【发布时间】:2025-12-07 13:50:01
【问题描述】:
我有一个非常大的审计项目,我希望实现自动化。
我需要获取属于组的每个用户的姓名、SamAccountName、职务和部门。问题是,该组内有组,而这些组内也有组。另一个问题是,大约 99% 的组的显示名称中都有星号(不是 SamAccountName)。
这是我目前拥有的代码,它工作正常,直到它收到一个名称中带有星号的组..(因此 .Replace("*","") 部分...。任何人都有任何想法如何解决这个问题?
function Get-NestedGroupMember {
[CmdletBinding()]
param(
[Parameter(Mandatory)]
[string]$Group
)
$broke = @();
## Find all members in the group specified
$members = Get-ADGroupMember -Identity $Group
foreach ($member in $members){
## If any member in that group is another group just call this function again
if ($member.objectClass -eq 'group'){
$memberGroup = $($member.Name).Replace("*", "")
try{
Get-NestedGroupMember -Group "$($memberGroup)"
}catch{
$broke += "$($memberGroup)`n"
}
}else{
## otherwise, just output the non-group object (probably a user account)
$member.Name
}
}
Write-Host "`nThe following groups could not be found automatically.`n`n$($broke)"
}
$getGroup = Read-Host -Prompt "Group name"
Get-NestedGroupMember $getGroup
【问题讨论】:
-
而您没有使用
-Recursive参数,因为...
标签: powershell active-directory powershell-3.0