我正在准备审核并尝试通过 PowerShell 获取我们的数据,但我对这方面是个菜鸟。 我正在使用
Search-ADAccount我知道我可以将过滤器开关与
Get-ADUserSearch-ADAccount#Expired users
$Filename = "BJL Expired Users.csv"
Search-ADAccount -UsersOnly -AccountExpired -filter {WhenChanged -ge '${StartDate} '} –ResultSetSize $null | Select-Object Name, SamAccountName, DistinguishedName, mail, lastlogondate,Enabled,lockedOut,whenChanged,AccountExpirationDate,UserAccountControl,whenCreated| Export-CSV -path "$($ExportPath)$($Filename)" –NoTypeInformation|out-gridview -title "Expired Accounts"
-filterSearch-ADAccountSearch-ADAccount参考资料https://shellgeek.com/powershell-search-adaccount-cmdlet-examples/ 如何查找在特定日期被禁用的用户
正如您已经说过的,
Search-ADAccount-FilterGet-ADUser$properties = @(
'Name'
'SamAccountName'
'DistinguishedName'
'mail'
'lastlogondate'
'Enabled'
'lockedOut'
'whenChanged'
'AccountExpirationDate'
'UserAccountControl'
'whenCreated'
)
$filter = -join @(
'(&' # AND, all conditions must be met
'(whenChanged>={0:yyyyMMddHHmmss.0Z})' -f [datetime]::UtcNow.AddYears(-1) # `whenChanged` attribute is greater than or equal to 1 year ago
'(!accountExpires>={0})' -f [datetime]::UtcNow.ToFileTimeUtc() # `accountExpires` attribute is lower than now (UTC), meaning, the account is expired
')' # close AND clause
)
$result = Get-ADUser -LDAPFilter $filter -Properties $properties |
Select-Object $properties
$result | Export-Csv -Path "$($ExportPath)$($Filename)" -NoTypeInformation
$result | Out-GridView -Title 'Expired Accounts'