我有一个问题。我想在我的服务器上接收管理员用户的最后密码更改时间。我找到了一个脚本,但它不适用于Powershell 2.0。你能帮助我吗?
function Get-LocalUser {
[Cmdletbinding()]
Param(
[Parameter(ValueFromPipeline=$true, ValueFromPipelineByPropertyName=$true)]
[String[]]$Computername = $env:Computername
)
Begin {
#region Helper Functions
function ConvertTo-SID {
Param([byte[]]$BinarySID)
(New-Object System.Security.Principal.SecurityIdentifier($BinarySID,0)).Value
}
function Convert-UserFlag {
Param ($UserFlag)
$List = New-Object System.Collections.ArrayList
Switch ($UserFlag) {
($UserFlag -bor 0x0001) {[void]$List.Add('SCRIPT')}
($UserFlag -bor 0x0002) {[void]$List.Add('ACCOUNTDISABLE')}
($UserFlag -bor 0x0008) {[void]$List.Add('HOMEDIR_REQUIRED')}
($UserFlag -bor 0x0010) {[void]$List.Add('LOCKOUT')}
($UserFlag -bor 0x0020) {[void]$List.Add('PASSWD_NOTREQD')}
($UserFlag -bor 0x0040) {[void]$List.Add('PASSWD_CANT_CHANGE')}
($UserFlag -bor 0x0080) {[void]$List.Add('ENCRYPTED_TEXT_PWD_ALLOWED')}
($UserFlag -bor 0x0100) {[void]$List.Add('TEMP_DUPLICATE_ACCOUNT')}
($UserFlag -bor 0x0200) {[void]$List.Add('NORMAL_ACCOUNT')}
($UserFlag -bor 0x0800) {[void]$List.Add('INTERDOMAIN_TRUST_ACCOUNT')}
($UserFlag -bor 0x1000) {[void]$List.Add('WORKSTATION_TRUST_ACCOUNT')}
($UserFlag -bor 0x2000) {[void]$List.Add('SERVER_TRUST_ACCOUNT')}
($UserFlag -bor 0x10000) {[void]$List.Add('DONT_EXPIRE_PASSWORD')}
($UserFlag -bor 0x20000) {[void]$List.Add('MNS_LOGON_ACCOUNT')}
($UserFlag -bor 0x40000) {[void]$List.Add('SMARTCARD_REQUIRED')}
($UserFlag -bor 0x80000) {[void]$List.Add('TRUSTED_FOR_DELEGATION')}
($UserFlag -bor 0x100000) {[void]$List.Add('NOT_DELEGATED')}
($UserFlag -bor 0x200000) {[void]$List.Add('USE_DES_KEY_ONLY')}
($UserFlag -bor 0x400000) {[void]$List.Add('DONT_REQ_PREAUTH')}
($UserFlag -bor 0x800000) {[void]$List.Add('PASSWORD_EXPIRED')}
($UserFlag -bor 0x1000000) {[void]$List.Add('TRUSTED_TO_AUTH_FOR_DELEGATION')}
($UserFlag -bor 0x04000000) {[void]$List.Add('PARTIAL_SECRETS_ACCOUNT')}
}
$List -join ', '
}
#endregion Helper Functions
}
Process {
$adsi = [ADSI]"WinNT://$Computername"
$adsi.Children | where {$_.SchemaClassName -eq 'user'} | ForEach {
[pscustomobject]@{
UserName = $_.Name[0]
SID = ConvertTo-SID -BinarySID $_.ObjectSID[0]
PasswordAge = [math]::Round($_.PasswordAge[0]/86400)
LastLogin = if ($_.LastLogin[0] -is [datetime]){$_.LastLogin[0]} else {'Never logged on'}
UserFlags = Convert-UserFlag -UserFlag $_.UserFlags[0]
MinPasswordLength = $_.MinPasswordLength[0]
MinPasswordAge = [math]::Round($_.MinPasswordAge[0]/86400)
MaxPasswordAge = [math]::Round($_.MaxPasswordAge[0]/86400)
BadPasswordAttempts = $_.BadPasswordAttempts[0]
MaxBadPasswords = $_.MaxBadPasswordsAllowed[0]
Groups = $_.Groups() | Foreach-Object {$_.GetType().InvokeMember("Name", 'GetProperty', $null, $_, $null)}
}
}
}
}
$env:Computername | Get-LocalUser |
Where-Object{$_.Groups -contains 'Administrators'} |
Select-Object userName, PasswordAge, LastLogin
那是错误
Unable to index into an object of type System.Management.Automation.PSMethod.
At line:103 char:32
+ LastLogin = If ($_.LastLogin[ <<<< 0] -is [datetime]){$_.LastLogin[0]} Else{'Never logged on'}
+ CategoryInfo : InvalidOperation: (0:Int32) [], RuntimeException
+ FullyQualifiedErrorId : CannotIndex
Unable to index into an object of type System.Management.Automation.PSMethod.
At line:103 char:32
+ LastLogin = If ($_.LastLogin[ <<<< 0] -is [datetime]){$_.LastLogin[0]} Else{'Never logged on'}
+ CategoryInfo : InvalidOperation: (0:Int32) [], RuntimeException
+ FullyQualifiedErrorId : CannotIndex
答案 0 :(得分:0)
正如@Ansgar Wiechers已经提到的,您正在使用更高版本的功能。
您可以像PowerShell 2.0一样获得相同的信息:
conan package