从自定义属性中列出的每个 CN 获取电子邮件地址
Get email address from each CN listed in a custom attribute
我们的 LDAP 组“groupManagers”中有一个自定义属性。该属性将有一个逗号分隔的经理 CN 列表。如:
groupManagers : {CN=asmith,OU=STAFF,OU=US,DC=ad,DC=usnet,
CN=bjones,OU=STAFF,OU=US,DC=ad,DC=usnet}
我想遍历与名称模式匹配的 AD 组,并获取每个 groupManager 的名称和电子邮件地址,格式如下:
groupName
Andy Smith asmith@us.net
Bobby Jones bjones@us.net
到目前为止,这就是我所拥有的,我正在获取要显示的组名称和每个用户 samAccounName,但不知道如何代替每个成员获取 groupManagers 属性中每个 CN 的显示名称和电子邮件:
Get-ADGroup -Filter {name -like "*DirectReports"} | foreach {
$currentGroup = $_.Name
Get-ADGroup $currentGroup -Properties Name | Select Name
Get-ADGroupMember -identity $currentGroup -Recursive | Get-ADUser -Property DisplayName | Select Name,ObjectClass,DisplayName
}
将需要另一个 ForEach -- 但我没能弄清楚那部分。感谢帮助!
因为这个自定义属性显然是一个 DistinguishedNames 数组(不仅仅是逗号分隔的名称列表),您可以这样做:
# get a list of group objects, including the 'groupManagers' custom property
$result = Get-ADGroup -Filter "Name -like '*DirectReports'" -Properties groupManagers | ForEach-Object {
$currentGroup = $_.Name
# output an object with the desired properties
foreach ($dn in $_.groupManagers) {
Get-ADUser -Identity $dn -Property DisplayName, EmailAddress |
Select-Object @{Name = 'GroupName'; Expression = {$currentGroup}}, DisplayName, EmailAddress
}
}
# output as table on screen
$result | Format-Table -AutoSize
# output to structured CSV file
$result | Export-Csv -Path '<path\to\GroupManagers.csv>' -UseCulture -NoTypeInformation
# output as in your example
$result | Group-Object GroupName | ForEach-Object {
$_.Name
foreach ($mgr in $_.Group) {
"$($mgr.DisplayName) $($mgr.EmailAddress)"
}
"" # an empty line to separate the groups
}
在屏幕上输出为 Table:
GroupName DisplayName EmailAddress
--------- ----------- ------------
GroupX Andy Smith asmith@us.net
GroupX Bobby Jones bjones@us.net
GroupY John Doe jdoe@us.net
以您想要的格式在屏幕上输出:
GroupX
Andy Smith asmith@us.net
Bobby Jones bjones@us.net
GroupY
John Doe jdoe@us.net
我们的 LDAP 组“groupManagers”中有一个自定义属性。该属性将有一个逗号分隔的经理 CN 列表。如:
groupManagers : {CN=asmith,OU=STAFF,OU=US,DC=ad,DC=usnet, CN=bjones,OU=STAFF,OU=US,DC=ad,DC=usnet}
我想遍历与名称模式匹配的 AD 组,并获取每个 groupManager 的名称和电子邮件地址,格式如下:
groupName Andy Smith asmith@us.net Bobby Jones bjones@us.net
到目前为止,这就是我所拥有的,我正在获取要显示的组名称和每个用户 samAccounName,但不知道如何代替每个成员获取 groupManagers 属性中每个 CN 的显示名称和电子邮件:
Get-ADGroup -Filter {name -like "*DirectReports"} | foreach {
$currentGroup = $_.Name
Get-ADGroup $currentGroup -Properties Name | Select Name
Get-ADGroupMember -identity $currentGroup -Recursive | Get-ADUser -Property DisplayName | Select Name,ObjectClass,DisplayName
}
将需要另一个 ForEach -- 但我没能弄清楚那部分。感谢帮助!
因为这个自定义属性显然是一个 DistinguishedNames 数组(不仅仅是逗号分隔的名称列表),您可以这样做:
# get a list of group objects, including the 'groupManagers' custom property
$result = Get-ADGroup -Filter "Name -like '*DirectReports'" -Properties groupManagers | ForEach-Object {
$currentGroup = $_.Name
# output an object with the desired properties
foreach ($dn in $_.groupManagers) {
Get-ADUser -Identity $dn -Property DisplayName, EmailAddress |
Select-Object @{Name = 'GroupName'; Expression = {$currentGroup}}, DisplayName, EmailAddress
}
}
# output as table on screen
$result | Format-Table -AutoSize
# output to structured CSV file
$result | Export-Csv -Path '<path\to\GroupManagers.csv>' -UseCulture -NoTypeInformation
# output as in your example
$result | Group-Object GroupName | ForEach-Object {
$_.Name
foreach ($mgr in $_.Group) {
"$($mgr.DisplayName) $($mgr.EmailAddress)"
}
"" # an empty line to separate the groups
}
在屏幕上输出为 Table:
GroupName DisplayName EmailAddress --------- ----------- ------------ GroupX Andy Smith asmith@us.net GroupX Bobby Jones bjones@us.net GroupY John Doe jdoe@us.net
以您想要的格式在屏幕上输出:
GroupX Andy Smith asmith@us.net Bobby Jones bjones@us.net GroupY John Doe jdoe@us.net