如何獲取PowerShell腳本以刪除其他計算機上的用戶？

Question

我正在本地測試腳本，以刪除VM上的用戶帳戶。 這是腳本：

#This script will do the following actions:
#1.- Get a computer list from a TXT file
#2.- Get a list of users from a TXT to be removed from the local users group
#3.- Do a ping to every computer on the list, if the computer is offline it will skip it and pass to the next one
#4.- If the computer answers the ping it will search into the local users group and if a user matches with a user from the user list it will be removed
#5.- Creates a log with all the transactions

# Log Time Variables
$Date = Get-Date -UFormat %b-%m-%Y
$Hour = (Get-Date).Hour
$Minutes = (Get-Date).Minute
$Log = "C:\Scripts\Remove-LocalAdmins Masive-" + $Date + "-" + $Hour + "-" + $Minutes + ".log"

#Creates a log file for this process
Start-Transcript -Path $Log  -Force 

#List of computers to be check
$ComputerNames = Get-Content "C:\Users\admin\Downloads\User Deletion Scripts\TestLocal.txt"

#Ping the computers on the list
foreach ($ComputerName in $ComputerNames) {

#If theres no ping answer pass to the next one
if ( -not(Test-Connection $ComputerName -Quiet -Count 1 -ErrorAction Continue )) {
Write-Output "Computer $ComputerName not reachable (PING) - Skipping this computer..." }

#If computer does answer the ping
Else { Write-Output "Computer $computerName is online"

#Search into Users
$LocalUsers = "Users"
$Group = [ADSI]("WinNT://$computerName/$localUsers,group")
$Group.Members() |
foreach {
$AdsPath = $_.GetType().InvokeMember('Adspath', 'GetProperty', $null, $_, $null)
$A = $AdsPath.split('/',[StringSplitOptions]::RemoveEmptyEntries)
$Names = $a[-1] 
$Domain = $a[-2]

#Gets the list of users to be removed from a TXT that you specify and checks if theres a match in the local group
foreach ($name in $names) {
Write-Output "Verifying the local users on computer $computerName" 
$localuser = Get-Content "C:\Users\admin\Downloads\User Deletion Scripts\TestUsers.txt"
foreach ($localuser in $localuser) {
if ($name -eq $localuser) {

#If it finds a match it will notify you and then remove the user from the local users group
Write-Output "User $localuser found on computer $computerName ... "
Remove-LocalUser $localuser

Write-Output "Removed" }}}}}

#Passes all the information of the operations made into the log file
}Stop-Transcript

當我對其進行測試時，VM會執行ping操作。 但是我得到這個：

The following exception occurred while retrieving member "Members": "The 
network path was not found.
"
At C:\Users\admin\Downloads\User Deletion Scripts\Remove-LocalAdmins 
Masive.ps1:39 char:1
+ $Group.Members() |
+ ~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : NotSpecified: (:) [], ExtendedTypeSystemExceptio 
   n
    + FullyQualifiedErrorId : CatchFromBaseGetMember

也許我缺少有關防火牆的內容或某些內容，但是我需要一種方法來使該腳本從我的計算機運行到VM。 要刪除用戶，我需要在腳本中進行哪些修改？

根據下面的評論，我的腳本應該看起來像這樣嗎？

    $Computer = Get-Content "C:\Users\admin\Downloads\Delete-Users\Computer(s).txt"

Invoke-Command -ComputerName $ComputerName.Trim() -ScriptBlock {

#enable remoting
Enable-PSRemoting -Force

#Get local users from admin group
$LocalUsers = "Users"
$Group = [ADSI]("WinNT://$computerName/$localUsers,group")
$Group.Members() |
foreach {
$AdsPath = $_.GetType().InvokeMember('Adspath', 'GetProperty', $null, $_, $null)
$A = $AdsPath.split('/',[StringSplitOptions]::RemoveEmptyEntries)
$Names = $a[-1] 
$Domain = $a[-2]

$LocalUser = foreach ($name in $names) {
Write-Output "Verifying the local users on computer $computerName" 
$localuser = Get-Content "C:\Users\admin\Downloads\Delete-Users\User(s).txt"
foreach ($localuser in $localuser) {
if ($name -eq $localuser) {

Foreach($User in $LocalUser){
#Check if the user is the one to delete and delete it using Remove-LocalUser
Write-Output "User $localuser found on computer $computerName ... "
Remove-LocalUser $localuser
Write-Output "Removed" 

                    }
                }
            }
        }
    }
}

Answer 1

確保文本文件不包含任何尾隨空格。

我想指出代碼中的一些錯誤。

• foreach ($localuser in $localuser)不起作用，我相信它是一個錯字，您可以理解。
• Remove-LocalUser $localuser將無法工作，因為$LocalUser是來自VM的用戶，並且Remove-LocalUser是在本地計算機上執行的。

您可以在Invoke-Command內部執行所有操作，如下所示。

$Computer = Get-Content "C:\Users\admin\Downloads\User Deletion Scripts\TestLocal.txt"
Invoke-Command -CompuerName $ComputerName.Trim() -ScriptBlock {
    #Get local users from admin group
    $LocalUser = #Get all the local users
    Foreach($User in $LocalUser){
       #Check if the user is the one to delete and delete it using Remove-LocalUser
   }

}

如果您的VM在Hyper-V中，則可以使用不依賴於任何網絡連接的PowerShell Direct。

在此處查看有關PowerShell Direct的更多信息。

Answer 2

您沒有說要運行什么版本的PowerShell？

v5具有用於本地用戶管理的cmdlet，如果您不在，則MS PS Gallery上會有一個用於本地用戶管理的模型。

您嘗試連接遠程主機，但沒有說明如何進行PSRemting設置。 這意味着，這是您的工作站和主機所在的域，還是工作組。

您正在嘗試在遠程主機上使用局部變量，而未設置變量作用域。

• PSRemoting必須啟用才能正常工作。
• 您必須確定變量范圍以供遠程使用。
• 您將需要使用Invoke-Command在遠程主機上運行此代碼。
• 您必須是每個遠程主機上的管理員。

因此，中間部分應更改為類似的內容...

Else 
{ 
    Write-Output "Computer $computerName is online"

    Invoke-Command -ComputerName $computerName -ScriptBlock {
        # Search into Users
        $LocalUsers = "Users"
        $Group = [ADSI]("WinNT://$Using:computerName/$localUsers,group")

        $Group.Members() |
        foreach 
        {
            $AdsPath = $_.GetType().InvokeMember('Adspath', 'GetProperty', $null, $_, $null)
            $A = $AdsPath.split('/',[StringSplitOptions]::RemoveEmptyEntries)
            $Names = $a[-1] 
            $Domain = $a[-2]


            # Gets the list of users to be removed from a TXT that you specify and 
            # checks if theres a match in the local group

            foreach ($name in $names) 
            {
                Write-Output "Verifying the local users on computer $computerName" 
                $localuser = Get-Content "C:\Users\admin\Downloads\User Deletion Scripts\TestUsers.txt"

                foreach ($localuser in $localuser) 
                {
                    if ($name -eq $localuser) 
                    {

                        # If it finds a match it will notify you and then remove 
                        # the user from the local users group

                        Write-Output "User $localuser found on computer $computerName ... "
                        Remove-LocalUser $localuser

                        Write-Output "Removed" 
                    }
                }
            }
        }
    }