这三台计算机可能出现在以下组中:
Group1
Group2
Group3
我正在寻找一种方法来删除从任何文本文件中列出的AD计算机它们可能在同一个OU内的AD组。例如,文本文件包含:
Computer1$
Computer2$
Computer3$
这三台计算机可能出现在以下组中:
Group1
Group2
Group3
我在2016年的StackOverflow上找到了这个标题"PowerShell - Remove-ADGroupMember - Locking my admin account"。
Get-ADGroup -filter 'name -like "Group*"' | Remove-ADGroupMember -Members "Computer3$">
删除"Computer3$!但当我试图更换"电脑"时;如果我的变量在Foreach中,它就会中断。下面是我的代码:
$Comps = Get-Content "C:UsersAdministratorDesktopComplist.txt"
foreach ($comp in $comps) {
Get-ADGroup -filter 'name -like "Group*"' | Remove-ADGroupMember -Members "$Comps"
}
Remove-ADGroupMember : Cannot find an object with identity: 'Computer1$
Computer2$ Computer3$' under: 'DC=Domain,DC=local'.
At line:3 char:53
+ ... name -like "Group*"' | Remove-ADGroupMember -Members "$Comps"
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : ObjectNotFound: (Computer1...mputer3$:ADP
rincipal) [Remove-ADGroupMember], ADIdentityNotFoundException
+ FullyQualifiedErrorId : SetADGroupMember.ValidateMembersParameter,Microsoft.Ac
tiveDirectory.Management.Commands.RemoveADGroupMember
任何帮助都将不胜感激,提前感谢您。
$Comps = Get-Content "C:UsersAdministratorDesktopComplist.txt"
foreach ($comp in $comps) {
Get-ADGroup -filter 'name -like "Group*"' | Remove-ADGroupMember -Members "$comp"
}
你在循环中引用了$comps(对象组)而不是$comp(对象)。
Import-Module -Name ActiveDirectory
$listofcomputers = Get-Content -Path "$env:HOMEDRIVEUsersAdministratorDesktopComplist.txt"
foreach ($computer in $listofcomputers) {
Get-ADGroup -Filter 'name -like "Group*"' | Remove-ADGroupMember -Members ('{0}' -f $computer)
}
更好的变量命名会有帮助。