[英]Running a powershell script against all the computers in Active Directory
[英]Powershell Script to run querieis against Active Directory
我有以下 Powershell 脚本:
$domainObj = [System.DirectoryServices.ActiveDirectory.Domain]::GetCurrentDomain()
$PDC = ($domainObj.PdcRoleOwner).Name
$SearchString = "LDAP://"
$SearchString += $PDC + "/"
$DistinguishedName = "DC=$($domainObj.Name.Replace('.', ',DC='))"
$SearchString += $DistinguishedName
$Searcher = New-Object System.DirectoryServices.DirectorySearcher([ADSI]$SearchString)
$objDomain = New-Object System.DirectoryServices.DirectoryEntry
$Searcher.SearchRoot = $objDomain
$Searcher.filter="samAccountType=805306368"
$Result = $Searcher.FindAll()
Foreach($obj in $Result)
{
Foreach($prop in $obj.Properties)
{
$prop
}
Write-Host "------------------------"
}
我需要对此进行修改以执行以下操作,但我不确定如何应用正确的过滤器,我认为需要$Searcher.filter
中的 go :
您可以执行以下操作:
$domainObj = [System.DirectoryServices.ActiveDirectory.Domain]::GetCurrentDomain()
$PDC = ($domainObj.PdcRoleOwner).Name
$searchString = "LDAP://{0}/DC={1}" -f $PDC,$domainObj.Name.Replace('.', ',DC=')
$Searcher = New-Object System.DirectoryServices.DirectorySearcher([ADSI]$SearchString)
$objDomain = New-Object System.DirectoryServices.DirectoryEntry
$Searcher.SearchRoot = $objDomain
# Domain Admins
$Searcher.filter='samAccountName=Domain Admins'
$DAs = $Searcher.FindAll().Properties.Member
# All Computers
$Searcher.filter='objectClass=Computer'
$Computers = $Searcher.FindAll()
# Windows 10
$Computers | Where {
$_.Properties.OperatingSystemVerison -match '^10\D' -and $_.Properties.OperatingSystem -notmatch 'Server'
}
获取所有域管理员(在广告组“管理员”中):
Get-ADGroupMember -Identity Administrators
使用 Windows 10 获取计算机
Get-ADComputer -Filter {operatingsystem -like 'Windows 10*'}
供参考,请参阅:
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.