我需要做的是导出特定的AD用户和他们的一些属性到CSV文件。我需要的是一些默认属性,如Name,SamAccountName,Enabled和一些自定义属性:businesscategory,extensionAttribute9等。
我正在努力与我的if - else语句,因为他们似乎没有比较employeenumber与$null
$name = Read-Host -Prompt "Please enter the name for output file."
$filename = $name+".csv"
$domain = @('DOMAIN1','DOMAIN2','DOMAIN3','DOMAIN4')
$result = foreach ($item in $domain) {
Get-ADUser -server $item -Properties businesscategory, extensionAttribute4,
extensionAttribute9, extensionAttribute13, employeenumber, Enabled -ResultPageSize 100 -Filter *
if (($null -ne $_.employeenumber) -and ($_.employeenumber -notlike '*svc*')) {
Select-Object Name,
SamAccountName,
UserPrincipalName,
@{n="businesscategory"; e={$_.businesscategory -join ", "}},
@{n="extensionAttribute4";e={$_.extensionAttribute4 -join ", "}},
@{n="extensionAttribute9";e={$_.extensionAttribute9 -join ", "}},
@{n="extensionAttribute13";e={$_.extensionAttribute13 -join ", "}},
DistinguishedName, employeenumber, Enabled
} else { (...)
上面是我的代码的一部分,它应该进入第一个if。它会这样做,但它会导出所有帐户,无论employeenumber是否存在。另一个问题是,导出的CSV不包含从自定义属性创建的列,而是显示了一些我没有要求的其他属性。
如果我使用Where-Object而不是if - else,并检查如下值,这曾经工作得很好:
Where-Object {
($_.SamAccountName -notlike '*proprietary*') -and
($_.UserPrincipalName -notlike '*proprietary*') -and
($_.SamAccountName -notlike '*mailbox*') -and (...)
不幸的是,我需要使用if - else来进行更复杂的比较和选择,但不能弄清楚
问题在这一行:
$result = foreach ($item in $domain) {
Get-ADUser -server $item -Properties ... # => not assigned to any variable
然后这一行:
if (($null -ne $_.employeenumber) -and ($_.employeenumber -notlike '*svc*')) {
由于$_不存在,您比较的内容如下:
$null -ne $null -and $null -notlike '*svc*'
始终为$false。值得一提的是,这是一个foreach循环,与ForEach-Object不同,自动变量$_($PSItem)在这里没有任何意义。
下一个问题是当使用Select-Object作为语句的开头时,没有对象被管道连接到它。
Select-Object Name, SamAccountName, UserPrincipalName, ...
在这种情况下,if条件可以通过一些LDAP过滤完全删除:
# employee number is not `$null` AND employee number is not like `*svc*`
-LDAPFilter "(&(employeenumber=*)(!employeenumber=*svc*))"
代码应该是这样的:
$name = Read-Host -Prompt "Please enter the name for output file."
$filename = $name + ".csv" # Consider using `$HOME` here, or an absolute Path
$param = @{
LDAPFilter = "(&(employeenumber=*)(!employeenumber=*svc*))"
ResultPageSize = 100
Properties = @(
'businesscategory'
'extensionAttribute4'
'extensionAttribute9'
'extensionAttribute13'
'employeenumber'
)
}
'DOMAIN1','DOMAIN2','DOMAIN3','DOMAIN4' | ForEach-Object {
$param['Server'] = $_
foreach($user in Get-ADUser @param) {
[pscustomobject]@{
Name = $user.Name
SamAccountName = $user.SamAccountName
UserPrincipalName = $user.UserPrincipalName
BusinessCategory = $user.businesscategory -join ", "
extensionAttribute4 = $user.extensionAttribute4 -join ", "
extensionAttribute9 = $user.extensionAttribute9 -join ", "
extensionAttribute13 = $user.extensionAttribute13 -join ", "
DistinguishedName = $user.DistinguishedName
employeenumber = $user.employeenumber
Enabled = $user.Enabled
Domain = $_ # Adding the Domain of this user here
}
}
} | Export-Csv $filename -NoTypeInformation