最近有一个要求,要求企业必须建设预公告自然环境,将制造业的广告用户输出到预公告自然环境。一开始他们提前准备用csvde导出导入,然后果断应用PowerShell。下面是将某个OU下的用户复制到另一个域并开通账号统一设置登录密码。再次感谢朋友费爵士深夜陪我一起检测。
先说一下大概的思路:如果你要迁移一个ou下的用户,而你又要迁移ou,那么你就要先迁移OU,再迁移用户,最后还有一个要求就是你要迁移用户的主管,所以你要在迁移用户之后设置用户的管理器。
下面以复印物流中心的OU为例进行迁移。
#出口物流中心OU
$oucsv = 'C:\Users\sys_robin\OUexportWuliu.csv' Get-ADOrganizationalUnit -SearchBase 'OU=物流中心,DC=corp,DC=viplab,DC=com' -Filter * -Properties * | select name,distinguishedName | export-csv $oucsv -Encoding UTF8 -NoTypeInformation#导入物流中心的OU
import-module activedirectory $OldDom = 'DC=corp,DC=viplab,DC=com' $NewDom = 'DC=corp,DC=demo,DC=com' $oucsv = 'c:\OUexportWuliu.csv' $success = 0 $failed = 0 $oulist = Import-Csv $oucsv $oulist | foreach { $outemp = $_.Distinguishedname -replace $OldDom,$NewDom #need to split ouTemp and lose the first item $ousplit = $outemp -split ',',2 $outemp Try { $newOU = New-ADOrganizationalUnit -name $_.Name -path $ousplit[1] -EA stop Write-Host "Successfully created OU: $_.Name" $success } Catch { Write-host "ERROR creating OU: $outemp" #$error[0].exception.message" $failed } Finally { echo "" } } Write-host "Created $success OUs with $failed errors"#导出物流中心下的用户
$path= 'C:\Users\sys_robin\ADUsers_Wuliu.csv' Get-ADUser -SearchBase 'OU=物流中心,DC=corp,DC=viplab,DC=com' -Filter * -Properties * |select sAMAccountName,cn,name,objectCategory,description,displayName,userPrincipalName,distinguishedName,title,manager,department,employeenumber | Export-csv $path -NotypeInformation -Encoding:UTF8#物流中心下的用户指南
Import-Module activedirectory $OldDom = 'DC=corp,DC=viplab,DC=com' $NewDom = 'DC=corp,DC=demo,DC=com' $oldUPN = 'corp.viplab.com' $NewUPN = 'corp.demo.com' $password = ConvertTo-SecureString 'abc.123' -asplaintext -force $Usercsv = 'c:\ADUsers_Wuliu.csv' $success = 0 $failed = 0 $Userlist = Import-Csv $Usercsv $Userlist | foreach { $Usertemp = $_.Distinguishedname -replace $OldDom,$NewDom $UserUPN = $_.UserPrincipalName -replace $oldUPN,$NewUPN #need to split UserTemp and lose the first item $Usersplit = $Usertemp -split ',',2 $Usertemp Try { $newUser = New-ADUser -name $_.Name -SamAccountName $_.SamAccountName -Description $_.description -displayname $_.displayname -title $_.title -department $_.department -UserPrincipalName $UserUPN -EmployeeNumber $_.EmployeeNumber -AccountPassword $password -Enable $true -path $Usersplit[1] -EA stop Write-Host "Successfully created User: $_.Name" $success } Catch { Write-Host "ERROR creating OU: $Usertemp" #$error[0].exception.message" $failed } Finally { echo "" } } Write-host "Created $success Users with $failed errors"#设置物流中心用户的经理
Import-Module activedirectory $OldDom = 'DC=corp,DC=viplab,DC=com' $NewDom = 'DC=corp,DC=demo,DC=com' $Usercsv = 'c:\ADUsers_Wuliu.csv' $success = 0 $failed = 0 $Userlist = Import-Csv $Usercsv $Userlist | foreach { $UserManager = $_.Manager -replace $OldDom,$NewDom Try { $Usertemp = $_.Distinguishedname -replace $OldDom,$NewDom $SetManager = Set-ADUser -Identity $_.SamAccountName -Manager $UserManager -EA stop Write-Host "Successfully Set Manager: $_.Name" $success } Catch { Write-Host "ERROR Set Manager: $Usertemp" #$error[0].exception.message" $failed } Finally { echo "" } } Write-host "Created $success Users with $failed errors"通过应用上述脚本,AD域中的OU和用户可以成功迁移到新的检测域。如果有多个OU,可以用相同的方式进行迁移。您还可以整理脚本并一次迁移几个ou。
欢迎分享,转载请注明来源:内存溢出
微信扫一扫
支付宝扫一扫
评论列表(0条)