AD域批量运维管理脚本

2024-06-14 08:48| 来源: 网络整理| 查看: 265

注意：以下操作都需要以管理员权限运行powersehll命令才行执行成功。

1 批量创建计算机账户

$ouPath = "OU=computer,OU=Citrix,DC=citrixlab,DC=local" 1..100 | ForEach-Object { $computerNumber = $_.ToString("000") #此为占位符 $computerName = "CVAD-$computerNumber" New-ADComputer -Name $computerName -Path $ouPath }

2 批量创建AD域账号

$ouPath = "OU=Citrix,DC=citrixlab,DC=local" $csvPath = "C:\Path\to\input.csv" $users = Import-Csv -Path $csvPath foreach ($user in $users) { $userName = $user.UserName $password = ConvertTo-SecureString -String $user.Password -AsPlainText -Force $userParams = @{ SamAccountName = $userName UserPrincipalName = "[email protected]" Name = $userName GivenName = $user.FirstName Surname = $user.LastName DisplayName = $user.DisplayName Path = $ouPath AccountPassword = $password Enabled = $true } New-ADUser @userParams }

3 批量移动指定OU下计算机账户到另外OU

$sourceOU = "OU=Computers,OU=DepartmentA,DC=example,DC=com" $targetOU = "OU=VDI Computers,OU=DepartmentB,DC=example,DC=com" $filter = { Name -like "VDI*" } $computers = Get-ADComputer -Filter $filter -SearchBase $sourceOU foreach ($computer in $computers) { Move-ADObject -Identity $computer -TargetPath $targetOU }

4 按条件删除指定OU下的计算机账户

$ouPath = "OU=Computers,OU=DepartmentA,DC=example,DC=com" $filter = { Enabled -eq $true -and #选择禁用的 OperatingSystem -like "*Server*" -and #选择是server的系统 (Search-ADAccount -ComputersOnly -AccountDisabled).Count -eq 0 -and #排除已禁用的计算机 Description -eq "To be deleted" } $computers = Get-ADComputer -Filter $filter -SearchBase $ouPath foreach ($computer in $computers) { Remove-ADComputer -Identity $computer -Confirm:$false }

5 按条件删除指定OU下的域账号

$ouPath = "OU=Users,OU=DepartmentA,DC=example,DC=com" $filter = { Enabled -eq $true -and (Search-ADAccount -UsersOnly -AccountDisabled).Count -eq 0 -and Description -eq "To be deleted" } $users = Get-ADUser -Filter $filter -SearchBase $ouPath foreach ($user in $users) { Remove-ADUser -Identity $user -Confirm:$false -Recursive -Force }

【本文地址】

公司简介

联系我们