Powershell用户列表和他们登上的主机

有人会有什么建议吗?我需要从Active Directory生成一个用户列表和他们登录的计算机 . 我希望得到这样的东西:

Username Hostname

user.lastname ComputerA1

到目前为止,我已经:

Enter-PSSession Import-Module ActiveDirectory Get-ADComputer -Filter * -Properties Name Get-ADuser -filter * -Properties * | export-csv'\\ AD_UserLists.csv'

这很有效 . 我可以从AD生成一个计算机列表,我可以生成一个ADUsers列表(尽管有所有用户信息) . 不幸的是,我无法将数据生成为单个CSV .

建议/忠告????

Thanx,大卫

回答(3)

2 years ago

你可以使用wmi函数

Get-WmiObject -Class Win32_ComputerSystem -ComputerName "computersname" | Select-Object Name,Username

2 years ago

我需要从Active Directory生成用户列表和他们登录的计算机 .

此信息不存储在Active Directory中 . 您可以使用Active Directory审核来检索此信息 . 否则,您需要轮询每个工作站 .

2 years ago

这是一种获得你想要的东西的方法 . 当机器在线时,您必须针对AD-Computer对象运行此操作,并捕获您无法访问的计算机的名称 . 这样的东西......

#grab the DN of the OU where your computer objects are located...
    $OU = ("OU=Computers,DC=domain,DC=com")

    #put your filtered results in $computers (I filtered for Enabled objects)...
    $computers = @()

    ForEach ($O in $OU) {

        $computers += Get-ADComputer -SearchBase $O -filter 'Enabled -eq "True"' -Properties CN,distinguishedname,lastLogonTimeStamp | Select-Object CN,distinguishedname,lastLogonTimeStamp

    }

    #instantiate some arrays to catch your results
    #collected user info
    $userInfo = @()
    #computers you cannot ping
    $offline = @()
    #computers you can ping but cannot establish WinRM connection
    $winRmIssue = @()

    #iterate over $computers list to get user info on each...
    ForEach ($computer in $computers) {

    #filter out System account SIDs
    $WQLFilter = "NOT SID = 'S-1-5-18' AND NOT SID = 'S-1-5-19' AND NOT SID = 'S-1-5-20'" 

    $WQLFilter = $WQLFilter + " AND NOT SID = `'$FilterSID`'"

    #set number of login events to grab
    $newest = 20     

        #attempt to ping computer once by name. return 'true' is success...
        if (Test-Connection -ComputerName $computer.CN -Count 1 -ErrorAction Stop -Quiet) {

        #if ping is true, try to get some info...
            Try {

        #currently logged in user...
                $user = Get-WmiObject -Class Win32_ComputerSystem -ComputerName $computer.CN | select -ExpandProperty username

        #the most commonly logged in user, based on the past 20 log-ins...
                $UserProperty = @{n="User";e={((New-Object System.Security.Principal.SecurityIdentifier $_.ReplacementStrings[1]).Translate([System.Security.Principal.NTAccount])).ToString()}}
                $logs = Get-EventLog System -Source Microsoft-Windows-Winlogon -ComputerName $computer.CN -newest $newest | select $UserProperty
                $freqent = $logs | Group User | Sort-Object Count | Select -First 1 | Select-Object -ExpandProperty Name

                }

        #catch any connection issues...
            Catch {

                $cantInvoke = [pscustomobject][ordered]@{

                'Computer' = $computer.CN
                'Message' = "Could not Invoke-Command. Probably a WinRM issue."            

                }

                $winRMIssue += $cantInvoke

                }

        #custom psobject of gathered user info...
            $userInfoObj = New-Object psobject -Property ([ordered]@{

                'Computer' = $computer.CN
                'LoggedInUser' = $user
                'mostCommonUser' = $frequent            

                })

                    $userInfo += $userInfoObj

                }

        #if you could not ping the computer, gather that info here in a custom object...               
        else {

             $noPing = [pscustomobject][ordered]@{

             'Computer' = $computer.CN
             'DN' = $computer.distinguishedname
             'lastLogonDate' = [datetime]::FromFileTime($computer.lastLogonTimeStamp).toShortDateString()

             }

             $offline += $noPing

             }

 #then kick out the results to csv
$userInfo | Sort-Object Computer | export-csv -Path c:\path\file.csv -NoTypeInformation

$offline | Sort-Object lastLogonDate | export-csv -Path c:\path.file2csv -NoTypeInformation

$winRmIssue | Sort-Object Computer | export-csv -Path c:\path\file3.csv -NoTypeInformation