活动目录常用PS命令 徐鹏 微软南区TSP\微软公共论坛Server System\Exchange Server版主\CSDN博客专家\Exchange Server MVP http://blog.csdn.net/fogyisland2000 交流群: 248700482 http://edu.csdn.net
购买收费视频福利 即日起购买相关的CSDN 视频可以得到讲师的QQ群指导服务。定期开办在线交流,欢迎大家购买相关的收费视频。 目前群内有两个老师: 徐鹏 Exchange MVP 精通AD\Exchange 熟悉Powershell\Sharepoint 宋立桓 SQL Server MVP 精通SQL 数据库\Oracle数据库 各类开源系统 群号:248700482
New-Aduser 新建活动目录用户,他可以根据不同的需求建立不同需求的用户 New-ADUser [-Name] <string> [-AccountExpirationDate <System.Nullable[System.DateTime]>] [-AccountNotDelegated <System.Nullable[bool]>] [-AccountPassword <SecureString>] [-AllowReversiblePasswordEncryption <System.Nullable[bool]>] [-AuthType {<Negotiate> | <Basic>}] [-CannotChangePassword <System.Nullable[bool]>] [-Certificates <X509Certificate[]>] [-ChangePasswordAtLogon <System.Nullable[bool]>] [-City <string>] [-Company <string>] [-Country <string>] [-Credential <PSCredential>] [-Department <string>] [-Description <string>] [-DisplayName <string>] [-Division <string>] [-EmailAddress <string>] [-EmployeeID <string>] [-EmployeeNumber <string>] [-Enabled <System.Nullable[bool]>] [-Fax <string>] [-GivenName <string>] [-HomeDirectory <string>] [-HomeDrive <string>] [-HomePage <string>] [-HomePhone <string>] [-Initials <string>] [-Instance <ADUser>] [-LogonWorkstations <string>] [-Manager <ADUser>] [-MobilePhone <string>] [-Office <string>] [-OfficePhone <string>] [-Organization <string>] [-OtherAttributes <hashtable>] [-OtherName <string>] [-PassThru <switch>] [-PasswordNeverExpires <System.Nullable[bool]>] [-PasswordNotRequired <System.Nullable[bool]>] [-Path <string>] [-POBox <string>] [-PostalCode <string>] [-ProfilePath <string>] [-SamAccountName <string>] [-ScriptPath <string>] [-Server <string>] [-ServicePrincipalNames <string[]>] [-SmartcardLogonRequired <System.Nullable[bool]>] [-State <string>] [-StreetAddress <string>] [-Surname <string>] [-Title <string>] [-TrustedForDelegation <System.Nullable[bool]>] [-Type <string>] [-UserPrincipalName <string>] [-Confirm] [-WhatIf] [<CommonParameters>] 1. 场景1: 新建用户,简单模式建立用户 2. 场景2: 新建用户,复杂模式建立用户 3. 场景3: 快速创建100个用户 4. 场景4: 基于固定的文本文件创建
New-adcomputer 新建活动目录电脑设备 New-ADComputer [-Name] <string> [-AccountExpirationDate <System.Nullable[System.DateTime]>] [-AccountNotDelegated <System.Nullable[bool]>] [-AccountPassword <SecureString>] [-AllowReversiblePasswordEncryption <System.Nullable[bool]>] [-AuthType {<Negotiate> | <Basic>}] [-CannotChangePassword <System.Nullable[bool]>] [-Certificates <X509Certificate[]>] [-ChangePasswordAtLogon <System.Nullable[bool]>] [-Credential <PSCredential>] [-Description <string>] [-DisplayName <string>] [-DNSHostName <string>] [-Enabled <System.Nullable[bool]>] [-HomePage <string>] [-Instance <ADComputer>] [-Location <string>] [-ManagedBy <ADPrincipal>] [-OperatingSystem <string>] [-OperatingSystemHotfix <string>] [-OperatingSystemServicePack <string>] [-OperatingSystemVersion <string>] [-OtherAttributes <hashtable>] [-PassThru <switch>] [-PasswordNeverExpires <System.Nullable[bool]>] [-PasswordNotRequired <System.Nullable[bool]>] [-Path <string>] [-SAMAccountName <string>] [-Server <string>] [-ServicePrincipalNames <string[]>] [-TrustedForDelegation <System.Nullable[bool]>] [-UserPrincipalName <string>] [-Confirm] [-WhatIf] [<CommonParameters>] 使用场景: 因为加入域的机器默认都会放到我们的Computers 容器里面,如果我们的用户希望基于不同部门添加到不同的OU下面,来实现不同的机器放置到不同的OU下面 1. 场景1 新建普通的活动目录电脑账户 2. 场景2 基于我们的文件来创建我们的设定好的电脑账户
New-adgroup 新建AD用户组 New-ADGroup [-Name] <string> [-GroupScope] <System.Nullable[Microsoft.ActiveDirectory.Management.ADGroupScope]> [-AuthType {<Negotiate> | <Basic>}] [-Credential <PSCredential>] [-Description <string>] [-DisplayName <string>] [-GroupCategory <System.Nullable[Microsoft.ActiveDirectory.Management.ADGroupCategory]>] [-HomePage <string>] [-Instance <ADGroup>] [-ManagedBy <ADPrincipal>] [-OtherAttributes <hashtable>] [-PassThru <switch>] [-Path <string>] [-SamAccountName <string>] [-Server <string>] [-Confirm] [-WhatIf] [<CommonParameters>] 1. 场景1: 新建用户组 2. 场景2: 批量建立用户组
Add-ADGroupMember 添加组成员 Add-ADGroupMember [-Identity] <ADGroup> [-Members] <ADPrincipal[]> [-AuthType {<Negotiate> | <Basic>}] [-Credential <PSCredential>] [-Partition <string>] [-PassThru <switch>] [-Server <string>] [-Confirm] [-WhatIf] [<CommonParameters>] 1. 将单一组添加到我们的组中 2. 批量将某一OU用户添加到组中 3. 批量将文本中的用户添加到某一组中
Remove-ADGroupMember 删除用户组成员 Remove-ADGroupMember [-Identity] <ADGroup> [-Members] <ADPrincipal[]> [-AuthType {<Negotiate> | <Basic>}] [-Credential <PSCredential>] [-Partition <string>] [-PassThru <switch>] [-Server <string>] [-Confirm] [-WhatIf] [<CommonParameters>] 1. 删除AD组账户成员 2. 批量删除特定的AD组账户成员
Get-aduser 获取AD用户 Parameter Set: Filter Get-ADUser -Filter <String> [-AuthType <ADAuthType> {Negotiate | Basic} ] [-Credential <PSCredential> ] [-Properties <String[]> ] [-ResultPageSize <Int32> ] [-ResultSetSize <Int32> ] [-SearchBase <String> ] [-SearchScope <ADSearchScope> {Base | OneLevel | Subtree} ] [ <CommonParameters>] Parameter Set: Default Get-ADUser [[-Partition] <String[]> ] [-Server <String> ] [ <CommonParameters>] Parameter Set: Identity Get-ADUser [-Identity] <ADUser> [-AuthType <ADAuthType> {Negotiate | Basic} ] [-Credential <PSCredential> ] [-Properties <String[]> ] [ <CommonParameters>] Parameter Set: LdapFilter Get-ADUser -LDAPFilter <String> [-AuthType <ADAuthType> {Negotiate | Basic} ] [-Credential <PSCredential> ] [-Properties <String[]> ] [-ResultPageSize <Int32> ] [-ResultSetSize <Int32> ] [-SearchBase <String> ] [-SearchScope <ADSearchScope> {Base | OneLevel | Subtree} ] [ <CommonParameters>] 1.场景1: 查询单个用户信息 2.场景2: 查询OU下面的用户信息 3.场景3: 获取OU及OU下级用户信息 4.场景4: 基于Where 进行属性筛选 5.场景5: 将需要的数据根据需要导出 6.场景6: 统计禁用用户、多日没有登录用户
Get-adcomputer 获取当前AD计算机账户 Get-ADComputer -Filter <string> [-ResultPageSize <int>] [-ResultSetSize <System.Nullable[System.Int32]>] [-SearchBase <string>] [-SearchScope {<Base> | <OneLevel> | <Subtree>}] [-AuthType {<Negotiate> | <Basic>}] [-Credential <PSCredential>] [-Partition <string>] [-Properties <string[]>] [-Server <string>] [<CommonParameters>] 1. 场景1: 获取我们的计算机信息 2. 场景2: 获取OU下面的我们的计算机信息 3. 场景3: 导出我们需要的计算机信息 4. 场景4: 多日未使用计算机
Get-adgroup 获取AD用户组 Get-ADGroup -Filter <string> [-ResultPageSize <int>] [-ResultSetSize <System.Nullable[System.Int32]>] [-SearchBase <string>] [-SearchScope {<Base> | <OneLevel> | <Subtree>}] [-AuthType {<Negotiate> | <Basic>}] [-Credential <PSCredential>] [-Partition <string>] [-Properties <string[]>] [-Server <string>] [<CommonParameters>] 1. 场景1:获取当前AD的用户组信息
Get-adgroupmember 获取用户组成员 Get-ADGroupMember [-Identity] <ADGroup> [-AuthType {<Negotiate> | <Basic>}] [-Credential <PSCredential>] [-Partition <string>] [-Recursive <switch>] [-Server <string>] [<CommonParameters>] 1. 获取当前用户组成员 2. 将当前用户组成员导出 3. 批量的将用户组和用户组成员导出
Enable-adaccount 启用AD账户 Enable-ADAccount [-Identity] <ADAccount> [-AuthType {<Negotiate> | <Basic>}] [-Credential <PSCredential>] [-Partition <string>] [-PassThru <switch>] [-Server <string>] [-Confirm] [-WhatIf] [<CommonParameters>] 1. 场景1:启用AD账户 2. 场景2:批量启用AD账户
Disable-adaccount 禁用AD账户 Disable-ADAccount [-Identity] <ADAccount> [-AuthType {<Negotiate> | <Basic>}] [-Credential <PSCredential>] [-Partition <string>] [-PassThru <switch>] [-Server <string>] [-Confirm] [-WhatIf] [<CommonParameters>] 1. 场景1:禁用AD账户 2. 场景2:批量禁用AD账户
Remove-ADComputer 删除活动目录中计算机账户 Remove-ADComputer [-Identity] <ADComputer> [-AuthType <ADAuthType> {Negotiate | Basic} ] [-Credential <PSCredential> ] [-Partition <String> ] [-Server <String> ] [-Confirm] [-WhatIf] [ <CommonParameters>] 1. 删除一台电脑 2. 删除OU下的电脑
Remove-ADGroup 删除AD组 Remove-ADGroup [-Identity] <ADGroup> [-AuthType {<Negotiate> | <Basic>}] [-Credential <PSCredential>] [-Partition <string>] [-Server <string>] [-Confirm] [-WhatIf] [<CommonParameters>] 1. 删除AD组账户 2. 批量删除特定的AD组账户
Remove-aduser 删除AD用户 Remove-ADUser [-Identity] <ADUser> [-AuthType {<Negotiate> | <Basic>}] [-Credential <PSCredential>] [-Partition <string>] [-Server <string>] [-Confirm] [-WhatIf] [<CommonParameters>] 1. 删除单一账户 2. 批量删除账户 3. 删除特定账户
Set-ADAccountPassword Set-ADAccountPassword [-Identity] <ADAccount> [-AuthType {<Negotiate> | <Basic>}] [-Credential <PSCredential>] [-NewPassword <SecureString>] [-OldPassword <SecureString>] [-Partition <string>] [-PassThru <switch>] [-Reset <switch>] [-Server <string>] [-Confirm] [-WhatIf] [<CommonParameters>] 1. 设定单一账户密码 2. 批量设定账户密码 3. 设置特定的用户密码
Set-ADUser 设定AD用户属性 Set-ADUser [-Identity] <ADUser> [-AccountExpirationDate <System.Nullable[System.DateTime]>] [-AccountNotDelegated <System.Nullable[bool]>] [-Add <hashtable>] [-AllowReversiblePasswordEncryption <System.Nullable[bool]>] [-CannotChangePassword <System.Nullable[bool]>] [-Certificates <hashtable>] [-ChangePasswordAtLogon <System.Nullable[bool]>] [-City <string>] [-Clear <string[]>] [-Company <string>] [-Country <string>] [-Department <string>] [-Description <string>] [-DisplayName <string>] [-Division <string>] [-EmailAddress <string>] [-EmployeeID <string>] [-EmployeeNumber <string>] [-Enabled <System.Nullable[bool]>] [-Fax <string>] [-GivenName <string>] [-HomeDirectory <string>] [-HomeDrive <string>] [-HomePage <string>] [-HomePhone <string>] [-Initials <string>] [-LogonWorkstations <string>] [-Manager <ADUser>] [-MobilePhone <string>] [-Office <string>] [-OfficePhone <string>] [-Organization <string>] [-OtherName <string>] [-PasswordNeverExpires <System.Nullable[bool]>] [-PasswordNotRequired <System.Nullable[bool]>] [-POBox <string>] [-PostalCode <string>] [-ProfilePath <string>] [-Remove <hashtable>] [-Replace <hashtable>] [-SamAccountName <string>] [-ScriptPath <string>] [-ServicePrincipalNames <hashtable>] [-SmartcardLogonRequired <System.Nullable[bool]>] [-State <string>] [-StreetAddress <string>] [-Surname <string>] [-Title <string>] [-TrustedForDelegation <System.Nullable[bool]>] [-UserPrincipalName <string>] [-AuthType {<Negotiate> | <Basic>}] [-Credential <PSCredential>] [-Partition <string>] [-PassThru <switch>] [-Server <string>] [-Confirm] [-WhatIf] [<CommonParameters>] 1. 设定单一AD账户信息 2. 批量设定AD账户信息 3. 设定特定的AD账户信息
THANKS 本课程由 徐鹏 提供 博客: QQ讨论群: CSDN网站:www.csdn.net 企业服务:http://ems.csdn.net/ 人才服务:http://job.csdn.net/ CTO俱乐部:http://cto.csdn.net/ 高校俱乐部:http://student.csdn.net/ 程序员杂志:http://programmer.csdn.net/ CODE平台:https://code.csdn.net/ 项目外包:http://www.csto.com/ CSDN博客:http://blog.csdn.net/ CSDN论坛:http://bbs.csdn.net/ CSDN下载:http://download.csdn.net/