PowerShell管理AD

查看计算机上可导入的模块:
Get-Module -ListAvailable

导入模块:
Import-Module ActiveDirectory
Import-Module GroupPolicy
get-help *ad*

查找AD用户
man Get-ADUser
Get-ADComputer

get-aduser -filter * -searchbase "ou=ou2,dc=testj,dc=com"
get-aduser -filter * -searchbase "cn=users,dc=testj,dc=com"|select {$_.name}

filter使用用户属性进行过滤
get-aduser -filter 'office -eq "ly"' -searchbase "ou=ou2,dc=testj,dc=com"

查看用户属性:
Get-ADUser -Identity "User1" -Properties *

$m= get-aduser omadmin -properties *
$m.lastlogondate
$m["lastlogondate"]
(get-adgroup "domain admins" -properties member).member

禁用启用账户,可以是用户或计算机
Disable-ADAccount
Enable-ADAccount

posted on 2013-01-26 20:14  momingliu11  阅读(890)  评论(0编辑  收藏  举报

Powered by: 博客园 Copyright © 2024 momingliu11
Powered by .NET 8.0 on Kubernetes