我正在编写一个脚本来审核服务器的配置文件,确定哪些属于在 AD 中被禁用的用户,然后只从服务器中删除这些用户。我几乎让它工作了,但我认为我用来实际运行删除的代码不太正确。这是我到目前为止的脚本:
# grabbing name of server we want to run the commands on
$cname = read-host "enter computer name:"
#
#using get-wmi to populate a csv file called paths.csv with the localpath
info for any user profiles on the server named in $cname
get-wmiobject -class win32_userprofile -computername $cname | select-object
localpath | where localpath -like "c:\users*" | export-csv paths.csv -
NoTypeInformation
#
#grabbing just the leaf of the local path for each user
$users = Import-Csv paths.csv | ForEach-Object { Split-Path $_.localpath -
leaf } | out-file users.csv
#
#Grabbing the usernames and Asking Active Directory for the status of the
enabled property for each
$AD = @(gc users.csv | % {Get-ADUser $_ | select samaccountname,enabled})
#
#Exporting ONLY the DISABLED users to a new csv file.
$AD | ? { -not($_.enabled) } | export-csv -notypeinformation disabled.csv
#
#Adding a new column to the disabled csv that recreates the folder path
based on the username.
import-csv disabled.csv | Select-Object *,@{Name="localpath";Expression=
{"C:\Users\$($_.samaccountname)"}} | export-csv -notypeinformation
dispaths.csv
#
#using get-wmi to delete any profiles that have a localpath property which
matches one of the local path fields in the dispaths.csv file
$dispaths = import-csv dispaths.csv
Foreach ($localpath in $dispaths)
{get-wmiobject -class win32_userprofile -computername $cname | where
{$_.localpath -eq $localpath} | foreach {$_.Delete()}
}
dispaths.csv 文件以包含正确数据的列结束,但是当 get-wmi 命令最后运行时,它实际上并没有删除任何配置文件。这就像 get-wmi 返回的任何内容都与我设置的目标不匹配。我确信我有一个逻辑或语法错误,但我需要一些指导才能找到它。
我试图让代码查看名为“localpath”的列中的每个字段,并删除它在服务器上找到的在其 localpath 属性中具有匹配字符串的任何配置文件。当我运行脚本时,它只返回一个新行,但没有删除任何配置文件。