Powershell更新AD代理地址

我正在尝试AD用户的代理地址。我猜想，这是与-Add @{proxyAddresses="smtp:"+$_.alias+$proxydomain}相关的不正确的工作部分。

我已经检查了AD用户中的代理地址属性。如下所示:

smtp:@domain.onmicrosoft.com

脚本:

$proxydomain = "@domain.onmicrosoft.com"
Get-ADUser -Filter {(emailaddress -like "*@contoso.com" -and Enabled -eq $true -and sAMAccountName -like "TYU*")} -SearchBase "OU=IT,DC=contoso,DC=local" -SearchScope Subtree -Properties *  | foreach-object {
$alias=$_.mail.Split("@")[0]
if ($_.Proxyaddresses -match $_.alias+$proxydomain  )
{
Write-Host "Result: ProxyAddresses value already exists for $($_.displayname); No action taken."
}
else
{
Set-ADUser -Identity $_.SamAccountName -Add @{proxyAddresses="smtp:"+$_.alias+$proxydomain}
Write-Host "Result: Added proxyAddresses value to Account"
}
}

首先将主邮件地址的用户部分分配给变量$alias:

$alias=$_.mail.Split("@")[0]

但你指的是$_.alias在以下行:

if ($_.Proxyaddresses -match $_.alias+$proxydomain  )

这不会起作用，因为$_.alias解析为当前正在处理的ADUser对象上名为alias的属性的值-并且由于没有名为alias的AD用户属性存在，因此$_.alias计算为$null。

将代码改为对变量求值，它就可以工作了:

$proxydomain = "@domain.onmicrosoft.com"
Get-ADUser -Filter { (emailaddress -like "*@contoso.com" -and Enabled -eq $true -and sAMAccountName -like "TYU*") } -SearchBase "OU=IT,DC=contoso,DC=local" -SearchScope Subtree -Properties *  | foreach-object {
# grab user alias
$alias = $_.mail.Split("@")[0]
# construct the new address up front and assign it to a single variable
$newProxyAddress = "$alias$proxydomain"
# -match is a regex operator, escape appropriately
if ($_.ProxyAddresses -match [regex]::Escape($newProxyAddress)) {
Write-Host "Result: ProxyAddresses value already exists for $($_.displayname); No action taken."
}
else {
# Now we only have a single variable that needs to be expanded in the string
Set-ADUser -Identity $_.SamAccountName -Add @{proxyAddresses = "smtp:$newProxyAddress"}
Write-Host "Result: Added proxyAddresses value to Account"
}
}

相关内容

最新更新

热门标签：