早上好
我需要Powershell脚本来导入csv,通过AD中的EmployeeID属性查找用户,并导出csv以验证该帐户已被禁用。我只需要在导出中显示名称,员工ID和启用/禁用。
我对Powershell还是很陌生,我通常可以剪切/粘贴并操纵现有脚本来完成我需要的工作,但是我似乎无法使它正常工作,现在我的代码在经过鼠标操作后看起来像瑞士奶酪。 。这就是我所拥有的,但是我不确定我是否接近需要的东西。
#Script Starts
$Users = Import-Csv "\folder\Test.csv"
Import-Module ActiveDirectory
$path = Split-Path -parent ".\folder\*.*"
#Create log date
$logdate = Get-Date -Format yyyy-MM-dd-THH.mm.ss
$logfile = $path + "\logs\$logdate.logfile.txt"
ForEach ($User In $Users)
{
# Retrieve values from the csv by header name.
$FirstName = $User.FirstName
$LastName = $User.LastName
$ID = $User.Employee
#Search AD for Attributes
$UserSN = (Get-ADUser -LDAPFilter "(employeeID=$ID)").sAMAccountName
$UserDN = (Get-ADUser -Identity $UserSN -Properties DisplayName).DisplayName
$Enabled = (Get-ADUser -Identity $UserSN -Properties Enabled).Enabled
Export-Csv -Path $logdate.ADEnabled-Disabled.csv -Append
}
#Finish
答案 0 :(得分:0)
要Export-Csv,您需要某种类型的输入。当前,您什么都没有导出。
理想情况下,您希望创建一个包含所有项目的数组,然后导出该数组。
$x = @()
ForEach ($User In $Users)
{
$x += [pscustomobject]@{
FirstName = $User.FirstName
LastName = $User.LastName
#etc...
}
}
$x | Export-Csv -Path "$logdate.ADEnabled-Disabled.csv"
您有许多小问题,但是我认为这将使您为取得实际结果而努力。
答案 1 :(得分:0)
所有这些评论和不完整的答案已经给出,我担心OP会变得更加困惑...
为了使OP更好地理解,我尽可能地保留了他的原始代码。
第一:
我假设通过查看代码,输入的csv文件看起来与此类似
"FirstName","LastName","Employee"
"Elvis","Presley","12345"
"Axl","Rose","987654"
"Janis","Joplin","654283"
我在这里看到的主要问题是代码正在使用EmployeeID属性(字符串)搜索AD用户。通过将过滤器用作eq,在AD中找到的字符串必须与csv中的字符串完全相同(尽管不区分大小写)。如果不是这种情况,代码将无法通过使用-eq来找到用户,但是也许可以通过比较CSV和AD中的内容来找到其他用户,例如-like。那是OP要弄清楚的。
接下来的代码:
#Script Starts
$Users = Import-Csv "\folder\Test.csv"
Import-Module ActiveDirectory
$path = Split-Path -parent ".\folder\*.*"
# Create log date
$logdate = Get-Date -Format yyyy-MM-dd-THH.mm.ss
$logfile = $path + "\logs\$logdate.logfile.txt"
# while you're at it, create the full path and filename for the output csv
$outFile = Join-Path $path $($logdate + ".ADEnabled-Disabled.csv")
# create an array for the output file
# You CAN do without by letting PowerShell do the aggregating of objects for you
# but in this case I think it will make things more readable to collect ourselves.
$result = @()
ForEach ($User In $Users) {
# Find the user by the 'Employee' field in the csv and return an object with the required properties
# Use -LDAPFilter which requires the LDAP syntax: "(employeeID=$($User.Employee))"
# Or use -Filter where you use the Powershell syntax
$adUser = Get-ADUser -Filter "EmployeeID -eq $($User.Employee)" -Properties DisplayName, Enabled, EmployeeID |
Select-Object DisplayName, Enabled, EmployeeID
if ($adUser) {
# if the above statement did find the user, we add this to the result array
$result += $adUser
}
else {
$msg = "User '{0} {1}' not found. Check the Employee id {2}." -f $user.FirstName, $user.LastName, $user.Employee
Write-Warning $msg
Add-content $logfile -Value $msg
}
}
# now write the output csv as a new file. Because it has a complete date and time in the name
# the chances of overwriting an existing file are very slim indeed, but we'll use -Force anyway.
$result | Export-Csv -Path $outFile -NoTypeInformation -Force
#Finish
希望这会有所帮助