堆栈内存溢出
  简体   繁体   English

将Active Directory数据存储在.txt文件中

[英]Storing Active Directory Data in .txt File

 原文  2018-07-20 19:42:02       powershell/ active-directory

问题描述

I'm performing the following powershell command to store data of an active directory(Users and their groups) in the variable $UsersPerGroup : 我正在执行以下powershell命令,将活动目录(用户及其组)的数据存储在变量$UsersPerGroup 

$UsersPerGroup = Get-ADUser -Filter * -SearchBase "OU=Users,OU=ITE,OU=HQ,DC=idb,DC=iadb,DC=org" -Properties DisplayName, memberof | % {
    New-Object PSObject -Property @{
    UserName = $_.DisplayName
    Groups = ($_.memberof | Get-ADGroup | Select -ExpandProperty Name) -join ","
    }
} |Sort-Object UserName | Select UserName, Groups

So far so good until I exported the data to a .txt file, apparently the number of groups cannot fit in the window of powershell so it is represented as: "...", as a result when I exported the $UsersPerGroup variable to the .txt file, the data also gets stored like that. 到目前为止,直到将数据导出到.txt文件为止,效果都很好,显然组的数量无法容纳在$UsersPerGroup窗口中,因此将其表示为:“ ...”,因此,当我将$UsersPerGroup变量导出到.txt文件,数据也会像这样存储。

For better understanding, lets see the top right of my screen in powershell and then in the .txt file: 为了更好地理解,让我们在Powershell中然后在.txt文件中查看屏幕的右上角:

在此处输入图片说明

在此处输入图片说明

I need all the data, because I will manipulate it. 我需要所有数据,因为我会操纵它。

Thank you so much in advance! 提前非常感谢您!

3 个解决方案

解决方案1
 0  2018-07-20 20:55:52

A ADDS user can be part of many groups. ADDS用户可以属于许多组。 Dozens actually. 几十个。 I been in many scenarios in customer engagements where users have been in up 100 groups. 我曾参与过许多客户参与的场景,其中用户已多达100个组。

So, if you are in that situation or like it, you have to rethink your approach. 因此,如果您处于这种情况或喜欢这种情况,则必须重新考虑您的方法。 It's never going for fit on a single line or display on the screen that way or to a text file. 它永远不会适合一行或以这种方式显示在屏幕上或文本文件中。

You have to decide on a acceptable format to look at this much data. 您必须确定可接受的格式才能查看大量数据。 So, you need to list by group and list users, or by users and list groups. 因此,您需要按组列出并列出用户,或者按用户和列出组列出。 Depending on what PS version you are using, you can really do this... 根据您使用的PS版本,您确实可以执行此操作... 

Get-ADPrincipalGroupMembership  -Identity $env:username | Select-Object Name

THough it cannot list indirect group memberships and can error with „Unknown Error“. 尽管它无法列出间接的组成员身份,但会出现“未知错误”错误。 

function Get-NestedGroupMember
{
    [cmdletbinding()]

    [Alias('gngm')]

    param
    (
        [Parameter(Mandatory,ValueFromPipeline)]
        [string]$Identity
    )

    process
    {
        $user = Get-ADUser -Identity $Identity
        $userdn = $user.DistinguishedName
        $strFilter = "(member:1.2.840.113556.1.4.1941:=$userdn)"
        Get-ADGroup -LDAPFilter $strFilter -ResultPageSize 1000
    }
}

$UserList = "$env:USERNAME",'SQLAdmin'
ForEach($User in $UserList)
{
    Get-NestedGroupMember -Identity $User |
    Select-Object -Property @{Name = 'ADUser';Expression = {$User}},Name
    "`n"
}

# Results

ADUser          Name          
------          ----          
Administrator   Administrators
Administrator   Schema Admins 
Administrator   Enterprise Admins                                                             
Administrator   Domain Admins 
...


SQLAdmin        Administrators
SQLAdmin        Users                                                
SQLAdmin        WindowsServiceAccounts                                                        
SQLAdmin        SharePoint Servers

Or do the listing this way... to avoid the username being repeated, if it is just a display thing. 或以这种方式进行列表...避免重复显示用户名(如果只是显示用户名)。 

 # Get users with base properties and their group membership, display user and group name
 ForEach ($TargetUser in (Get-ADUser -Filter *))
 {
     "`n" + "-"*12 + " Showing group membership for " + $TargetUser.SamAccountName
     (Get-NestedGroupMember -Identity $TargetUser.SamAccountName).Name
 }

# Results
------------ Showing group membership for Administrator
Administrators
Schema Admins
Enterprise Admins
Domain Admins
...

------------ Showing group membership for Guest
Guests

解决方案2
 0  2018-07-20 20:56:08

The problem is with the Out-File command because it is outputting the console output, and not streaming the data to the file like you expect. 问题Out-FileOut-File命令上,因为它正在输出控制台输出,而不是像您期望的那样将数据流式传输到文件中。 One solution (as @user4317867 points out) is to pipe the content through an Out-String to get what you want. 一种解决方案(如@ user4317867指出的)是通过Out-String传递内容以获取所需内容。 I propose a solution here Powershell - Creating Wide Tables 我在这里提出一个解决方案Powershell-创建宽表 

$UsersPerGroup | Format-Table -Property * -AutoSize | Out-String -Width 50000 | Out-File -Path Users.txt

This, while solves the problem, gives you a giant wide text file. 这在解决问题的同时,为您提供了巨大的宽文本文件。 The better way to output the content is to use Add-Content: 输出内容的更好方法是使用Add-Content: 

$UsersPerGroup | Add-Content -Path Users.txt

This gives the full row of content, although it isn't formatted in a nice human readable format, eg: 这提供了完整的内容行,尽管它没有以很好的人类可读格式进行格式化,例如: 

@{UserName=Jplaudir8; Groups=group1,group2}

In my opinion, the best way is to export to CSV: 我认为,最好的方法是导出为CSV: 

$UsersPerGroup | Export-Csv -Path Users.txt -NoTypeInformation

解决方案3
 0  2018-07-20 21:51:54

To make an important general point: 提出重要的一般观点:

I need all the data, because I will manipulate it. 我需要所有数据,因为我会操纵它。

To persist (serialize) data for later programmatic manipulation , NEVER use > , Out-File , or Set-Content - you will invariable lose information. 要持久保存(序列化)数据以进行以后的编程操作 ,切勿使用>Out-FileSet-Content始终会丢失信息。

Export-Csv will give you machine-parseable output, but it will lack type information and will generally not handled nested data well. Export-Csv将为您提供机器可解析的输出,但是它将缺少类型信息,并且通常无法很好地处理嵌套数据。

The most robust persistence / serialization format that PowerShell offers is CLI XML, which you can produce with Export-CliXml and consume with Import-CliXml . PowerShell提供的最健壮的持久性/序列化格式是CLI XML,您可以使用Export-CliXml并使用Import-CliXml
This is as close as you can get to faithfully serializing / deserializing instances of any type, but even that method has its limitations. 这与忠实地序列化/反序列化任何类型的实例一样近 ,但是即使该方法也有其局限性。

HAL9256's answer shows you how to solve the > / Out-File ellipsis problem (truncated values indicated with ... ) by specifying a large-enough -Width value, but as stated, you shouldn't use this format for programmatic processing. HAL9256的答案显示了如何通过指定足够大的-Width值来解决> / Out-File省略号问题(用...表示截断的值),但是-Width ,您不应使用此格式进行程序化处理。

Depending on your needs, Export-Csv may be sufficient; 根据您的需求, Export-Csv 可能就足够了; the up-side is that it strikes a balance between machine parseability and friendliness to the human eye. 有利的一面是它在机器可解析性和人眼友好之间取得了平衡。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 Active Directory Powershell到固定宽度的txt文件 - Active Directory Powershell to fixed width txt file 输入.txt文件并查找Active Directory并输出到.CSV - Input a .txt file and lookup Active Directory and output to .CSV 搜索Active Directory并将多线程组中的名称列表导出到txt文件中以获取Powershell - Searching Active Directory and exporting a list of names in mulitpule groups to a txt file for powershell 排序Active Directory数据 - Sorting Active Directory Data 如何将活动目录数据导入数组并将其导出到单个CSV文件中? - How to import active directory data into an array and export that into a single CSV file? Powershell导出包含活动目录安全组数据的csv文件 - Powershell exports csv file containing active directory security group data 对来自 Active Directory 的数据进行分组 - Grouping data from Active Directory 如何使用Powershell从csv文件更新Active Directory中的更多数据行? - How can I update more data rows in Active Directory from a csv file using Powershell? Powershell - json 文件 - Active Directory - 添加属性 - Powershell - json File - Active Directory - add Attribut Powershell导出Active Directory用户数据不完整 - Powershell export Active Directory User data not complete
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM