![](/img/trans.png)
[英]Running a powershell script against all the computers in Active Directory
[英]Powershell Script to run querieis against Active Directory
我有以下 Powershell 腳本:
$domainObj = [System.DirectoryServices.ActiveDirectory.Domain]::GetCurrentDomain()
$PDC = ($domainObj.PdcRoleOwner).Name
$SearchString = "LDAP://"
$SearchString += $PDC + "/"
$DistinguishedName = "DC=$($domainObj.Name.Replace('.', ',DC='))"
$SearchString += $DistinguishedName
$Searcher = New-Object System.DirectoryServices.DirectorySearcher([ADSI]$SearchString)
$objDomain = New-Object System.DirectoryServices.DirectoryEntry
$Searcher.SearchRoot = $objDomain
$Searcher.filter="samAccountType=805306368"
$Result = $Searcher.FindAll()
Foreach($obj in $Result)
{
Foreach($prop in $obj.Properties)
{
$prop
}
Write-Host "------------------------"
}
我需要對此進行修改以執行以下操作,但我不確定如何應用正確的過濾器,我認為需要$Searcher.filter
中的 go :
您可以執行以下操作:
$domainObj = [System.DirectoryServices.ActiveDirectory.Domain]::GetCurrentDomain()
$PDC = ($domainObj.PdcRoleOwner).Name
$searchString = "LDAP://{0}/DC={1}" -f $PDC,$domainObj.Name.Replace('.', ',DC=')
$Searcher = New-Object System.DirectoryServices.DirectorySearcher([ADSI]$SearchString)
$objDomain = New-Object System.DirectoryServices.DirectoryEntry
$Searcher.SearchRoot = $objDomain
# Domain Admins
$Searcher.filter='samAccountName=Domain Admins'
$DAs = $Searcher.FindAll().Properties.Member
# All Computers
$Searcher.filter='objectClass=Computer'
$Computers = $Searcher.FindAll()
# Windows 10
$Computers | Where {
$_.Properties.OperatingSystemVerison -match '^10\D' -and $_.Properties.OperatingSystem -notmatch 'Server'
}
獲取所有域管理員(在廣告組“管理員”中):
Get-ADGroupMember -Identity Administrators
使用 Windows 10 獲取計算機
Get-ADComputer -Filter {operatingsystem -like 'Windows 10*'}
供參考,請參閱:
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.