0

在我们删除它们之前,我必须导出帐户的用户数据。问题是,并非所有组成员都写入 .txt 文件(示例如下)。

这是代码:

              Get-ADUser  -Properties * -Filter "cn -eq '$name'" |
              format-list -property @{Label = "Name";Expression = {$_.sAMAccountName}},
              @{Label = "Initials";Expression = {$_.initials}},    
              @{Label = "Email";Expression = {$_.Mail}},
              @{Label = "Groups";Expression = {%{(Get-ADPrincipalGroupMembership $name | select -expandproperty name)}}},
              @{Label = "Creation";Expression = {$_.whenCreated}},
              @{Label = "Deletion";Expression = {%{(Get-Date)}}},
              @{Label = "Last change";Expression = {$_.whenChanged}}  |

              #write data into txt file

             Out-File -append "C:\temp\deleted.txt" -Encoding utf8

这是输出:


Name            : John Doe
Initials        : Jdo
Email           : John.Doe@acme.com
Groups          : {Domain-User, Remotedesktopuser, Administrator, Share-User...}
Creation        : 23.03.2018 13:36:44
Deletion        : 17.12.2018 08:46:30
Last Change     : 16.12.2018 10:42:21
4

1 回答 1

1

这真的不是 Format-List 造成的,选择也会发生同样的事情,尽管像这样使用 Format-* 并不是真正的事情。默认情况下,这将是一个列表,因此,没有真正的理由将其用于您所追求的目标。

你甚至不需要那个扩展。

问题是您不能使用该循环并期望它能够工作,自动格式化程序不会允许它。你必须直接处理集合,像这样......

Get-ADUser  -Properties * -Filter * |
Select-Object -property @{Label = "Name";Expression = {$_.sAMAccountName}},
@{Label = "Initials";Expression = {$_.initials}},    
@{Label = "Email";Expression = {$_.Mail}},
@{Label = "Creation";Expression = {$_.whenCreated}},
@{Label = "Deletion";Expression = {%{(Get-Date)}}},
@{Label = "Last change";Expression = {$_.whenChanged}},
@{Label = "Groups";Expression = {%{(Get-ADPrincipalGroupMembership $_.SamAccountName).Name -join ','}}} |
Out-File -append "C:\temp\deleted.txt" -Encoding utf8 
Get-Content -Path "C:\temp\deleted.txt" 

# Results

Name        : Administrator
Initials    : 
Email       : Administrator@contoso.com
Creation    : 3/31/2017 8:02:15 PM
Deletion    : 12/17/2018 4:07:52 AM
Last change : 12/9/2018 7:23:22 PM
Groups      : Domain Users,Administrators,Schema Admins,Enterprise Admins,Domain Admins,Group Policy Creator Owners,Organization Management,Recipient 
              Management,ADSyncAdmins,ADRMSSuperUsers
…

根据 OP 评论/问题更新

不用担心,很高兴它对你有用。

至于...

您介意解释一下这两个 AD 组命令之间的区别吗?

如果你的意思是 ...

获取 ADPrincipalGroupMembership 管理员 | 选择 -expandproperty name
... vs ... (Get-ADPrincipalGroupMembership Administrator).Name

...它们表面上是相同的东西,每个都产生组名的数组列表。

# use the expand switch to show the group name list
Get-ADPrincipalGroupMembership Administrator | select -expandproperty name

Domain Users
Administrators
Schema Admins
Enterprise Admins
Domain Admins
Group Policy Creator Owners
Organization Management
Recipient Management
ADSyncAdmins
ADRMSSuperUsers

# Use the property to view the group name list
(Get-ADPrincipalGroupMembership Administrator).Name

Domain Users
Administrators
Schema Admins
Enterprise Admins
Domain Admins
Group Policy Creator Owners
Organization Management
Recipient Management
ADSyncAdmins
ADRMSSuperUsers

但是,格式化程序在数据被序列化时,会尝试将这些全部放在一行上。然而,他们会截断它以适应屏幕/页面宽度。因此,如果您想要不同的布局,那么您需要进入并使用默认格式化程序文件,或者处理它是代码。就个人而言,我从不试图惹恼他们,只是努力在代码中处理它。所以这...

(Get-ADPrincipalGroupMembership Administrator).Name -join ','

...只是说,我知道这个集合是一个数组列表。我知道这将被截断每个屏幕/页面宽度,因此,将此字符串列表连接为一个字符串并自动换行。

你可以用你原来的扩展做同样的事情......

(Get-ADPrincipalGroupMembership Administrator | select -expandproperty name) -join ','

出于美学原因以及较短的形式,我将组列表放在最后,因为我不喜欢编写不必要的代码或尽可能使用不需要的选项。每个人都有自己的喜好。

于 2018-12-17T09:11:22.360 回答