基于组成员资格的其他输出

时间:2018-07-25 14:04:59

标签: powershell active-directory powershell-v4.0

希望大家都过得愉快。如果这是一个可怕的尝试,我事先表示歉意,我对此不太擅长。


简介

因此,首先,我想介绍一下我实际创建的内容。

我为MSP工作,我的任务是创建一个供我们的客户使用的用户管理Powershell脚本,以便我们可以轻松地管理用户并使许多用户创建过程自动化。

我遇到了一个问题,这就是为什么我要寻求帮助


问题

我们的客户坚持使用GPO上的登录脚本来为用户映射驱动器。我已经在脚本中添加了一个登录脚本构建器,但是我一生都无法弄清楚如何指定实际需要添加到该登录脚本中的驱动器。


如何管理驱动器映射

在客户网络上管理驱动器映射的方式基于作业角色+ Active Directory组。他们在电子表格上请求需要映射哪些驱动器,然后我们通过Active Directory查看哪个组有权访问请求的驱动器。然后,我们添加这些组。


我需要什么帮助

我需要找到一种方法来由创建用户的技术人员指定组,然后将其转换为所选的驱动器映射之一,然后将其写入登录脚本。我自己尝试过,但是我只是想不出一种针对不同驱动器执行此操作的方法。


当前代码

注意,这可能并非全部按顺序进行,实际脚本上可能有中间的代码。这只是相关代码

[String]$path= ".\LoginScript.txt"
$NewName = $SAMAccountName
$extension = ".bat"
$FileName = "$SAMAccountName$extension"
$ScriptDrive = "\\IPREMOVED\scripts"

$group = "zz Everyone"
$members = Get-ADGroupMember -Identity $group -Recursive | Select -ExpandProperty Name

$Drive1 = If ($Members -contains $SAMAccountName) {
                                                   Write-Output "Net Use N: "\\FILE0\Senior Duty Nurses""
                                                   }
                                                   Else {
                                                         Write-Output "Net Use N: "\\FILE0\Senior Duty Nurses""
                                                         }
Write-Output "NET TIME \\FILE0 /SET /Y

$Drive1

@echo off
REM ------------------------------- 
REM -- LANDesk v8.6.1 Installation -- 
REM ------------------------------- 
%LogonServer%\Netlogon\LANDesk\iDeploy.exe /F=%LogonServer%\Netlogon\LANDesk" `n`n|FT -AutoSize >>LoginScript.txt

Get-ChildItem LoginScript.txt | Rename-Item -NewName $FileName 
Move-Item -Path ".\$FileName" -Destination $ScriptDrive

如果您需要更多代码,请询问,我将其发布在此行下方的编辑中。预先谢谢你:)


编辑
我设法按照以下布局进行工作

# Params
$NewName = $SAMAccountName
$extension = ".bat"
$FileName = "$SAMAccountName$extension"
$ScriptDrive = "\\IPREMOVED\scripts"
$Groups = Get-ADPrincipalGroupMembership $SAMAccountName | select -expandproperty name

# Define All Groups and Drives
$infosec = IF ($Groups -contains 'domain info sec'){
                                        Write-Output "Net Use I: "\\FILE0\Info-Security " "
                                        }
                                        Else {
                                              Write-Output " "
                                              }

$mgmtboard = IF ($Groups -contains 'domain mgt board'){
                                        Write-Output "Net Use : "\\FILE0\Board Committee Papers" "
                                        }
                                        Else {
                                              Write-Output " "
                                              }

$anaesthetics = IF ($Groups -contains 'domain anaesthetics'){
                                        Write-Output "Net Use : "\\FILE0\anaesthetics" "
                                        }
                                        Else {
                                              Write-Output " "
                                              }

$adverseir = IF ($Groups -contains 'domain adverse ir'){
                                        Write-Output "Net Use : "\\FILE0\adverse incident reports" "
                                        }
                                        Else {
                                              Write-Output " "
                                              }

$breastcancersecs = IF ($Groups -contains 'domain breast secs'){
                                        Write-Output "Net Use : "\\FILE0\breast cancer secs" "
                                        }
                                        Else {
                                              Write-Output " "
                                              }

$bookwise = IF ($Groups -contains 'domain bookwise'){
                                        Write-Output "Net Use : "\\FILE0\bookwise" "
                                        }
                                        Else {
                                              Write-Output " "
                                              }

$patientassessment = IF ($Groups -contains 'domain assessment'){
                                        Write-Output "Net Use : "\\FILE0\patient assessment" "
                                        }
                                        Else {
                                              Write-Output " "
                                              }

$clinicaleducation = IF ($Groups -contains 'domain clinical educ'){
                                        Write-Output "Net Use : "\\FILE0\clinical education" " -NoTypeInformation
                                        }
                                        Else {
                                              Write-Output " "
                                              }


# Creates The GroupMap
$GroupMap = $infeosec,$mgmtboard,$anaesthetics,$adverseir,$breastcancersecs,$bookwise,$patientassessment,$clinicaleducation

# Create The Drive Param
$Drives = $GroupMap


Write-Output "NET TIME \\FILE0 /SET /Y

$Drives

@echo off
REM ------------------------------- 
REM -- LANDesk v8.6.1 Installation -- 
REM ------------------------------- 
%LogonServer%\Netlogon\LANDesk\iDeploy.exe /F=%LogonServer%\Netlogon\LANDesk" `n`n|FT -AutoSize >>LoginScript.txt

Get-ChildItem LoginScript.txt | Rename-Item -NewName $FileName 
Move-Item -Path ".\$FileName" -Destination $ScriptDrive

但是,在登录脚本中。它显示以下内容。

NET TIME \\FILE0 /SET /Y

             System.Object[]

@echo off
REM ------------------------------- 
REM -- LANDesk v8.6.1 Installation -- 
REM ------------------------------- 
%LogonServer%\Netlogon\LANDesk\iDeploy.exe /F=%LogonServer%\Netlogon\LANDesk

为什么显示System.Object []?可以删除吗?

0 个答案:

没有答案