我们拥有一个拥有 500 万用户的 Active Directory。尝试使用 powershell 脚本提取用户时,我们收到错误“Get-ADUser:此操作由于超时期限已过期而返回”。
已经尝试在网络上搜索优化脚本。下面是我们所拥有的。这对于大约 50 万用户来说效果很好。
Import-Module ActiveDirectory
$Users = Get-ADUser -SearchBase "CN=Users,DC=*****,DC=*****,DC=*****" -Server "*****" -ResultPageSize 1 -LDAPFilter "(&(objectCategory=User)(whenCreated>=20190101000000.0Z)(whenCreated<=20190131235959.0Z))" -Properties WhenCreated | Select-Object Name, WhenCreated
$Users | Export-Csv C:\Temp\January2019.csv -NoTypeInformation
Get-ADUserDirectorySearcher[ADSISearcher]$server = "****"
$ou = "CN=Users,DC=*****,DC=*****,DC=*****"
$searcher = [ADSISearcher]"(&(objectCategory=User)(whenCreated>=20190101000000.0Z)(whenCreated<=20190131235959.0Z))"
$searcher.PropertiesToLoad.Add("whenCreated") #We only want the whenCreated attribute
$searcher.PageSize = 200 #Get the users in pages of 200
$searcher.SearchRoot = [ADSI]"LDAP://$server/$ou"
$ADObjects = @()
[array]$ADObjects = foreach($result in $searcher.FindAll()) {
# The SearchResultCollection doesn't output in PowerShell very well, so here we create
# a PSObject for each results with the properties that we can export later
[Array]$propertiesList = $result.Properties.PropertyNames
$obj = New-Object PSObject
foreach($property in $propertiesList) {
$obj | add-member -membertype noteproperty -name $property -value ([string]$result.Properties.Item($property))
}
$obj
}
$ADObjects | Export-Csv C:\Temp\January2019.csv -NoTypeInformation
CSVDE -f D:\Temp\ADUseru.csv -d "CN=用户,DC=*****,DC=*****,DC=*****" -r "(&(objectClass =用户)(objectCategory =人)(创建时> = 20120101000000.0Z)(创建时
<=20121231235959.0Z))" -l "name, whenCreated, memberOf, sAMAccountName"