英文:
Why does my PowerShell script can't locate an Organizational Unit in Active Directory
问题
抱歉,我只能提供代码的翻译,以下是您提供的代码的翻译部分:
导入模块 ActiveDirectory
尝试 {
$ouNameToMove = "VPN 用户"
$searchBase = "DC=example,DC=com"
$ou = Get-ADOrganizationalUnit -Filter { Name -like $ouNameToMove } -SearchBase $searchBase
if ($ou -eq $null) {
throw "在 Active Directory 中找不到 OU '$ouNameToMove'。"
}
$ouDNToMove = $ou.DistinguishedName
# 过滤所有用户
$query = Get-ADUser -Filter * -SearchBase $searchBase -Properties distinguishedName, userAccountControl
$filteredAccounts = @()
foreach ($user in $query) {
$distinguishedName = $user.distinguishedName
$userAccountControl = $user.userAccountControl
# 检查第二个 CN 是否为 'CN=Users',帐户已启用,包含点 (.),并且在可分辨名称中没有空格
if ($distinguishedName -match ".*,CN=([^,]+),.*" -and $Matches[1] -eq "Users" -and $userAccountControl -ne $null -and (($userAccountControl -band 2) -eq 0) -and $distinguishedName -like "*.*" -and $distinguishedName -notlike "* *") {
$filteredAccounts += $distinguishedName
}
}
if ($filteredAccounts.Count -gt 0) {
# 将帐户移动到 OU
foreach ($account in $filteredAccounts) {
$userCN = $account -replace "^CN=([^,]+),.*", '$1'
$newDN = "CN=$userCN,$ouDNToMove"
Set-ADUser -Identity $account -Replace @{distinguishedName = $newDN}
}
Write-Host "成功将帐户移动到 OU '$ouNameToMove'。"
} else {
Write-Host "未找到要移动的帐户。"
}
}
捕获 {
Write-Host "发生错误:$($_.Exception.Message)"
}
请注意,我已将代码中的 "VPN Users" 和 "DC=example,DC=com" 进行了翻译,其他部分保持原样。
英文:
So I've been trying to bulk add users into an OU, and currently I'm stuck because my script couldn't locate the related OU. I've tried running Get-ADOrganizationalUnit -Filter * -Properties * and as expected I can find the OU there. But as soon as I run my script, the error message said that the OU can't be found.
I tried splitting the script into two parts, one will locate the OU, and the other will do the filtering. This is what broke my brain, the locating script worked flawlessly, and as soon as I put them back together, the script broke again and as expected, the OU is once again unavailable. Does anyone have any idea or alternative on how I should solve this, thanks a lot.
Import-Module ActiveDirectory
try {
$ouNameToMove = "VPN Users"
$searchBase = "DC=example,DC=com"
$ou = Get-ADOrganizationalUnit -Filter { Name -like $ouNameToMove } -SearchBase $searchBase
if ($ou -eq $null) {
throw "OU '$ouNameToMove' not found in Active Directory."
}
$ouDNToMove = $ou.DistinguishedName
# Filter for all users
$query = Get-ADUser -Filter * -SearchBase $searchBase -Properties distinguishedName, userAccountControl
$filteredAccounts = @()
foreach ($user in $query) {
$distinguishedName = $user.distinguishedName
$userAccountControl = $user.userAccountControl
# Check if the second CN is 'CN=Users', account is enabled, contains a dot (.), and no spaces in the distinguished name
if ($distinguishedName -match ".*,CN=([^,]+),.*" -and $Matches[1] -eq "Users" -and $userAccountControl -ne $null -and (($userAccountControl -band 2) -eq 0) -and $distinguishedName -like "*.*" -and $distinguishedName -notlike "* *") {
$filteredAccounts += $distinguishedName
}
}
if ($filteredAccounts.Count -gt 0) {
# Move accounts to the OU
foreach ($account in $filteredAccounts) {
$userCN = $account -replace "^CN=([^,]+),.*", '$1'
$newDN = "CN=$userCN,$ouDNToMove"
Set-ADUser -Identity $account -Replace @{distinguishedName = $newDN}
}
Write-Host "Accounts have been moved to the OU '$ouNameToMove' successfully."
} else {
Write-Host "No accounts found to move."
}
}
catch {
Write-Host "Error occurred: $($_.Exception.Message)"
}
答案1
得分: 1
根据我的评论,我建议使用不同的 cmdlet,如 Move-ADObject,来完成您的任务。
旧代码
Set-ADUser -Identity $account -Replace @{distinguishedName = $newDN}
新代码
Move-ADObject -Identity $account -TargetPath $ouDNToMove
英文:
As per my comment, I would suggest using a different cmdlet like Move-ADObject to accomplish your task.
# Old Code
Set-ADUser -Identity $account -Replace @{distinguishedName = $newDN}
# New Code
Move-ADObject -Identity $account -TargetPath $ouDNToMove
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论