我有一个脚本在AD禁用用户提供了以下步骤:PowerShell脚本与错误第一次运行,但正确地第二次或第三次
- 询问用户名
- 组“域用户”基团如主组
- 在AD禁用用户
- 移动到禁用OU
- 从AD明确管理器
- 删除除“域用户的所有组“
- 从exchande列表
添加disabled_mailboxes用户
当我运行它一步一步,它做工精细也是从第一次
这里是脚本:
$username = Read-Host -Prompt 'Enter Username'
Add-PSSnapin Microsoft.Exchange.Management.PowerShell.E2010
Import-Module ActiveDirectory
$user = Get-ADUser -Filter {(SamAccountName -eq $username)} -Properties MemberOf
#set "domain users" group as primary group
$group = get-adgroup "Domain Users" -properties @("primaryGroupToken")
get-aduser $username | set-aduser -replace @{primaryGroupID=$group.primaryGroupToken}
#disable users in AD
Get-ADUser -Filter {(SamAccountName -eq $username)} | Disable-ADAccount -ErrorAction SilentlyContinue
#move to disabled OU
Get-ADUser -Filter {(SamAccountName -eq $username)} | Move-ADObject –TargetPath “OU=Users,OU=Disabled Objects,DC=xxxxxxx,DC=xxx,DC=XXX”
#clear Manager from AD
Get-ADUser -Filter {(SamAccountName -eq $username)} | Set-ADUser -Clear manager
#-------------------------
#remove all groups except 'domain users'
Get-ADPrincipalGroupMembership -Identity $username | % {Remove-ADPrincipalGroupMembership -Identity $username -MemberOf $_ -Confirm:$false -ErrorAction SilentlyContinue}
#code can be removed.
#$group = $user | Select-Object -ExpandProperty MemberOf
#Remove-ADGroupMember -Identity $group -Members $user.SamAccountName -Confirm:$false -ErrorAction SilentlyContinue
#-------------------------
#Add disabled_mailboxes to the user
Add-ADGroupMember -Identity 'disabled_mailboxes' -Member $User.SamAccountName -ErrorAction SilentlyContinue
#-------------------------
#Hide account from exchande list
Set-Mailbox -identity $user.SamAccountName -HiddenFromAddressListsEnabled $true -ErrorAction SilentlyContinue
的Windows 2012R2,Exchange 2010中
任何人都可以有帮助那???
感谢
米娜
看到类似的东西,我认为这可能是复制问题,稍后再看,你能否将错误添加到问题中?确保ErrorAction设置为“继续”而不是“SilentlyContinue”,这将抑制错误 – SteloNLD