在删除帐户之前,我必须导出帐户的用户数据。问题是,并非所有的组成员身份都写入.txt文件中(下面的示例)。
这是代码:
Get-ADUser -Properties * -Filter "cn -eq '$name'" |
format-list -property @{Label = "Name";Expression = {$_.sAMAccountName}},
@{Label = "Initials";Expression = {$_.initials}},
@{Label = "Email";Expression = {$_.Mail}},
@{Label = "Groups";Expression = {%{(Get-ADPrincipalGroupMembership $name | select -expandproperty name)}}},
@{Label = "Creation";Expression = {$_.whenCreated}},
@{Label = "Deletion";Expression = {%{(Get-Date)}}},
@{Label = "Last change";Expression = {$_.whenChanged}} |
#write data into txt file
Out-File -append "C:\temp\deleted.txt" -Encoding utf8
这是输出:
Name : John Doe
Initials : Jdo
Email : John.Doe@acme.com
Groups : {Domain-User, Remotedesktopuser, Administrator, Share-User...}
Creation : 23.03.2018 13:36:44
Deletion : 17.12.2018 08:46:30
Last Change : 16.12.2018 10:42:21
答案 0 :(得分:1)
这实际上不是Format-List引起的,选择也会发生同样的事情,尽管像这样使用Format- *并不是真正的事情。默认情况下,这将是一个列表,因此,没有真正的理由将其用于所追求的目标。
您甚至不需要扩展。
问题是您无法使用该循环并期望它能正常工作,而自动格式化程序将不允许它。您必须直接处理集合,就像这样……
Get-ADUser -Properties * -Filter * |
Select-Object -property @{Label = "Name";Expression = {$_.sAMAccountName}},
@{Label = "Initials";Expression = {$_.initials}},
@{Label = "Email";Expression = {$_.Mail}},
@{Label = "Creation";Expression = {$_.whenCreated}},
@{Label = "Deletion";Expression = {%{(Get-Date)}}},
@{Label = "Last change";Expression = {$_.whenChanged}},
@{Label = "Groups";Expression = {%{(Get-ADPrincipalGroupMembership $_.SamAccountName).Name -join ','}}} |
Out-File -append "C:\temp\deleted.txt" -Encoding utf8
Get-Content -Path "C:\temp\deleted.txt"
# Results
Name : Administrator
Initials :
Email : Administrator@contoso.com
Creation : 3/31/2017 8:02:15 PM
Deletion : 12/17/2018 4:07:52 AM
Last change : 12/9/2018 7:23:22 PM
Groups : Domain Users,Administrators,Schema Admins,Enterprise Admins,Domain Admins,Group Policy Creator Owners,Organization Management,Recipient
Management,ADSyncAdmins,ADRMSSuperUsers
…
根据OP注释/问题进行更新
不用担心,很高兴它为您服务。
至于...
您能解释一下这两个广告之间的区别吗 组命令是?
如果你的意思是...
Get-ADPrincipalGroupMembership管理员|选择-expandproperty 名称
...与... (Get-ADPrincipalGroupMembership管理员)。名称
...表面上看,它们是同一件事,每个产生和组名称的数组列表。
# use the expand switch to show the group name list
Get-ADPrincipalGroupMembership Administrator | select -expandproperty name
Domain Users
Administrators
Schema Admins
Enterprise Admins
Domain Admins
Group Policy Creator Owners
Organization Management
Recipient Management
ADSyncAdmins
ADRMSSuperUsers
# Use the property to view the group name list
(Get-ADPrincipalGroupMembership Administrator).Name
Domain Users
Administrators
Schema Admins
Enterprise Admins
Domain Admins
Group Policy Creator Owners
Organization Management
Recipient Management
ADSyncAdmins
ADRMSSuperUsers
但是,格式化程序在对数据进行序列化时会尝试将所有这些都放在一行上。但是,他们会将其截断以适合屏幕/页面宽度。 因此,如果您想要不同的布局,则要么需要使用默认的格式化程序文件来处理,要么通过代码来处理。就我个人而言,我从不尝试与他们打交道,而只是通过代码来处理它。所以,这个...
(Get-ADPrincipalGroupMembership Administrator).Name -join ','
...只是说,我知道这个集合是一个数组列表。我知道这会在屏幕/页面宽度上被截断,因此,请将此字符串列表连接为一个字符串并自动换行。
您可能会以相同的方式用原始扩展做同样的事情...
(Get-ADPrincipalGroupMembership Administrator | select -expandproperty name) -join ','
出于美观原因和较短的形式,我将组列表放在最后,因为我宁愿不要编写不必要的代码或尽可能多地使用不需要的选项。每个人都有自己的喜好。