Warning: file_get_contents(/data/phpspider/zhask/data//catemap/2/powershell/12.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181
Powershell 需要从CSV文件更新AD目标用户的属性,如ObjectSid、msExchMasterAccountSid_Powershell_Csv_Active Directory - Fatal编程技术网
Fatal编程技术网
  • powershell/
  • Powershell 需要从CSV文件更新AD目标用户的属性,如ObjectSid、msExchMasterAccountSid

Powershell 需要从CSV文件更新AD目标用户的属性,如ObjectSid、msExchMasterAccountSid

powershell csv active-directory

Powershell 需要从CSV文件更新AD目标用户的属性,如ObjectSid、msExchMasterAccountSid,powershell,csv,active-directory,Powershell,Csv,Active Directory,我目前正在测试以下场景,并希望能够自动定义和验证参数 我将以下cmdlet放在一起,让脚本逐行调用,但我最终喜欢的是查看CSV文件中的用户列表。在此文件中,我想使用两列UserPrincipalName标题,例如: SourceUser | TargetUser 想法是运行脚本并替换以下内容: #create variables $sourceUser = "TestUser1@old.domain.com" $targetUser = "TestUser1@new.domain.com" $s

我目前正在测试以下场景,并希望能够自动定义和验证参数

我将以下cmdlet放在一起,让脚本逐行调用,但我最终喜欢的是查看CSV文件中的用户列表。在此文件中,我想使用两列UserPrincipalName标题,例如:

SourceUser | TargetUser

想法是运行脚本并替换以下内容:

#create variables
$sourceUser = "TestUser1@old.domain.com"
$targetUser = "TestUser1@new.domain.com"
$sourceusername,$sourcedomain = $sourceUser -split ("@")
$targetusername,$targetdomain = $targetUser -split ("@")
$SourceAccount = Get-ADUser $sourceusername -server $sourcedomain -Properties objectSid
$TargetAccount = Get-ADUser $targetusername -Server $targetdomain 

#get the objectSid of the source account
$objectSid = $SourceAccount.objectSid

#copy source account objectSid to target account msExchMasterAccountSid
$TargetAccount | Set-ADUser -Replace @{"msExchMasterAccountSid"=$objectSid}

#enable target account
$TargetAccount | Enable-ADAccount

#disable the source account
$SourceAccount | Disable-ADAccount

#move the migrated user into prod OU
$TargetAccount | Move-ADObject -TargetPath "OU=Test,OU=Users,DC=new,DC=domain,DC=com"
我已经找到了一些参数,我认为这些参数有助于实现两个目标,例如目标域和目标OU:

  [CmdletBinding()]
  Param(
  #target domain
  [parameter(Mandatory,Position=1)]
  [ValidateScript({Get-ADDomain -Identity $_})]
  [String]$Domain,

  #target OU
  [parameter(Position=2)]
  [ValidateScript({Get-ADOrganizationalUnit -Identity $_})]
  [String]$TargetOu
  )
请问有没有人能帮我把这些脚本拼凑起来 好的,假设您的CSV文件包含如下内容

SourceUser, TargetUser
TestUser1@old.domain.com,Testuser1@new.domain.com
显然,实际上您的csv文件将由多个源和目标对组成

现在从您提供的代码开始,将其放在foreach循环下的括号中,并通过管道一次一条记录地提供csv数据。像这样的

Import-csv MyCsvFile.csv |
foreach {

#create variables
$sourceUser = $_.SourceUser
$targetUser = $_.TargetUser
$sourceusername,$sourcedomain = $sourceUser -split ("@")
$targetusername,$targetdomain = $targetUser -split ("@")
$SourceAccount = Get-ADUser $sourceusername -server $sourcedomain -Properties objectSid
$TargetAccount = Get-ADUser $targetusername -Server $targetdomain 

#get the objectSid of the source account
$objectSid = $SourceAccount.objectSid

#copy source account objectSid to target account msExchMasterAccountSid
$TargetAccount | Set-ADUser -Replace @{"msExchMasterAccountSid"=$objectSid}

#enable target account
$TargetAccount | Enable-ADAccount

#disable the source account
$SourceAccount | Disable-ADAccount

#move the migrated user into prod OU
$TargetAccount | Move-ADObject -TargetPath "OU=Test,OU=Users,DC=new,DC=domain,DC=com"

}
我没有为你修改缩进,但你明白了。

一段时间后我编写的脚本草稿:

Clear-Host
#parameters
Import-Module ActiveDirectory
#Start region >>> fake reading in a csv file
$SourceDestinationUsers = @'
SourceUser, DestinationUser
test@source.com, test@destination.com
'@ | ConvertFrom-Csv
#endregion >>> fake reading in a CSV file

function Invoke-UserMove
{
    [CmdletBinding()]
    param()

    ForEach ($User in $SourceDestinationUsers)
    {
        Write-Host 'Processing...'
        Write-Host ('    SourceUser {0}' -f $User.SourceUser)
        Write-Host ('    DestinationUser {0}' -f $User.DestinationUser)

        Write-Host '__ Source Account __'
        $GADU_Params_1 = [ordered]@{
            Identity   = $User.SourceUser.split('@')[0]
            Server     = $User.SourceUser.split('@')[1]
            Properties = 'objectSid', 'SamAccountName'
        }
        $GADU_Params_1
        $SourceAccount = Get-ADUser @GADU_Params_1

        Write-Host '__ Target Account __'
        $GADU_Params_2 = [ordered]@{
            Identity = $User.DestinationUser.Split('@')[0]
            Server   = $User.DestinationUser.Split('@')[1]
        }
        $GADU_Params_2
        $TargetAccount = Get-ADUser @GADU_Params_2

        Write-Host 'Making changes...'


        try
        {
            $TargetAccount | Set-AdUser -Replace @{'SamAccountName' = $SourceAccount.SamAccountName }
        }
        catch
        {
            Write-Host "Accounts have been processed succesfully..."
        }
        try
        {
            $TargetAccount | Enable-ADAccount
        }
        catch
        {
            Write-Host "Accounts have been processed succesfully..."
        }
        try
        {
            $SourceAccount | Disable-ADAccount
        }
        catch
        {
            Write-Host "Accounts have been processed succesfully..."
        }
        try
        {
            $TargetAccount | Move-ADObject -TargetPath "OU=Test,OU=Users,DC=new,DC=domain,DC=com"
        }
        catch
        {
            Write-Host "Accounts have been processed succesfully..."
        }

    }

    Write-Host "Completed"
}
Invoke-UserMove
这对我来说很有效,我确实实现了我所需要的。

如果你告诉我们你在哪里遇到了困难,我们可以帮助你。当然,但我也在寻找一些想法。诚然,我会在继续剧本的同时发布我的问题。嗨,沃尔特,谢谢你的回答。我会在这方面做些事情,一旦准备好,我会发布一个新版本的脚本。