在這裡紀錄一下最後的成果
透過搜尋網路上IT人的分享及微軟官方文件
兜出需要的指令,很簡易的
iopkl27
$struser= read-host "請輸入要查詢的帳號名稱"
if (dsquery user -samid $struser)
{
Write-Host " "
Write-Host " "
Write-Host "==================查詢顯示=================="
Get-aduser $struser -Properties Name,createTimeStamp,PasswordLastSet,Department,DistinguishedName,Enabled,EmailAddress,whenChanged,LockedOut | Format-List -Property Name,createTimeStamp,PasswordLastSet,Department,DistinguishedName,Enabled,EmailAddress,whenChanged,LockedOut
$((Get-ADUser $struser –Properties *).MemberOf -split (“,”) | Select-String –SimpleMatch “CN=”) -replace “CN=”,””
Write-Host "請選擇"
$number= read-host "停用USER輸入1 ; 解鎖USER輸入2 ; 離開輸入Ctrl+C"
if ($number -eq 1)
{
Disable-ADAccount –Identity $struser
Set-ADAccountPassword -Identity $struser -NewPassword $NewPassword -Reset
Set-ADUser $struser -EmailAddress $null
Set-ADUser $struser -Department $null
Get-ADUser -Identity $struser -Properties MemberOf | ForEach-Object {
$_.MemberOf | Remove-ADGroupMember -Members $_.DistinguishedName -Confirm:$false
Get-ADUser $struser | Move-ADObject -TargetPath 'OU=xxx,OU=xxx,DC=xxx,DC=com,DC=tw'}
Write-Host " "
Write-Host " "
Write-Host "停用完成"
}
elseif ($number -eq 2)
{
Unlock-ADAccount -Identity $struser
Write-Host " "
Write-Host " "
Write-Host "解鎖完成"
}
else
{
Write-Host " "
Write-Host " "
Write-Host "輸入項目無效,結束程序"
Exit
}
Write-Host " "
Write-Host "==================結果顯示=================="
Get-aduser $struser -Properties Name,createTimeStamp,PasswordLastSet,Department,DistinguishedName,Enabled,EmailAddress,whenChanged,LockedOut | Format-List -Property Name,createTimeStamp,PasswordLastSet,Department,DistinguishedName,Enabled,EmailAddress,whenChanged,LockedOut
$((Get-ADUser $struser –Properties *).MemberOf -split (“,”) | Select-String –SimpleMatch “CN=”) -replace “CN=”,””
}
else
{
" "
"!!該帳號不存在,結束程序!!"
" "
}
目前使用Powergui包成exe
https://softfamous.com/powergui/download/
在執行時需要「以系統管理員身分執行」,不然會出現權限不足
iThome鐵人賽
看影片追技術