如何通过脚本将超过180天未登录的账户列出？列出的账户带OU

Question

工程师您好，

  有一个脚本，将超过180天未登录的账户列出，但是只能列出账户和最后一次登陆时间，没法确认账户是哪个OU下的，请问有什么脚本能将将超过180天未登录的带OU的账户列出？

Get the current date

$currentDate = Get-Date

Calculate the threshold date (2 days ago)

$thresholdDate = $currentDate.AddDays(-2)

Find all user accounts in Active Directory that have not logged in since the threshold date

$inactiveUsers = Get-ADUser -Filter {

lastLogonTimestamp -lt $thresholdDate

} -Property lastLogonTimestamp, DisplayName, SamAccountName

Display the inactive users

Write-Output "用户超过2天未登录的账户："

foreach ($user in $inactiveUsers) {

$lastLogonDate = [DateTime]::FromFileTime($user.lastLogonTimestamp)

Write-Output ("用户名: {0}, 最后登录日期: {1}" -f $user.SamAccountName, $lastLogonDate)

}

谢谢！

Answer 1

你好，

账户所在的OU可以通过账户的DistinguishedName来获取，比如像下面这样

# Get the current date
$currentDate = Get-Date
# Calculate the threshold date (2 days ago)
$thresholdDate = $currentDate.AddDays(-2)
# Find all user accounts in Active Directory that have not logged in since the threshold date
$inactiveUsers = Get-ADUser -Filter {lastLogonTimestamp -lt $thresholdDate} -Property lastLogonTimestamp, DisplayName|Select-Object -Property SamAccountName,lastLogonTimestamp,@{n='OU';e={$_.DistinguishedName -replace '^.*?,(?=[A-Z]{2}=)'}}
# Display the inactive users
Write-Output "用户超过2天未登录的账户："
foreach ($user in $inactiveUsers) {
$lastLogonDate = [DateTime]::FromFileTime($user.lastLogonTimestamp)
Write-Output ("用户名: {0}, 最后登录日期: {1}, OU: {2}" -f $user.SamAccountName,$lastLogonDate,$user.OU)
}

祝好

Ian Xue

---

如果回答是有帮助的，请点击“接受答案”。