[英]Replace AD Group in Exchange with Users in that AD Group
We have to migrate to Microsoft Azure and since Azure cant handle AD Groups in Exchange I have to get the members of a spezifc group and then add them to exchange. 我们必须迁移到Microsoft Azure,并且由于Azure无法处理Exchange中的AD组,因此我必须获取spezifc组的成员,然后将其添加以进行交换。 So I thought I can achive this with powershell.
因此,我认为我可以通过powershell实现这一目标。
The princip: 原理:
I have the Mailbox Name and the Group that has to be extracted in a csv like this: 我有邮箱名称和必须在csv中提取的组,如下所示:
Mailbox1 GroupForMailbox1 Mailbox1 GroupForMailbox1
Mailbox2 GroupForMailbox2 Mailbox2 GroupForMailbox2
Mailbox2 GroupForMailbox2 Mailbox2 GroupForMailbox2
I know how to extract all users out of a group: 我知道如何从组中提取所有用户:
Get-ADGroupMember -identity "GroupForMailbox1" -Recursive
But the problem is, that there is a Group in this Group which I dont want to get the users out of it. 但是问题是,该组中有一个我不想让用户退出的组。 Let me call that "ExcludedGroup".
让我称之为“ ExcludedGroup”。 How can I get all AD Group Members except the ones of the Group "ExcludedGroup"?
我如何获得除“ ExcludedGroup”组之外的所有AD组成员?
Then I have to put those AD Members to the specific mailbox: 然后,我必须将那些AD成员放入特定的邮箱:
$Users= "Users that I've got out of the upper command"
foreach ($Users){
Add-MailboxPermission -Identity "Mailbox1" -User $Users Accessright Fullaccess -InheritanceType all
}
But i cant fit everything of this in one Script because of lack of knowledge. 但是由于缺乏知识,我无法将所有这些都放在一个脚本中。
And I cant find something on the internet althought it is a real problem with azure. 我无法在互联网上找到任何东西,尽管这是天青的真正问题。
I thought someone out there can help me out. 我以为有人可以帮助我。
Something like this? 像这样吗
#Sample data
$csv = @"
Mailbox,GroupName
Mailbox1,GroupForMailbox1
Mailbox2,GroupForMailbox2
Mailbox2,GroupForMailbox2
"@ | ConvertFrom-Csv
#Uncomment to import file
#$csv = Import-CSV -Path MyInputFile.csv
$ExcludedUsers = Get-ADGroupMember -Identity "ExcludedGroup" -Recursive | Select-Object -ExpandProperty SamAccountName
$csv | ForEach-Object {
$mailbox = $_.Mailbox
#Get members for group
Get-ADGroupMember -Identity $_.GroupName -Recursive |
#Remove unwanted users and keep only user objects (remove groups, computers etc.)
Where-Object { ($ExcludedUsers -notcontains $_.SamAccountName) -and ($_.objectclass -eq 'user') } |
ForEach-Object {
#Grant each group member permission
Add-MailboxPermission -Identity $mailbox -User $_.SamAccountName -AccessRights FullAccess -InheritanceType All
}
}
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.