Question

我的人力资源部门为我提供了数千名用户的清单，其中包含更新的“公司”和“位置”字段。我想以此文件为基础清理AD。我将不得不对名称进行某种“软匹配”，因为我不确定所有名称是否都符合100％。我将如何编写脚本呢？

挪威Sune：）

Answer 1

如果您使用的是Windows 2008服务器，则它包含PowerShell的本机AD管理模块。所以你不需要Quest包。

import-module activedirectory
$users = import-csv path file.txt

foreach($user in $users)
{    
    set-aduser -id "$($user.name)*" --replace @{Company=$user.Company;physicalDeliveryOfficeName=$user.location}
}

这假设您希望将位置信息写入用户和计算机中的“office”字段。 ID上的*应该进行软搜索。

Answer 2

我会使用Quest ActiveRoles Server PowerShell CmdLets。查看Get-QADUser examples。

$updates = Import-Csv updates.txt

foreach ($update in $updates) {
    $user = Get-QADUser -SamAccountName $update.SamAccountName
    $user.Company = $update.Company
    # Location is not an attribute of the user
    #$user.Location = $update.Location 
}

Answer 3

谢谢你们俩。我做了，但最终得到了以下完整的脚本（希望这对其他人有用）：

Clear-Host

Add-PSSnapin Microsoft.Exchange.Management.PowerShell.Admin -ErrorAction silentlycontinue
Add-PSSnapin quest.activeroles.admanagement -ErrorAction silentlycontinue

$file = "\Scripts\employees.csv"        #  Location of the input file
$file2 = "\Scripts\employees2.csv"      # Temp file
$logfile = "\Scripts\logfile.txt"   # log file
remove-item $logfile -Force -ErrorAction SilentlyContinue

Get-Content $file | Out-File -Encoding UTF8  $file2                         # Convert to UTF8 (we don't touch the original inputfile)
$ListEmployees = Import-Csv $file2 -Delimiter ";"                           # Import the file to CSV

foreach ($ListEmployee in $ListEmployees) {
$ListDisplayName = $ListEmployee.firstname + " " + $ListEmployee.lastname

if($ADemployee = Get-QADUser -displayname $ListDisplayName -IncludedProperties employeeid )
{
    ## CHECK NAME
    if($($ADEmployee.displayname) -eq $($ListDisplayName))
    { 
        echo "MATCH: $($ADEmployee.displayname)" 
    }

    ## CHECK COMPANY
    if($($ADEmployee.company) -ne $($ListEmployee.company))
    { 
        echo "       CHANGE   - Company: '$($ADEmployee.company)' to '$($ListEmployee.company)'" 
        Set-QADUser -identity $($ADEmployee.samaccountname) -Company $($ListEmployee.company) -WhatIf
    }
    else
    {
        echo "       OK       - Company     : no change '$($ListEmployee.company)'"
    }

    ## CHECK OFFICE
    if($($ADEmployee.office) -ne $($ListEmployee.office))
    {
        echo "       CHANGE   - Office '$($ADEmployee.office)' to '$($ListEmployee.office)'"
        Set-QADUser -identity $($ADEmployee.samaccountname) -Office $($ListEmployee.Office) -WhatIf
    }
    else
    { 
        echo "       OK       - Office      : no change '$($ListEmployee.office)'"
    }

    ## CHECK MOBILE
    if( $listemployee.mobile -match '\S' )
    {
        if($($ADEmployee.mobile) -ne $($ListEmployee.mobile))
        {
            echo "       CHANGE   - Mobile  : '$($ADEmployee.mobile)' to '$($ListEmployee.mobile)'"
            Set-QADUser -identity $($ADEmployee.samaccountname) -Mobile $($ListEmployee.mobile) -WhatIf
        }
        else
        { 
            echo "       OK       - Mobile      : no change '$($ListEmployee.mobile)'"
        }
    }

    ## CHECK EMPLOYEEID
    if($($ADEmployee.employeeid) -ne $($ListEmployee.employeeid))
    {
        echo "       CHANGE   - EmployeeID: '$($ADEmployee.employeeid)' to '$($ListEmployee.employeeid)'"
        Set-QADUser -identity $($ADEmployee.samaccountname) -ObjectAttributes @{employeeID = $($ListEmployee.employeeid)} -WhatIf

    }
    else
    {
        echo "       OK       - EmployeeID  : no change '$($ListEmployee.employeeid)'"
    }
    $match++
}
else
{
    if($EXContact = Get-Contact $ListDisplayName -ErrorAction SilentlyContinue)
    {
        echo "MATCH CONTACT: $ListDisplayName (contact)"

        ## CHECK MOBILE
        if( $listemployee.mobile -match '\S' )
        {
            if($($EXContact.Mobilephone) -ne $($ListEmployee.mobile))
            { 
                echo "       CHANGE   - Mobile : '$($EXContact.Mobilephone)' to '$($ListEmployee.mobile)'"
            }
            else
            { 
                echo "       OK       - Mobile ; No change ($($ListEmployee.mobile))"
            }
        }

        ## CHECK COMPANY
        if($($EXContact.company) -ne $($ListEmployee.company))
        { 
            echo "       CHANGE   - Company: '$($EXContact.company)' to '$($ListEmployee.company)'"
        }
        else
        {
            echo "     OK       - Company : No change($($ListEmployee.company))"
        }

        ## CHECK OFFICE
        if($($EXContact.office) -ne $($ListEmployee.office))
        { 
            echo "       CHANGE   - Office '$($EXContact.office)' to '$($ListEmployee.office)'"
        }
        else
        {
            echo "       OK       - Office : No Change($($ListEmployee.office))"
        }       
        $contactmatch++
    }
    else
    {
        echo "$ListDisplayName" | Out-File $logfile -Append
        echo "NO MATCH: $ListDisplayName" 
        $nomatch++
    }
}
$i++
}
echo " "
echo "List contains $i accounts"
echo "Accounts: $match matches"
echo "Contacts: $contactmatch"
echo "No Match: $nomatch"

使用CSV作为输入清理AD

3 个答案: