我有一个用于域用户的SamAccountName列表,我现在需要检查其状态:存在,启用或禁用。无法使其正常运行。检查exist or not的部分有效,但else的部分无效。我在哪里做错了?
$users = Get-Content -Path C:\temp\log1.txt
foreach ($user in $users) {
$userobj = $(try {Get-ADUser $user} catch {$Null})
If ($userobj -eq $Null) {
Write-Host "$user not exists" -foregroundcolor "red"
} else {
$userstatus = get-ADUser $user | Select-Object -Property enabled
if ( $userstatus = True) {Write-host "$user Enabled" -foregroundcolor "green"}
else {write-host " $user Disabled" -foregroundcolor "yellow"}
}}
答案 0 :(得分:1)
确定让我们谈谈您显示的命令。你有2期问题
$userstatus = get-ADUser $user | Select-Object -Property enabled
这将带回Enabled的属性和值,您应该使用 -ExpandProperty 来获取属性的值
然后
if ( $userstatus = True)
=是-eq
$users = Get-Content -Path C:\temp\log1.txt
foreach ($user in $users) {
$userobj = $(
try {
Get-ADUser $user
}catch{
$Null
}
)
If($userobj -eq $Null) {
Write-Host "$user not exists" -foregroundcolor "red"
}else{
$userstatus = get-ADUser $user | Select-Object -ExpandProperty enabled
if ($userstatus -eq True){
Write-host "$user Enabled" -foregroundcolor "green"
}else{
write-host " $user Disabled" -foregroundcolor "yellow"
}
}
}
这就是我想做同一件事的想法
Get-Content -Path C:\test\log1.txt | %{
try{
$user = $_
$Status = Get-ADUser $_ -ErrorAction Ignore | Select-Object -ExpandProperty enabled
If (!($Status)){
Write-Host "$user Disabled" -foregroundcolor "yellow"
}else{
Write-Host "$user Enabled" -foregroundcolor "green"
}
}catch{
Write-Host "$user not exists" -foregroundcolor "red"
}
}
答案 1 :(得分:1)
您的启用用户条件不返回任何内容的原因是因为Get-ADuser在默认情况下没有获得Enabled属性。您需要通过在-Properties Enabled中使用Get-ADUser来指定它
有几种方法可以将testlist.txt与ADUsers进行比较。如果您使用Get-ADUser如果该帐户不存在,则不会出错。相反,它将不会返回任何内容。
我将使用一个条件来检查结果的长度,而不是使用try{}catch{}。
此外,您已经在Get-ADUser的开头呼叫foreach{} loop。无需再进一步调用它:$userstatus = get-ADUser $user | Select-Object -Property enabled。
这是一种检查用户是否存在于AD中然后检查状态的简便方法:
$importedList = Get-Content -Path C:\temp\log1.txt
foreach($object in $importedList)
{
$user = Get-ADUser -Filter {SamAccountName -eq $object} -Properties SamAccountName, enabled | Select Samaccountname, enabled
if($user.Length -eq 0)
{
Write-Host $object " does not exist" -ForegroundColor Red
}
else
{
Write-Host $user
}
}
我个人更希望将其全部整合到array中。这样,以后我便可以使用它。示例:
$importedList = Get-Content -Path C:\temp\log1.txt
$userResults = @() #define the empty array
foreach($object in $importedList)
{
$user = Get-ADUser -Filter {SamAccountName -eq $object} -Properties SamAccountName, enabled | Select Samaccountname, enabled
if($user.Length -eq 0)
{
$exists = $false
$enabled = "NA"
}
else
{
$exists = $true
$enabled = $user.Enabled
}
$userResult = New-Object PSObject -Property @{
Account = $object
Exists = $exists
Enabled = $enabled
}
$userResults += $userResult
}
$userResults
这将使您可以执行以下操作:
$userResults | Where-Object {$_.Enabled -eq $true} #Get all enabled users
$userResults | Export-csv UserResults.Csv -NoTypeInformation #export to csv