[英]Checking for users who are member in on of groups, but not in one specific group
我正在寻找一种方法来识别属于少数几个组(a,b,c)之一但又不在特定组(d)(例外组)中的用户,以便稍后对他们执行一些任务(填写基于samaccountname的值的特定属性)。
现在,我设法列出了属于特定组的用户帐户,并遵循将智能卡强制实施为false的另一种条件:
$groups = "a","b","c"
foreach ($group in $groups) {
Get-ADGroupMember -Identity $group |
Get-ADUser -Properties 'smartcardlogonrequired' |
where {$_.smartcardlogonrequired -eq $false}
}
我想到了。 通过以下方式定义例外组
$exceptions = (Get-ADGroup 'd').distinguishedname
foreach ($group in $groups) {
Get-ADGroupMember -Identity $group |
Get-ADUser -Properties 'smartcardlogonrequired' |
where {$_.smartcardlogonrequired -eq $false} |
Get-ADUser –Filter {-not(memberof –eq $d}
}
但是,它并不能真正解决问题,而且我相信还有更好的方法。
获取“ d”组成员的可分辨名称的列表,并过滤可分辨名称不属于该列表的用户:
$exceptions = Get-ADGroupMember 'd' | Select-Object -Expand DistinguishedName
foreach ($group in $groups) {
Get-ADGroupMember -Identity $group |
Get-ADUser -Properties 'smartcardlogonrequired' |
Where-Object {
$_.smartcardlogonrequired -eq $false -and
$exceptions -notcontains $_.DistinguishedName
}
}
使用部分组名检查某人是否是多个组之一的成员
[英]Checking Someone is a Member Of One of Many Groups Using Partial Group Name
Active Directory-获取用户和组,是特定组的成员
[英]Active Directory - Get users and groups, member of a particular group
在域用户安全组内的 Microsoft AD 中查找用户的组成员
[英]Find user's member of groups in Microsoft AD inside Domain Users security group
Powershell脚本可搜索AD中的特定OU并查找属于组成员的禁用用户
[英]Powershell Script to search specific OU in AD and find disabled users that is member of a group
在 AD 中将组从一个用户复制到另一个用户,但一个特定组除外
[英]Copy Groups from one user to another in AD, except one specific group
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.