脚本从被排除的OU中拉出用户
不知道是否有人能帮上忙。我有一个脚本,从AD拉的所有用户不是安全组的一部分。此脚本使用$excludeOUs排除具有不需要在此组中的帐户的OU。但是,当我运行它时,它似乎生成了一些帐户,主要是Healthmailbox,但它们所在的OU似乎在报告中显示了它们。是否需要添加某种形式的命令来排除它们。
# create a regex from an array of OUs to exclude by 'OR-ing' them with the pipe character
$excludeOUs = ('OU=Exchange','OU=Support Accounts','OU=Terminated Users and Computers do not use',
'OU=TerminatedEmployeesContractors','OU=TestAccounts','OU=Contractors and Consultants',
'OU=MIS Users and Groups','OU=Service Accounts','OU=Security Groups','OU=Users',
'OU=Testing','OU=Microsoft Exchange System Objects','OU=Microsoft Exchange Security Groups',
'OU=CorpServiceAccounts','OU=Elevated','OU=***','OU=*** Assets','OU=Monitoring Mailboxes','OU=Users','OU=Q_Users','OU=Microsoft Exchange System Objects' | ForEach-Object {[Regex]::Escape($_)}) -join '|'
$ExportPath = 'c:\app\UsersNotinSG.csv'
# get a list of objects not having any of the excluded OUs in their DistinguishedName
# and at the same time output objects with properties 'User' and 'Groups'
$grp=(Get-ADGroup 'SG_********').DistinguishedName
Get-ADUser -Filter { -not (memberof -eq $grp) -and (enabled -eq $true) } -Properties MemberOf |
Where-Object {$_.DistinguishedName -notmatch $excludeOUs} |
Select-Object @{Name = 'User'; Expression = {$_.Name}},
@{name = "OU";expression={$_.DistinguishedName.split(',')[1].split('=')[1]}}|
Export-Csv $ExportPath -NoTypeInformation谢谢
转载请注明出处:http://www.hjsszs.com/article/20230526/2487251.html