我必须检查办公室中管理员用户的密码有效性。如果用户的密码即将过期,它应自动向所述用户发送电子邮件。
如果这些用户帐户的相应电子邮件地址已保存在其属性中,但它们没有,则所有这些都不会成为问题。
它们被保存在名称相同的用户帐户中,但前三个字母除外。所以我需要改变这样的用户名:
if ($user.samaccountname -like 'sam*') {
$newusername = $user.SamAccountName -replace 'sam', 'pel'
$newuser = Get-ADUser -Filter {Name -eq $newusername} -Properties *
$sendmailto = $newuser.email
}
elseif ($user.samaccountname -like 'exa*') {
$newusername = $user.SamAccountName -replace 'exa', 'mpl'
$newuser = Get-ADUser -Filter {Name -eq $newusername} -Properties *
$sendmailto = $newuser.email
}
等
有更好或更聪明的方法吗?有人告诉我,我可以/应该使用枚举,但我认为这对我的剧本没有任何意义..
答案 0 :(得分:0)
答案 1 :(得分:0)
我相信你正在做与我的工作环境类似的事情。 尝试使用这样的东西。
cls
$ErrorActionPreference = "stop"
$VerbosePreference = "Continue"
$TimeSpan = (Get-Date).adddays(-80)
$PreFixArray = @("sup", "adm") #add more with ,"xxxx" can be different in lenght to.
$Regex = ("^($($PreFixArray -join '|'))")
$Filter = ($PreFixArray | % { "pwdLastSet -le $($TimeSpan.ToFileTime()) -and samaccountname -like `"$_*`"" }) -Join ' -or '
$ExpiringAdmins = Get-ADUser -Properties Passwordlastset, pwdLastSet -filter $Filter
Foreach ($ExpiringAdmin in $ExpiringAdmins) {
$mailaddress = $null
Try {
$mailaddress = (Get-ADUser -Identity (($ExpiringAdmin.SamAccountName) -replace $regex, "usr") -Properties mail).mail
}
Catch [Microsoft.ActiveDirectory.Management.ADIdentityNotFoundException] {
Write-Warning "Could not find a matching user for $($ExpiringAdmin.name), skipping"
}
Catch {
Write-Warning "An unkown error ocured for $($ExpiringAdmin.name), skipping"
continue #goes to the next $ExpiringAdmin in the ForEach Loop.
}
if ((!$mailaddress) -or ($mailaddress -eq "")) {$mailaddress = "EMAIL_NOT_FOUND"}
Write-Verbose "$($ExpiringAdmin.samaccountname) is of type $(if($ExpiringAdmin.Name -match $Regex){$Matches[1]}) and the mail is : $($mailaddress)"
}