[英]PS to get info from AD: group_name, employeeid, name, samacoountname
[英]How to get group name and EmployeeID from Active Directory?
我在此代碼中嘗試獲取Active Directory中存在的所有用戶詳細信息。
$path = "C:\ServerDetails"
$LogDate = get-date -f yyyyMMddhhmm
$csvfile = $path + "\ALLADUsers_$logDate.csv"
Import-Module ActiveDirectory
$ADServer = 'xx.xx.x.x'
$username = "abc"
$password = "alpha"
$secstr = New-Object -TypeName System.Security.SecureString
$password.ToCharArray() | ForEach-Object {$secstr.AppendChar($_)}
$cred = new-object -typename System.Management.Automation.PSCredential -argumentlist $username, $secstr
Get-ADUser -server $ADServer -Credential $cred -Properties msDS-UserPasswordExpiryTimeComputed* -Filter * |
Select-Object @{Label = "First Name";Expression = {$_.GivenName}},
@{Label = "Last Name";Expression = {$_.Surname}},
@{Label = "Display Name";Expression = {$_.DisplayName}},
@{Label = "EmployeeID";e={$_.employeeID}},
@{Label = 'GroupName';e={($_.memberof | %{(Get-ADPrincipalGroupMembership $_).sAMAccountName}) -join ";"}},
@{Label = 'Description';e={$_.Description}},
@{Label = 'PasswordExpired';e={if($_.PasswordExpired){$true} else{$false}}},
@{Label = "PasswordExpiryDate";Expression={[datetime]::FromFileTime($_."msDS-UserPasswordExpiryTimeComputed")}},
@{Label = "Logon Name";Expression = {$_.sAMAccountName}},
@{Label = "Phone";Expression = {"Ext - $(-Join $_.TelephoneNumber[-4..-1])"}},
@{Label = "Email";Expression = {$_.Mail}},
@{Label = "Account Status";Expression = {if (($_.Enabled -eq 'TRUE') ) {'Enabled'} Else {'Disabled'}}}, # the 'if statement# replaces $_.Enabled
@{Label = "Last LogOn Date";e={[datetime]::FromFileTime($_.lastLogonTimestamp)}}|
#Export CSV report
Export-Csv -Path $csvfile -NoTypeInformation
除了用戶所在的組名和employeeID號之外,其他所有其他細節都很好。
任何幫助深表感謝。
您所追求的是這個。 它將搜索用戶組,提取名稱並根據需要加入它們。
{($_ | %{(Get-ADPrincipalGroupMembership $_.SamAccountName).Name -join ";"})}
你原來是這個
# $_.memberof is using the full name of groups the user is in
# the groups do not have a .SamAccountName for this type
{($_.memberof | %{(Get-ADPrincipalGroupMembership $_).sAMAccountName}) -join ";"}
至於employeeID,您是否可以確認.EmployeeID
屬性用於您的一個用戶? 當我在EmployeeID字段中輸入內容時,您的代碼似乎對我有用。 確保您沒有像某些公司那樣使用extensionAttribute
。
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.