我的 Powershell 脚本不将输出写入日志文件
My Powershell Script Does Not Write Output to Logfile
我的 Powershell 脚本运行良好,足以满足我想要实现的目标。它轮询输入的名称并将该用户的组放入一个数组中。该数组循环直到它删除所有列出的组。 Domain Users 是唯一剩下的组,但它是由“Get-ADPrincipalGroupMembership”而不是“Get-ADUser”轮询的。 “域用户”是用户电子邮件绑定的组。从他们的帐户中删除所有组后,他们将被永久禁用,但他们仍然可以访问他们的电子邮件以获取工资单信息,直到我们完全删除他们的帐户。
就是说,我无法将脚本的组删除输出写入日志文件。理想情况下,这将是一个 .log 文件,但 .csv 文件也会失败。我错过了什么?脚本成功运行,没有错误,但没有任何内容写入我选择的日志文件。
这是我的脚本:
#Requires -Module ActiveDirectory
Import-Module ActiveDirectory
function Disable-ADUser{
$msg = 'Do you want to remove a user from all Security groups? [Y/N]'
do {
$response = Read-Host -Prompt $msg
if ($response -eq 'y') { # Beginning of if statment
#Asks user via a text prompt to ender the firstname and lastname of the end user to remove
$firstName = Read-Host "Please provide the First name of the User"
$lastName = Read-Host "Please provide the Last name of the User"
#The uesr's samaccoutname is found by searching exactly for the user's first name and lastname given in the above prompts
$samName = Get-ADUser -Filter "GivenName -eq '$firstName' -and Surname -eq '$lastName'"| Select-Object -ExpandProperty 'SamAccountName'
#All of the user's groups are queried based on their sam name
$listGroups = Get-ADUser -Identity $samName -Properties MemberOf | Select-Object -ExpandProperty MemberOf
#All of the user's groups are placed in an array
[System.Collections.ArrayList]$groupsArray = @($listGroups)
#Every group in the groupsArray is cycled through
foreach ($group in $groupsArray) {
#A text output is displayed before the user is removed from each group listed in the above array
#Once all groups have been cycled through, the for loop stops looping
Start-Transcript -Path Y:\Scripts\remove_user_groups.log
Write-Host "Removing $samName " -f green -NoNewline; Write-Host "from $group" -f red
Remove-ADGroupMember -Identity $group -Members $samName
Stop-Transcript
}
} # End of if statement
} until ($response -eq 'n')
}
Disable-ADUser
Windows Server 2012 很可能使用的是 Powershell 4。Start-Transcript
忽略 5 之前的 powershell 版本中的 Write-Host
。请改用 Write-Output
。
您也可以为 Remove-ADGroupMember
使用 -Verbose
参数。
如果您尝试将 cmdlet 的输出写入文件,您可以这样做...
#Every group in the groupsArray is cycled through
foreach ($group in $groupsArray) {
#A text output is displayed before the user is removed from each group listed in the above array
#Once all groups have been cycled through, the for loop stops looping
Write-Host "Removing $samName " -f green -NoNewline; Write-Host "from $group" -f red
Remove-ADGroupMember -Identity $group -Members $samName |
Out-File -FilePath 'Y:\Scripts\remove_user_groups.log' -Append
}
此外,没有真正的理由将它放在同一行上:
Write-Host "Removing $samName " -f green -NoNewline; Write-Host "from $group" -f red
... as this is not a one-liner. It is just all code on one line.
这样比较稳妥:
Write-Host 'Removing $samName ' -f green -NoNewline
Write-Host 'from $group' -f red
... 并且屏幕输出仍然在同一行。作为best practice。对简单字符串使用单引号,对扩展使用双引号,以及一些格式化用例。
这是有效的解决方案。
Write-Host "Removing $samName " -f green -NoNewline
Write-Host "from $group" -f red
$OutputLine="Removing $samName from $group"
Out-File -FilePath Y:\Scripts\remove_user_groups.log -InputObject $OutputLine -Append
Remove-ADGroupMember -Identity $group -Members $samName
我的 Powershell 脚本运行良好,足以满足我想要实现的目标。它轮询输入的名称并将该用户的组放入一个数组中。该数组循环直到它删除所有列出的组。 Domain Users 是唯一剩下的组,但它是由“Get-ADPrincipalGroupMembership”而不是“Get-ADUser”轮询的。 “域用户”是用户电子邮件绑定的组。从他们的帐户中删除所有组后,他们将被永久禁用,但他们仍然可以访问他们的电子邮件以获取工资单信息,直到我们完全删除他们的帐户。
就是说,我无法将脚本的组删除输出写入日志文件。理想情况下,这将是一个 .log 文件,但 .csv 文件也会失败。我错过了什么?脚本成功运行,没有错误,但没有任何内容写入我选择的日志文件。
这是我的脚本:
#Requires -Module ActiveDirectory
Import-Module ActiveDirectory
function Disable-ADUser{
$msg = 'Do you want to remove a user from all Security groups? [Y/N]'
do {
$response = Read-Host -Prompt $msg
if ($response -eq 'y') { # Beginning of if statment
#Asks user via a text prompt to ender the firstname and lastname of the end user to remove
$firstName = Read-Host "Please provide the First name of the User"
$lastName = Read-Host "Please provide the Last name of the User"
#The uesr's samaccoutname is found by searching exactly for the user's first name and lastname given in the above prompts
$samName = Get-ADUser -Filter "GivenName -eq '$firstName' -and Surname -eq '$lastName'"| Select-Object -ExpandProperty 'SamAccountName'
#All of the user's groups are queried based on their sam name
$listGroups = Get-ADUser -Identity $samName -Properties MemberOf | Select-Object -ExpandProperty MemberOf
#All of the user's groups are placed in an array
[System.Collections.ArrayList]$groupsArray = @($listGroups)
#Every group in the groupsArray is cycled through
foreach ($group in $groupsArray) {
#A text output is displayed before the user is removed from each group listed in the above array
#Once all groups have been cycled through, the for loop stops looping
Start-Transcript -Path Y:\Scripts\remove_user_groups.log
Write-Host "Removing $samName " -f green -NoNewline; Write-Host "from $group" -f red
Remove-ADGroupMember -Identity $group -Members $samName
Stop-Transcript
}
} # End of if statement
} until ($response -eq 'n')
}
Disable-ADUser
Windows Server 2012 很可能使用的是 Powershell 4。Start-Transcript
忽略 5 之前的 powershell 版本中的 Write-Host
。请改用 Write-Output
。
您也可以为 Remove-ADGroupMember
使用 -Verbose
参数。
如果您尝试将 cmdlet 的输出写入文件,您可以这样做...
#Every group in the groupsArray is cycled through
foreach ($group in $groupsArray) {
#A text output is displayed before the user is removed from each group listed in the above array
#Once all groups have been cycled through, the for loop stops looping
Write-Host "Removing $samName " -f green -NoNewline; Write-Host "from $group" -f red
Remove-ADGroupMember -Identity $group -Members $samName |
Out-File -FilePath 'Y:\Scripts\remove_user_groups.log' -Append
}
此外,没有真正的理由将它放在同一行上:
Write-Host "Removing $samName " -f green -NoNewline; Write-Host "from $group" -f red
... as this is not a one-liner. It is just all code on one line.
这样比较稳妥:
Write-Host 'Removing $samName ' -f green -NoNewline
Write-Host 'from $group' -f red
... 并且屏幕输出仍然在同一行。作为best practice。对简单字符串使用单引号,对扩展使用双引号,以及一些格式化用例。
这是有效的解决方案。
Write-Host "Removing $samName " -f green -NoNewline
Write-Host "from $group" -f red
$OutputLine="Removing $samName from $group"
Out-File -FilePath Y:\Scripts\remove_user_groups.log -InputObject $OutputLine -Append
Remove-ADGroupMember -Identity $group -Members $samName