如何在 Powershell 上递归创建组织单位？

正如评论中提到的麦克风，您需要遍历树中的每个级别并测试 OU 祖先是否存在，然后从最顶层向下创建不存在的 OU 祖先。

只要New-ADOrganisationalUnit没有 -Recurse 参数，这是我能想到的最优雅的方式：

function New-OrganizationalUnitFromDN
{
    [CmdletBinding(SupportsShouldProcess=$true)]
    param(
        [string]$DN
    )

    # A regex to split the DN, taking escaped commas into account
    $DNRegex = '(?<![\\]),'

    # Array to hold each component
    [String[]]$MissingOUs = @()

    # We'll need to traverse the path, level by level, let's figure out the number of possible levels 
    $Depth = ($DN -split $DNRegex).Count

    # Step through each possible parent OU
    for($i = 1;$i -le $Depth;$i++)
    {
        $NextOU = ($DN -split $DNRegex,$i)[-1]
        if($NextOU.IndexOf("OU=") -ne 0 -or [ADSI]::Exists("LDAP://$NextOU"))
        {
            break
        }
        else
        {
            # OU does not exist, remember this for later
            $MissingOUs += $NextOU
        }
    }

    # Reverse the order of missing OUs, we want to create the top-most needed level first
    [array]::Reverse($MissingOUs)

    # Prepare common parameters to be passed to New-ADOrganizationalUnit
    $PSBoundParameters.Remove('DN')

    # Now create the missing part of the tree, including the desired OU
    foreach($OU in $MissingOUs)
    {
        $newOUName = (($OU -split $DNRegex,2)[0] -split "=")[1]
        $newOUPath = ($OU -split $DNRegex,2)[1]

        New-ADOrganizationalUnit -Name $newOUName -Path $newOUPath @PSBoundParameters
    }
}

使用 WHATIF

# The desired resulting OU DN  
$DN = "OU=Helpdesk,OU=IT Dept,OU=Users,DC=local,DC=contoso"
New-OrganizationalUnitFromDN $DN -WhatIf

没有“如果”

# The desired resulting OU DN  
$DN = "OU=Helpdesk,OU=IT Dept,OU=Users,DC=local,DC=contoso"
New-OrganizationalUnitFromDN $DN

如果路径中不存在非 OU 容器，它将会中断。

的输出$NextOU.IndexOf("OU=")区分大小写，对于所有小写ou= 尝试将返回 -1：$NextOU.IndexOf("OU=",[StringComparison]"CurrentCultureIgnoreCase")

尝试这种方法；它简单得多： https://dimitri.janczak.net/2016/04/20/recursive-ou-creation-with-powershell/