使用 powershell 将用户从多个 ADgroup 移动到其他 ADgroup
moving user from multiple ADgroup to others with powershell
我有一个格式如下的 csv 文件
oldniveau1,oldniveau2,oldniveau3,newniveau1,newniveau2,newniveau3
0UA_Ventes,CIS countries,Contracts,0UA_Ventes,CIS countries,Contracts_1
我的目标是通过格式化 csv 文件中给定的路径来提取活动目录组名称
我有一个可以工作的脚本,我在单个变量中给出了所有行,但是当我使用循环时,我有错误消息
$csv=Import-Csv $pth\filerN3.csv -Delimiter "," | Foreach-Object {
$n1 = $_.oldniveau1
$n2 = $_.oldniveau2
$n3 = $_.oldniveau3
$n4 = $_.newniveau1
$n5 = $_.newniveau2
$n6 = $_.newniveau3
$adminn3group = "m^" + $n1 + "^" + $n2 + "^" + $n3
$newadmingroup= "m^" + $n4 + "^" + $n5 + "^" + $n6
$writegroup= "g^" + $n1 + "^" + $n2 + "^" + $n3
$newwritegroup="g^" + $n4 + "^" + $n5 + "^" + $n6
$readgroup="g^" + $n1 + "^" + $n2 + "^" + $n3 + "^R"
$newreadgroup="g^" + $n4 + "^" + $n5 + "^" + $n6 + "^R"
$currentmanagermembers = Get-ADGroupMember -Identity $adminn3group -ErrorAction SilentlyContinue
Add-ADGroupMember -Identity $newadmingroup -Members $currentmanagermembers -ErrorAction SilentlyContinue
Remove-ADGroupMember -Identity $adminn3group -Members $currentmanagermembers -confirm:$false -ErrorAction SilentlyContinue
###############
Get-ADGroupMember $writegroup |
Add-ADPrincipalGroupMembership `
-MemberOf $newwritegroup
Get-ADGroupMember $writegroup |
Remove-ADPrincipalGroupMembership `
-MemberOf $writegroup -confirm:$false -ErrorAction SilentlyContinue
###############
Get-ADGroupMember $readgroup |
Add-ADPrincipalGroupMembership `
-MemberOf $newreadgroup
Get-ADGroupMember $readgroup |
Remove-ADPrincipalGroupMembership `
-MemberOf $readgroup -confirm:$false -ErrorAction SilentlyContinue
########"
}
所以当我使用 6 个变量来修复每个它工作并且所有用户都被移动时,没有 csv 的循环
但是有循环
我有这个错误知道为什么吗?
Get-ADGroupMember : Cannot validate argument on parameter 'Identity'. The argument is null or empty. Provide an argument that is not null or empty, and then try the command again.
At C:\temp\addN3MGR\move_central.ps1:28 char:54
+ ... entmanagermembers = Get-ADGroupMember -Identity $adminn3group -Error ...
+ ~~~~~~~~~~~~~
+ CategoryInfo : InvalidData: (:) [Get-ADGroupMember], ParameterBindingValidationException
+ FullyQualifiedErrorId : ParameterArgumentValidationError,Microsoft.ActiveDirectory.Management.Commands.GetADGroupMember
Add-ADGroupMember : Cannot validate argument on parameter 'Identity'. The argument is null. Provide a valid value for the argument, and then try running the command again.
At C:\temp\addN3MGR\move_central.ps1:30 char:29
+ Add-ADGroupMember -Identity $newadmingroup -Members $currentmanagerme ...
+ ~~~~~~~~~~~~~~
+ CategoryInfo : InvalidData: (:) [Add-ADGroupMember], ParameterBindingValidationException
+ FullyQualifiedErrorId : ParameterArgumentValidationError,Microsoft.ActiveDirectory.Management.Commands.AddADGroupMember
问题是由于某些安全组的成员为空,所以我更改了已处理的命令并且有效
我是 Powershell 的初学者,对 try 和 catch 还不太熟悉。
Get-ADGroup $adminn3group -ErrorAction SilentlyContinue|Get-ADGroupMember | % {Add-ADGroupMember $newadmingroup -Members $_ }
Get-ADGroup $adminn3group -ErrorAction SilentlyContinue|Get-ADGroupMember | % {Remove-ADGroupMember $adminn3group -Members $_ -confirm:$false}
Get-ADGroup $writegroup -ErrorAction SilentlyContinue|Get-ADGroupMember | % {Add-ADGroupMember $newwritegroup -Members $_ }
Get-ADGroup $writegroup -ErrorAction SilentlyContinue|Get-ADGroupMember | % {Remove-ADGroupMember $writegroup -Members $_ -confirm:$false}
Get-ADGroup $readgroup -ErrorAction SilentlyContinue|Get-ADGroupMember | % {Add-ADGroupMember $newreadgroup -Members $_ }
Get-ADGroup $readgroup -ErrorAction SilentlyContinue|Get-ADGroupMember | % {Remove-ADGroupMember $readgroup -Members $_ -confirm:$false}
oldniveau1,oldniveau2,oldniveau3,newniveau1,newniveau2,newniveau3
0UA_Ventes,CIS countries,Contracts,0UA_Ventes,CIS countries,Contracts_1
我有一个可以工作的脚本,我在单个变量中给出了所有行,但是当我使用循环时,我有错误消息
$csv=Import-Csv $pth\filerN3.csv -Delimiter "," | Foreach-Object {
$n1 = $_.oldniveau1
$n2 = $_.oldniveau2
$n3 = $_.oldniveau3
$n4 = $_.newniveau1
$n5 = $_.newniveau2
$n6 = $_.newniveau3
$adminn3group = "m^" + $n1 + "^" + $n2 + "^" + $n3
$newadmingroup= "m^" + $n4 + "^" + $n5 + "^" + $n6
$writegroup= "g^" + $n1 + "^" + $n2 + "^" + $n3
$newwritegroup="g^" + $n4 + "^" + $n5 + "^" + $n6
$readgroup="g^" + $n1 + "^" + $n2 + "^" + $n3 + "^R"
$newreadgroup="g^" + $n4 + "^" + $n5 + "^" + $n6 + "^R"
$currentmanagermembers = Get-ADGroupMember -Identity $adminn3group -ErrorAction SilentlyContinue
Add-ADGroupMember -Identity $newadmingroup -Members $currentmanagermembers -ErrorAction SilentlyContinue
Remove-ADGroupMember -Identity $adminn3group -Members $currentmanagermembers -confirm:$false -ErrorAction SilentlyContinue
###############
Get-ADGroupMember $writegroup |
Add-ADPrincipalGroupMembership `
-MemberOf $newwritegroup
Get-ADGroupMember $writegroup |
Remove-ADPrincipalGroupMembership `
-MemberOf $writegroup -confirm:$false -ErrorAction SilentlyContinue
###############
Get-ADGroupMember $readgroup |
Add-ADPrincipalGroupMembership `
-MemberOf $newreadgroup
Get-ADGroupMember $readgroup |
Remove-ADPrincipalGroupMembership `
-MemberOf $readgroup -confirm:$false -ErrorAction SilentlyContinue
########"
}
所以当我使用 6 个变量来修复每个它工作并且所有用户都被移动时,没有 csv 的循环
但是有循环
我有这个错误知道为什么吗?
Get-ADGroupMember : Cannot validate argument on parameter 'Identity'. The argument is null or empty. Provide an argument that is not null or empty, and then try the command again.
At C:\temp\addN3MGR\move_central.ps1:28 char:54
+ ... entmanagermembers = Get-ADGroupMember -Identity $adminn3group -Error ...
+ ~~~~~~~~~~~~~
+ CategoryInfo : InvalidData: (:) [Get-ADGroupMember], ParameterBindingValidationException
+ FullyQualifiedErrorId : ParameterArgumentValidationError,Microsoft.ActiveDirectory.Management.Commands.GetADGroupMember
Add-ADGroupMember : Cannot validate argument on parameter 'Identity'. The argument is null. Provide a valid value for the argument, and then try running the command again.
At C:\temp\addN3MGR\move_central.ps1:30 char:29
+ Add-ADGroupMember -Identity $newadmingroup -Members $currentmanagerme ...
+ ~~~~~~~~~~~~~~
+ CategoryInfo : InvalidData: (:) [Add-ADGroupMember], ParameterBindingValidationException
+ FullyQualifiedErrorId : ParameterArgumentValidationError,Microsoft.ActiveDirectory.Management.Commands.AddADGroupMember
问题是由于某些安全组的成员为空,所以我更改了已处理的命令并且有效
我是 Powershell 的初学者,对 try 和 catch 还不太熟悉。
Get-ADGroup $adminn3group -ErrorAction SilentlyContinue|Get-ADGroupMember | % {Add-ADGroupMember $newadmingroup -Members $_ }
Get-ADGroup $adminn3group -ErrorAction SilentlyContinue|Get-ADGroupMember | % {Remove-ADGroupMember $adminn3group -Members $_ -confirm:$false}
Get-ADGroup $writegroup -ErrorAction SilentlyContinue|Get-ADGroupMember | % {Add-ADGroupMember $newwritegroup -Members $_ }
Get-ADGroup $writegroup -ErrorAction SilentlyContinue|Get-ADGroupMember | % {Remove-ADGroupMember $writegroup -Members $_ -confirm:$false}
Get-ADGroup $readgroup -ErrorAction SilentlyContinue|Get-ADGroupMember | % {Add-ADGroupMember $newreadgroup -Members $_ }
Get-ADGroup $readgroup -ErrorAction SilentlyContinue|Get-ADGroupMember | % {Remove-ADGroupMember $readgroup -Members $_ -confirm:$false}