查找过去7天内创建的账号。
$today = get-date
$a=$today,$today.AddDays(-1),$today.AddDays(-2),$today.AddDays(-3),$today.AddDays(-4),$today.AddDays(-5),$today.AddDays(-6)
$user_all = get-aduser -searchbase "OU=Users,OU= China,dc=script,dc=com" -filter * -Properties *
for ($i = 0; $i -lt 7 ; $i++)
{
$b = $a[$i].ToShortDateString()
foreach ($user in $user_all)
{
$user_created_date = get-date $user.WhenCreated -Format d
if ($user_created_date -eq $b)
{
write-host $user.SamAccountName
}
}
}
上面的范例中,定义日期数组有点搞笑,好长的一串。来个改进版的:
$c = New-object System.Collections.ArrayList
$today = get-date
for ($i = 0;$i -lt 7;$i++)
{
$a = $today.AddDays(-$i)
$b = get-date $a -Format d
$c += @($b)
}
for ($j = 0; $j -lt $c.length; $j ++ )
{
write-host $c[$j]
}
写个脚本查找过去7天内都建哪些账号,并发邮件通知
import-module activedirectory
set-content d:\ps-text\account_added_on_last_week.txt ""
function Print_Properties($u)
{
$GivenName = $u.GivenName
add-content d:\ps-text\account_added_on_last_week.txt "First name : $GivenName"
$sn = $u.sn
add-content d:\ps-text\account_added_on_last_week.txt "Last name : $sn"
$Displayname = $u.DisplayName
add-content d:\ps-text\account_added_on_last_week.txt "Displayname : $DisplayName"
$office = $u.PhysicalDeliveryOfficeName
add-content d:\ps-text\account_added_on_last_week.txt "Office : $office"
$telephonenumber = $u.TelephoneNumber
add-content d:\ps-text\account_added_on_last_week.txt "Telephonenumber : $telephonenumber"
$logonname = $u.UserPricipalName
add-content d:\ps-text\account_added_on_last_week.txt "User logon name : $logonname"
$samaccountname = $u.SamAccountName
add-content d:\ps-text\account_added_on_last_week.txt "Username : $samaccountname"
$accountexpire = $u.AccountExpirationDate
add-content d:\ps-text\account_added_on_last_week.txt "Account expires : $accountexpire"
$jobtitle = $u.Title
add-content d:\ps-text\account_added_on_last_week.txt "Job title : $jobtitle"
$department = $u.Department
add-content d:\ps-text\account_added_on_last_week.txt "Department : $department"
$company = $u.company
add-content d:\ps-text\account_added_on_last_week.txt "Company : $company"
$manager = $u.Manager
add-content d:\ps-text\account_added_on_last_week.txt "Manager name : $manager"
$street = $u.StreetAddress
add-content d:\ps-text\account_added_on_last_week.txt "Street address : $street"
$city = $u.City
add-content d:\ps-text\account_added_on_last_week.txt "City : $city"
$zipcode = $u.PostalCode
add-content d:\ps-text\account_added_on_last_week.txt "Zip code : $zipcode"
$country = $u.Country
add-content d:\ps-text\account_added_on_last_week.txt "Country : $country"
[string]$memberof = $u.MemberOf
$member = $memberof.Replace(",DC=script,DC=com"," ; ")
add-content d:\ps-text\account_added_on_last_week.txt "memberof : $member"
}
$past = New-object System.Collections.ArrayList
$today = get-date
for ($i = 0;$i -lt 7;$i++)
{
$a = $today.AddDays(-$i)
$b = get-date $a -Format d
$past += @($b)
}
$user_list = New-object System.Collections.ArrayList
$user_all = get-aduser -searchbase "ou=Users,ou=China,dc=script,dc=com" -filter * -Properties *
for ($j = 0; $j -lt 7; $j ++)
{
foreach ($user in $user_all)
{
$user_created_date = get-date $user.WhenCreated -Format d
if ($user_created_date -eq $past[$j])
{
$user_list += @($user.SamAccountName)
}
}
}
for ($k = 0 ; $k -lt $user_list.length; $k ++)
{
$o = $user_list[$k]
$user_full = get-aduser -searchbase "ou=Users,ou=China,dc=script,dc=com" -filter 'SamAccountName -like $o' -Properties *
add-content d:\ps-text\account_added_on_last_week.txt "----------------------------------------------"
add-content d:\ps-text\account_added_on_last_week.txt ""
Print_Properties $user_full
add-content d:\ps-text\account_added_on_last_week.txt ""
add-content d:\ps-text\account_added_on_last_week.txt "----------------------------------------------"
}
$EmailFrom = "[email protected]"
[string]$EmailTo="[email protected],[email protected],[email protected]"
$Subject = "List of AD accounts which were created in past 7 days."
[string]$messagebody = ""
$lines = get-content d:\ps-text\account_added_on_last_week.txt
$line_0 = "Here is the List : "
$messagebody = $messagebody + $line_0 + "`r`n"
foreach ($line in $lines)
{
$messagebody = $messagebody + $line + "`r`n"
}
$SMTPServer = "10.10.0.1"
$SMTPClient = New-Object Net.Mail.SmtpClient($SMTPServer)
#$SMTPClient.EnableSsl = $true
[System.Net.ServicePointManager]::ServerCertificateValidationCallback = { return $true }
$SMTPClient.Credentials = New-Object System.Net.NetworkCredential("script\james", "007");
$SMTPClient.Send($EmailFrom, $EmailTo, $Subject, $messagebody)
好像有点长,再来个更长一点的.
IT是个团队,有时候难免会出现纰漏,比如说AD账号,有人就有可能未按标准来添加账号,比如规定必须把账号的office地址栏填上,但有时候某些人就忘了。为了解决这个问题,用下面脚本:
import-module activedirectory
$user_list = New-object System.Collections.ArrayList
#$telephone_a = New-object System.Collections.ArrayList
#$title_a = New-object System.Collections.ArrayList
#$department_a = New-object System.Collections.ArrayList
#$manager_a = New-object System.collections.ArrayList
$user_all = get-aduser -searchbase "ou=Users,ou=China,dc=script,dc=com" -filter * -Properties *
$offical_office = "Shanghai"
$offical_city = "Shanghai"
$offical_postalcode = "200233"
$offical_country = "CN"
$offical_company = "Script China"
set-content d:\ps-text\telephonenumber.txt ""
set-content d:\ps-text\jobtitle.txt ""
set-content d:\ps-text\department.txt ""
set-content d:\ps-text\manager.txt ""
set-content d:\ps-text\account_changed.txt ""
add-content d:\ps-text\telephonenumber.txt "Account | Description"
add-content d:\ps-text\telephonenumber.txt "--------------------------------------------"
add-content d:\ps-text\jobtitle.txt "Account | Description"
add-content d:\ps-text\jobtitle.txt "--------------------------------------------"
add-content d:\ps-text\department.txt "Account | Description"
add-content d:\ps-text\department.txt "--------------------------------------------"
add-content d:\ps-text\manager.txt "Account | Description"
add-content d:\ps-text\manager.txt "--------------------------------------------"
add-content d:\ps-text\account_changed.txt "Account | Description"
Function Direct_change($u)
{
$samaccountname = $u.SamAccountName
$office = $u.PhysicalDeliveryOfficeName
$street = $u.StreetAddress
$city = $u.City
$zipcode = $u.PostalCode
$country = $u.Country
$displayname = $u.DisplayName
if ([string]::isNullorEmpty($office))
{
set-aduser -Identity $samaccountname -PhysicalDeliveryOfficeName $offical_office
add-content d:\ps-text\account_changed.txt "The office name changed , account : $displayname"
}
if ([string]::isNullorEmpty($city))
{
set-aduser -Identity $samaccountname -City $offical_city
add-content d:\ps-text\account_changed.txt "The city name changed , account : $displayname"
}
if ([string]::isNullorEmpty($zipcode))
{
set-aduser -Identity $samaccountname -PostalCode $offical_postalcode
add-content d:\ps-text\account_changed.txt "The zipcode name changed, account : $displayname"
}
if ([string]::isNullorEmpty($country))
{
set-aduser -Identity $samaccountname -Country $offical_country
add-content d:\ps-text\account_changed.txt "The country name changed ,account : $displayname"
}
if ([string]::isNullorEmpty($company))
{
set-aduser -Identity $samaccountname -Company $offical_company
add-content d:\ps-text\account_changed.txt "The company name changed ,account : $displayname"
}
}
Function Record_need_change($u_r)
{
$telephonenumber = $u_r.TelephoneNumber
$accountexpire = $u_r.AccountExpirationDate
$jobtitle = $u_r.Title
$department = $u_r.Department
$manager = $u_r.Manager
$description = $u_r.Description
$displayname = $u_r.DisplayName
$sn = $u_r.SamAccountName
if ([string]::isNullorEmpty($telephonenumber))
{
#$telephone_a += @($sn)
add-content d:\ps-text\telephonenumber.txt "$displayname $description"
}
if ([string]::isNullorEmpty($jobtitle))
{
#$title_a += @($sn)
add-content d:\ps-text\jobtitle.txt "$displayname $description"
}
if ([string]::isNullorEmpty($department))
{
#$department_a += @($sn)
add-content d:\ps-text\department.txt "$displayname $description"
}
if ([string]::isNullorEmpty($manager))
{
#$manager_a += @($sn)
add-content d:\ps-text\manager.txt "$displayname $description"
}
}
foreach ($user in $user_all)
{
$GivenName = $user.GivenName
$sn = $user.sn
$Displayname = $user.DisplayName
Direct_change $user
Record_need_change $user
}
add-content d:\ps-text\telephonenumber.txt "--------------------------------------------"
add-content d:\ps-text\jobtitle.txt "--------------------------------------------"
add-content d:\ps-text\department.txt "--------------------------------------------"
add-content d:\ps-text\manager.txt "--------------------------------------------"
$EmailFrom = "[email protected]"
[string]$EmailTo="[email protected],[email protected]"
$Subject = "AD account information list, need complete!"
[string]$messagebody = ""
$telephone_s = get-content d:\ps-text\telephonenumber.txt
$telephone_0 = "1. Below is the account list of no telephonenumber, Please add it for them ASAP: "
$messagebody = $messagebody + $telephone_0 + "`r`n"
foreach ($line in $telephone_s)
{
$messagebody = $messagebody + $line + "`r`n"
}
$title_s = get-content d:\ps-text\jobtitle.txt
$title_0 = "2. Below account doesn't have job tilte,Please add it ASAP:"
$messagebody = $messagebody + "`r`n" + $title_0 + "`r`n"
foreach ($title_2 in $title_s)
{
$messagebody = $messagebody + $title_2 + "`r`n"
}
$dept_s = get-content d:\ps-text\department.txt
$dept_0 = "3. Please add Department value for below account in AD :"
$messagebody = $messagebody + "`r`n" + $dept_0 + "`r`n"
foreach ($dept in $dept_s)
{
$messagebody = $messagebody + $dept + "`r`n"
}
$menager_s = get-content d:\ps-text\manager.txt
$menager_0 = "4. Please add Manager name for below account:"
$messagebody = $messagebody + "`r`n" + $menager_0 + "`r`n"
foreach ($menager_1 in $menager_s)
{
$messagebody = $messagebody + $menager_1 + "`r`n"
}
$SMTPServer = "10.0.0.1"
$SMTPClient = New-Object Net.Mail.SmtpClient($SMTPServer)
#$SMTPClient.EnableSsl = $true
[System.Net.ServicePointManager]::ServerCertificateValidationCallback = { return $true }
$SMTPClient.Credentials = New-Object System.Net.NetworkCredential("script\jc", "007");
$SMTPClient.Send($EmailFrom, $EmailTo, $Subject, $messagebody)
为什么会这么长? 主要是为了收到邮件的内容看起来顺眼一点。
先写这么多,后续再写...
本文出自 “想?不想!” 博客,谢绝转载!