有谁知道查询此 UNIX 属性 msSFU30MaxUidNumber 的方法
在带有 Powershell 的 Active Directory 中?我正在编写一个脚本,该脚本将根据需要将 Unix 属性分配给用户。我也有可用的 Quest AD Powershell 模块。
最佳答案
我借用它来设置 UNIX 属性(NISdomain、GID、loginshell、UIDnumber、UID)http://danieltromp.com/2014/06/09/powershell-ad-enable-unix-attributes/ .
我更新了它,因此它也更新了存储的 msSFU30MaxUidNumber。我见过的所有脚本都忘记了这一点。
如果您将来使用 ADUC 设置 UNIX 属性(或者即使您再次针对另一个 OU 运行脚本),则可以防止出现重复 UID 编号的问题:
Remove-Variable -Name * -Force -ErrorAction SilentlyContinue
Import-Module ActiveDirectory
$NIS = Get-ADObject "CN=DOMAIN,CN=ypservers,CN=ypServ30,CN=RpcServices,CN=System,DC=Domain,DC=com" -Properties:* #Get NIS server information
$maxUid = $NIS.msSFU30MaxUidNumber #Get the last used User ID
$usuarios = Get-ADUser -Filter * -SearchBase "OU=NAME,OU=NAME,OU=NAME,DC=Domain,DC=com" -Properties:* #Get all users
foreach($usr in $usuarios)
{
if ($usr.mssfu30nisdomain -eq $null){
Set-ADUser -Identity "$($usr.SamAccountName)" -Replace @{mssfu30nisdomain="Domain"} #Enable NIS
Set-ADUser -Identity "$($usr.SamAccountName)" -Replace @{gidnumber="10005"} #Set Group ID
Set-ADUser -Identity "$($usr.SamAccountName)" -Replace @{loginShell="/bin/bash"} #Set Login Shell
$maxUid++ #Raise the User ID number
Set-ADUser -Identity "$($usr.SamAccountName)" -Replace @{uidnumber=$maxUid} #Set User ID number
Set-ADUser -Identity "$($usr.SamAccountName)" -Replace @{uid=$usr.SamAccountName} #Set UID
Write-Host -Backgroundcolor Green -Foregroundcolor Black $usr.SamAccountName changed #Write Changed Username to console
}
else{Write-Host -Backgroundcolor Yellow -Foregroundcolor Black $usr.SamAccountName unchanged} #Write Unchanged Username to console with a yellow background
}
$NIS | Set-ADObject -Replace @{msSFU30MaxUidNumber = $maxuid++}
$NIS | Set-ADObject -Replace @{msSFU30MaxUidNumber = $maxuid++}
关于powershell - 如何使用 Powershell 查询 msSFU30MaxUidNumber 属性?,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/7989028/