如何使用Powershell查询msSFU30MaxUidNumber属性?
有人知道查询此UNIX属性msSFU30MaxUidNumber的方法吗如何使用Powershell查询msSFU30MaxUidNumber属性?,powershell,active-directory,dns,nis,quest,Powershell,Active Directory,Dns,Nis,Quest,有人知道查询此UNIX属性msSFU30MaxUidNumber的方法吗 是否使用Powershell在Active Directory中?我正在编写一个脚本,根据需要将Unix属性分配给用户。我还提供了Quest AD Powershell模块。您似乎可以在cn=yourYPDomain,cn=ypservers,cn=ypserv30,cn=RpcServices,cn=system,dc=dom,dc=fr属性中找到迄今为止分配的最高值 下面是一个按原样给出的脚本:我现在无法在我的配置中测
是否使用Powershell在Active Directory中?我正在编写一个脚本,根据需要将Unix属性分配给用户。我还提供了Quest AD Powershell模块。您似乎可以在
cn=yourYPDomain,cn=ypservers,cn=ypserv30,cn=RpcServices,cn=system,dc=dom,dc=fr既然您有可用的Quest AD cmdlet,下面是基于JPBlanc的回答的一些快速信息。它假定您正在使用一个已经拥有相关AD属性特权的帐户运行脚本:
# The -IncludedProperties parameter is needed because msSFU30MaxUidNumber is not part of Get-QADObject's default attribute set
$ypDomain = Get-QADObject -Identity "cn=myYPDomain,cn=ypservers,cn=ypserv30,cn=RpcServices,cn=system,dc=dom,dc=fr" -IncludedProperties msSFU30MaxUidNumber
$maxUidNumber = $ypDomain.msSFU30MaxUidNumber
$newMaxUidNumber = $maxUidNumber + 1
# Sets the msSFU30UidNumber attribute for User1
Get-QADUser -samAccountName User1 | Set-QADUser -objectAttributes @{msSFU30UidNumber = $newMaxUidNumber}
# Increments the msSFU30MaxUidNumber for the YP domain.
$ypDomain | Set-QADObject -objectAttributes @{msSFU30MaxUidNumber = $newMaxUidNumber}
我借用它来设置UNIX属性(NISdomain、GID、loginshell、UIDnumber、UID) 我对其进行了更新,因此它还更新了存储的msSFU30MaxUidNumber。我看过的所有脚本都忘记了这一点。 如果您将来使用ADUC设置UNIX属性(或者即使您针对另一个OU再次运行脚本),则可防止出现UIDNumber重复的问题:
# The -IncludedProperties parameter is needed because msSFU30MaxUidNumber is not part of Get-QADObject's default attribute set
$ypDomain = Get-QADObject -Identity "cn=myYPDomain,cn=ypservers,cn=ypserv30,cn=RpcServices,cn=system,dc=dom,dc=fr" -IncludedProperties msSFU30MaxUidNumber
$maxUidNumber = $ypDomain.msSFU30MaxUidNumber
$newMaxUidNumber = $maxUidNumber + 1
# Sets the msSFU30UidNumber attribute for User1
Get-QADUser -samAccountName User1 | Set-QADUser -objectAttributes @{msSFU30UidNumber = $newMaxUidNumber}
# Increments the msSFU30MaxUidNumber for the YP domain.
$ypDomain | Set-QADObject -objectAttributes @{msSFU30MaxUidNumber = $newMaxUidNumber}
Remove-Variable -Name * -Force -ErrorAction SilentlyContinue
Import-Module ActiveDirectory
$NIS = Get-ADObject "CN=DOMAIN,CN=ypservers,CN=ypServ30,CN=RpcServices,CN=System,DC=Domain,DC=com" -Properties:* #Get NIS server information
$maxUid = $NIS.msSFU30MaxUidNumber #Get the last used User ID
$usuarios = Get-ADUser -Filter * -SearchBase "OU=NAME,OU=NAME,OU=NAME,DC=Domain,DC=com" -Properties:* #Get all users
foreach($usr in $usuarios)
{
if ($usr.mssfu30nisdomain -eq $null){
Set-ADUser -Identity "$($usr.SamAccountName)" -Replace @{mssfu30nisdomain="Domain"} #Enable NIS
Set-ADUser -Identity "$($usr.SamAccountName)" -Replace @{gidnumber="10005"} #Set Group ID
Set-ADUser -Identity "$($usr.SamAccountName)" -Replace @{loginShell="/bin/bash"} #Set Login Shell
$maxUid++ #Raise the User ID number
Set-ADUser -Identity "$($usr.SamAccountName)" -Replace @{uidnumber=$maxUid} #Set User ID number
Set-ADUser -Identity "$($usr.SamAccountName)" -Replace @{uid=$usr.SamAccountName} #Set UID
Write-Host -Backgroundcolor Green -Foregroundcolor Black $usr.SamAccountName changed #Write Changed Username to console
}
else{Write-Host -Backgroundcolor Yellow -Foregroundcolor Black $usr.SamAccountName unchanged} #Write Unchanged Username to console with a yellow background
}
$NIS | Set-ADObject -Replace @{msSFU30MaxUidNumber = $maxuid++}
$NIS | Set-ADObject -Replace @{msSFU30MaxUidNumber = $maxuid++}