userID.EmployeeID)" -Properties whenCreated, Enabled, SAMAccountName
  If (($ADUser.Enabled -eq $True) -and ($O365User.isLicensed = $true))
    {

     Get-MsolUSer -UserPrincipalName $ADuser.UserPrincipalName
        Set-MsolUserLicense -UserPrincipalName $ADuser.UserPrincipalName -RemoveLicenses "company:ENTERPRISEPACK"
    }
}

CSV文件:

EmployeeID
52576
1234
8599

2 个答案:

答案 0 :(得分:0)

这里你应该这样做

$userID = Import-Csv "c:\export\list.csv"

foreach ($user in $userID){

    $ADuser = Get-ADUser -Filter "EmployeeId -eq $($user.EmployeeID)" -Properties whenCreated, Enabled, SAMAccountName
    $O365User = Get-MsolUser -UserPrincipalName $ADuser.UserPrincipalName

    if(($ADuser.Enabled -eq $true) -and ($O365User.isLicensed -eq $true)){
        Get-MsolUSer -UserPrincipalName $ADuser.UserPrincipalName
        Set-MsolUserLicense -UserPrincipalName $ADuser.UserPrincipalName -RemoveLicenses "company:ENTERPRISEPACK"
    }

}

关于性能的后续问题(我认为可能会提高性能,没有保修,也没有经过测试):

$userID = Import-Csv "c:\export\list.csv"
$adusers = Get-ADUser -Filter * -properties EmployeeID,whenCreated,Enabled,SAMAccountname
$msolusers = Get-MsolUser -All

foreach ($user in $userID){

$ADuser = $adusers | where {$_.EmployeeID -eq $user.EmployeeID}
$O365User = $msolusers | where {$_.UserPrincipalName -eq $ADuser.UserPrincipalName}

if(($ADuser.Enabled -eq $true) -and ($O365User.isLicensed -eq $true)){
    Set-MsolUserLicense -UserPrincipalName $ADuser.UserPrincipalName -RemoveLicenses "company:ENTERPRISEPACK"
}

}

根据有多少AD / MSOL用户而且你必须匹配这可能会减少或增加执行时间,你必须进行测试,因为我不能。 我还删除了if语句中的get-msoluser,因为它只有函数生成(不必要的?)输出。如果我的“改进”有任何问题,请告诉我,我们可以看到我们能做什么;)

答案 1 :(得分:-1)

请尝试:

Import-Module ActiveDirectory
Import-Module MSOnline

$password = ConvertTo-SecureString 'PASSWORD' -AsPlainText -Force
$LiveCred = New-Object System.Management.Automation.PSCredential ("username@domain.com", $password)
New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://ps.outlook.com/powershell/ -Credential $LiveCred -Authentication Basic -AllowRedirection

Connect-MsolService -Credential $Livecred


$userIDs = Import-CSV "c:\Export\list.csv"
$O365Users = Get-MsolUser -All

ForEach ($O365User in $O365Users)
{
  foreach ($userID in $userIDs) 
    {
    $ADuser = Get-ADUser -Filter "EmployeeID -eq $($userID.EmployeeID)" -Properties whenCreated, Enabled, SAMAccountName,ObjectGUID
    $valuetoconvert=$ADuser.ObjectGUID
    $guid = [GUID]$valuetoconvert
    $bytearray = $guid.tobytearray()
    $ImmutableID = [system.convert]::ToBase64String($bytearray)


  If (($ADUser.Enabled -eq $True) -and ($O365User.isLicensed = $true) -and ($ImmutableID -eq $O365User.ImmutableID ) )
    {
        Get-MsolUSer -UserPrincipalName $ADuser.UserPrincipalName
        Set-MsolUserLicense -UserPrincipalName $ADuser.UserPrincipalName -RemoveLicenses "company:ENTERPRISEPACK"
    }

    }   
}
相关问题
最新问题