我有名为xxx16up, yyy16up, zzz16up的广告组。我试图做的是:
该脚本将根据公司代码xxx,yyy,zzz将AD用户添加到相应的组中。
$list = Import-CSV "C:\update12Apr2018.csv"
foreach ($company in $list) {
$myList = ( Get-ADGroup "$($company.comp)16up" ).DistinguishedName
if ( ([INT]$_.level -ge 16) -and (Get-ADUser -LDAPFilter "(!(memberof=$myList))" )) {
Add-ADGroupMember -Identity "$($company.comp)16up" -Members $company.samAccountName
}
}
突出显示的部分在代码中不起作用。但是,如果我把它拿出并自己运行它没有问题。它生成相应的xxx16up, yyy16up, or zzz16up.
在代码中,它给出了以下错误:
Get-ADGroup:找不到具有标识的对象:' 16up'在:' DC = ACME,DC = com'。在行:1 char:33 + ... ch($ list in $ list){(Get-ADGroup" $($ company.comp)16up")。Disti ... + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + CategoryInfo:ObjectNotFound:(16up:ADGroup)[Get-ADGroup],ADIdentityNotFoundException + FullyQualifiedErrorId:ActiveDirectoryCmdlet:Microsoft.ActiveDirectory.Management.ADIdentityNotFoundException,Microsoft.ActiveDirectory.Manag ement.Commands.GetADGroup
我能够将问题范围缩小到有分配操作的时候,就好像连接失败一样。
答案 0 :(得分:0)
ForEach ($company in $list) {
$groupName = $company.comp + '16up'
$myList = ( Get-ADGroup $groupName ).DistinguishedName