如何隔离AD专有名称,并删除额外的行?

时间:2017-11-08 20:35:54

标签: powershell replace active-directory line-breaks distinguishedname

我试图打印一个人AD组的第一级(?)专有名称。很多人都是许多团体的一部分,到目前为止,我已经多次使用这些团体,除了我想要的东西之外,我已经使用了 - 替换掉了所有东西。 现在,让我们说这些是John Smith所在的群体:

PS C:\> $member = Get-ADUser jsmith -prop MemberOf | Select Name,MemberOf  
$member.Name  
$member.MemberOf  
Smith, John A - (jsmith)  
CN=VPN Users,OU=Resource,OU=User Groups,OU=Groups,OU=Delegated OUs,OU=Delegation,DC=domainetc  
CN=ResG-Smith,OU=Smith,OU=Research,OU=User Groups,OU=Groups,OU=Delegated OUs,OU=Delegation,DC=domainetc  
CN=Faculty,OU=Business,OU=User Groups,OU=Groups,OU=Delegated OUs,OU=Delegation,DC=domainetc

我的最终目标是这样的:

PS C:\> Get-ResearchGroup jsmith  
Smith, John A - (jsmith)  
Smith

或者甚至可能:

Name                     MemberOf  
----                     --------  
Smith, John A - (jsmith) Smith

(也许还有一些Add-Member爵士乐,我非常确定我可以自己解决这个问题)

无论如何,重点是要让史密斯'来自CN=ResG-Smith,OU=Smith,OU=Research,OU=User Groups,OU=Groups,OU=Delegated OUs,OU=Delegation,DC=domainetc
现在,我相信,我们的研究小组(ResG)的名字都是相同的,这要归功于一个脚本,但最好更换以获得史密斯'来自OU = Smith而不是CN = ResG-Smith,如果可行的话。

Function Get-ResearchGroup {
  [CmdletBinding()]
    Param(
    [Parameter(Position=1)]
    [string[]]$Users,

    [switch]$Raw
    )

  Foreach ($user in $Users) {

    $member = Get-ADUser $user -prop MemberOf | Select Name,MemberOf

    # $member
    #printing out the variable right now results as follows:
    # Name                     MemberOf
    # ----                     --------
    # Smith, John A - (jsmith) {CN=VPN Users,OU=Resource,OU=User Groups,OU=Groups,OU=Delegated OUs,OU=Delegation,DC=domainetc, CN=ResG-Smith,OU=Smith,OU=Research,OU=User Groups,OU=Groups,OU=Delegated O...

    #I still don't know a whole lot about objects yet, but I wasn't too surprised when -replace didn't work on my variable. I tried this:
    # $member -replace '.*ResG-Smith,OU=' -replace ',OU=Research,.*'
    #results:
    # @{MemberOf=Microsoft.ActiveDirectory.Management.ADPropertyValueCollection}
    #(and, sure, maybe I just set something up wrong)

    #Now, this kind of works:
    # $member.MemberOf -replace '.*CN=ResG-Smith,OU=' -replace ',OU=Research,.*'
    # CN=VPN Users,OU=Resource,OU=User Groups,OU=Groups,OU=Delegated OUs,OU=Delegation,DC=domainetc
    # Smith
    # CN=Faculty,OU=Business,OU=User Groups,OU=Groups,OU=Delegated OUs,OU=Delegation,DC=domainetc
    #Except only on the applicable line.

    #This is pretty much where I'm at right now. Everything below the stackoverflow link are my failed attempts/additions.
    $member.Name
    $MemberOf = $member.memberof -replace '.*CN=ResG-' -replace ',OU=Research,.*' -replace '.*OU='  -replace 'Delegation,.*' -replace 'Enterprise,.*' -replace 'Groups,.*'
    $MemberOf | where { $_ -ne "" }
    #https://stackoverflow.com/questions/19168475/powershell-to-remove-text-from-a-string

    #I tried some different variations of adding each of these (never more than one at a time) on to the chain of replaces, with no success:
    # -replace " `r`n"
    # -replace " `\r`\n"
    # -replace " \\r\\n"
    # -replace "`r`n"
    # -replace "`\r`\n"
    # -replace "\\r\\n"
    #https://stackoverflow.com/questions/22238465/removing-line-break-powershell
    #I've also tried a few variations of .replace(), which didn't work (same results)

    #https://community.spiceworks.com/topic/825700-get-aduser-distinguishedname-powershell-help
    # Get-ADUser jsmith -prop MemberOf | Select Name,MemberOf,@{l='OU';e={$_.DistinguishedName.split(',')[1].split('=')[1]}
    # The hash literal was incomplete.
    # + CategoryInfo          : ParserError: (:) [], ParentContainsErrorRecordException
    # + FullyQualifiedErrorId : IncompleteHashLiteral

    #The next code look pretty similar to above, but there appear to be some differences, so I thought I'd try it.
    #source: https://www.experts-exchange.com/questions/28206442/Get-part-of-Distinguished-Name-and-Output-to-file-in-Powershell.html
    # Get-ADUser jsmith -prop MemberOf | Select Name,MemberOf,@{name="Research";expression={($_.DistinguishedName -split ",OU=")[1]}}
    # Name                       MemberOf                                                                                                                                                                                  
    # ----                       --------                                                                                                                                                                                  
    # Smith, John A - (jsmith)   {CN=VPN Users,OU=Resource,OU=User Groups,OU=Groups,OU=Delegated OUs,OU=Delegation,DC=domainetc, CN=ResG-Smith,OU=Smith,OU=Research,OU=User Groups,OU=Groups,OU=Delegated OUs,OU=Delegat...

  }
}

2 个答案:

答案 0 :(得分:0)

您可以使用“split”方法两次首先用逗号将字符串拆分为数组,然后再次“拆分”以将“OU =”与其他所有内容分开。您的Get-ADUser命令最终会与此类似:

Get-ADUser $user | Select-Object Name, Memberof, @{l='OU';e={$_.DistinguishedName.split(',')[1].split('=')[1]}}

答案 1 :(得分:0)

如果不使用字符串方法解析DistinguishedName,另一种方法是进行Get-ADGroup查找。第二次查找效率较低,但不太可能在意外的目录路径上中断。

function Get-ResearchGroup {
    param (
        [string[]]$Identity
    )
    foreach ($ID in $Identity) {
        $User = Get-ADUser $ID -Properties MemberOf
        $ResearchGroupsDN = $User.MemberOf | Where-Object {$_ -like 'CN=ResG*'}
        foreach ($ResearchGroupDN in $ResearchGroupsDN) {
            $ResearchGroupObject = Get-ADGroup $ResearchGroupDN
            [PSCustomObject]@{
                'Name' = $User.Name
                'MemberOf' = $ResearchGroupObject.Name -replace 'ResG',''
            }
        }
    }
}
相关问题
最新问题