我正在尝试编写一个PowerShell版本5脚本来查询文本文档,它只是一个用户名列表,然后针对每个文件运行一系列Get-ADUser和Set-ADUser命令。
我有脚本工作,所以如果我输入一个用户名($SamAccountName是我现在用于-Identitity修饰符的变量)它工作得很好,但现在我希望它运行批处理来自TXT文件。
#Pull a list of users from Text file
$TXTfile = Read-Host -Prompt 'Enter path to Text File'
$file = Get-Content $TXTfile
$file | foreach {
$items = $_.Split("=")
if ($items[0] -eq "") { $SamAccountName = $items[1] }
}
echo $SamAccountName
我得到的错误是:
启用-ADAccount:无法验证参数' Identity'的参数。参数为null。为参数提供有效值,然后再次尝试运行该命令。
我的文字文件看起来像这样:
SmithA
TurnerH
SchmoJ
TrumpD
以下是我为禁用个人帐户而运行的完整脚本:
# this Powershell script will disable a users stored in a TXT file.
# along with disabling their account it will also:
# -Strip thier Group memberships
# -Update some attributes
# -Move the account to the Disabled User's OU
#
#
$UC = Get-Credential
$Date = Get-Date
$Ticket = Read-Host -Prompt 'Input LANDesk ticket number'
#
#
#Prompt for to enter a single username:#
#$samAccountName = Read-Host -Prompt 'Input Username to be disabled:'
#
#
#Pull a list of users from Text file
$TXTfile = Read-Host -Prompt 'Enter path to Text File'
$file = Get-Content $TXTfile
$file | foreach {
$items = $_.Split("=")
if ($items[0] -eq "") { $SamAccountName = $items[1] }
# Enable the account
Enable-ADAccount -Identity $samAccountName
# Remove Group Memberships
(GET-ADUSER –Identity $samAccountName –Properties MemberOf | Select-Object MemberOf).MemberOf | Remove-ADGroupMember -Members $samAccountName
# Update Attributes
#Remove from main dynamic distribution list
Set-ADUser -Identity $samAccountName -company X1
#Clear GAL field "Mail Box Type"
Set-ADUser -Identity $samAccountName -Clear "extensionAttribute1"
#Remove from team dynamic distribution list
Set-ADUser -Identity $samAccountName -Department x2
#Modify Description field with disable date and ticket number
Set-ADUser -Identity $samAccountName -Description "disabled $Date Ticket $Ticket"
# Move Account
Get-ADUser -Identity $samAccountName | move-adobject -targetpath "ou=disabled,ou=users,ou=division,dc=department,dc=company,dc=lcl"
# Disable Account
Disable-ADAccount -Identity $samAccountName
}
答案 0 :(得分:0)
这里有很多问题,你不必要地拆分,不分配$samAccountName,除非第一部分是空的,它永远不会是你在循环中做的工作所以最多它只会处理最后一行。
这应该有效,尽管没有经过测试。
# This Powershell script will disable a users stored in a TXT file.
# Along with disabling their account it will also:
# -Strip their group membership
# -Update some attributes
# -Move the account to the Disabled User's OU
$UC = Get-Credential
$Date = Get-Date
$Ticket = Read-Host -Prompt 'Input LANDesk ticket number'
#Pull a list of users from Text file
$TXTfile = Read-Host -Prompt 'Enter path to Text File'
$samAccountNames = Get-Content $TXTfile
foreach ($samAccountName in $samAccountNames)
{
# Enable the account
Enable-ADAccount -Identity $samAccountName
# Remove Group Memberships
Get-ADUser –Identity $samAccountName –Properties MemberOf | Select-Object -ExpandProperty MemberOf | Remove-ADGroupMember -Members $samAccountName
# Update Attributes
#Remove from main dynamic distribution list
Set-ADUser -Identity $samAccountName -company X1
#Clear GAL field "Mail Box Type"
Set-ADUser -Identity $samAccountName -Clear "extensionAttribute1"
#Remove from team dynamic distribution list
Set-ADUser -Identity $samAccountName -Department x2
#Modify Description field with disable date and ticket number
Set-ADUser -Identity $samAccountName -Description "disabled $Date Ticket $Ticket"
# Move Account
Get-ADUser -Identity $samAccountName | move-adobject -targetpath "ou=disabled,ou=users,ou=division,dc=department,dc=company,dc=lcl"
# Disable Account
Disable-ADAccount -Identity $samAccountName
}