堆栈内存溢出
  简体   繁体   English

从AD组中提取用户并将其添加到邮箱

[英]Extract users from AD group and add them to Mailbox

 原文  2017-03-03 10:16:15       powershell/ active-directory/ exchange-management-shell

问题描述

I want to make a powershell script to extract an AD group and add the members to a specific mailbox. 我想制作一个Powershell脚本来提取AD组并将成员添加到特定邮箱。 In that group is a group that i dont want to extract (doNotExtract). 在该组中是我不想提取的组(doNotExtract)。 That is what i have so far: 到目前为止,这就是我所拥有的: 

Import-Module ActiveDirectory
$csv = @"
Mailbox,GroupName
Mailbox1,Group1
"@ | ConvertFrom-Csv

$ExcludedUsers = Get-ADGroupMember -Identity "doNotExtract" -Recursive | Select-Object -ExpandProperty SamAccountName

$csv | ForEach-Object {
    $mailbox = $_.Mailbox

    Get-ADGroupMember -Identity $_.GroupName -Recursive |

    Where-Object { ($ExcludedUsers -notcontains $_.SamAccountName) -and ($_.objectclass -eq 'user') } |
    ForEach-Object {
        Add-MailboxPermission -Identity $mailbox -User $_.SamAccountName -AccessRights FullAccess -InheritanceType All
    }
}

In the AD group are the following objects: 在“ AD”组中是以下对象: 

doNotExtract
User1
User2

I then start the script in the exchange management shell. 然后,我在交换管理外壳中启动脚本。 But then it adds only User1 and User2 doesnt gets fullaccess on Mailbox1. 但是随后它仅添加了User1,而User2在Mailbox1上没有完全访问权限。

And i cant find the problem in the script... 而且我在脚本中找不到问题...

3 个解决方案

解决方案1
 1 已采纳  2017-03-03 11:30:34

在这种情况下,错误是User2也在donotextract组中。

解决方案2
 0  2017-03-03 10:41:56

I have experienced with Exchange Online that using SamAccountName doesn't always work smoothly. 我在Exchange Online上经历过,使用SamAccountName并不总是可以顺利进行。 Have you tried using UserPrincipalName as input for Add-MailboxPermission instead of SamAccountName ? 您是否尝试过将UserPrincipalName用作Add-MailboxPermission输入,而不是SamAccountName

I was also wondering why you extract members of an AD group and give them full access to a mailbox? 我还想知道为什么您要提取一个AD组的成员并授予他们对邮箱的完全访问权限? Why don't you instead give the AD group itself full access to the mailbox? 您为什么不授予AD组本身对邮箱的完全访问权限?

解决方案3
 0  2017-03-03 11:31:39

As @4c74356b41 mentioned User2 was in the group "doNotExtract". 如@ 4c74356b41所述,User2在“ doNotExtract”组中。 It then doesnt adds him to the Mailbox because this group is excluded. 然后,它不会将他添加到邮箱中,因为该组已被排除。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 在AD组中查找用户并将其添加到另一个组 - Find users in AD group and add them into another group 将其他域中的用户添加到AD组 - Add users from another domain to AD group PowerShell 通过来自 CSV 的 UPN 将 AD 用户添加到 AD 组 - PowerShell Add AD users to AD group by UPN from CSV 为 AD 组中的所有用户添加 AD 属性 - Add An AD Attribute To All Users In an AD Group PowerShell:将用户添加到AD并将其添加到组中 - PowerShell: Add Users to AD and Add them in Groups Powershell功能可将用户从CSV添加到广告组 - Powershell function to add users to AD group from CSV 从 AD 组获取特定的 AD 用户 - Get Specific AD Users from AD Group 根据他们的城市将用户添加到某个 AD 组 - Add users to a certain AD group depending on their City 使用正确的 CSV output 将用户添加到 AD 组 - Add users into AD group with correct CSV output 将用户添加到某个AD组,具体取决于其部门 - Add users to a certain AD group depending on their Department
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM