Fatal编程技术网
  • powershell/
  • 如何获取PowerShell脚本以删除其他计算机上的用户?

如何获取PowerShell脚本以删除其他计算机上的用户?

powershell scripting virtual-machine

如何获取PowerShell脚本以删除其他计算机上的用户?,powershell,scripting,virtual-machine,Powershell,Scripting,Virtual Machine,我正在本地测试一个脚本,以删除VM上的用户帐户。以下是脚本: #This script will do the following actions: #1.- Get a computer list from a TXT file #2.- Get a list of users from a TXT to be removed from the local users group #3.- Do a ping to every computer on the list, if the comp

我正在本地测试一个脚本,以删除VM上的用户帐户。以下是脚本:

#This script will do the following actions:
#1.- Get a computer list from a TXT file
#2.- Get a list of users from a TXT to be removed from the local users group
#3.- Do a ping to every computer on the list, if the computer is offline it will skip it and pass to the next one
#4.- If the computer answers the ping it will search into the local users group and if a user matches with a user from the user list it will be removed
#5.- Creates a log with all the transactions

# Log Time Variables
$Date = Get-Date -UFormat %b-%m-%Y
$Hour = (Get-Date).Hour
$Minutes = (Get-Date).Minute
$Log = "C:\Scripts\Remove-LocalAdmins Masive-" + $Date + "-" + $Hour + "-" + $Minutes + ".log"

#Creates a log file for this process
Start-Transcript -Path $Log  -Force 

#List of computers to be check
$ComputerNames = Get-Content "C:\Users\admin\Downloads\User Deletion Scripts\TestLocal.txt"

#Ping the computers on the list
foreach ($ComputerName in $ComputerNames) {

#If theres no ping answer pass to the next one
if ( -not(Test-Connection $ComputerName -Quiet -Count 1 -ErrorAction Continue )) {
Write-Output "Computer $ComputerName not reachable (PING) - Skipping this computer..." }

#If computer does answer the ping
Else { Write-Output "Computer $computerName is online"

#Search into Users
$LocalUsers = "Users"
$Group = [ADSI]("WinNT://$computerName/$localUsers,group")
$Group.Members() |
foreach {
$AdsPath = $_.GetType().InvokeMember('Adspath', 'GetProperty', $null, $_, $null)
$A = $AdsPath.split('/',[StringSplitOptions]::RemoveEmptyEntries)
$Names = $a[-1] 
$Domain = $a[-2]

#Gets the list of users to be removed from a TXT that you specify and checks if theres a match in the local group
foreach ($name in $names) {
Write-Output "Verifying the local users on computer $computerName" 
$localuser = Get-Content "C:\Users\admin\Downloads\User Deletion Scripts\TestUsers.txt"
foreach ($localuser in $localuser) {
if ($name -eq $localuser) {

#If it finds a match it will notify you and then remove the user from the local users group
Write-Output "User $localuser found on computer $computerName ... "
Remove-LocalUser $localuser

Write-Output "Removed" }}}}}

#Passes all the information of the operations made into the log file
}Stop-Transcript
当我测试它时,VM得到ping。但我得到的是:

The following exception occurred while retrieving member "Members": "The 
network path was not found.
"
At C:\Users\admin\Downloads\User Deletion Scripts\Remove-LocalAdmins 
Masive.ps1:39 char:1
+ $Group.Members() |
+ ~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : NotSpecified: (:) [], ExtendedTypeSystemExceptio 
   n
    + FullyQualifiedErrorId : CatchFromBaseGetMember
也许我遗漏了一些关于防火墙的东西,但是我需要一种方法让这个脚本从我的计算机运行到虚拟机。我需要在脚本中修改什么来完成用户删除

根据下面的评论,我的脚本应该是这样的

    $Computer = Get-Content "C:\Users\admin\Downloads\Delete-Users\Computer(s).txt"

Invoke-Command -ComputerName $ComputerName.Trim() -ScriptBlock {

#enable remoting
Enable-PSRemoting -Force

#Get local users from admin group
$LocalUsers = "Users"
$Group = [ADSI]("WinNT://$computerName/$localUsers,group")
$Group.Members() |
foreach {
$AdsPath = $_.GetType().InvokeMember('Adspath', 'GetProperty', $null, $_, $null)
$A = $AdsPath.split('/',[StringSplitOptions]::RemoveEmptyEntries)
$Names = $a[-1] 
$Domain = $a[-2]

$LocalUser = foreach ($name in $names) {
Write-Output "Verifying the local users on computer $computerName" 
$localuser = Get-Content "C:\Users\admin\Downloads\Delete-Users\User(s).txt"
foreach ($localuser in $localuser) {
if ($name -eq $localuser) {

Foreach($User in $LocalUser){
#Check if the user is the one to delete and delete it using Remove-LocalUser
Write-Output "User $localuser found on computer $computerName ... "
Remove-LocalUser $localuser
Write-Output "Removed" 

                    }
                }
            }
        }
    }
}
确保文本文件不包含任何尾随空格

我想指出代码中的一些错误

  • foreach($localuser中的localuser)
    不起作用,我相信这是一个输入错误,您可以理解这一点
  • Remove LocalUser$LocalUser
    不起作用,因为
    $LocalUser
    是来自虚拟机的用户,并且
    Remove LocalUser
    在本地计算机中执行
您可以在
Invoke命令中执行所有操作,如下所示


$Computer = Get-Content "C:\Users\admin\Downloads\User Deletion Scripts\TestLocal.txt"
Invoke-Command -CompuerName $ComputerName.Trim() -ScriptBlock {
    #Get local users from admin group
    $LocalUser = #Get all the local users
    Foreach($User in $LocalUser){
       #Check if the user is the one to delete and delete it using Remove-LocalUser
   }

}


如果您的虚拟机位于hyper-V中,则可以使用不依赖于任何网络连接的PowerShell direct


请参阅有关PowerShell direct的详细信息。
确保文本文件不包含任何尾随空格

我想指出代码中的一些错误


    

  • foreach($localuser中的localuser)
    不起作用,我相信这是一个输入错误,您可以理解这一点
    • 

  • Remove LocalUser$LocalUser
    不起作用,因为
    $LocalUser
    是来自虚拟机的用户,并且
    Remove LocalUser
    在本地计算机中执行
    • 


您可以在
Invoke命令中执行所有操作,如下所示


$Computer = Get-Content "C:\Users\admin\Downloads\User Deletion Scripts\TestLocal.txt"
Invoke-Command -CompuerName $ComputerName.Trim() -ScriptBlock {
    #Get local users from admin group
    $LocalUser = #Get all the local users
    Foreach($User in $LocalUser){
       #Check if the user is the one to delete and delete it using Remove-LocalUser
   }

}


如果您的虚拟机位于hyper-V中,则可以使用不依赖于任何网络连接的PowerShell direct


请参阅有关PowerShell direct的详细信息。
您没有说明正在运行的PowerShell版本吗

v5有用于本地用户管理的cmdlet,如果您不在,则MS PS Gallery上有一个用于本地用户管理的模型

您正试图访问远程主机,但并没有说明如何进行PSRemting设置。也就是说,如果这是您的工作站和主机所在的域,或者它是一个工作组

您试图在远程主机上使用本地变量,但未设置该变量的作用域


    

  • 必须启用PSRemoting才能使其工作
    • 

  • 必须确定要远程使用的变量的范围
    • 

  • 您需要使用Invoke命令在远程服务器上运行此代码
主持人
    • 

  • 您必须是每个远程主机上的管理员
    • 


所以,这个中间部分应该改成这样


Else 
{ 
    Write-Output "Computer $computerName is online"

    Invoke-Command -ComputerName $computerName -ScriptBlock {
        # Search into Users
        $LocalUsers = "Users"
        $Group = [ADSI]("WinNT://$Using:computerName/$localUsers,group")

        $Group.Members() |
        foreach 
        {
            $AdsPath = $_.GetType().InvokeMember('Adspath', 'GetProperty', $null, $_, $null)
            $A = $AdsPath.split('/',[StringSplitOptions]::RemoveEmptyEntries)
            $Names = $a[-1] 
            $Domain = $a[-2]


            # Gets the list of users to be removed from a TXT that you specify and 
            # checks if theres a match in the local group

            foreach ($name in $names) 
            {
                Write-Output "Verifying the local users on computer $computerName" 
                $localuser = Get-Content "C:\Users\admin\Downloads\User Deletion Scripts\TestUsers.txt"

                foreach ($localuser in $localuser) 
                {
                    if ($name -eq $localuser) 
                    {

                        # If it finds a match it will notify you and then remove 
                        # the user from the local users group

                        Write-Output "User $localuser found on computer $computerName ... "
                        Remove-LocalUser $localuser

                        Write-Output "Removed" 
                    }
                }
            }
        }
    }



你没有说你正在运行哪个版本的PowerShell

v5有用于本地用户管理的cmdlet,如果您不在,则MS PS Gallery上有一个用于本地用户管理的模型

您正试图访问远程主机,但并没有说明如何进行PSRemting设置。也就是说,如果这是您的工作站和主机所在的域,或者它是一个工作组

您试图在远程主机上使用本地变量,但未设置该变量的作用域


    

  • 必须启用PSRemoting才能使其工作
    • 

  • 必须确定要远程使用的变量的范围
    • 

  • 您需要使用Invoke命令在远程服务器上运行此代码
主持人
    • 

  • 您必须是每个远程主机上的管理员
    • 


所以,这个中间部分应该改成这样


Else 
{ 
    Write-Output "Computer $computerName is online"

    Invoke-Command -ComputerName $computerName -ScriptBlock {
        # Search into Users
        $LocalUsers = "Users"
        $Group = [ADSI]("WinNT://$Using:computerName/$localUsers,group")

        $Group.Members() |
        foreach 
        {
            $AdsPath = $_.GetType().InvokeMember('Adspath', 'GetProperty', $null, $_, $null)
            $A = $AdsPath.split('/',[StringSplitOptions]::RemoveEmptyEntries)
            $Names = $a[-1] 
            $Domain = $a[-2]


            # Gets the list of users to be removed from a TXT that you specify and 
            # checks if theres a match in the local group

            foreach ($name in $names) 
            {
                Write-Output "Verifying the local users on computer $computerName" 
                $localuser = Get-Content "C:\Users\admin\Downloads\User Deletion Scripts\TestUsers.txt"

                foreach ($localuser in $localuser) 
                {
                    if ($name -eq $localuser) 
                    {

                        # If it finds a match it will notify you and then remove 
                        # the user from the local users group

                        Write-Output "User $localuser found on computer $computerName ... "
                        Remove-LocalUser $localuser

                        Write-Output "Removed" 
                    }
                }
            }
        }
    }



我正在运行Power Shell版本5,但如果可能的话,我希望能够在版本4和版本3上运行它,因为我计划将来在多台服务器上使用它。顺便说一下,我尝试了您的脚本,结果是:'连接到远程服务器失败,错误消息如下:WinRM客户端无法处理请求。默认身份验证可在以下条件下与IP地址一起使用:传输为HTTPS或目标位于TrustedHosts列表中,并提供显式凭据。使用winrm.cmd配置TrustedHosts。请注意,TrustedHosts列表中的计算机可能未通过身份验证。我正在使用PSexec远程执行脚本。那还能用吗?我现在运行的是Power Shell版本5,但如果可能的话,我希望能够在版本4和3上运行它,因为我计划将来在几个服务器上使用它。顺便说一下,我尝试了您的脚本,结果是:'连接到远程服务器失败,错误消息如下:WinRM客户端无法处理该请求。默认身份验证可在以下条件下与IP地址一起使用:传输为HTTPS或目标位于TrustedHosts列表中,并提供显式凭据。使用winrm.cmd配置TrustedHosts。请注意,TrustedHosts列表中的计算机可能未通过身份验证。我正在使用PSexec远程执行脚本。这仍然有效吗?因此本质上这将替换脚本的中间部分?这将替换整个脚本,您必须用适当的代码填充注释区域。如果提供连接,
psexec
适用于任何虚拟机监控程序中的虚拟机如何使用修剪字符串?我对它不太熟悉。我按照你的建议修改了脚本。我现在的问题是上面提到的。它应该是这样的吗?所以本质上这将替换脚本的中间部分?这将替换整个脚本,您必须用适当的代码填充注释区域。如果提供连接,
psexec
适用于任何虚拟机监控程序中的虚拟机如何使用修剪字符串?我对它不太熟悉。我按照你的建议修改了脚本。我现在的问题是上面提到的。应该是这样的吗?