导出/导入 AD 用户,包括经理属性
[英]Export/Import AD Users including manager attribute
问题描述
I am trying to import users from a csv file, which I exported from a different domain.
我正在尝试从 csv 文件导入用户,该文件是从不同域导出的。 Unfortunately the manager attribute gives me a hard time.不幸的是, manager属性让我很难受。
1. What I have done so far (Export): 1.到目前为止我所做的(导出):
I exported User attributes from AD1 with the domain name oldDomain.com into export.csv .我将域名为oldDomain.com 的AD1 中的用户属性导出到export.csv 中。 In order to generate the export.csv file I useed the following command:为了生成 export.csv 文件,我使用了以下命令:
Get-ADUser -Filter * -Property * | Select-Object givenName,sn,name,displayName,sAMaccountName,manager | Export-Csv -Encoding "UTF8" -path \\hostex\Share\export.csv
This will result to the following file:这将导致以下文件:
"givenName","sn","name","displayName","sAMaccountName","manager"
"Test","User1","Test User1","Test User1","test.user1",
"Test","User2","Test User2","Test User2","test.user2","CN=Test User1,OU=Users,DC=oldDomain,DC=com"
2. Problem with Import 2. 导入问题
Afterwards I try to import/add the users into AD2 which uses the domainname newDomain.org .之后,我尝试将用户导入/添加到使用域名newDomain.org 的AD2中。 My command looks like this:我的命令如下所示:
Import-Csv \\hostex\Share\export.csv | ForEach { New-ADUser -AccountPassword (ConvertTo-SecureString Pass321? -AsPlainText -force) -Path "OU=Users,DC=newDomain,DC=org" -GivenName $_.givenName -Name $_.name -Surname $_.sn -DisplayName $_.displayName -SamAccountName $_.sAMAccountName -Manager $_.manager.Replace("DC=oldDomain,DC=com","DC=newDomain,DC=org") }
This leads to an ADIdentityResolutionException .这会导致ADIdentityResolutionException 。 Since the first line of export.csv has no value set for the manager attribute, the command tries to find the user identity "" within AD2.由于export.csv 的第一行没有为manager 属性设置值,因此该命令尝试在AD2 中查找用户身份"" 。 This is impossible to find.这是不可能找到的。 Therefore the user is not added to AD2.因此用户不会被添加到 AD2。
In order to resolve this issue I would like to add some kind of If-Statement, which sets the value for the manager attribute only if the equivalent value in export.csv is not null ( $_.manager -notlike $null ).为了解决这个问题,我想添加某种 If-Statement,它仅在 export.csv 中的等效值不为 null ( $_.manager -notlike $null ) 时才设置 manager 属性的值。 Any ideas how to achieve this?任何想法如何实现这一目标?
2 个解决方案
解决方案1
0 2014-07-13 16:21:17
You probably attempt to reference a manager account before that account is actually created.您可能会在实际创建经理帐户之前尝试引用该帐户。 Separate account creation from assigning a manager to it.将帐户创建与为其分配经理分开。 Also, empty fields read from a CSV appear as empty strings, not $null , so you need to compare to '' to filter them out.此外,从 CSV 读取的空字段显示为空字符串,而不是$null ,因此您需要与''进行比较以将其过滤掉。
Try this:尝试这个:
$users = Import-Csv '\\hostex\Share\export.csv'
$initialPassword = ConvertTo-SecureString 'Pass321?' -AsPlainText -Force
$users | % {
New-ADUser -AccountPassword $initialPassword `
-Path 'OU=Users,DC=newDomain,DC=org' `
-GivenName $_.givenName `
-Name $_.name `
-Surname $_.sn `
-DisplayName $_.displayName `
-SamAccountName $_.sAMAccountName
}
$users | ? { $_.manager -ne '' } | % {
$manager = $_.manager -replace 'DC=oldDomain,DC=com$', 'DC=newDomain,DC=org'
Set-ADUser -Identity $_.sAMAccountName -Manager $manager
}
解决方案2
0 2014-07-29 20:42:09
One way to do this would be to build the complete command as a string with an additional line that adds the manager option to the end of the string if it exists in the data and then use Invoke-Expression to execute the command.执行此操作的一种方法是将完整命令构建为带有附加行的字符串,该行将管理器选项添加到字符串末尾(如果它存在于数据中),然后使用 Invoke-Expression 执行命令。
Import-Csv \\hostex\Share\export.csv | ForEach {
$NewUserCommand = "New-ADUser -AccountPassword (ConvertTo-SecureString Pass321? -AsPlainText -force) -Path 'OU=Users,DC=newDomain,DC=org' -GivenName $_.givenName -Name $_.name -Surname $_.sn -DisplayName $_.displayName -SamAccountName $_.sAMAccountName"
If ($_.manager) {$NewUserCommand += " -Manager " + $_.manager.Replace('DC=oldDomain,DC=com','DC=newDomain,DC=org')}
Invoke-Expression $NewUserCommand
}
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.