创建要禁用的计算机列表

tag-icon tag-icon windows active-directory powershell scripting
创建要禁用的计算机列表

我的任务是自动禁用/删除旧电脑。不幸的是,我发现这项任务提供的数据有很多错误,而且我无法验证它。这里的要求是计算机帐户必须存在,不能重复,不能是服务器操作系统,并且计算机的帐户密码在过去 10 天内不得重置。我可以单独验证所有这些,但当我尝试将验证合并到一个脚本中时,我失败了。具体来说,我无法跳过重复数据步骤。以下是代码:

$file = "D:\Transcripts\ADPCverify\" + (get-date -Format yyyymmdd-hhmmss) + ".txt"
start-transcript -LiteralPath $file 
$date = Get-Date
$computers = Get-Content D:\Content\ADPCverify\unverified.txt | sort-object -unique
$list =   Get-Content D:\Content\ADPCDisable\computers.txt 
$name = 'null'
ForEach($computer in $computers){
    $prevname = $name
    $name = (Get-ADComputer -Identity $computer -Server server).name
    $PCObject = Get-ADComputer -Identity $computer -Server server -Properties *
    $OS = $PCObject.OperatingSystem
                $pwdLastSet = [DateTime]::FromFiletime([Int64]::Parse($PCobject.pwdLastSet))
                $TimeSince = New-TimeSpan $pwdLastSet $date
    if($name -eq $prevname){
        Add-Content D:\Content\ADPCDisable\FailedComputers.txt $computer
        write-host "Machine " + $computer + " does not exist and has been added to the failed computers list."
    }elseif($OS -contains 'Windows Server'){
         Add-Content D:\Content\ADPCDisable\FailedComputers.txt $computer
         write-host "Machine " + $computer + " has a server OS and will be added to the failed computer list."
    }elseif($TimeSince.totaldays -lt 10){
         Add-Content D:\Content\ADPCDisable\FailedComputers.txt $computer
         write-host "Machine " + $computer + "'s password was reset " + $TimeSince.totaldays + "  days ago and has been added to the failed computer list."
    }else{
         Add-Content D:\Content\ADPCDisable\Computers.txt $name
         write-host "Machine " + $name + " has been succesfully added to the computers to disable list."
    }
} 
Stop-Transcript

脚本似乎无法超越第二个 if 语句。如果我需要提供更多信息或我遗漏了一个括号,请告诉我。

答案1

$file = "D:\Transcripts\ADPCverify\" + (get-date -Format yyyymmdd-hhmmss) + ".txt"
start-transcript -LiteralPath $file 
$date = Get-Date
$computers = Get-Content D:\Content\ADPCverify\unverified.txt | sort-object -unique
$list =   Get-Content D:\Content\ADPCDisable\computers.txt 
$name = 'null'
$server = ''
ForEach($computer in $computers){
    Try{
        $PCObject = Get-ADComputer -Identity $computer -Server $server -Properties *
        $name = $PCObject.Name
        $OS = $PCObject.OperatingSystem
        $pwdLastSet = [DateTime]::FromFiletime([Int64]::Parse($PCobject.pwdLastSet)) 
        $TimeSince = New-TimeSpan $pwdLastSet $date
        if($OS.StartsWith('Windows Server')){
            Add-Content D:\Content\ADPCDisable\FailedComputers.txt $computer
            write-host "Machine "  $computer  " has a server OS and will be added to the failed computer list."
        }elseif($TimeSince.TotalDays -lt 10){
            Add-Content D:\Content\ADPCDisable\FailedComputers.txt $computer
            write-host "Machine "  $computer  "'s password was reset " + $TimeSince.TotalDays + "  days ago and has been added to the failed computer list."
        }else{
            Add-Content D:\Content\ADPCDisable\Computers.txt $name
            write-host "Machine "  $name  " has been succesfully added to the computers to disable list."
        }
        }
     Catch{
        Add-Content D:\Content\ADPCDisable\FailedComputers.txt $computer
        write-host "Machine "  $computer  " does not exist and has been added to the failed computers list."
     }

} 
Stop-Transcript

这是最终结果。我使用了 try/catch 选项来抑制错误。我的问题在于 -contains 比较。感谢大家的帮助!

相关内容