PowerShell實戰 第二回 管理AD用戶對象

1. 批量創建AD用戶

Import-Csv C:\aduser.txt |foreach {New-ADUser -SamAccountName $_.samaccountname -Name $_. givenname -Surname $_.surname -DisplayName $_.displayname -Path $_.path -AccountPassword (ConvertTo-SecureString "1qaz@W SX" -AsPlainText -Force) -PassThru -Enabled $true}

aduser.txt的內容如下截圖：

2. 列出某個OU的用戶

Get-ADUser –Filter * -Searchbase "OU=IT,DC=Contoso,DC=Com" | FT

3. 列出所有禁用的賬號

Search-ADAccount –AccountDisabled –Usersonly | FT Name

4 .列出某個組內用戶然後移動到某個OU

Get-ADGroupMember Agroup -Recursive | Move-ADObject –TargetPath "OU=NewOU,DC=Contoso,DC=Com"

5. 移除某個OU個來自某個組的用戶

Get-ADGroupMember CSAdministrator | select Name, distinguishedName | Export-CSV CSAdministrator.csv -NoTypeInformation -Encoding UTF8

6. 將A組的用戶移動到B組

$Users = Get-ADUser -Filter * -Searchbase "OU=NewOU,DC=Contoso,DC=Com" Remove-ADGroupMember -Identity People -Member $Users -Confirm:0