Active directory Powershell未将用户添加到广告组_Active Directory_Powershell 5.0

Active directory Powershell未将用户添加到广告组

active-directory

Active directory Powershell未将用户添加到广告组,active-directory,powershell-5.0,Active Directory,Powershell 5.0,我在下面的脚本中检查了以下条件：检查何时创建用户并仅筛选不早于30天的帐户在开始与组织合作时检查数据（在说明中）在他们开始与组织合作的同时，将他们添加到适当的组中代码如下： $DateMaxTime = (Get-date).AddDays(0) $DateMaxTimeNew = (Get-date).AddDays(-30) $usersRO = Get-ADUser -Filter * -Properties * -SearchBase "OU=Users,OU=Res

我在下面的脚本中检查了以下条件：

检查何时创建用户并仅筛选不早于30天的帐户

在开始与组织合作时检查数据（在说明中）

在他们开始与组织合作的同时，将他们添加到适当的组中

代码如下：

$DateMaxTime = (Get-date).AddDays(0)
$DateMaxTimeNew = (Get-date).AddDays(-30)

$usersRO = Get-ADUser -Filter * -Properties * -SearchBase "OU=Users,OU=Resources,OU=Romania,OU=Country,DC=I,DC=Love,DC=Donuts"|where {$_.Description -like "*TEMP*" -or $_.Description -like "*PERM*" } |select samaccountname,description,name
$groupsRO = 'EXTERNALACCESS'

###########################

ForEach($groupRO in $groupsRO){
$membersRO = Get-ADGroupMember -Identity $groupRO -Recursive | Select -ExpandProperty samaccountname
Foreach ($userRO in $usersRO){
$AcountNameRO = $userRO.samaccountname
$DatePartRONew = get-aduser -identity $AcountNameRO -Properties * | Select-Object whenCreated
$DatePartSubsRONew = $DatePartRONew.whenCreated
$DataPartROdesc=$userRO.description
$expressionRO = ([regex]'(\d{2}/\d{2}/\d{4})').Match($DataPartROdesc).Groups[0].Value
$DatePartRO= $expressionRO
$FinalDateRO = [datetime]::ParseExact($DatePartRO,'dd/MM/yyyy',$null)
    If ($DatePartSubsRONew -lt $DateMaxTimeNew){
    Write-Host "$AcountNameRO ouf of date scope"}
    else {Write-Host "$AcountNameRO in scope"
        If ((get-date $FinalDateRO.Date) -eq (get-date $DateMaxTime.Date)){
            Write-Host "$AcountNameRO is a today Starter"
            If ($membersRO -notcontains $AcountNameRO ) {
            Write-Host "Adding external group $groupRO for: $AcountNameRO"
            Add-ADGroupMember -Identity "EXTERNALACCESS" -Members $AcountNameRO 
            [array]$FinalResultRO += New-Object psobject -Property @{User=$AcountNameRO}
             } 
            Else {Write-Host "$AcountNameRO  exists in  group $groupRO"}
        }Else {Write-Host "$AcountNameRO is not a Starter"}
        }
    }
}

$listRO = [array]$FinalResultRO |Select User |Out-String
$listRO.gettype()
#

if ([string]::IsNullOrEmpty($listRO){
Write-Host "nothing to send"
}
Else {
Write-Host "Mail sent"
Send-MailMessage -From "Donut@love.com" -To "ITsystemL@love.com" -Subject "Following users have been granted external access rights" -smtpServer "internalrelay.donut.love.com" -body "$($listRO)"
}

我对其他国家也有相同的代码（在一个脚本中还有4个国家），它可以工作（我只是复制粘贴）奇怪的是，当我收到邮件时，用户已被授予组权限，但在罗马尼亚，情况就是这样：

我收到了一封邮件，用户通过脚本选择了组“外部”
当我签入AD时，GRUP不会被分配（我使用复制进行检查，但这不是它）
其他国家也有同样的代码，而且它是有效的

这里有什么问题