服务器 Gind.cn
  1. 服务器 Gind.cn
  3. 获取所有本地组成员和帐户状态 – locking和禁用
Intereting Posts
困惑于MIMEtypes,浏览器转换和转换3-它们是什么? 使用30GB数据备份Web服务器的最佳方法是什么? 可以清漆cachingS3对象? CentOS 5 kickstart在递增光盘#文件夹中请求.discinfo NAT路由器后面的多个IIS SSL站点 将几台物理服务器组合成一台虚拟服务器 userAccountControl * not *中的ACCOUNTDISABLE值何时对应于禁用的邮箱? 2008R2 DHCP服务器变得无法响应 Window Server 2012 DFS Ubuntu初始化脚本 有没有办法告诉一台机器可以通过gre隧道通过pimd或smcroutejoin组播组? 默认域控制器安全性与默认域安全设置如何工作的优先顺序 虚拟networking接口在启动时即使设置为onboot = no,也可能是什么原因? 没有多播的Ganglia 你如何生活 – 迁移到Azure的Hyper-V?

获取所有本地组成员和帐户状态 – locking和禁用

我正努力从数百个服务器信息中提取出有关所有现有本地组(包括具有帐户状态的成员)的Excel电子表格。

花了几个小时试图parsing来自各种工具的信息,并把它们结合起来,但我投降了。 使用PowerShell对于我的目的来说已经足够了,但是我对这个脚本语言并不熟悉,并且没有时间学习这个特殊情况,所以我会请求一些专家来帮忙。 我发现许多代码,但没有这样符合我的需要。

我有服务器列表 – servers.lst – 并需要输出到以下csv文件

服务器名称 – 域名/本地组名称(格式域\名称) – 帐户名称(格式域\名称) – 组/用户 – 禁用 – locking – lockingdate

发现一个脚本,几乎符合我的需求从Piotr Lewandowski(感谢这!!!) 

<# =================================================================================== DESCRIPTION: Function enumerates members of all local groups (or a given group). If -Server parameter is not specified, it will query localhost by default. If -Group parameter is not specified, all local groups will be queried. AUTHOR: Piotr Lewandowski VERSION: 1.0 DATE: 29/04/2013 SYNTAX: Get-LocalGroupMembers [[-Server] <string[]>] [[-Group] <string[]>] EXAMPLES: Get-LocalGroupMembers -server "scsm-server" | ft -AutoSize Server Local Group Name Type Domain SID ------ ----------- ---- ---- ------ --- scsm-server Administrators Administrator User S-1-5-21-1473970658-40817565-21663372-500 scsm-server Administrators Domain Admins Group contoso S-1-5-21-4081441239-4240563405-729182456-512 scsm-server Guests Guest User S-1-5-21-1473970658-40817565-21663372-501 scsm-server Remote Desktop Users pladmin User contoso S-1-5-21-4081441239-4240563405-729182456-1272 scsm-server Users INTERACTIVE Group S-1-5-4 scsm-server Users Authenticated Users Group S-1-5-11 "scsm-dc01","scsm-server" | Get-LocalGroupMembers -group administrators | ft -autosize Server Local Group Name Type Domain SID ------ ----------- ---- ---- ------ --- scsm-dc01 administrators Administrator User contoso S-1-5-21-4081441239-4240563405-729182456-500 scsm-dc01 administrators Enterprise Admins Group contoso S-1-5-21-4081441239-4240563405-729182456-519 scsm-dc01 administrators Domain Admins Group contoso S-1-5-21-4081441239-4240563405-729182456-512 scsm-server administrators Administrator User S-1-5-21-1473970658-40817565-21663372-500 scsm-server administrators !svcServiceManager User contoso S-1-5-21-4081441239-4240563405-729182456-1274 scsm-server administrators !svcServiceManagerWF User contoso S-1-5-21-4081441239-4240563405-729182456-1275 scsm-server administrators !svcscoservice User contoso S-1-5-21-4081441239-4240563405-729182456-1310 scsm-server administrators Domain Admins Group contoso S-1-5-21-4081441239-4240563405-729182456-512 =================================================================================== #> Function Get-LocalGroupMembers { param( [Parameter(ValuefromPipeline=$true)][array]$server = $env:computername, $GroupName = $null ) PROCESS { $finalresult = @() $computer = [ADSI]"WinNT://$server" if (!($groupName)) { $Groups = $computer.psbase.Children | Where {$_.psbase.schemaClassName -eq "group"} | select -expand name } else { $groups = $groupName } $CurrentDomain = [System.DirectoryServices.ActiveDirectory.Domain]::GetCurrentDomain().GetDirectoryEntry() | select name,objectsid $domain = $currentdomain.name $SID=$CurrentDomain.objectsid $DomainSID = (New-Object System.Security.Principal.SecurityIdentifier($sid[0], 0)).value foreach ($group in $groups) { $gmembers = $null $LocalGroup = [ADSI]("WinNT://$server/$group,group") $GMembers = $LocalGroup.psbase.invoke("Members") $GMemberProps = @{Server="$server";"Local Group"=$group;Name="";Type="";ADSPath="";Domain="";SID=""} $MemberResult = @() if ($gmembers) { foreach ($gmember in $gmembers) { $membertable = new-object psobject -Property $GMemberProps $name = $gmember.GetType().InvokeMember("Name",'GetProperty', $null, $gmember, $null) $sid = $gmember.GetType().InvokeMember("objectsid",'GetProperty', $null, $gmember, $null) $UserSid = New-Object System.Security.Principal.SecurityIdentifier($sid, 0) $class = $gmember.GetType().InvokeMember("Class",'GetProperty', $null, $gmember, $null) $ads = $gmember.GetType().InvokeMember("adspath",'GetProperty', $null, $gmember, $null) $MemberTable.name= "$name" $MemberTable.type= "$class" $MemberTable.adspath="$ads" $membertable.sid=$usersid.value if ($userSID -like "$domainsid*") { $MemberTable.domain = "$domain" } $MemberResult += $MemberTable } } $finalresult += $MemberResult } $finalresult | select server,"local group",name,type,domain,sid } }

而不是ftexport-csv和相应的开关结束脚本。