小贝子编程

在PS脚本中按时间登录显示空白字段



我的任务是在我们的环境中删除所有启用MFA/禁用帐户的列表。我找到了一个脚本,并用我需要的额外字段进行了修改,其中之一是最后登录。我基本上需要此内容以通过报告过滤以删除任何类型的服务帐户/外部帐户ECT。导出到CSV时,我刚刚输出的代码

我已经尝试了我能找到(时间,日期,ect(

的所有lastlogon变体 
$Report = @()
$i = 0
$Accounts = (Get-MsolUser -All | ? {$_.StrongAuthenticationMethods -ne $Null} | Sort DisplayName)
ForEach ($Account in $Accounts) {
   Write-Host "Processing" $Account.DisplayName
   $i++
   $Methods = $Account | Select -ExpandProperty StrongAuthenticationMethods
   $MFA = $Account | Select -ExpandProperty StrongAuthenticationUserDetails
   $State = $Account | Select -ExpandProperty StrongAuthenticationRequirements
   $Methods | ForEach { If ($_.IsDefault -eq $True) {$Method = $_.MethodType}}
   If ($State.State -ne $Null) {$MFAStatus = $State.State}
      Else {$MFAStatus = "Disabled"}
   $ReportLine = [PSCustomObject][Ordered]@{
       User      = $Account.DisplayName
       UPN       = $Account.UserPrincipalName
       Department = $Account.Department
       Office = $Account.Office
       LastLogon = $Account.LastLogon  
       MFAMethod = $Method
       MFAPhone  = $MFA.PhoneNumber
       MFAEmail  = $MFA.Email
       MFAStatus = $MFAStatus  }
   $Report += $ReportLine      }
Write-Host $i "accounts are MFA-enabled"
$Report | Export-CSV -NoTypeInformation c:tempMFAUsers.CSV

在日期导出最后登录的任何帮助都很棒。

我无法测试,但是我认为您需要LastLogon = (Get-MailboxStatistics -Identity $Account.UserPrincipalName).LastLogonTime

作为旁注,在数组中添加对象很慢,并且有一种更简单的方法将发射对象收集到$Report变量中:

$mfaEnabled = 0
$Accounts = (Get-MsolUser -All | ? {$_.StrongAuthenticationMethods -ne $Null} | Sort DisplayName)
$Report = foreach ($Account in $Accounts) {
   Write-Host "Processing" $Account.DisplayName
   $Methods = $Account | Select -ExpandProperty StrongAuthenticationMethods
   $MFA     = $Account | Select -ExpandProperty StrongAuthenticationUserDetails
   $State   = $Account | Select -ExpandProperty StrongAuthenticationRequirements
   $Methods | ForEach-Object { If ($_.IsDefault -eq $True) {$Method = $_.MethodType}}
   If ($State.State) {$MFAStatus = $State.State} else {$MFAStatus = "Disabled"}
   # update the counter for MFA Enabled users
   if ($MFAStatus -eq 'Enabled') { $mfaEnabled++ }
   # just emit the PSObject here, it will be collected in the $Report variable.
   # also, no need to use [ordered] on [PSCustomObject]
   [PSCustomObject]@{
       User       = $Account.DisplayName
       UPN        = $Account.UserPrincipalName
       Department = $Account.Department
       Office     = $Account.Office
       LastLogon  = (Get-MailboxStatistics -Identity $Account.UserPrincipalName).LastLogonTime  
       MFAMethod  = $Method
       MFAPhone   = $MFA.PhoneNumber
       MFAEmail   = $MFA.Email
       MFAStatus  = $MFAStatus
    }
}
Write-Host  "$mfaEnabled accounts are MFA-enabled"
$Report | Export-CSV -NoTypeInformation c:tempMFAUsers.CSV

相关内容

最新更新


热门标签:

javascript python java c# php android html jquery c++ css ios sql mysql arrays asp.net json python-3.x ruby-on-rails .net sql-server django objective-c excel regex ruby linux ajax iphone xml vba spring asp.net-mvc database wordpress string postgresql wpf windows xcode bash git oracle list vb.net multithreading eclipse algorithm macos powershell visual-studio image forms numpy scala function api selenium