我有一个包含用户数据的 .csv 文件和一个使用 if/else 的脚本,该脚本使用 Get-ADUser 来确定帐户是否已存在。如果用户确实存在,脚本将更新用户。如果用户不存在,我得到的只是一条错误消息,提示“无法找到具有标识的对象:'bob.roberts'。它似乎跳过了脚本的 else 部分。这是我正在使用的脚本的净化版本:
$Users = Import-Csv -Path "\\path\to\user.csv"
foreach ($User in $Users)
{
$Displayname = $User.Lastname + ", " + $User.Firstname
$UPN = $User.SAM + "@" + $User.Domain
if (Get-ADUser $User.SAM)
{
Set-ADUser -Identity $User.SAM -Enabled: $true -Description $User.Description -Title $User.Title -Company $User.Company -Office $User.Office -Department $User.Department -Email $User.Email -StreetAddress $User.Street -City $User.City -State $User.Province -PostalCode $User.PostalCode -Country CA -OfficePhone $User.Telephone -Fax $User.Fax
Move-ADObject -TargetPath $($User.OU)
}
else
{
New-ADUser -Name $Displayname -Enabled: $true -Path $User.OU -DisplayName $Displayname -SamAccountName $User.SAM -UserPrincipalName $UPN -GivenName $User.Firstname -Surname $User.Lastname -Description $User.Description -Title $User.Title -Company $User.Company -Department $User.Department -Email $User.Email -StreetAddress $User.Street -City $User.City -State $User.Province -PostalCode $User.PostalCode -OfficePhone $User.Telephone -Fax $User.Fax -AccountPassword (ConvertTo-SecureString $User.Password -AsPlainText -Force) -ChangePasswordAtLogon $false -PasswordNeverExpires $true -OtherAttributes @{'PhysicalDeliveryOfficeName'=$User.Office;'Pager'=$User.Pager;c="CA";co="Canada";countrycode=124}
}
Start-Sleep -s 2
if ($User.ADGroup -ne "null")
{
Add-ADGroupMember -Identity $User.ADGroup -Members $user.SAM
}
}
我知道我遗漏了一些东西(可能是一些显而易见的东西),但是什么呢?
答案1
你if / else应该使用try / catch
当您运行导致错误的命令时,该命令将执行所谓的抛出异常。使用 try/catch 块,您可以妥善处理该异常,并执行操作来解决可能导致脚本中断的问题。
我喜欢这句话https://www.reddit.com/r/PowerShell/comments/63n6ij/ifelse_versus_trycatchfinally/
如果您将命令包装起来try / catch并添加到代码中,则如果抛出错误,代码将停止并跳转到 catch 块-ErrorAction Stop。否则它将继续执行该块。如果未找到 AD 用户,您也不会通过这种方式收到错误消息。Get-ADUserGet-ADUsertry
$Users = Import-Csv -Path "\\path\to\user.csv"
foreach ($User in $Users)
{
$Displayname = $User.Lastname + ", " + $User.Firstname
$UPN = $User.SAM + "@" + $User.Domain
Try {
Get-ADUser $User.SAM -ErrorAction Stop
Set-ADUser -Identity $User.SAM -Enabled: $true -Description $User.Description -Title $User.Title -Company $User.Company -Office $User.Office -Department $User.Department -Email $User.Email -StreetAddress $User.Street -City $User.City -State $User.Province -PostalCode $User.PostalCode -Country CA -OfficePhone $User.Telephone -Fax $User.Fax
Move-ADObject -TargetPath $($User.OU)
}
Catch {
New-ADUser -Name $Displayname -Enabled: $true -Path $User.OU -DisplayName $Displayname -SamAccountName $User.SAM -UserPrincipalName $UPN -GivenName $User.Firstname -Surname $User.Lastname -Description $User.Description -Title $User.Title -Company $User.Company -Department $User.Department -Email $User.Email -StreetAddress $User.Street -City $User.City -State $User.Province -PostalCode $User.PostalCode -OfficePhone $User.Telephone -Fax $User.Fax -AccountPassword (ConvertTo-SecureString $User.Password -AsPlainText -Force) -ChangePasswordAtLogon $false -PasswordNeverExpires $true -OtherAttributes @{'PhysicalDeliveryOfficeName'=$User.Office;'Pager'=$User.Pager;c="CA";co="Canada";countrycode=124}
}
Start-Sleep -s 2
if ($User.ADGroup -ne "null")
{
Add-ADGroupMember -Identity $User.ADGroup -Members $user.SAM
}
}
您还可以将结果保存Get-ADUser在变量中,并检查变量是否为空,if / else但我建议try / catch。
$ADUser = Get-ADUser $User.SAM -ErrorAction SilentlyContinue
if ($ADUser)
{
Set-ADUser -Identity $User.SAM -Enabled: $true -Description $User.Description -Title $User.Title -Company $User.Company -Office $User.Office -Department $User.Department -Email $User.Email -StreetAddress $User.Street -City $User.City -State $User.Province -PostalCode $User.PostalCode -Country CA -OfficePhone $User.Telephone -Fax $User.Fax
Move-ADObject -TargetPath $($User.OU)
}
else
{
New-ADUser -Name $Displayname -Enabled: $true -Path $User.OU -DisplayName $Displayname -SamAccountName $User.SAM -UserPrincipalName $UPN -GivenName $User.Firstname -Surname $User.Lastname -Description $User.Description -Title $User.Title -Company $User.Company -Department $User.Department -Email $User.Email -StreetAddress $User.Street -City $User.City -State $User.Province -PostalCode $User.PostalCode -OfficePhone $User.Telephone -Fax $User.Fax -AccountPassword (ConvertTo-SecureString $User.Password -AsPlainText -Force) -ChangePasswordAtLogon $false -PasswordNeverExpires $true -OtherAttributes @{'PhysicalDeliveryOfficeName'=$User.Office;'Pager'=$User.Pager;c="CA";co="Canada";countrycode=124}
}