我一直在寻找帮助来编译我可以手动运行的脚本(不是作为登录脚本),它将查询特定OU中的每个计算机帐户,获取当前/上次登录的用户,用户显示名称,IP,系统制造商和型号,BIOS serial / dell服务标签。
看起来像这样:
用户|用户显示名称| IP地址|戴尔Optiplex 3050 | 1ASDFG5
我正在尝试使用的代码是下面的代码,但我需要更多的帮助来获取其余的字段并以上面的格式编译它
$computers = Get-ADComputer -Filter * -searchBase "OU=workstations,OU=workstation,DC=mydomain,DC=local"
foreach ($computer in $computers)
{
$vendor = (Get-WMIObject -ComputerName $computer.Name Win32_ComputerSystemProduct).Vendor
$name = (Get-WMIObject -ComputerName $computer.Name Win32_ComputerSystemProduct).Name
$identifyingNumber = (Get-WMIObject -ComputerName $computer.Name Win32_ComputerSystemProduct).IdentifyingNumber
$vendor
$name
$identifyingNumber
Set-ADComputer $computer –Description “$vendor | $name | $identifyingNumber”
}
答案 0 :(得分:0)
这将作为流程的一部分更好地实现,该流程以分布式方式在用户的上下文中运行,作为的一部分,例如登录脚本或简单地作为另一个触发的任务(例如在登录时运行的计划任务,以便使信息保持最新状态。
然后,当实现类似的东西时,您可以在所述脚本中收集所需的详细信息并将其发布回计算机AD对象。在那里,您的查询不再需要设备在线,也不会是一个长期运行的脚本。
以下是您可以部署在计算机上运行的示例脚本:
# Function to Set Value on Computer Object
function Set-ADComputerObj
{
Param ( $ComputerID, $PropertyName, $Value )
$ComputerSearcher = New-Object DirectoryServices.DirectorySearcher
$ComputerSearcher.SearchRoot = "LDAP://$("DC=$(($ENV:USERDNSDOMAIN).Replace(".",",DC="))")"
$ComputerSearcher.Filter = "(&(objectCategory=Computer)(CN=$ComputerID))"
$computerObj = [ADSI]$ComputerSearcher.FindOne().Path
$computerObj.Put( $PropertyName, $Value )
$computerObj.SetInfo()
}
# Function to Get Values from User Object
function Get-ADUserObj
{
Param ( [string]$Identity = $env:USERNAME )
IF ($Identity)
{
$UserSearcher = New-Object DirectoryServices.DirectorySearcher
$UserSearcher.SearchRoot = "LDAP://$("DC=$(($ENV:USERDNSDOMAIN).Replace(".",",DC="))")"
$UserSearcher.Filter = "(&(objectCategory=person)(SAMAccountName=$Identity))"
$UserSearcher.FindOne() | foreach {New-Object PSObject -Property:$_.Properties}
}
}
#===================================
# SAMAccountName for computer object
$ComputerID = $env:COMPUTERNAME
# SAMAccountName for user object
$UserID = $env:USERNAME
# User AD object
$UserObj = Get-ADUserObj
# Display Name for the current user
$UserDisplayName = $UserObj.displayname
# Get LAN IP Address (may need to be modified to account for multiple adapters)
$IPAddress = (Get-NetIPAddress -InterfaceAlias ((Get-NetAdapter | where {$_.Status -eq "Up" -and ($_.HardwareInterface -eq $true)}).Name) | where {$_.AddressFamily -eq "IPv4"}).IPAddress
# Get Asset Product Details
$Asset = (Get-WMIObject -ComputerName $env:COMPUTERNAME Win32_ComputerSystemProduct)
$AssetVendor = $Asset.Vendor
$AssetName = $Asset.Name
$AssetNumber = $Asset.IdentifyingNumber
# Set Parameter Values for the Set Command on Computer Object
$ComputerObjProperty = "description"
$ComputerObjValue = "$UserID|$UserDisplayName|$IPAddress|$ProductVendor|$ProductName|$ProductNumber"
#===================================
Try
{
# Set Value on Computer Object
Set-ADComputerObj -ComputerID $ComputerID -PropertyName $ComputerObjProperty -Value $ComputerObjValue
}
Catch
{
# Write error exception
$error[0].Exception
}
此脚本将执行的操作是创建您要求的字符串,并将其放在AD计算机对象的描述中。从那里,您可以检索描述字段并将其拆分为分隔符。
例如:
$UserID,$UserDisplayName,$IPAddress,$ProductVendor,$ProductName,$ProductNumber = ((Get-ADComputer $ComputerName).description).split("|")
最终,这可用于提供您正在寻找的目标。