ITPub博客

首页 > 应用开发 > IT综合 > Powershell 修改Office365和AD账户

Powershell 修改Office365和AD账户

原创 IT综合 作者:pubian877 时间:2020-07-24 11:30:28 0 删除 编辑

  这段时间需要大量地修改AD用户的一些属性,例如邮件,UPN,登录名等等,以便和Office365的登录账号保持一致。写了个简单脚本进行批量修改。


  脚本执行的前提是在本地安装了AD和Office365必要的PS模块。AD是可以远程间接调用DC的PS模块,不过实际操作发现有些小bug,所以还是直接安装在本地比较省事,速度也快。


  #Import AD Module


  Import-Module activedirectory


  #Import Office 365 Module


  $Sessions=Get-PSSession


  if($Sessions.ComputerName-like"outlook.office365.com"){


  write-host"Detecting current Office365 session,skip.."-ForegroundColor Cyan


  }


  else{


  write-host"Starting new Office365 session"-ForegroundColor Cyan


  $UserCredential=Get-Credential


  Connect-MsolService-Credential$UserCredential


  $Session=New-PSSession-ConfigurationName Microsoft.Exchange-ConnectionUri Basic-AllowRedirection


  Import-PSSession$Session


  }


  #Get Primary SMTP Address


  function Get-PrimarySMTP(){


  [CmdletBinding()]


  Param


  (


  #Param1 help description


  [Parameter(Mandatory=$true,


  ValueFromPipelineByPropertyName=$true,


  Position=0)]


  [string[]]


  $users


  )


  $pp=$null


  $pp={'name'=$null;'primarysmtp'=$null}


  $obj=New-Object-TypeName psobject-Property$pp


  $result=()


  foreach($user in$users){


  $info=get-aduser-Filter{name-eq$user}-Properties proxyaddresses


  $primarySMTPAddress=""


  foreach($address in$info.proxyAddresses)


  {


  if(($address.Length-gt 5)-and($address.SubString(0,5)-ceq'SMTP:'))


  {


  $primarySMTPAddress=$address.SubString(5)


  break


  }


  }


  $objtemp=$obj|select*


  $objtemp.name=$info.Name


  $objtemp.primarysmtp=$primarySMTPAddress


  $result+=$objtemp


  }


  return$result


  }


  #Get AD User Informtion


  #$ADUsers=Get-ADUser-SearchBase"ou=mango,ou=ddb_group,ou=melbourne,dc=omnicom,dc=com,dc=au"-Properties proxyaddresses,emailaddress,displayname-Filter*


  Write-Host""


  $uUser=Read-Host"Please input the domain name"


  try{


  $ADUsers=get-aduser$uUser-Properties proxyaddresses,emailaddress,displayname


  #Change SamAccountName and UPN


  foreach($ADUser in$ADUsers){


  $ADUser.Name


  $GivenName=$ADUser.GivenName


  $SurName=$ADUser.Surname


  if(($GivenName-ne$null)-or($SurName-ne$null))


  {


  $newSAM=$GivenName.ToLower()+'.'+$SurName.ToLower()


  $oldUPN=$ADUser.UserPrincipalName


  $domainName=$oldUPN.Split('')[1]


  $newUPN=$newSAM+''+$domainName


  write-host"Updating ADUPN:$oldupn->$newUPN"-ForegroundColor Cyan


  #Change AD UPN and SamAccount


  Set-ADUser$ADUser-SamAccountName$newSAM-UserPrincipalName$newUPN


  #Change AD email


  $oldEmail=$ADUser.emailaddress


  $newEmail=$newSAM+‘'+$oldemail.split('')[1]


  write-host"Updating Email:$oldEmail->$newEmail"-ForegroundColor Cyan


  set-aduser$newSAM-EmailAddress$newEmail


  #Change Primary SMTP


  $primary=Get-PrimarySMTP-users$ADUser.name|select-ExpandProperty primarysmtp


  Write-Host"Updating ProxyAddress.."-ForegroundColor Cyan


  #Write-Host"Current Primary address is$primary"-ForegroundColor Cyan


  $Aduser.proxyaddresses.remove("SMTP:"+$primary)


  $Aduser.proxyaddresses.add("smtp:"+$primary)


  $Aduser.proxyaddresses.add("SMTP:"+$newEmail)


  set-aduser$newSAM-replace{proxyaddresses=[string[]]$ADUser.proxyaddresses}-ErrorAction Stop


  #Change cloud UPN.If Office365 session is not connected properly,follow commands wont'work!


  $oldmsolupn=Get-MsolUser-SearchString$ADUser.Name


  $oldmsolupn=$oldmsolupn|select-First 1|select-ExpandProperty UserPrincipalName


  $newmsolupn=$newSAM+''+$oldmsolupn.split('')[1]


  write-host"Updating MSOLUPN:$oldmsolupn->$newmsolupn"-ForegroundColor Cyan


  Set-MsolUserPrincipalName-UserPrincipalName$oldmsolupn-NewUserPrincipalName$newmsolupn


  Write-Host""


  }


  else{


  Write-Warning"Either GivenName or Surname is Empty"


  }


  }


  #Confirm result


  Write-Host"Confirm AD Result"-ForegroundColor Cyan


  get-aduser$newSAM-Properties proxyaddresses,mail|select Name,SamAccountName,UserPrincipalName,proxyaddresses,mail


  Write-Host"Confirm O365 Result"-ForegroundColor Cyan


  Get-MsolUser-SearchString$ADUser.Name|select UserPrincipalName


  }catch[Microsoft.ActiveDirectory.Management.ADIdentityNotFoundException]{


  write-host"AD User can not found"-ForegroundColor red


  }catch[Microsoft.ActiveDirectory.Management.ADException]{


  Write-Host"User vlaue can't be updated or the specified value already exists"-ForegroundColor Red


  }


来自 “ ITPUB博客 ” ,链接:http://blog.itpub.net/69976867/viewspace-2706680/,如需转载,请注明出处,否则将追究法律责任。

请登录后发表评论 登录
全部评论

注册时间:2020-07-11

  • 博文量
    18
  • 访问量
    207737