powershell查找所有组的所有用户标记为已禁用

时间:2017-04-04 05:26:23

标签: loops powershell foreach export-to-csv

我正在尝试使用PowerShell通过以下列吐出csv文件: 名称,用户名,组名,已启用

我几乎在那里,我缺少的一步是如何将用户标记为已启用或未启用。 例如,这很好用:

Import-Module ActiveDirectory

$Groups = (Get-AdGroup -filter * | Where {$_.name -like "**"} | select name -ExpandProperty name)

$Table = @()

$Record = @{
  "Group Name" = ""
  "Name" = ""
  "Username" = ""
}


Foreach ($Group in $Groups) {

  $Arrayofmembers = Get-ADGroupMember -identity $Group -recursive | select name,samaccountname

  foreach ($Member in $Arrayofmembers) {
    $Record."Group Name" = $Group
    $Record."Name" = $Member.name
    $Record."UserName" = $Member.samaccountname
    $objRecord = New-Object PSObject -property $Record
    $Table += $objrecord

  }
}

$Table | export-csv "C:\temp\SecurityGroups.csv" -NoTypeInformation

如果我试图在每个循环中添加一个(非常不切实际的)额外搜索来打击用户"已启用"状态,该列只是空白:

Import-Module ActiveDirectory

$Groups = (Get-AdGroup -filter * | Where {$_.name -like "**"} | select name -ExpandProperty name)

$Table = @()

$Record = @{
  "Group Name" = ""
  "Name" = ""
  "Username" = ""
  "Enabled" = ""
}


Foreach ($Group in $Groups) {

  $Arrayofmembers = Get-ADGroupMember -identity $Group -recursive | select name,samaccountname

  foreach ($Member in $Arrayofmembers) {
    $Temprecord = Get-ADUser -Filter 'samaccountname -like "$Member.samaccountname"'
    $Record."Enabled" = $Temprecord.Enabled
    $Record."Group Name" = $Group
    $Record."Name" = $Member.name
    $Record."UserName" = $Member.samaccountname
    $objRecord = New-Object PSObject -property $Record
    $Table += $objrecord

  }
}

$Table | export-csv "C:\temp\SecurityGroups.csv" -NoTypeInformation

如果我不得不猜测,这是一个问题:

$Temprecord = Get-ADUser -Filter 'samaccountname -like "$Member.samaccountname"'

这一点必定是错的,但我不确定如何解决。

2 个答案:

答案 0 :(得分:0)

管道管道管道,不需要循环和数组构建和哈希表并存储所有输出,然后输出它。

将组管理到ADGroupMember并同时携带组对象,将组和成员传送到Select,然后选择所需的四列,并将它们导出为CSV。

Import-Module ActiveDirectory

Get-AdGroup -Filter "Name -like '*e*'" -PipelineVariable Group |
    Get-ADGroupMember -Recursive | 
        Select-Object @{Label='Group Name'; Expression={$Group.Name}}, 
                      Name, 
                      SamAccountName, 
                      @{Label='Enabled'; Expression={(Get-AdUser -Identity $_.SamAccountName).Enabled}} |
            Export-Csv -Path 'C:\temp\SecurityGroups.csv' -NoTypeInformation

答案 1 :(得分:0)

$Temprecord = Get-ADUser -Filter "samaccountname -like ""$($Member.samaccountname)"""

参见例如Weekend Scripter: Understanding Quotation Marks in PowerShellEscape characters, Delimiters and Quotes需要解释。

示例

PS D:\PShell> $x = 1,2,3
PS D:\PShell> $x.Count
3
PS D:\PShell> ### Single quotation marks define a literal string
PS D:\PShell> '$x.Count'
$x.Count
PS D:\PShell> ### Double quotation marks define more dynamic parsing string
PS D:\PShell> "$x.Count"
1 2 3.Count
PS D:\PShell> ### OOPS!
PS D:\PShell> "$($x.Count)"
3
PS D:\PShell> "array count $($x.Count)"
array count 3
PS D:\PShell> ### Finally, escape double quotes within double quoted string
PS D:\PShell> "array count as string ""$($x.Count)"""
array count as string "3"
PS D:\PShell>
相关问题
最新问题