对于Powershell中的AD用户，带有foreach的If And语句

这是一个已经工作的脚本，我有。然而，我意识到我需要检查广告用户的两个属性，以确定它们是否需要遍历我的foreach语句。这两个属性都需要满足。如果是，那么就没有理由对广告用户进行处理

广告用户已被禁用

AD用户已驻留在禁用的OU中

---

我认为这需要在If-And声明中完成。但这需要在foreach之前还是在foreach内部完成

首先使用

Get ADUser

检索用户帐户，然后检查

Disabled

属性并将禁用的OU与用户的

distributedName

进行比较：

$names = Import-CSV C:\PowerShell\TerminatedEmployees.csv
$Date = Get-Date
foreach ($name in $names) 
{
    Get-ADPrincipalGroupMembership -Identity "$($name.TextBox37)" | select Name | Out-File "C:\Powershell\ADUserMemberships\$($name.TextBox37)Memberships.txt"
    $ADgroups = Get-ADPrincipalGroupMembership -Identity "$($name.TextBox37)" | where {$_.Name -ne "Domain Users"}
    Remove-ADPrincipalGroupMembership -Identity "$($name.TextBox37)" -MemberOf $ADgroups -Confirm:$false
    Disable-ADAccount -Identity "$($name.TextBox37)"
    Get-ADUser -Identity "$($name.TextBox37)" | Move-ADObject -TargetPath "OU=DisabledAccounts,OU=XXX,DC=XXX,DC=XXXX,DC=XXX"
    Set-ADUser -Identity "$($name.TextBox37)" -Description "Disabled $Date"
}

$names = Import-CSV C:\PowerShell\TerminatedEmployees.csv
$Date = Get-Date
$DisabledOU = "OU=DisabledAccounts,OU=XXX,DC=XXX,DC=XXXX,DC=XXX"
foreach ($name in $names) 
{
    $ADUser = Get-ADUser -Identity "$($name.TextBox37)"
    if(-not($ADUser.Enabled) -and $ADUser.DistinguishedName -like "*,$DisabledOU")
    {
        # no need to proceed, skip to next name in foreach loop
        continue
    }
    $ADGroups = Get-ADPrincipalGroupMembership -Identity "$($name.TextBox37)" 
    $ADGroups |Select-Object Name |Out-File "C:\Powershell\ADUserMemberships\$($name.TextBox37)Memberships.txt"
    # no need to call Get-ADPrincipalGroupMembership again
    $ADgroups = $ADGroups | where {$_.Name -ne "Domain Users"}
    Remove-ADPrincipalGroupMembership -Identity "$($name.TextBox37)" -MemberOf $ADgroups -Confirm:$false
    Disable-ADAccount -Identity "$($name.TextBox37)"
    $ADUser | Move-ADObject -TargetPath $DisabledOU
    Set-ADUser -Identity "$($name.TextBox37)" -Description "Disabled $Date"
}