我目前有一个正在尝试更改的脚本,它可以从 AD 组用户名、姓名、电子邮件和经理中提取:
$ou = 'OU=OUoftheADgroups,OU=My,DC=Domain,DC=net'
Get-ADGroup -Filter * -SearchBase $ou -Properties Description | ForEach-Object {
$params = @{
LDAPFilter = '(memberof={0})' -f $_.DistinguishedName
Properties = 'mail', 'manager'
}
foreach($member in Get-ADUser @params) {
[pscustomobject]@{
Username = $member.SamAccountName
Name = $member.Name
Mail = $member.Mail
Manager = $member.Manager
GroupName = $_.Name
}
}
} | Export-csv C:\Users\TestUser\Desktop\NameOfMyFile.csv -NoTypeInformation
问题是经理详细信息只是显示经理的专有名称,例如CN=管理员1、CN=用户、DC=我的、DC=域、DC=网络
我一直在网上查找并尝试使其正常工作,但无法做到。
我一直在网上寻找一个审核单个 AD 组而不是 OU 的脚本(通过 https://forums.powershell.org/t/getaduser-need-manager-name-and-email-in 找到) -结果/16471/4)
$adGroupList = 'BI_FINANCE_FULL','BI_FIN_EXP_FACILITIES_FULL_R1'
$results = foreach ($group in $adGroupList) {
Get-ADGroupMember -identity $group -Recursive |
Get-ADUser -Properties * |
Select-Object @{Name='Group';Expression={$group}},
displayname,
name,
employeeID,
Department,
title,
physicalDeliveryOfficeName,
Manager,
@{Name='ManagerName';Expression={Get-ADUser -Identity $_.Manager | Select-Object -ExpandProperty DisplayName}},
sAMAccountName,
givenName,
surname,
UserPrincipalName
}
$results | Export-Csv -Append “C:\temp\GetADGroupMember4.csv” -NoTypeInformation -Encoding UTF8
更新1
刚刚运行上面的脚本,也出现了同样的问题,提供了经理详细信息,但经理名称字段为空,经理字段为 DistinguishedName(与我上面的脚本相同)
更新2
我已按要求修改了代码(可能做错了):
$ou = 'OU=OUoftheADgroups,OU=My,DC=Domain,DC=net'
Get-ADGroup -Filter * -SearchBase $ou -Properties Description | ForEach-Object {
$params = @{
LDAPFilter = '(memberof={0})' -f $_.DistinguishedName
Properties = 'mail', 'manager'
}
foreach($member in Get-ADUser @params) {
Manager = (Get-ADuser $member.Manager).DisplayName
[pscustomobject]@{
Username = $member.SamAccountName
Name = $member.Name
Mail = $member.Mail
Manager = $member.Manager
GroupName = $_.Name
}
}
} | Export-csv C:\Users\TestUser\Desktop\NameOfMyFile.csv -NoTypeInformation
尝试运行代码时出现以下错误:
Manager : The term 'Manager' is not recognized as the name of a cmdlet, function, script file, or operable program. Check the spelling of the name, or
if a path was included, verify that the path is correct and try again.
At C:\Users\TestUser\Desktop\Audit.ps1:9 char:5
+ Manager = (Get-ADuser $member.Manager).DisplayName
+ ~~~~~~~
+ CategoryInfo : ObjectNotFound: (Manager:String) [], CommandNotFoundException
+ FullyQualifiedErrorId : CommandNotFoundException
我尝试将添加代码
Manager = (Get-ADuser $member.Manager).DisplayName不是答案,只是纠正错字。
$ou = 'OU=OUoftheADgroups,OU=My,DC=Domain,DC=net'
Get-ADGroup -Filter * -SearchBase $ou -Properties Description | ForEach-Object {
$params = @{
LDAPFilter = '(memberof={0})' -f $_.DistinguishedName
Properties = 'mail', 'manager'
}
foreach ($member in Get-ADUser @params) {
[pscustomobject]@{
Username = $member.SamAccountName
Name = $member.Name
Mail = $member.Mail
Manager = (Get-ADUser $member.Manager).DisplayName
GroupName = $_.Name
}
}
} | Export-Csv C:\Users\TestUser\Desktop\NameOfMyFile.csv -NoTypeInformation