Powershell Get Domain User的几种方法

一、Get-User单用户查询

$User=Get-ADUser -identity wendy -Properties * 

二、Get-User多用户循环查询

$export=@()
$Users=Get-ADUser -Filter * -SearchScope Subtree -SearchBase "OU=xx,OU=xx,dc=xx,dc=xx,dc=xx" -Properties *
foreach($user in $users)
  {
  #$User=Get-ADUser -identity wendy -Properties * 
  $name=$user.name
  #这里可以添加多类属性
  $info=New-Object Psobject
  $info |Add-Member -MemberType NoteProperty -Name 姓名 -Value $name
  $export+=$info
  }
$CurrentDate = Get-Date
$CurrentDate = $CurrentDate.ToString('yyyy-MM-dd')
$export |Export-Csv D:\ps\userPermissioninfo_$CurrentDate.csv -Encoding UTF8 -NoTypeInformation
View Code

 

三、ou查询

functions代码如下,参考http://www.JSchofield22.wordpress.com的代码

function Get-OUWithObjects
{
 
<#
.SYNOPSIS
Function to get all OUs that contain Users, Groups, or Contacts.
 
.DESCRIPTION
This function requires Quest ActiveRoles AD Management to be installed. The purpose of this
script is to go out and find any and all OrganizationalUnits which contain Users, Groups, or
Contacts. It performs a count on each type of object and prints them to a CSV File. This is
a useful tool for any Admin getting ready to perform an Active Directory migration in order
to better understand the existing environment. This script does not require and special
privelages in order to run as you're only reading from Active Directory.
 
.PARAMETER Domains
This allows you to input as many domains as you'd like to scan against. (ex.
-Domains "domain1","domain2","domain3" )
 
.PARAMETER OutFile
This specifies the directory path and file name for the CSV output. (ex. -Outfile c:\temp.csv)
 
.NOTES
Name: Get-OUWithObjects.ps1
Author: Josh Schofield
DateCreated: 12/28/2012
 
.LINK
 
http://www.JSchofield22.wordpress.com
 
.EXAMPLE
Get-OUWithObjects -Domains "Domain1","Domain2" -OutFile "C:\temp\test.csv"
 
#>
 
param(
 
[Parameter(Mandatory=$true)]
$Domains,
 
[Parameter(Mandatory=$true)]
[string]$OutFile
 
)
 
if ((Get-PSSnapin -Registered| where {$_.name -eq "quest.activeroles.admanagement"}) -eq $null){Write-Error "Quest.ActiveRoles.ADManagement NOT Installed"}
 
else {
 
Get-PSSnapin -Registered| where {$_.name -eq "quest.activeroles.admanagement"} | Add-PSSnapin | Out-Null
 
if ((test-path $OutFile) -eq "True"){del $OutFile}
 
$output = @()
 
foreach ($domain in $domains) {
 
Connect-QADService $domain
 
Get-QADObject -Type "organizationalunit" -IncludedProperties name,type,parentcontainer,dn -SizeLimit 0| %{
 
$ouname = $_.name
$parentcontainer = $_.parentcontainer
 
$adobjects = get-qadobject -SearchRoot $_.dn -SearchScope OneLevel -IncludedProperties type,name -SizeLimit 0 | where {(($_.type -eq "contact") -or ($_.type -eq "user") -or ($_.type -eq "group"))}
$users = $adobjects | where {$_.type -eq "user"}
$groups = $adobjects | where {$_.type -eq "group"}
$contacts = $adobjects | where {$_.type -eq "contact"}
 
$results =  "" | Select Domain, Name, UserCount, GroupCount, ContactCount, ParentContainer
$results.Domain = $domain
$results.Name = $ouname
$results.ParentContainer = $parentcontainer
 
if ($users -ne $null) {
 
$results.UserCount = $users.count
 
} #End of User Check
 
if ($groups -ne $null) {
 
$results.GroupCount = $groups.count
 
} #End of User Check
 
if ($contacts -ne $null) {
 
$results.ContactCount = $contacts.count
 
} #End of User Check
 
$output += $results
 
Clear-Variable $results -ErrorAction SilentlyContinue
Clear-Variable $ouname -ErrorAction SilentlyContinue
Clear-Variable $parentcontainer -ErrorAction SilentlyContinue
 
$adobjects = $null
$users = $null
$groups = $null
$contacts = $null
 
} #End of Get QADObject OU
 
}
 
$output | Export-Csv $OutFile -NoTypeInformation
 
}}
View Code

 

posted @ 2017-06-24 15:12  寻香径  阅读(1400)  评论(0编辑  收藏  举报