一些powershell实用范例

  1. 查找过去7天内创建的账号。

    $today = get-date
    $a=$today,$today.AddDays(-1),$today.AddDays(-2),$today.AddDays(-3),$today.AddDays(-4),$today.AddDays(-5),$today.AddDays(-6)
    $user_all = get-aduser -searchbase "OU=Users,OU= China,dc=script,dc=com" -filter * -Properties *

    for ($i = 0; $i -lt 7 ; $i++)
    {
    $b = $a[$i].ToShortDateString()
    foreach ($user in $user_all)
    {
    $user_created_date = get-date $user.WhenCreated -Format d
    if ($user_created_date -eq $b)
    {
    write-host $user.SamAccountName
    }
    }
    }

  2. 上面的范例中,定义日期数组有点搞笑,好长的一串。来个改进版的:

    $c = New-object System.Collections.ArrayList
    $today = get-date
    for ($i = 0;$i -lt 7;$i++)
    {
    $a = $today.AddDays(-$i)
    $b = get-date $a -Format d
    $c += @($b)
    }
    for ($j = 0; $j -lt $c.length; $j ++ )
    {
    write-host $c[$j]
    }

  3. 写个脚本查找过去7天内都建哪些账号,并发邮件通知

    import-module activedirectory

    set-content d:\ps-text\account_added_on_last_week.txt ""

    function Print_Properties($u)
    {
    $GivenName = $u.GivenName
    add-content d:\ps-text\account_added_on_last_week.txt "First name                 :    $GivenName"
    $sn = $u.sn
    add-content d:\ps-text\account_added_on_last_week.txt "Last name                  :    $sn"
    $Displayname = $u.DisplayName
    add-content d:\ps-text\account_added_on_last_week.txt "Displayname             :    $DisplayName"
    $office = $u.PhysicalDeliveryOfficeName
    add-content d:\ps-text\account_added_on_last_week.txt "Office                           :    $office"
    $telephonenumber = $u.TelephoneNumber
    add-content d:\ps-text\account_added_on_last_week.txt "Telephonenumber :    $telephonenumber"
    $logonname = $u.UserPricipalName
    add-content d:\ps-text\account_added_on_last_week.txt "User logon name     :    $logonname"
    $samaccountname = $u.SamAccountName
    add-content d:\ps-text\account_added_on_last_week.txt "Username                  :    $samaccountname"
    $accountexpire = $u.AccountExpirationDate
    add-content d:\ps-text\account_added_on_last_week.txt "Account expires       :     $accountexpire"
    $jobtitle = $u.Title
    add-content d:\ps-text\account_added_on_last_week.txt "Job title                        :    $jobtitle"
    $department = $u.Department
    add-content d:\ps-text\account_added_on_last_week.txt "Department               :    $department"
    $company = $u.company
    add-content d:\ps-text\account_added_on_last_week.txt "Company                     :    $company"
    $manager = $u.Manager
    add-content d:\ps-text\account_added_on_last_week.txt "Manager name         :    $manager"
    $street = $u.StreetAddress
    add-content d:\ps-text\account_added_on_last_week.txt "Street address          :    $street"
    $city = $u.City
    add-content d:\ps-text\account_added_on_last_week.txt "City                                :    $city"
    $zipcode = $u.PostalCode
    add-content d:\ps-text\account_added_on_last_week.txt "Zip code                       :    $zipcode"
    $country = $u.Country
    add-content d:\ps-text\account_added_on_last_week.txt "Country                        :    $country"
    [string]$memberof = $u.MemberOf
    $member = $memberof.Replace(",DC=script,DC=com","  ;  ")
    add-content d:\ps-text\account_added_on_last_week.txt "memberof                  :    $member"
    }


    $past = New-object System.Collections.ArrayList
    $today = get-date
    for ($i = 0;$i -lt 7;$i++)
    {
    $a = $today.AddDays(-$i)
    $b = get-date $a -Format d
    $past += @($b)
    }

    $user_list = New-object System.Collections.ArrayList
    $user_all = get-aduser -searchbase "ou=Users,ou=China,dc=script,dc=com" -filter * -Properties *

    for ($j = 0; $j -lt 7; $j ++)
    {
    foreach ($user in $user_all)
    {
    $user_created_date = get-date $user.WhenCreated -Format d
    if ($user_created_date -eq $past[$j])
    {
    $user_list += @($user.SamAccountName)
    }
    }
    }
    for ($k = 0 ; $k -lt $user_list.length; $k ++)
    {
    $o = $user_list[$k]
    $user_full = get-aduser -searchbase "ou=Users,ou=China,dc=script,dc=com" -filter 'SamAccountName -like $o' -Properties *

    add-content d:\ps-text\account_added_on_last_week.txt "----------------------------------------------"
    add-content d:\ps-text\account_added_on_last_week.txt ""
    Print_Properties $user_full
    add-content d:\ps-text\account_added_on_last_week.txt ""
    add-content d:\ps-text\account_added_on_last_week.txt "----------------------------------------------"
    }

    $EmailFrom = "[email protected]"
    [string]$EmailTo="[email protected],[email protected],[email protected]"
    $Subject = "List of AD accounts which were created in past 7 days."
    [string]$messagebody = ""

    $lines = get-content d:\ps-text\account_added_on_last_week.txt
    $line_0 = "Here is the List : "
    $messagebody = $messagebody + $line_0 + "`r`n"
    foreach ($line in $lines)
    {
    $messagebody = $messagebody + $line + "`r`n"
    }

    $SMTPServer = "10.10.0.1"
    $SMTPClient = New-Object Net.Mail.SmtpClient($SMTPServer)
    #$SMTPClient.EnableSsl = $true
    [System.Net.ServicePointManager]::ServerCertificateValidationCallback = { return $true }
    $SMTPClient.Credentials = New-Object System.Net.NetworkCredential("script\james", "007");
    $SMTPClient.Send($EmailFrom, $EmailTo, $Subject, $messagebody)

    好像有点长,再来个更长一点的.

  4. IT是个团队,有时候难免会出现纰漏,比如说AD账号,有人就有可能未按标准来添加账号,比如规定必须把账号的office地址栏填上,但有时候某些人就忘了。为了解决这个问题,用下面脚本:

    import-module activedirectory
    $user_list = New-object System.Collections.ArrayList
    #$telephone_a = New-object System.Collections.ArrayList
    #$title_a = New-object System.Collections.ArrayList
    #$department_a = New-object System.Collections.ArrayList
    #$manager_a = New-object System.collections.ArrayList

    $user_all = get-aduser -searchbase "ou=Users,ou=China,dc=script,dc=com" -filter * -Properties *

    $offical_office = "Shanghai"
    $offical_city = "Shanghai"
    $offical_postalcode = "200233"
    $offical_country = "CN"
    $offical_company = "Script China"
    set-content d:\ps-text\telephonenumber.txt ""
    set-content d:\ps-text\jobtitle.txt ""
    set-content d:\ps-text\department.txt ""
    set-content d:\ps-text\manager.txt ""
    set-content d:\ps-text\account_changed.txt ""
    add-content d:\ps-text\telephonenumber.txt "Account            |            Description"
    add-content d:\ps-text\telephonenumber.txt "--------------------------------------------"
    add-content d:\ps-text\jobtitle.txt "Account            |            Description"
    add-content d:\ps-text\jobtitle.txt "--------------------------------------------"
    add-content d:\ps-text\department.txt "Account            |            Description"
    add-content d:\ps-text\department.txt "--------------------------------------------"
    add-content d:\ps-text\manager.txt "Account            |            Description"
    add-content d:\ps-text\manager.txt "--------------------------------------------"
    add-content d:\ps-text\account_changed.txt "Account            |            Description"

    Function Direct_change($u)
    {
    $samaccountname = $u.SamAccountName
    $office = $u.PhysicalDeliveryOfficeName
    $street = $u.StreetAddress
    $city = $u.City
    $zipcode = $u.PostalCode
    $country = $u.Country
    $displayname = $u.DisplayName
    if ([string]::isNullorEmpty($office))
    {
    set-aduser -Identity $samaccountname -PhysicalDeliveryOfficeName $offical_office
    add-content d:\ps-text\account_changed.txt "The office name changed , account :       $displayname"
    }
    if ([string]::isNullorEmpty($city))
    {
    set-aduser -Identity $samaccountname -City $offical_city
    add-content d:\ps-text\account_changed.txt "The city name changed ,   account :       $displayname"
    }
    if ([string]::isNullorEmpty($zipcode))
    {
    set-aduser -Identity $samaccountname -PostalCode $offical_postalcode
    add-content d:\ps-text\account_changed.txt "The zipcode name changed, account :       $displayname"
    }
    if ([string]::isNullorEmpty($country))
    {
    set-aduser -Identity $samaccountname -Country $offical_country
    add-content d:\ps-text\account_changed.txt "The country name changed ,account :       $displayname"
    }
    if ([string]::isNullorEmpty($company))
    {
    set-aduser -Identity $samaccountname -Company $offical_company
    add-content d:\ps-text\account_changed.txt "The company name changed ,account :       $displayname"
    }
    }


    Function Record_need_change($u_r)
    {
    $telephonenumber = $u_r.TelephoneNumber
    $accountexpire = $u_r.AccountExpirationDate
    $jobtitle = $u_r.Title
    $department = $u_r.Department
    $manager = $u_r.Manager
    $description = $u_r.Description
    $displayname = $u_r.DisplayName
    $sn = $u_r.SamAccountName
    if ([string]::isNullorEmpty($telephonenumber))
    {
    #$telephone_a += @($sn)
    add-content d:\ps-text\telephonenumber.txt "$displayname                        $description"
    }
    if ([string]::isNullorEmpty($jobtitle))
    {
    #$title_a += @($sn)
    add-content d:\ps-text\jobtitle.txt "$displayname                        $description"
    }
    if ([string]::isNullorEmpty($department))
    {
    #$department_a += @($sn)
    add-content d:\ps-text\department.txt "$displayname                        $description"
    }
    if ([string]::isNullorEmpty($manager))
    {
    #$manager_a += @($sn)
    add-content d:\ps-text\manager.txt "$displayname                        $description"
    }
    }

    foreach ($user in $user_all)
    {
    $GivenName = $user.GivenName
    $sn = $user.sn
    $Displayname = $user.DisplayName
    Direct_change $user
    Record_need_change $user
    }

    add-content d:\ps-text\telephonenumber.txt "--------------------------------------------"
    add-content d:\ps-text\jobtitle.txt "--------------------------------------------"
    add-content d:\ps-text\department.txt "--------------------------------------------"
    add-content d:\ps-text\manager.txt "--------------------------------------------"


    $EmailFrom = "[email protected]"
    [string]$EmailTo="[email protected],[email protected]"
    $Subject = "AD account information list, need complete!"
    [string]$messagebody = ""

    $telephone_s = get-content d:\ps-text\telephonenumber.txt
    $telephone_0 = "1. Below is the account list of no telephonenumber, Please add it for them ASAP: "
    $messagebody = $messagebody + $telephone_0 + "`r`n"
    foreach ($line in $telephone_s)
    {
    $messagebody = $messagebody + $line + "`r`n"
    }

    $title_s = get-content d:\ps-text\jobtitle.txt
    $title_0 = "2. Below account doesn't have job tilte,Please add it ASAP:"
    $messagebody = $messagebody +  "`r`n" + $title_0 + "`r`n"
    foreach ($title_2 in $title_s)
    {
    $messagebody = $messagebody + $title_2 + "`r`n"
    }

    $dept_s = get-content d:\ps-text\department.txt
    $dept_0 = "3. Please add Department value for below account in AD :"
    $messagebody = $messagebody + "`r`n" + $dept_0 + "`r`n"
    foreach ($dept in $dept_s)
    {
    $messagebody = $messagebody + $dept + "`r`n"
    }

    $menager_s = get-content d:\ps-text\manager.txt
    $menager_0 = "4. Please add Manager name for below account:"
    $messagebody = $messagebody + "`r`n" + $menager_0 + "`r`n"
    foreach ($menager_1 in $menager_s)
    {
    $messagebody = $messagebody + $menager_1 + "`r`n"
    }

    $SMTPServer = "10.0.0.1"
    $SMTPClient = New-Object Net.Mail.SmtpClient($SMTPServer)
    #$SMTPClient.EnableSsl = $true
    [System.Net.ServicePointManager]::ServerCertificateValidationCallback = { return $true }
    $SMTPClient.Credentials = New-Object System.Net.NetworkCredential("script\jc", "007");
    $SMTPClient.Send($EmailFrom, $EmailTo, $Subject, $messagebody)
    为什么会这么长? 主要是为了收到邮件的内容看起来顺眼一点。

    先写这么多,后续再写...

本文出自 “想?不想!” 博客,谢绝转载!

你可能感兴趣的:(auto,powershell,ad)