学习纪录-Powershell 製作简易的AD 停用帐号及解锁密码

在这里纪录一下最后的成果
透过搜寻网路上IT人的分享及微软官方文件
兜出需要的指令，很简易的

$struser= read-host "请输入要查询的帐号名称"if (dsquery user -samid $struser){Write-Host " "Write-Host " "Write-Host "==================查询显示=================="Get-aduser $struser  -Properties Name,createTimeStamp,PasswordLastSet,Department,DistinguishedName,Enabled,EmailAddress,whenChanged,LockedOut | Format-List -Property  Name,createTimeStamp,PasswordLastSet,Department,DistinguishedName,Enabled,EmailAddress,whenChanged,LockedOut$((Get-ADUser $struser –Properties *).MemberOf -split (“,”)  | Select-String –SimpleMatch “CN=”) -replace “CN=”,””Write-Host "请选择"$number= read-host "停用USER输入1 ; 解锁USER输入2 ; 离开输入Ctrl+C"if ($number -eq 1){Disable-ADAccount –Identity $struserSet-ADAccountPassword -Identity $struser -NewPassword $NewPassword -ResetSet-ADUser $struser -EmailAddress $nullSet-ADUser $struser -Department $nullGet-ADUser -Identity $struser -Properties MemberOf | ForEach-Object {  $_.MemberOf | Remove-ADGroupMember -Members $_.DistinguishedName -Confirm:$falseGet-ADUser $struser | Move-ADObject -TargetPath 'OU=xxx,OU=xxx,DC=xxx,DC=com,DC=tw'}Write-Host " "Write-Host " "Write-Host "停用完成"}elseif ($number -eq 2){Unlock-ADAccount -Identity $struserWrite-Host " "Write-Host " "Write-Host "解锁完成"}else{Write-Host " "Write-Host " "Write-Host "输入项目无效，结束程序"Exit}Write-Host " "Write-Host "==================结果显示=================="Get-aduser $struser  -Properties Name,createTimeStamp,PasswordLastSet,Department,DistinguishedName,Enabled,EmailAddress,whenChanged,LockedOut | Format-List -Property  Name,createTimeStamp,PasswordLastSet,Department,DistinguishedName,Enabled,EmailAddress,whenChanged,LockedOut$((Get-ADUser $struser –Properties *).MemberOf -split (“,”)  | Select-String –SimpleMatch “CN=”) -replace “CN=”,””}else {" ""!!该帐号不存在，结束程序!!"" "}

目前使用Powergui包成exe
https://softfamous.com/powergui/download/

在执行时需要「以系统管理员身分执行」，不然会出现权限不足