测试用户是否存在于本地始终返回 false

更改此行

localUsers = $objOu.Children | where {$_.SchemaClassName -eq 'user'}  | Select {$_.name[0].ToString()} 

跟

$localUsers = $objOu.Children | where {$_.SchemaClassName -eq 'user'}  | % {$_.name[0].ToString()}

你做错了;)你真的想要这个（这将创建一个字符串数组）：

$ou.Children | where {$_.SchemaClassName -eq 'user'}  | foreach {
      $_.name[0].tostring() }

您的代码正在创建具有名为"$_.name[0]"的属性的自定义对象。ToString（）"

在PowerShell 5.1（在Windows 10中可用）及更高版本中，我们可以使用两个cmdlet来检查本地用户是否存在并创建新的本地用户：Get-LocalUser和New-LocalUser。因此，我们可以以更紧凑的方式重写上述函数：

function Ensure-LocalUser
{
    [CmdletBinding()]
    param(
        [Parameter(Mandatory=$true)]
        [string] $userName,
        [Parameter(Mandatory=$true)]
        [string] $passWord
    )
    process{
        $out = Get-LocalUser -Name $userName -ErrorAction SilentlyContinue
        if($out -eq $null)
        {
            $passEnc = ConvertTo-SecureString -String $passWord -AsPlainText -Force
            New-LocalUser -Name $userName -Password $passEnc -AccountNeverExpires -PasswordNeverExpires
            return $true
        }
        else
        {
            write-host ("User '"+ $userName + "' already exists")
            return $false
        }
    }
}

然后像这样调用函数：

Ensure-LocalUser "john" "p@ssw0rd"

我迟到了，但这里有一个简单的方法来查找本地用户并输出他们的当前状态。

# Find User Account to change
$usercheck = Get-WmiObject Win32_UserAccount -Filter "LocalAccount='true' and Name='Administrator'"
if($usercheck.disabled -eq $false){write-host "Account has been found"}
elseif($usercheck.disabled -eq $true){write-host "Account has been found, but disabled"}
else{write-host "Account has not been found."}