在创建之前检查OU是否存在

Question

function NyChildOU {
  $overOU = Read-Host "Type in the name of the parrent OU"
  $oucheck = [adsi]::Exists("LDAP://OU=$overOU,OU=PS,DC=PS,DC=local")
  if ($oucheck -eq "true") {
    $navnpaaou = Read-Host "Type in the name of the new OU"
    $oucheck2 = [adsi]::Exists("LDAP://OU=$navnpaaou,OU=$overOU,OU=PS,DC=PS,DC=local")
    if ($oucheck2 -eq "false") {
      New-ADOrganizationalUnit -Name $navnpaaou -path "OU=$navnpaaou,OU=$overOU,OU=PS,DC=PS,DC=Local"
      Write-Host "The new entry: $navnpaaou is created within $overOU"
    } else {
      Write-Host "OUen $navnpaaou do exist within $overOU"
    }
  } else {
    Write-Host "OUen $overOU doesen't exist, trie again"
  }
}

这是我的脚本，其目的是创建一个 OU，除非它已经存在。我就是想不通我的代码出了什么问题。

Answer 1

只需检查 Get-ADOrganizationalUnit 是否返回具有该专有名称的 OU，否则创建它：

$parentOU = 'OU=parent,OU=PS,DC=example,DC=com'
$navnpaaou = Read-Host "Type in the name of the new OU"
$newOU = "OU=$navnpaaou,$parentOU"
if (Get-ADOrganizationalUnit -Filter "distinguishedName -eq '$newOU'") {
  Write-Host "$newOU already exists."
} else {
  New-ADOrganizationalUnit -Name $navnpaaou -Path $parentOU
}

Answer 2

我尝试了接受的答案，发现如果 OU 不存在，它会抛出异常。以下函数尝试检索 OU，如果抛出的错误不存在，则捕获该错误，然后创建 OU。

function CreateOU ([string]$name, [string]$path, [string]$description) {
    $ouDN = "OU=$name,$path"

    # Check if the OU exists
    try {
        Get-ADOrganizationalUnit -Identity $ouDN | Out-Null
        Write-Verbose "OU '$ouDN' already exists."
    }
    catch [Microsoft.ActiveDirectory.Management.ADIdentityNotFoundException] {
        Write-Verbose "Creating new OU '$ouDN'"
        New-ADOrganizationalUnit -Name $name -Path $path -Description $description
    }
}

CreateOU -name "Groups" -path "DC=ad,DC=example,DC=com" -description "What a wonderful OU this is"