AD命令获取计算机、用户相关信息

1. 获取AD用户相关信息（用户名、创建日期、最后修改密码日期、最后登录日期）

Get AD users, Name/Created Date/Last change passwd Date/Last logon Date

Get-ADuser -filter * -Properties * | Select-Object Name,SID, Created,PasswordLastSet,@{n="lastLogonDate";e={[datetime]::FromFileTime($_.lastLogonTimestamp)}} | Export-CSV Accountlist.csv -NoTypeInformation -Encoding UTF8

 

2. 获取AD中计算机相关信息（计算机名、系统、最后登录日期、系统版本）
Get AD Computers,Name/OS/LastlogonDate/OS Version

Get-ADComputer -Filter * -Property * | Select-Object Name,OperatingSystem,LastLogonDate,OperatingSystemServicePack,OperatingSystemVersion | Export-CSV AllWindows.csv -NoTypeInformation -Encoding UTF8

 

3. 迁移域中90天没有登录的计算机到新的OU

Move Computers which not logon for 90 days to a new OU

dsquery computer -stalepwd 90 -limit 0 | Move-Adobject -TargetPath "OU=OldComputors,DC=netbrain,DC=com"

 

 

参考：

https://social.technet.microsoft.com/wiki/contents/articles/5819.ad-powershell-for-active-directory-administrators.aspx