我正在尝试根据input.TXT文件禁用AD帐户,每天一个AD帐户,成功后会发送一封电子邮件。
输入.TXT内容:
User1.Name
Person1.Name
Person2.name
user2.Name
...
UserX.name
PersonX.Name
如果计划任务重新启动,理想情况下脚本应该继续到列表中的下一个活动 AD 帐户。
此脚本将在每天午夜 12:01 使用计划任务运行。
到目前为止,这是我制作的:
$users = Get-Content "C:\userlist.txt"
$emailFrom = "[email protected]"
$emailTo = "[email protected]"
$smtpServer = "smtp.yourserver.com"
foreach ($user in $users) {
try {
Disable-ADAccount $user
Send-MailMessage -From $emailFrom -To $emailTo -Subject "User Account Disabled" -Body "$user's account has been disabled." -SmtpServer $smtpServer
} catch {
Send-MailMessage -From $emailFrom -To $emailTo -Subject "Error Disabling User Account" -Body "An error occurred while disabling $user's account: $_" -SmtpServer $smtpServer
}
Start-Sleep -Seconds 86400
}
我认为你可以通过读取文件(跳过空行)来做到这一点,将顶行作为用户禁用,然后将其余行保存回文件以在第二天处理。
$inputFile = 'C:\userlist.txt'
# read the file, skipping empty or whitespace-only lines
$content = Get-Content -Path $inputFile | Where-Object { $_ -match '\S' }
# create a splatting Hashtable
$mailParams = @{
From = '[email protected]'
To = '[email protected]'
SmtpServer = 'smtp.yourserver.com'
}
# are there any lines left?
if (@($content).Count -eq 0) {
$mailParams['Subject'] = "File '$inputFile' is empty"
$mailParams['Body'] = "No users to disable in file '$inputFile'"
}
else {
# get the first line
$user = $content[0]
# and save all further lines back to the file to process the next day
$content | Select-Object -Skip 1 | Set-Content -Path $inputFile -Force
try {
Disable-ADAccount -Identity $user -ErrorAction Stop
$mailParams['Subject'] = 'User Account Disabled'
$mailParams['Body'] = "$user's account has been disabled."
}
catch {
$mailParams['Subject'] = 'Error Disabling User Account'
$mailParams['Body'] = "An error occurred while disabling $user's account: $($_.Exception.Message)"
}
}
# send out the email
Send-MailMessage @mailParams
我个人会让任务每天完成,一次从文件中删除一个用户。队列对我来说很有意义,但也可以用列表来完成。
try {
[System.Collections.Generic.Queue[string]] $users = Get-Content 'C:\userlist.txt'
# is there something to process in the file?
if(-not $users.Count) {
# if not, the just exit this task
return
}
# get the first user in queue
$first = $users.Dequeue()
$sendMailMessageSplat = @{
From = '[email protected]'
To = '[email protected]'
Subject = 'User Account Disabled'
Body = "$first's account has been disabled."
SmtpServer = 'smtp.yourserver.com'
}
$user = Get-ADUser $first
# if the user is enabled
if($user.Enabled) {
# disable and send email
$user | Disable-ADAccount
Send-MailMessage @sendMailMessageSplat
}
# if they were already disabled, nothing to do
# save the file
Set-Content 'C:\userlist.txt' -Value $users.ToArray()
}
catch [Microsoft.ActiveDirectory.Management.ADIdentityNotFoundException] {
# if this user doesn't exist, then just save the file.
# could send email here too if needed
Set-Content 'C:\userlist.txt' -Value $users.ToArray()
}
catch {
# if something failed send the email. file is not saved in this case
# as this use will need to be re-processed
$sendMailMessageSplat['Subject'] = 'Error Disabling User Account'
$sendMailMessageSplat['Body'] = "An error occurred while disabling $first's account: $_"
Send-MailMessage @sendMailMessageSplat
}