导入 CSV 通过 EmployeeID 属性查找 AD 帐户并导出到 CSV
Import a CSV Find an AD account by EmployeeID attribute and export to a CSV
早上好,
我需要一个 Powershell 脚本来导入一个 csv,通过 AD 中的 EmployeeID 属性查找用户,并导出一个 csv 来验证帐户是否被禁用。我在导出中只需要显示名称、员工 ID 和 Enable/Disabled。
我对 Powershell 还是很陌生,我通常可以 cut/paste 并操纵现有脚本来完成我需要的事情,但我似乎无法让它工作,现在我的代码在老鼠得到了它。这是我所拥有的,但我不确定我是否接近需要的东西。
#Script Starts
$Users = Import-Csv "\folder\Test.csv"
Import-Module ActiveDirectory
$path = Split-Path -parent ".\folder\*.*"
#Create log date
$logdate = Get-Date -Format yyyy-MM-dd-THH.mm.ss
$logfile = $path + "\logs$logdate.logfile.txt"
ForEach ($User In $Users)
{
# Retrieve values from the csv by header name.
$FirstName = $User.FirstName
$LastName = $User.LastName
$ID = $User.Employee
#Search AD for Attributes
$UserSN = (Get-ADUser -LDAPFilter "(employeeID=$ID)").sAMAccountName
$UserDN = (Get-ADUser -Identity $UserSN -Properties DisplayName).DisplayName
$Enabled = (Get-ADUser -Identity $UserSN -Properties Enabled).Enabled
Export-Csv -Path $logdate.ADEnabled-Disabled.csv -Append
}
#Finish
为了Export-Csv,您需要某种类型的输入。目前您没有导出任何内容。
理想情况下,您希望创建一个包含所有项目的数组,然后导出该数组。
$x = @()
ForEach ($User In $Users)
{
$x += [pscustomobject]@{
FirstName = $User.FirstName
LastName = $User.LastName
#etc...
}
}
$x | Export-Csv -Path "$logdate.ADEnabled-Disabled.csv"
你有一些小问题,但我认为这会让你朝着实际结果努力。
鉴于所有这些评论和已经给出的不完整答案,我担心 OP 会更加困惑...
为了让OP更好的理解,我尽可能坚持他的原始代码。
第一个:
我假设通过查看代码,输入的 csv 文件看起来与此类似
"FirstName","LastName","Employee"
"Elvis","Presley","12345"
"Axl","Rose","987654"
"Janis","Joplin","654283"
我在这里看到的主要问题是代码正在使用 EmployeeID 属性(字符串)搜索 AD 用户。通过将过滤器用作 eq,在 AD 中找到的字符串必须与 csv 中的字符串完全相同(尽管不区分大小写)。如果不是这种情况,代码将无法使用 -eq 找到用户,但也许通过比较 CSV 和 AD 中的内容,可以使用不同的运算符,例如 -like。那是OP要弄清楚的。
下一个代码:
#Script Starts
$Users = Import-Csv "\folder\Test.csv"
Import-Module ActiveDirectory
$path = Split-Path -parent ".\folder\*.*"
# Create log date
$logdate = Get-Date -Format yyyy-MM-dd-THH.mm.ss
$logfile = $path + "\logs$logdate.logfile.txt"
# while you're at it, create the full path and filename for the output csv
$outFile = Join-Path $path $($logdate + ".ADEnabled-Disabled.csv")
# create an array for the output file
# You CAN do without by letting PowerShell do the aggregating of objects for you
# but in this case I think it will make things more readable to collect ourselves.
$result = @()
ForEach ($User In $Users) {
# Find the user by the 'Employee' field in the csv and return an object with the required properties
# Use -LDAPFilter which requires the LDAP syntax: "(employeeID=$($User.Employee))"
# Or use -Filter where you use the Powershell syntax
$adUser = Get-ADUser -Filter "EmployeeID -eq $($User.Employee)" -Properties DisplayName, Enabled, EmployeeID |
Select-Object DisplayName, Enabled, EmployeeID
if ($adUser) {
# if the above statement did find the user, we add this to the result array
$result += $adUser
}
else {
$msg = "User '{0} {1}' not found. Check the Employee id {2}." -f $user.FirstName, $user.LastName, $user.Employee
Write-Warning $msg
Add-content $logfile -Value $msg
}
}
# now write the output csv as a new file. Because it has a complete date and time in the name
# the chances of overwriting an existing file are very slim indeed, but we'll use -Force anyway.
$result | Export-Csv -Path $outFile -NoTypeInformation -Force
#Finish
希望对您有所帮助
早上好,
我需要一个 Powershell 脚本来导入一个 csv,通过 AD 中的 EmployeeID 属性查找用户,并导出一个 csv 来验证帐户是否被禁用。我在导出中只需要显示名称、员工 ID 和 Enable/Disabled。
我对 Powershell 还是很陌生,我通常可以 cut/paste 并操纵现有脚本来完成我需要的事情,但我似乎无法让它工作,现在我的代码在老鼠得到了它。这是我所拥有的,但我不确定我是否接近需要的东西。
#Script Starts
$Users = Import-Csv "\folder\Test.csv"
Import-Module ActiveDirectory
$path = Split-Path -parent ".\folder\*.*"
#Create log date
$logdate = Get-Date -Format yyyy-MM-dd-THH.mm.ss
$logfile = $path + "\logs$logdate.logfile.txt"
ForEach ($User In $Users)
{
# Retrieve values from the csv by header name.
$FirstName = $User.FirstName
$LastName = $User.LastName
$ID = $User.Employee
#Search AD for Attributes
$UserSN = (Get-ADUser -LDAPFilter "(employeeID=$ID)").sAMAccountName
$UserDN = (Get-ADUser -Identity $UserSN -Properties DisplayName).DisplayName
$Enabled = (Get-ADUser -Identity $UserSN -Properties Enabled).Enabled
Export-Csv -Path $logdate.ADEnabled-Disabled.csv -Append
}
#Finish
为了Export-Csv,您需要某种类型的输入。目前您没有导出任何内容。
理想情况下,您希望创建一个包含所有项目的数组,然后导出该数组。
$x = @()
ForEach ($User In $Users)
{
$x += [pscustomobject]@{
FirstName = $User.FirstName
LastName = $User.LastName
#etc...
}
}
$x | Export-Csv -Path "$logdate.ADEnabled-Disabled.csv"
你有一些小问题,但我认为这会让你朝着实际结果努力。
鉴于所有这些评论和已经给出的不完整答案,我担心 OP 会更加困惑...
为了让OP更好的理解,我尽可能坚持他的原始代码。
第一个:
我假设通过查看代码,输入的 csv 文件看起来与此类似
"FirstName","LastName","Employee"
"Elvis","Presley","12345"
"Axl","Rose","987654"
"Janis","Joplin","654283"
我在这里看到的主要问题是代码正在使用 EmployeeID 属性(字符串)搜索 AD 用户。通过将过滤器用作 eq,在 AD 中找到的字符串必须与 csv 中的字符串完全相同(尽管不区分大小写)。如果不是这种情况,代码将无法使用 -eq 找到用户,但也许通过比较 CSV 和 AD 中的内容,可以使用不同的运算符,例如 -like。那是OP要弄清楚的。
下一个代码:
#Script Starts
$Users = Import-Csv "\folder\Test.csv"
Import-Module ActiveDirectory
$path = Split-Path -parent ".\folder\*.*"
# Create log date
$logdate = Get-Date -Format yyyy-MM-dd-THH.mm.ss
$logfile = $path + "\logs$logdate.logfile.txt"
# while you're at it, create the full path and filename for the output csv
$outFile = Join-Path $path $($logdate + ".ADEnabled-Disabled.csv")
# create an array for the output file
# You CAN do without by letting PowerShell do the aggregating of objects for you
# but in this case I think it will make things more readable to collect ourselves.
$result = @()
ForEach ($User In $Users) {
# Find the user by the 'Employee' field in the csv and return an object with the required properties
# Use -LDAPFilter which requires the LDAP syntax: "(employeeID=$($User.Employee))"
# Or use -Filter where you use the Powershell syntax
$adUser = Get-ADUser -Filter "EmployeeID -eq $($User.Employee)" -Properties DisplayName, Enabled, EmployeeID |
Select-Object DisplayName, Enabled, EmployeeID
if ($adUser) {
# if the above statement did find the user, we add this to the result array
$result += $adUser
}
else {
$msg = "User '{0} {1}' not found. Check the Employee id {2}." -f $user.FirstName, $user.LastName, $user.Employee
Write-Warning $msg
Add-content $logfile -Value $msg
}
}
# now write the output csv as a new file. Because it has a complete date and time in the name
# the chances of overwriting an existing file are very slim indeed, but we'll use -Force anyway.
$result | Export-Csv -Path $outFile -NoTypeInformation -Force
#Finish
希望对您有所帮助