我不知所措。在創建帳戶后,我試圖將用戶從入職 CSV 檔案移動到幾個不同的 OU,但我遇到了語法問題,無法達到預期的結果。我對Powershell不太了解。下面是我的代碼。任何幫助,將不勝感激。
Import-Module ActiveDirectory
$office1 = "OU=OU NAME HERE,OU=OU NAME HERE,OU=OU NAME HERE,DC=DOMAIN,DC=com"
$office2 = "OU=OU NAME HERE,OU=OU NAME HERE,OU=OU NAME HERE,DC=DOMAIN,DC=com"
$office3 = "OU=OU NAME HERE,OU=OU NAME HERE,OU=OU NAME HERE,DC=DOMAIN,DC=com"
$office4 = "OU=OU NAME HERE,OU=OU NAME HERE,OU=OU NAME HERE,DC=DOMAIN,DC=com"
$office5 = "OU=OU NAME HERE,OU=OU NAME HERE,OU=OU NAME HERE,DC=DOMAIN,DC=com"
$office6 = "OU=OU NAME HERE,OU=OU NAME HERE,OU=OU NAME HERE,DC=DOMAIN,DC=com"
Import-Csv "C:\AD_Test.csv" | foreach ($user in $users){
$firstname = $user.'Legal First Name'.Trim()
$preferred_firstname = $user.'Preferred First Name'.Trim()
if($preferred_firstname){
$firstname = $preferred_firstname
}
$lastname = $user.'Last Name'.Trim()
$displayname = $firstname " " $lastname
Get-ADUser -Identity $displayname -Filter {office -eq "China"} | Move-ADObject -TargetPath
$office1
Get-ADUser -Identity $displayname-Filter {office -eq "Russia"} | Move-ADObject -TargetPath
$office2
Get-ADUser -Identity $displayname -Filter {office -eq "US - Miami"} | Move-ADObject -
TargetPath $office3
Get-ADUser -Identity $displayname -Filter {office -eq "US - Tampa} | Move-ADObject -TargetPath
$office4
Get-ADUser -Identity $displayname -Filter {office -eq "US - Reno"} | Move-ADObject -TargetPath
$office5
Get-ADUser -Identity $displayname -Filter {office -eq "US - Charleston"} | Move-ADObject -
TargetPath $office6
}
uj5u.com熱心網友回復:
首先,您需要使用哈希表來幫助您確定需要將用戶移動到哪個組織單位。
然后,如評論中所述,-Identity僅允許您通過以下方式進行搜索:
- 一個有特色的名字
- 一個 GUID (objectGUID)
- 安全識別符號 (objectSid)
- SAM 帳戶名稱 (sAMAccountName)
你會更好地使用-Filter或-LDAPFilter嘗試找到它,在下面的代碼中,我使用過濾器通過CommonName OR SamAccountName OR DisplayName搜索它。
最后,您需要查詢Office用戶的屬性,因為該屬性將幫助您確定必須將用戶移動到哪個 OU。
我添加了一些行內注釋來幫助您理解腳本的邏輯。還要注意-WhatIfswitch on的使用Move-ADObject,使用此開關將不會執行任何操作:
顯示 cmdlet 運行時會發生什么。cmdlet 未運行。
在運行代碼并且您認為它正在執行您期望它執行的操作后,您可以從代碼中洗掉此開關。
作為最后的建議,有誰給你這個 CSV 來放置可以搜索-Identity的用戶屬性,其他 AD 屬性與這個腳本無關。
$map = @{
'China' = "China OU DistinguishedName"
'Russia' = "Russia OU DistinguishedName"
'US - Miami' = "Miami OU DistinguishedName"
'US - Tampa' = "Tampa OU DistinguishedName"
'US - Reno' = "Reno OU DistinguishedName"
'US - Charleston' = "Charleston OU DistinguishedName"
}
foreach($line in Import-Csv "C:\AD_Test.csv") {
$firstname = $line.'Legal First Name'.Trim()
$preferred_firstname = $line.'Preferred First Name'.Trim()
if($preferred_firstname){
$firstname = $preferred_firstname
}
$lastname = $line.'Last Name'.Trim()
$displayname = $firstname " " $lastname
$param = @{
# create a filter for this user
# try to find him either by CommonName OR SamAccountName OR DisplayName
LDAPFilter = "(|(cn=$displayName)(samAccountName=$displayName)(displayName=$displayName))"
Properties = "Office"
}
# if the user could not be found in AD
if(-not ($user = Get-ADUser @param)) {
# display the warning
Write-Warning "'$displayName' could not be found in AD."
# and skip next logic
continue
}
# if the user can be found in AD and the user's Office cannot be found in `$map`
if(-not $map.ContainsKey($user.Office)) {
# display the warning
Write-Warning "Office for '$displayName' could not be determined, skipping."
# and skip next logic
continue
}
# if the user's Office can be found in `$map`, move it to the destination OU
$user | Move-ADObject -TargetPath $map[$user.Office] -WhatIf
}
轉載請註明出處,本文鏈接:https://www.uj5u.com/qukuanlian/487119.html
上一篇:將多個用戶移動到多個OU,從CSV匯入用戶并使用通配符查找按ActiveDirectory“Office”屬性過濾