我正在尝试使用 powershell 删除 OU 内的所有用户,下面的内容在涉及 SAMAccount 名称时会卡住,我希望它删除所有找到的用户。
请问我在这里做错了什么?
$search="OU=Staff,OU=Users,DC=Testing, DC=Local"
$deletes= Get-ADUser -SearchBase $search -filter * -properties SamAccountName | Select-Object SamAccountName
$numusers=($deletes.count)
echo "$numusers Users Found"
foreach ($delete in $deletes)
{
echo "Deleting user account $delete . . . "
remove-aduser -identity $delete -confirm:$false
}
这是输出。这里似乎出了问题——无法转换“@{SamAccountName=bbonhomme}”
找到 7 个用户
Deleting user account @{SamAccountName=bbonhomme} . . .
Remove-ADUser : Cannot bind parameter 'Identity'. Cannot convert value "@{SamAccountName=bbonhomme}" to type
"Microsoft.ActiveDirectory.Management.ADUser". Error: "Cannot convert the "@{SamAccountName=bbonhomme}" value of type
"Selected.Microsoft.ActiveDirectory.Management.ADUser" to type "Microsoft.ActiveDirectory.Management.ADUser"."
At C:\Users\Administrator\Desktop\import\getadusers.ps1:11 char:29
+ remove-aduser -identity @delete -confirm:$false
+ ~~~~~~~
+ CategoryInfo : InvalidArgument: (:) [Remove-ADUser], ParameterBindingException
+ FullyQualifiedErrorId : CannotConvertArgumentNoMessage,Microsoft.ActiveDirectory.Management.Commands.RemoveADUser
最佳答案
替换
$deletes= Get-ADUser -SearchBase $search -filter * -properties SamAccountName | Select-Object SamAccountName
由
$deletes= Get-ADUser -SearchBase $search -filter * -properties SamAccountName
添加 Select-Object 意味着将 ADUser“对象”转换为“Psobject”。因此,后续命令remove-ADuser 无法识别此类对象。
也替换:
remove-aduser -identity $deletes -confirm:$false
由
remove-aduser -identity $delete.SamAccountName -confirm:$false
由 $delete 更改了 $deletes(您不能在 -Identity 参数中指定集合)
关于Powershell删除OU中的所有用户,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/46690065/