搜索登录到AD的OU内的多台计算机的用户的最快方法

Question

我试图创建一个powershell脚本，您输入一个用户名，它将解析特定的所有机器，看看它们是否登录到多台机器。

我不太确定WMI，CIM或查询是否会为我提供最快的查询，以查看用户是否将登录可以防止AD中的帐户锁定的其他计算机。

输入用户名的最佳方法是什么，然后让它扫描特定的OU并将结果输出到.csv文件？

谢谢

Answer 1

如果在AD环境中，您在存储所有用户主目录的服务器上拥有共享，则这可能是一种解决方案。

它连接到服务器并获取与该主目录共享的用户连接列表。
使用该列表，它查找给定用户所做的连接，并测试连接所在的计算机是否在给定的OU中。

$ouDN          = 'THE DISTINGHUISHED NAME OF THE OU'
$homeDirServer = 'THE NAME OF THE SERVER WHERE THE USER HOME DIRECTORIES ARE KEPT'
$homeDirShare  = 'THE NAME OF THE SHARED ROOT FOLDER OF THE USERS HOME DIRECTORIES'
$userName      = 'SAMACCOUNTNAME OF THE USER TO SEARCH FOR'
$outputFile    = 'THE PATH AND FILENAME OF THE EXPORTED CSV FILE'

# first get a list of computernames in the given OU
$computers = Get-ADComputer -Filter * -SearchBase $ouDN | Select-Object -ExpandProperty SamAccountName

# next, get user connections on the homedir share and loop through them
Get-CimInstance -Class Win32_ServerConnection -ComputerName $homeDirServer |
# or use WMI:
# Get-WmiObject -Class Win32_ServerConnection -ComputerName $homeDirServer | 

    Where-Object { $_.ShareName -eq $homeDirShare -and $_.UserName -eq $userName } | 
    # if you want a list of all user connections, use this instead:
    # Where-Object { $_.ShareName -eq $homeDirShare -and (!$($_.UserName).EndsWith("$")) } | 

    ForEach-Object {
        # get the computername from the IP Address you usually get in '$_.ComputerName'
        $computerName = (([System.Net.Dns]::GetHostEntry($_.ComputerName).HostName) -split "\.", 2)[0]
        # is this a computer in the given OU?
        if ($computers -contains $computerName) {
            # emit an object
            [PSCustomObject]@{
                'DisplayName'  = Get-ADUser -Identity $_.UserName -Properties DisplayName | Select-Object -ExpandProperty DisplayName
                'AccountName'  = $_.UserName
                'ComputerName' = $computerName
       }
    }
} | Export-Csv -Path $outputFile -NoTypeInformation