Mudanças entre as edições de "Microsoft AD"

De TheNets Wiki
Ir para: navegação, pesquisa
(Criou página com 'Scripts e exemplos de como trabalhar com o Active Directory. === Desativar contas ociosas do AD === <syntaxhighlight lang="powershell" line="1"> # Disable inactive AD users...')
 
Linha 1: Linha 1:
 
Scripts e exemplos de como trabalhar com o Active Directory.
 
Scripts e exemplos de como trabalhar com o Active Directory.
  
=== Desativar contas ociosas do AD ===
+
===Desativar contas ociosas do AD===
 
<syntaxhighlight lang="powershell" line="1">
 
<syntaxhighlight lang="powershell" line="1">
 
# Disable inactive AD users
 
# Disable inactive AD users
Linha 7: Linha 7:
 
# Select only users with more than 90 days inactive
 
# Select only users with more than 90 days inactive
 
$timespan = New-Timespan –Days 90
 
$timespan = New-Timespan –Days 90
 +
$UsersToBeDisabled = Search-ADAccount -UsersOnly -AccountInactive –TimeSpan $timespan
  
 
# All inactive users but Administrator
 
# All inactive users but Administrator
$Users = Search-ADAccount -UsersOnly -AccountInactive –TimeSpan $timespan | Where-Object {$_.Name -ne 'Administrator'}
+
$UsersToBeDisabled = $UsersToBeDisabled | Where-Object {$_.Name -ne 'Administrator'}
  
 
# Ignore users that never logged-on (like the "AWS_SecureConnect" user)
 
# Ignore users that never logged-on (like the "AWS_SecureConnect" user)
$UsersToBeDisabled = $Users | ForEach-Object { if($_.LastLogonDate) {$_} }
+
$UsersToBeDisabled = $UsersToBeDisabled | ForEach-Object { if($_.LastLogonDate) {$_} }
  
 
# List users to be disabled
 
# List users to be disabled
Linha 18: Linha 19:
  
 
# Disable AD account
 
# Disable AD account
$UsersToBeDisabled | Disable-ADAccount
+
$UsersToBeDisabled | Disable-ADAccount -WhatIf
 
</syntaxhighlight><br />
 
</syntaxhighlight><br />

Edição das 01h09min de 14 de fevereiro de 2020

Scripts e exemplos de como trabalhar com o Active Directory.

Desativar contas ociosas do AD

 1 # Disable inactive AD users
 2 
 3 # Select only users with more than 90 days inactive
 4 $timespan = New-Timespan Days 90
 5 $UsersToBeDisabled = Search-ADAccount -UsersOnly -AccountInactive TimeSpan $timespan
 6 
 7 # All inactive users but Administrator
 8 $UsersToBeDisabled = $UsersToBeDisabled | Where-Object {$_.Name -ne 'Administrator'}
 9 
10 # Ignore users that never logged-on (like the "AWS_SecureConnect" user)
11 $UsersToBeDisabled = $UsersToBeDisabled | ForEach-Object { if($_.LastLogonDate) {$_} }
12 
13 # List users to be disabled
14 $UsersToBeDisabled
15 
16 # Disable AD account
17 $UsersToBeDisabled | Disable-ADAccount -WhatIf