0

我正在使用下面的脚本来登录远程机器上的用户。它工作正常,但我需要让用户那些状态“活跃”

如何在远程机器上获取那些活跃的登录用户?

function Global:Get-LoggedOnUser {
    #Requires -Version 2.0            
    [CmdletBinding()]            
     Param             
       (                       
        [Parameter(Mandatory=$false,
                   Position=0,                          
                   ValueFromPipeline=$true,            
                   ValueFromPipelineByPropertyName=$true)]            
        [String[]]$ComputerName = $env:COMPUTERNAME
       )#End Param

    Begin            
    {            
     Write-Host "`n Checking Users . . . "
     $i = 0
     $MyParams = @{
         Class       = "Win32_process" 
         Filter      = "Name='Explorer.exe'" 
         ErrorAction = "Stop"
        }
    }#Begin          
    Process            
    {
        $ComputerName | Foreach-object {
        $Computer = $_

        $MyParams["ComputerName"] = $Computer
        try
            {
                $processinfo = @(Get-WmiObject @MyParams)
                if ($Processinfo)
                    {    
                        $Processinfo | ForEach-Object { 
                            New-Object PSObject -Property @{
                                ComputerName=$Computer
                                LoggedOn    =$_.GetOwner().User
                                SID         =$_.GetOwnerSid().sid} } | 
                        Select-Object ComputerName,LoggedOn,SID
                    }#If
            }
        catch
            {
                "Cannot find any processes running on $computer" | Out-Host
            }
         }#Forech-object(ComputerName)       

    }#Process
    End
    {

    }#End

    }#Get-LoggedOnUsers
4

1 回答 1

1

为 Win32_ComputerSystem 类添加查询:

Get-WMIObject -Class Win32_ComputerSystem -Computername $Computer | Select UserName

这将抓住“活动”用户,然后您可以使用“活动”布尔值构建一个对象。

这是我的实现:

function Get-LoggedOnUser
{
    [CmdletBinding()]
    Param
    (
        [Parameter(Mandatory=$true,
                   Position=0,
                   ValueFromPipeline=$true,
                   ValueFromPipelineByPropertyName=$true)]
        [String[]]$ComputerName
    )
    Begin            
    {            
        $users = $null
        $return = @()
    }
    Process
    {
        ForEach($Computer in $ComputerName)
        {
            $activeUser = Get-WMIObject -class Win32_ComputerSystem -ComputerName $Computer -EA stop | select UserName
            Try
            {
                $processinfo = @(Get-WmiObject -class win32_process -ComputerName $Computer -EA "Stop")
                If ($processinfo)
                {    
                    ForEach($process in $processinfo)
                    {
                        [string[]]$users += $process.GetOwner().user| Where{($_ -ne "NETWORK SERVICE") -and ($_ -ne "LOCAL SERVICE") -and ($_ -ne "SYSTEM")}
                    }
                    If($Users)
                    { 
                        ForEach($user in ($Users | Select -unique))
                        {
                            If($ActiveUser.username -like "*$user")
                            {
                                $Return += New-Object PSObject -Property @{
                                            "User" = $user
                                            "Active" = $true
                                            "Computer" = $Computer
                                }
                            }
                            Else
                            {
                                $Return += New-Object PSObject -Property @{
                                            "User" = $user
                                            "Active" = $false
                                            "Computer" = $Computer
                                }
                            }
                        }
                    }
                    Else
                    {
                        "There are no users logged onto $computer" | Out-Host
                    }
                }
            }
            Catch
            {
                "Cannot find any processes running on $computer" | Out-Host
            }
        }
    }
    End
    {
        $Return
    }
}

值得指出的是,仅当用户在本地登录时才会填充 Win32_ComputerSystem 用户名,因此通过远程桌面登录的任何人都不会显示为“活动”。

于 2013-10-24T18:04:50.353 回答