查询特定 AD 属性的本地 AD 以检查 Office 365 与否
Query OnPremise AD for Specific AD attributes to check Office 365 or not
我需要确定哪个电子邮件地址收件人当前已在 Office 365 中或仍在本地。
下面的简单 PowerShell 脚本仅用于导出 AD 组特定成员中的用户列表:
Get-ADGroup -Filter {Name -like '*IT*'} | Select-Object @{ n='Group'; e={ $_.Name } }, @{ n='Members'; e={ (Get-ADGroup $_.DistinguishedName -Properties Members | Select-Object Members).Members } } |
Get-ADGroupMember -Recursive |
Get-ADUser -Properties Mail | Select-Object Name, sAMAccountName, Mail |
Export-CSV -path "C:\Group_members.csv" -NoTypeInformation
我只想要另一列显示用户是否已经在 Office 365 或 Still OnPremise 中。
还有专家发帖:
Get-MsolUser -UsageLocation US -All |
Where-Object isLicensed -eq $true |
Select-Object -Property DisplayName, UserPrincipalName, isLicensed,
@{label = 'MailboxLocation'; expression = {
switch ($_.MSExchRecipientTypeDetails) {
1 {'OnPremise'; break}
2147483648 {'Office365'; break}
default {'Unknown'}
}
}
}
但是我不知道如何结合上面的脚本?
我也尝试过以下脚本来查询具有特定属性的 OnPremise AD,但仍然失败没有返回结果?
Get-ADUser-Filter *-Properties *|
Where-Object {($_.msExchRemoteRecipientType-eq4) -and
($_.msExchRecipientDisplayType -eq '-2147483642') -and
($_.msExchRecipientTypeDetails -eq '2147483648') -and
($_.proxyAddresses -contains "*.onmicrosoft.com*")
}
通过名为 targetAddress
的 Get-ADUser 在用户上没有 属性
虽然如果你把它放在你的 select 中,它会在结果中显示为空,因为你可以在 select 中添加你想要的任何 属性 名称,是否存在
这也是语法错误
$_.msExchRecipientDisplayType = '-2147483642')
您也没有正确使用比较运算,而是使用了赋值运算符。意思是 -eq vs '='.
$_.msExchRecipientDisplayType -eq ...
# Find all cmdlets / functions with a target parameter
Get-Command -CommandType Function |
Where-Object { $_.parameters.keys -match 'targetAddress'} |
Format-Table -Autosize
# No results
Get-Command -CommandType Cmdlet |
Where-Object { $_.parameters.keys -match 'targetAddress'} |
Format-Table -Autosize
# No results
Get-Command -CommandType Function |
Where-Object { $_.parameters.keys -match 'Address'} |
Format-Table -Autosize
# No results
Get-Command -CommandType Cmdlet |
Where-Object { $_.parameters.keys -match 'Address'} |
Format-Table -Autosize
< #
CommandType Name ModuleName
----------- ---- ----------
Cmdlet New-ADDCCloneConfigFile ActiveDirectory
Cmdlet New-ADOrganizationalUnit ActiveDirectory
Cmdlet New-ADUser ActiveDirectory
Cmdlet Set-ADOrganizationalUnit ActiveDirectory
Cmdlet Set-ADUser ActiveDirectory
#>
Get-Command -CommandType Function |
Where-Object { $_.parameters.keys -match 'EmailAddress|proxyAddress'} |
Format-Table -Autosize
# No results
Get-Command -CommandType Cmdlet |
Where-Object { $_.parameters.keys -match 'EmailAddress|proxyAddress'} |
Format-Table -Autosize
< #
CommandType Name ModuleName
----------- ---- ----------
Cmdlet New-ADUser ActiveDirectory
Cmdlet Set-ADUser ActiveDirectory
#>
Clear-Host
(Get-ADUser -Filter * -Properties *)[0] |
Get-Member -Force |
Select Name, MemberType |
Format-Table -AutoSize
Name MemberType
---- ----------
...
EmailAddress Property
...
mail Property
mailNickname Property
...
msExchArchiveQuota Property
msExchArchiveWarnQuota Property
msExchCalendarLoggingQuota Property
msExchCoManagedObjectsBL Property
msExchDumpsterQuota Property
msExchDumpsterWarningQuota Property
msExchELCMailboxFlags Property
msExchHomeServerName Property
msExchMailboxGuid Property
msExchMailboxSecurityDescriptor Property
msExchPoliciesIncluded Property
msExchRBACPolicyLink Property
msExchRecipientDisplayType Property
msExchRecipientTypeDetails Property
msExchTextMessagingState Property
msExchUMDtmfMap Property
msExchUserAccountControl Property
msExchUserCulture Property
msExchVersion Property
msExchWhenMailboxCreated Property
...
proxyAddresses Property
...
#>
如其他网站所述,这也是...
($_.proxyAddresses -contains "*.onmicrosoft.com*")
...真的应该是这样...
($_.proxyAddresses -match "onmicrosoft.com")
...或者这个...
($_.proxyAddresses -like "*.onmicrosoft.com*")
OP 更新
After getting back to my test environment, the below works for the use case.
Get-ADUser -Filter * -Properties msExchRemoteRecipientType,proxyAddresses,msExchRecipientDisplayType,msExchRecipientTypeDetails |
Where-Object {($_.msExchRemoteRecipientType -eq 4) -and
($_.proxyAddresses -match "onmicrosoft.com") -and
($_.msExchRecipientDisplayType -eq '-2147483642') -and
($_.msExchRecipientTypeDetails -eq '2147483648')
}
此外,更正,并不是你需要它来满足你的需求,因为 proxyAddresses return 是一样的,当你访问那个远程 O365 邮箱时,你会得到一个 targetAddress 属性 ,它只是不在本地邮箱上,因此,proxyAddresses 可能更适合您使用以保持一致性。
Get-ADUser -Filter * -Properties msExchRemoteRecipientType,proxyAddresses,targetAddress,msExchRecipientDisplayType,msExchRecipientTypeDetails |
Where-Object {($_.msExchRemoteRecipientType -eq 4) -and
($_.proxyAddresses -match "onmicrosoft.com") -and
($_.targetAddress -match 'onmicrosoft.com') -and
($_.msExchRecipientDisplayType -eq '-2147483642') -and
($_.msExchRecipientTypeDetails -eq '2147483648')
}
我需要确定哪个电子邮件地址收件人当前已在 Office 365 中或仍在本地。
下面的简单 PowerShell 脚本仅用于导出 AD 组特定成员中的用户列表:
Get-ADGroup -Filter {Name -like '*IT*'} | Select-Object @{ n='Group'; e={ $_.Name } }, @{ n='Members'; e={ (Get-ADGroup $_.DistinguishedName -Properties Members | Select-Object Members).Members } } |
Get-ADGroupMember -Recursive |
Get-ADUser -Properties Mail | Select-Object Name, sAMAccountName, Mail |
Export-CSV -path "C:\Group_members.csv" -NoTypeInformation
我只想要另一列显示用户是否已经在 Office 365 或 Still OnPremise 中。
还有专家发帖:
Get-MsolUser -UsageLocation US -All |
Where-Object isLicensed -eq $true |
Select-Object -Property DisplayName, UserPrincipalName, isLicensed,
@{label = 'MailboxLocation'; expression = {
switch ($_.MSExchRecipientTypeDetails) {
1 {'OnPremise'; break}
2147483648 {'Office365'; break}
default {'Unknown'}
}
}
}
但是我不知道如何结合上面的脚本?
我也尝试过以下脚本来查询具有特定属性的 OnPremise AD,但仍然失败没有返回结果?
Get-ADUser-Filter *-Properties *|
Where-Object {($_.msExchRemoteRecipientType-eq4) -and
($_.msExchRecipientDisplayType -eq '-2147483642') -and
($_.msExchRecipientTypeDetails -eq '2147483648') -and
($_.proxyAddresses -contains "*.onmicrosoft.com*")
}
通过名为 targetAddress
的 Get-ADUser 在用户上没有 属性虽然如果你把它放在你的 select 中,它会在结果中显示为空,因为你可以在 select 中添加你想要的任何 属性 名称,是否存在
这也是语法错误
$_.msExchRecipientDisplayType = '-2147483642')
您也没有正确使用比较运算,而是使用了赋值运算符。意思是 -eq vs '='.
$_.msExchRecipientDisplayType -eq ...
# Find all cmdlets / functions with a target parameter
Get-Command -CommandType Function |
Where-Object { $_.parameters.keys -match 'targetAddress'} |
Format-Table -Autosize
# No results
Get-Command -CommandType Cmdlet |
Where-Object { $_.parameters.keys -match 'targetAddress'} |
Format-Table -Autosize
# No results
Get-Command -CommandType Function |
Where-Object { $_.parameters.keys -match 'Address'} |
Format-Table -Autosize
# No results
Get-Command -CommandType Cmdlet |
Where-Object { $_.parameters.keys -match 'Address'} |
Format-Table -Autosize
< #
CommandType Name ModuleName
----------- ---- ----------
Cmdlet New-ADDCCloneConfigFile ActiveDirectory
Cmdlet New-ADOrganizationalUnit ActiveDirectory
Cmdlet New-ADUser ActiveDirectory
Cmdlet Set-ADOrganizationalUnit ActiveDirectory
Cmdlet Set-ADUser ActiveDirectory
#>
Get-Command -CommandType Function |
Where-Object { $_.parameters.keys -match 'EmailAddress|proxyAddress'} |
Format-Table -Autosize
# No results
Get-Command -CommandType Cmdlet |
Where-Object { $_.parameters.keys -match 'EmailAddress|proxyAddress'} |
Format-Table -Autosize
< #
CommandType Name ModuleName
----------- ---- ----------
Cmdlet New-ADUser ActiveDirectory
Cmdlet Set-ADUser ActiveDirectory
#>
Clear-Host
(Get-ADUser -Filter * -Properties *)[0] |
Get-Member -Force |
Select Name, MemberType |
Format-Table -AutoSize
Name MemberType
---- ----------
...
EmailAddress Property
...
mail Property
mailNickname Property
...
msExchArchiveQuota Property
msExchArchiveWarnQuota Property
msExchCalendarLoggingQuota Property
msExchCoManagedObjectsBL Property
msExchDumpsterQuota Property
msExchDumpsterWarningQuota Property
msExchELCMailboxFlags Property
msExchHomeServerName Property
msExchMailboxGuid Property
msExchMailboxSecurityDescriptor Property
msExchPoliciesIncluded Property
msExchRBACPolicyLink Property
msExchRecipientDisplayType Property
msExchRecipientTypeDetails Property
msExchTextMessagingState Property
msExchUMDtmfMap Property
msExchUserAccountControl Property
msExchUserCulture Property
msExchVersion Property
msExchWhenMailboxCreated Property
...
proxyAddresses Property
...
#>
如其他网站所述,这也是...
($_.proxyAddresses -contains "*.onmicrosoft.com*")
...真的应该是这样...
($_.proxyAddresses -match "onmicrosoft.com")
...或者这个...
($_.proxyAddresses -like "*.onmicrosoft.com*")
OP 更新
After getting back to my test environment, the below works for the use case.
Get-ADUser -Filter * -Properties msExchRemoteRecipientType,proxyAddresses,msExchRecipientDisplayType,msExchRecipientTypeDetails |
Where-Object {($_.msExchRemoteRecipientType -eq 4) -and
($_.proxyAddresses -match "onmicrosoft.com") -and
($_.msExchRecipientDisplayType -eq '-2147483642') -and
($_.msExchRecipientTypeDetails -eq '2147483648')
}
此外,更正,并不是你需要它来满足你的需求,因为 proxyAddresses return 是一样的,当你访问那个远程 O365 邮箱时,你会得到一个 targetAddress 属性 ,它只是不在本地邮箱上,因此,proxyAddresses 可能更适合您使用以保持一致性。
Get-ADUser -Filter * -Properties msExchRemoteRecipientType,proxyAddresses,targetAddress,msExchRecipientDisplayType,msExchRecipientTypeDetails |
Where-Object {($_.msExchRemoteRecipientType -eq 4) -and
($_.proxyAddresses -match "onmicrosoft.com") -and
($_.targetAddress -match 'onmicrosoft.com') -and
($_.msExchRecipientDisplayType -eq '-2147483642') -and
($_.msExchRecipientTypeDetails -eq '2147483648')
}