gpt4 book ai didi

powershell - Splatting 和格式化运算符在其他地方工作

转载 作者:行者123 更新时间:2023-12-04 00:12:24 27 4
gpt4 key购买 nike

我被要求调整我前一段时间正在处理的脚本。我得到了帮助here .在脚本中,我使用了 splatting 和格式运算符。它在脚本上进一步工作,但失败了。我打开了一个小得多的样本来显示失败。如果您需要查看完整脚本,我可以提供。看了一段时间代码,我一定是遗漏了一些简单的东西。

# Creating the Event Log and Source if it doesn't already exist.
# You should only have to create the log/source once and it needs to be done with an elevated prompt.
$EventLogFile = Get-EventLog -list | Where-Object {$_.LogDisplayName -eq "AD User Creation Script"}
If (-Not $EventLogFile) {
New-EventLog -LogName "AD User Creation Script" -Source "User Creation"
New-EventLog -LogName "AD User Creation Script" -Source "Enable Existing User"
New-EventLog -LogName "AD User Creation Script" -Source "Flush Groups"
New-EventLog -LogName "AD User Creation Script" -Source "Change OU"
New-EventLog -LogName "AD User Creation Script" -Source "Populate Groups"
}

# Nested hash table for school codes.
$SchoolCodes = @{
"20" = @{
Name = "Exeter Township Senior High"
ADGroup1 = "Students"
ADGroup2 = "Secondary Students"
}
"30" = @{
Name = "Exeter Township Junior High"
ADGroup1 = "Students"
ADGroup2 = "Secondary Students"
}
"40" = @{
Name = "Lorane Elementary School"
ADGroup1 = "Students"
ADGroup2 = "K4 Students"
}
"50" = @{
Name = "Jacksonwald ES"
ADGroup1 = "Students"
ADGroup2 = "K4 Students"
}
"70" = @{
Name = "Reiffton School"
ADGroup1 = "Students"
ADGroup2 = "Secondary Students"
}
"90" = @{
Name = "Owatin Creek Elementary School"
ADGroup1 = "Students"
ADGroup2 = "K4 Students"
}
} # End hash table


# CSV file being imported.
$CsvFile = "$env:USERPROFILE\Downloads\SampleData.csv"

# Import the contents of the CSV file.
$Users = Import-Csv -Path "$CsvFile"

# Loop through each line of the CSV, creating variables for each field.
ForEach ($User in $Users) {
[String]$LoginName = $User.'Stu Access Login'
If (-Not (Get-ADUser -Filter {SamAccountName -eq $LoginName})) {
$FirstName = $User.'Student First Name'
$LastName = $User.'Student Last Name'
# The following is an example of SPLATTING. A couple of the parameters (AccountPassword and Path) also use the FORMAT OPERATOR.
$ADUserParams = @{
Name = "$FirstName $LastName"
SamAccountName = $LoginName
GivenName = $FirstName
Initials = $User.'I'
Surname = $LastName
DisplayName = "$FirstName $($User.'I') $LastName"
UserPrincipalName = "$LoginName@academic.exeter.k12.pa.us"
EmailAddress = "$LoginName@myexeter.org"
Company = "$LoginName@myexeter.org"
EmployeeID = $User.'Other ID'
AccountPassword = ConvertTo-SecureString -String (
'{0}{1}{2}#{3}' -f @(
$FirstName[0].ToString().ToUpper(),
$User.I[0].ToString().ToLower(),
$LastName[0].ToString().ToLower(),
$User.'Other ID')) -AsPlainText -Force
Enabled = $True
PasswordNeverExpires = $True
CannotChangePassword = $True
Path = 'OU={0},OU=Students,OU={1},OU=accounts,DC=academic,DC=exeter,DC=k12,DC=pa,DC=us' -f @(
$User.'Grad Year',
$SchoolCodes[$User.School].Name)
WhatIf = $False
} # End ADUserParams

Try {
# Create new user.
New-ADUser @ADUserParams -Verbose -ErrorAction Stop
}

Catch {
# If there's an error, write error to event the log.
Write-EventLog -LogName "AD User Creation Script" -Source "User Creation" -EntryType Warning -EventId 1 -Message "Something went wrong with the creation of a new user, [$LoginName] : $_"
}

Try {
# Add user to groups.
Get-ADUser -Identity $LoginName | Add-ADPrincipalGroupMembership -MemberOf $SchoolCodes[$User.School].ADGroup1, $SchoolCodes[$User.School].ADGroup2 -Verbose -ErrorAction Stop
}

Catch {
# If there's an error, write error to event the log.
Write-EventLog -LogName "AD User Creation Script" -Source "Populate Groups" -EntryType Warning -EventId 2 -Message "Something went wrong with adding [$LoginName] to groups : $_"
}

} # End If

# If the account already exists, it will likely be disabled. The following will enable it and add it to the correct groups.
Else {

Try {
# Enable the account if it already exists.
Enable-ADAccount -Identity $LoginName -Confirm:$False -Verbose -ErrorAction Stop
}

Catch {
# If there's an error, write error to event the log.
Write-EventLog -LogName "AD User Creation Script" -Source "Enable Existing User" -EntryType Warning -EventId 3 -Message "Something went wrong with the enabling of the existing user, [$LoginName] : $_"
}

Try {
# Move user to the correct OU.
$MoveADObjectParams = @{
Identity = $LoginName
TargetPath = 'OU={0},OU=Students,OU={1},OU=accounts,DC=academic,DC=exeter,DC=k12,DC=pa,DC=us' -f @(
$User.'Grad Year',
$SchoolCodes[$User.School].Name)
} # End MoveADObjectParams

Move-ADObject @MoveADObjectParams -Verbose -ErrorAction Stop
}

Catch {
# If there's an error, write error to event the log.
Write-EventLog -LogName "AD User Creation Script" -Source "Change OU" -EntryType Warning -EventId 4 -Message "Something went wrong with moving the user, $LoginName, to another OU : $_"
}

Try {
# Remove user from all groups except for Domain Users.
$ExcessGroups = Get-ADPrincipalGroupMembership -Identity $LoginName | Where-Object {$_.Name -ne "Domain Users"}
Remove-ADPrincipalGroupMembership -Identity $LoginName -MemberOf $ExcessGroups -Verbose -Confirm:$False
}

Catch {
# If there's an error, write error to event the log.
Write-EventLog -LogName "AD User Creation Script" -Source "Flush Groups" -EntryType Warning -EventId 5 -Message "Something went wrong with adding [$LoginName] to groups : $_"
}

Try {
# Add user to groups.
Get-ADUser -Identity $LoginName | Add-ADPrincipalGroupMembership -MemberOf $SchoolCodes[$User.School].ADGroup1, $SchoolCodes[$User.School].ADGroup2 -Verbose -ErrorAction Stop
}

Catch {
# If there's an error, write error to event the log.
Write-EventLog -LogName "AD User Creation Script" -Source "Populate Groups" -EntryType Warning -EventId 2 -Message "Something went wrong with adding [$LoginName] to groups : $_"
}

} # End Else

} # End ForEach

我看到的错误如下。看起来它没有看到正确的用户,但对象在 AD 中:

Move-ADObject : Cannot find an object with identity: 'sicklsen000' under:'DC=academic,DC=exeter,DC=k12,DC=pa,DC=us'.At line:1 char:1+ Move-ADObject @MoveADObjectParams -Verbose+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~    + CategoryInfo          : ObjectNotFound: (sicklsen000:ADObject) [Move-ADObject], ADIdentityNotFoundException    + FullyQualifiedErrorId : ActiveDirectoryCmdlet:Microsoft.ActiveDirectory.Management.ADIdentityNotFoundException,Microsoft.ActiveDirectory.Management.Commands.MoveADObject

What's strange is it's getting the correct info as near as I can tell:

PS C:\Users\User:> $MoveADObjectParamsName       Value----       -----TargetPath OU=2018,OU=Students,OU=Exeter Township Senior High,OU=accounts,DC=academic,DC=exeter,DC=k12,DC=pa,DC=usIdentity   sicklsen000

My test script is using data for 3 users. They all exist. Here's an example:

PS C:\WINDOWS\system32> Get-ADUser sicklsen000 | Select-Object SamAccountName, DistinguishedName

SamAccountName DistinguishedName
-------------- -----------------
sicklsen000 CN=Seneca Sickler,OU=2018,OU=Students,OU=Exeter Township Senior High,OU=accounts,DC=academic,DC=exeter,DC=k12,DC=pa,DC=us

最佳答案

就错误而言,我认为我越来越接近了。正如我之前提到的,-Identity 参数需要 DistinguishedName 属性,我为它提供了 SamAccountName 属性。

下面是我更改的代码。我不再看到错误,这很好。

# Move user to the correct OU.
$LoginNameDN = (Get-ADUser -Identity $LoginName).DistinguishedName
$MoveADObjectParams = @{
Identity = "$LoginNameDN"
TargetPath = 'OU={0},OU=Students,OU={1},OU=accounts,DC=academic,DC=exeter,DC=k12,DC=pa,DC=us' -f @(
$User.'Grad Year',
$SchoolCodes[$User.School].Name)
} # End MoveADObjectParams

Move-ADObject @MoveADObjectParams -Verbose -ErrorAction Stop
}

关于powershell - Splatting 和格式化运算符在其他地方工作,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/50804079/

27 4 0
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com