Powershell 脚本,用于从组的文本文件中获取姓名、职位、部门、经理姓名和经理电子邮件

Powershell script to fetch name, title, department, manager name, and manager email from text file of groups

我正在尝试编写一个脚本,该脚本从包含目标组名称(已过滤为至少有一个活跃用户)的文本文件中读取并获取以下参数:姓名、职务、部门、经理姓名和经理电子邮件。理想情况下,结果仅显示已启用且拥有经理姓名和电子邮件的用户。

通过大量谷歌搜索以及我在编码和 ps 方面的有限知识,这是我目前所掌握的:

[string[]]$arrayFromFile = Get-Content -Path 'C:\sslvpn-active.txt'
foreach($group in $arrayFromFile){
    $searchb = "CN="+"$group"+",OU=SSLVPN,OU=UserGroupsRAS,DC=xi,DC=xxxinc,DC=net"

    foreach($user in $searchb)
        {
            Write-Output $group
            Write-Output "----------------------------"
            Get-ADUser -Filter { Enabled -eq $true } -Properties Title,Department,Manager -SearchScope Subtree | select Name, Title, Department, @{n="ManagerName";e={get-aduser $_.manager | select -ExpandProperty name}}, @{n="ManagerMail";e={get-aduser $_.manager -properties mail | select -ExpandProperty mail}}

        }
 }

文本文件看起来像这样

SSLVPN-APC
SSLVPN-XYZ
SSLVPN-Microsoft
SSLVPN-Google
...

我希望结果看起来像这样

SSLVPN-ABC
----------------------
Name        : Joe Smith
Title       : IT Engineer 2
Department  : IT Support
ManagerName : Billy George
ManagerMail : Billy.George@xxx.com

Name        : Matt Damon
Title       : IT Engineer 3
Department  : IT Support
ManagerName : Billy George
ManagerMail : Billy.George@xxx.com

SSLVPN-XYZ
----------------------
Name        : Jen Loo
Title       : Product Designer 3
Department  : Product Design
ManagerName : Ben Smit
ManagerMail : Ben.Smit@xxx.com
...

非常感谢任何帮助!谢谢

您似乎从未获得过群组成员资格。从您的示例开始尝试以下操作:

    $Properties = @( 'Title', 'Department', 'Manager' )
    
    [string[]]$arrayFromFile = Get-Content -Path 'C:\sslvpn-active.txt'
    foreach($group in $arrayFromFile){
        $searchb = "CN="+"$group"+",OU=SSLVPN,OU=UserGroupsRAS,DC=xi,DC=xxxinc,DC=net"
    
        Get-ADGroupMember $searchb |
        Get-ADUser -Properties $Properties |
        Where-Object{ $_.Enabled } |
        Select-Object Name, Title, Department, 
            @{Name = "ManagerName"; Expression = { (Get-ADUser $_.Manager).Name }}, 
            @{Name = "ManagerMail"; Expression = { (Get-ADUser $_.Manager -Properties mail).Mail }}
    }

注:缺少内循环。但是,我不确定您是否需要循环。此外,您可能不需要连接专有名称。

    $Properties = @( 'Title', 'Department', 'Manager' )

    Get-Content -Path 'C:\sslvpn-active.txt' |
    Get-ADGroupMember |
    Get-ADUser -Properties $Properties |
    Where-Object{ $_.Enabled } |
    Select-Object Name, Title, Department, 
        @{Name = "ManagerName"; Expression = { (Get-ADUser $_.Manager).Name }}, 
        @{Name = "ManagerMail"; Expression = { (Get-ADUser $_.Manager -Properties mail).Mail }

这在某种程度上取决于您的组的命名,如果它们在环境中是独一无二的等等...

你也可以把一些表情停在最上面:

    $Properties = @( 'Title', 'Department', 'Manager' )
    
    $ManagerName = @{Name = "ManagerName"; Expression = { (Get-ADUser $_.Manager).Name }}
    $ManagerMail = @{Name = "ManagerMail"; Expression = { (Get-ADUser $_.Manager -Properties mail).Mail }}
    
    Get-Content -Path 'C:\sslvpn-active.txt' |
    Get-ADGroupMember |
    Get-ADUser -Properties $Properties |
    Where-Object{ $_.Enabled } |
    Select-Object Name, Title, Department, $ManagerName, $ManagerMail

我想添加一个示例来获取您提到的格式:

$ADProps = @( 'Title', 'Department', 'Manager' )
$Props =
$ADProps +
@(
    $ManagerName = @{Name = "ManagerName"; Expression = { (Get-ADUser $_.Manager).Name }}
    $ManagerMail = @{Name = "ManagerMail"; Expression = { (Get-ADUser $_.Manager -Properties mail).Mail }}
)

ForEach($Group in Get-Content -Path 'C:\temp\sslvpn-active.txt' )
{
    $Group = Get-ADGroup $Group

    $Group |
    Get-ADGroupMember |
    Get-ADUser -Properties $ADProps |
    Select-Object $Props |
    ForEach-Object{
        $Group.Name
        '----------------------'
        ($_ | Format-List | Out-String).Trim()
        ""
    }
}

如果我想到更好的方法,请进一步编辑。