我正在尝试创建新的 Active Directory 用户,但首先我使用 Get-ADUser
验证该用户不存在。
我从人力资源部门导入用户数据并构建自定义属性:
$newUsers = Import-Csv $csvFile |
Select-Object -Property @{n='EmpNum';e={$_.'Employee Number'}},
@{n='UPN';e={$_.'Email Address'}},
@{n='Alias';e={$_.'Email Address'.Split("@")[0]}} #### etc
当我循环访问 CSV 文件中的对象时,我使用 UPN 属性在 Active Directory 中搜索用户:
foreach ($newUser in $newUsers) {
$exists = Get-ADUser -Filter {UserPrincipalName -eq $newUser.UPN} -Properties * -Server $adServer -Credential $adCred
...
}
过滤器导致错误:
Get-ADUser : Property: 'UPN' not found in object of type:
'System.Management.Automation.PSCustomObject'. At
C:\Users\bphillips.NEWHOPEOFIN\Dropbox\Powershell\NewHire\AddNewDSP.ps1:50
char:15
+ $exists = Get-ADUser -Filter {UserPrincipalName -eq $newUser.UPN} -Propertie ...
我尝试这样做: -Filter {UserPrincipalName -eq $("$newUser.UPN") 但这没有帮助;我收到另一个错误
Get-ADUser : Cannot process argument because the value of argument
"path" is not valid. Change the value of the "path" argument and run
the operation again. At
C:\Users\bphillips.NEWHOPEOFIN\Dropbox\Powershell\NewHire\AddNewDSP.ps1:50
char:15
+ $exists = Get-ADUser -Filter {UserPrincipalName -eq $("$newUser.UPN")} -Prop ...
$newUser
是一个字符串,所以我不明白为什么它会导致问题。对 UserPrincipalName 进行硬编码(如“[email protected] ”)可以,但 $newUser.UPN
不起作用。**
PS C:\> $newUser.UPN.GetType()
IsPublic IsSerial Name BaseType
-------- -------- ---- --------
True True String System.Object
和
PS C:\> $newUser.UPN | gm
TypeName: System.String
$newUser.UPN
包含有效的字符串值
PS C:\> $newUser.UPN
<a href="https://stackoverflow.com/cdn-cgi/l/email-protection" class="__cf_email__" data-cfemail="bdc4cdd2cdd8fdd2c8cfded2d0cddcd3c493d3d8c9" rel="noreferrer noopener nofollow">[email protected]</a>
我需要做什么才能将 $newUser.UPN
识别为过滤器参数的字符串?这是怎么回事,我不明白?
最佳答案
BNF for filter query strings不允许表达式作为比较中的第二个操作数,仅允许值(强调我的):
Syntax:
The following syntax uses Backus-Naur form to show how to use the PowerShell Expression Language for this parameter.<filter> ::= "{" <FilterComponentList> "}"
<FilterComponentList> ::= <FilterComponent> | <FilterComponent> <JoinOperator> <FilterComponent> | <NotOperator> <FilterComponent>
<FilterComponent> ::= <attr> <FilterOperator> <value> | "(" <FilterComponent> ")"
<FilterOperator> ::= "-eq" | "-le" | "-ge" | "-ne" | "-lt" | "-gt"| "-approx" | "-bor" | "-band" | "-recursivematch" | "-like" | "-notlike"
<JoinOperator> ::= "-and" | "-or"
<NotOperator> ::= "-not"
<attr> ::= <PropertyName> | <LDAPDisplayName of the attribute>
<value>::= <compare this value with an <attr> by using the specified <FilterOperator>>
将要比较的属性值放入变量中,并在比较中使用该变量。您可能还想将过滤器定义为实际字符串,只是为了清楚起见(尽管过滤器看起来不是脚本 block )。
$upn = $newUser.UPN
$exists = Get-ADUser -Filter "UserPrincipalName -eq '$upn'" ...
关于powershell - 在 Get-ADUser 筛选器参数中传递字符串会导致错误 - 在 pscustomobject 中找不到属性,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/34028164/