• 本地用户管理


    将以下内容保存为.psm1,然后在PowerShell中使用 Import-Module 命令导入.psm1文件后,即可使用其命令

    1.获取本地用户

    #---------------------------------------------------------------------------------
    #The sample scripts are not supported under any Microsoft standard support
    #program or service. The sample scripts are provided AS IS without warranty
    #of any kind. Microsoft further disclaims all implied warranties including,
    #without limitation, any implied warranties of merchantability or of fitness for
    #a particular purpose. The entire risk arising out of the use or performance of
    #the sample scripts and documentation remains with you. In no event shall
    #Microsoft, its authors, or anyone else involved in the creation, production, or
    #delivery of the scripts be liable for any damages whatsoever (including,
    #without limitation, damages for loss of business profits, business interruption,
    #loss of business information, or other pecuniary loss) arising out of the use
    #of or inability to use the sample scripts or documentation, even if Microsoft
    #has been advised of the possibility of such damages
    #---------------------------------------------------------------------------------

    #requires -Version 2.0

    Function Get-OSCLocalAccount
    {
    <#
    .SYNOPSIS
    Get-OSCLocalAccount is an advanced function which can be list all of local user account.
    .DESCRIPTION
    Get-OSCLocalAccount is an advanced function which can be list all of local user account.
    .PARAMETER <AccountName>
    Specifies the local user account you want to search.
    .PARAMETER <ComputerName <string[]>
    Specifies the computers on which the command runs. The default is the local computer.
    .PARAMETER <Credential>
    Specifies a user account that has permission to perform this action.
    .EXAMPLE
    C:PS> Get-OSCLocalAccount

    This command shows how to list all of local users on local computer.
    .EXAMPLE
    C:PS> Get-OSCLocalAccount | Export-Csv -Path "D:LocalUserAccountInfo.csv" -NoTypeInformation

    This command will export report to csv file. If you attach the <NoTypeInformation> parameter with command, it will omits the type information
    from the CSV file. By default, the first line of the CSV file contains "#TYPE " followed by the fully-qualified name of the object type.
    .EXAMPLE
    C:PS> Get-OSCLocalAccount -AccountName "Administrator","Guest"

    This command shows how to list local Administrator and Guest account information on local computer.
    .EXAMPLE
    C:PS> $Cre=Get-Credential
    C:PS> Get-OSCLocalAccount -Credential $Cre -Computername "WINSERVER"

    This command lists all of local user accounts on the WINSERVER remote computer.
    #>
    [CmdletBinding()]
    Param
    (
    [Parameter(Position=0,Mandatory=$false,ValueFromPipeline=$true,ValueFromPipelineByPropertyName=$true)]
    [ValidateNotNullorEmpty()]
    [Alias('cn')][String[]]$ComputerName=$Env:COMPUTERNAME,
    [Parameter(Position=1,Mandatory=$false)]
    [Alias('un')][String[]]$AccountName,
    [Parameter(Position=2,Mandatory=$false)]
    [Alias('cred')][System.Management.Automation.PsCredential]$Credential
    )

    $Obj = @()

    Foreach($Computer in $ComputerName)
    {
    If($Credential)
    {
    $AllLocalAccounts = Get-WmiObject -Class Win32_UserAccount -Namespace "rootcimv2" `
    -Filter "LocalAccount='$True'" -ComputerName $Computer -Credential $Credential -ErrorAction Stop
    }
    else
    {
    $AllLocalAccounts = Get-WmiObject -Class Win32_UserAccount -Namespace "rootcimv2" `
    -Filter "LocalAccount='$True'" -ComputerName $Computer -ErrorAction Stop
    }

    Foreach($LocalAccount in $AllLocalAccounts)
    {
    $Object = New-Object -TypeName PSObject

    $Object|Add-Member -MemberType NoteProperty -Name "Name" -Value $LocalAccount.Name
    $Object|Add-Member -MemberType NoteProperty -Name "Full Name" -Value $LocalAccount.FullName
    $Object|Add-Member -MemberType NoteProperty -Name "Caption" -Value $LocalAccount.Caption
    $Object|Add-Member -MemberType NoteProperty -Name "Disabled" -Value $LocalAccount.Disabled
    $Object|Add-Member -MemberType NoteProperty -Name "Status" -Value $LocalAccount.Status
    $Object|Add-Member -MemberType NoteProperty -Name "LockOut" -Value $LocalAccount.LockOut
    $Object|Add-Member -MemberType NoteProperty -Name "Password Changeable" -Value $LocalAccount.PasswordChangeable
    $Object|Add-Member -MemberType NoteProperty -Name "Password Expires" -Value $LocalAccount.PasswordExpires
    $Object|Add-Member -MemberType NoteProperty -Name "Password Required" -Value $LocalAccount.PasswordRequired
    $Object|Add-Member -MemberType NoteProperty -Name "SID" -Value $LocalAccount.SID
    $Object|Add-Member -MemberType NoteProperty -Name "SID Type" -Value $LocalAccount.SIDType
    $Object|Add-Member -MemberType NoteProperty -Name "Account Type" -Value $LocalAccount.AccountType
    $Object|Add-Member -MemberType NoteProperty -Name "Domain" -Value $LocalAccount.Domain
    $Object|Add-Member -MemberType NoteProperty -Name "Description" -Value $LocalAccount.Description

    $Obj+=$Object
    }

    If($AccountName)
    {
    Foreach($Account in $AccountName)
    {
    $Obj|Where-Object{$_.Name -like "$Account"}
    }
    }
    else
    {
    $Obj
    }
    }
    }

    以上脚本来自于:http://gallery.technet.microsoft.com/scriptcenter/Script-to-retrieve-all-b70a1dba

    GetLocalAccount

    2.管理本地用户:

    Function New-LocalUser
    {
    <#
    .Synopsis
    This function creates a local user
    .Description
    This function creates a local user
    .Example
    New-LocalUser -userName "ed" -description "cool Scripting Guy" `
    -password "password"
    Creates a new local user named ed with a description of cool scripting guy
    and a password of password.
    .Parameter ComputerName
    The name of the computer upon which to create the user
    .Parameter UserName
    The name of the user to create
    .Parameter password
    The password for the newly created user
    .Parameter description
    The description for the newly created user
    .Notes
    NAME: New-LocalUser
    AUTHOR: ed wilson, msft
    LASTEDIT: 06/29/2011 10:07:42
    KEYWORDS: Local Account Management, Users
    HSG: HSG-06-30-11
    .Link
    Http://www.ScriptingGuys.com/blog
    #Requires -Version 2.0
    #>
    [CmdletBinding()]
    Param(
    [Parameter(Position=0,
    Mandatory=$True,
    ValueFromPipeline=$True)]
    [string]$userName,
    [Parameter(Position=1,
    Mandatory=$True,
    ValueFromPipeline=$True)]
    [string]$password,
    [string]$computerName = $env:ComputerName,
    [string]$description = "Created by PowerShell"
    )
    $computer = [ADSI]"WinNT://$computerName"
    $user = $computer.Create("User", $userName)
    $user.setpassword($password)
    $user.put("description",$description)
    $user.SetInfo()
    } #end function New-LocalUser

    Function New-LocalGroup
    {
    <#
    .Synopsis
    This function creates a local group
    .Description
    This function creates a local group
    .Example
    New-LocalGroup -GroupName "mygroup" -description "cool local users"
    Creates a new local group named mygroup with a description of cool local users.
    .Parameter ComputerName
    The name of the computer upon which to create the group
    .Parameter GroupName
    The name of the Group to create
    .Parameter description
    The description for the newly created group
    .Notes
    NAME: New-LocalGroup
    AUTHOR: ed wilson, msft
    LASTEDIT: 06/29/2011 10:07:42
    KEYWORDS: Local Account Management, Groups
    HSG: HSG-06-30-11
    .Link
    Http://www.ScriptingGuys.com/blog
    #Requires -Version 2.0
    #>
    [CmdletBinding()]
    Param(
    [Parameter(Position=0,
    Mandatory=$True,
    ValueFromPipeline=$True)]
    [string]$GroupName,
    [string]$computerName = $env:ComputerName,
    [string]$description = "Created by PowerShell"
    )

    $adsi = [ADSI]"WinNT://$computerName"
    $objgroup = $adsi.Create("Group", $groupName)
    $objgroup.SetInfo()
    $objgroup.description = $description
    $objgroup.SetInfo()

    } #end function New-LocalGroup

    Function Set-LocalGroup
    {
    <#
    .Synopsis
    This function adds or removes a local user to a local group
    .Description
    This function adds or removes a local user to a local group
    .Example
    Set-LocalGroup -username "ed" -groupname "administrators" -add
    Assigns the local user ed to the local administrators group
    .Example
    Set-LocalGroup -username "ed" -groupname "administrators" -remove
    Removes the local user ed to the local administrators group
    .Parameter username
    The name of the local user
    .Parameter groupname
    The name of the local group
    .Parameter ComputerName
    The name of the computer
    .Parameter add
    causes function to add the user
    .Parameter remove
    causes the function to remove the user
    .Notes
    NAME: Set-LocalGroup
    AUTHOR: ed wilson, msft
    LASTEDIT: 06/29/2011 10:23:53
    KEYWORDS: Local Account Management, Users, Groups
    HSG: HSG-06-30-11
    .Link
    Http://www.ScriptingGuys.com/blog
    #Requires -Version 2.0
    #>
    [CmdletBinding()]
    Param(
    [Parameter(Position=0,
    Mandatory=$True,
    ValueFromPipeline=$True)]
    [string]$userName,
    [Parameter(Position=1,
    Mandatory=$True,
    ValueFromPipeline=$True)]
    [string]$GroupName,
    [string]$computerName = $env:ComputerName,
    [Parameter(ParameterSetName='addUser')]
    [switch]$add,
    [Parameter(ParameterSetName='removeuser')]
    [switch]$remove
    )
    $group = [ADSI]"WinNT://$ComputerName/$GroupName,group"
    if($add)
    {
    $group.add("WinNT://$ComputerName/$UserName")
    }
    if($remove)
    {
    $group.remove("WinNT://$ComputerName/$UserName")
    }
    } #end function Set-LocalGroup

    Function Set-LocalUserPassword
    {
    <#
    .Synopsis
    This function changes a local user password
    .Description
    This function changes a local user password
    .Example
    Set-LocalUserPassword -userName "ed" -password "newpassword"
    Changes a local user named ed password to newpassword.
    .Parameter ComputerName
    The name of the computer upon which to change the user's password
    .Parameter UserName
    The name of the user for which to change the password
    .Parameter password
    The new password for the user
    .Notes
    NAME: Set-LocalUserPassword
    AUTHOR: ed wilson, msft
    LASTEDIT: 06/29/2011 10:07:42
    KEYWORDS: Local Account Management, Users
    HSG: HSG-06-30-11
    .Link
    Http://www.ScriptingGuys.com/blog
    #Requires -Version 2.0
    #>
    [CmdletBinding()]
    Param(
    [Parameter(Position=0,
    Mandatory=$True,
    ValueFromPipeline=$True)]
    [string]$userName,
    [Parameter(Position=1,
    Mandatory=$True,
    ValueFromPipeline=$True)]
    [string]$password,
    [string]$computerName = $env:ComputerName
    )
    $user = [ADSI]"WinNT://$computerName/$username,user"
    $user.setpassword($password)
    $user.SetInfo()
    } #end function Set-LocalUserPassword

    function Set-LocalUser
    {
    <#
    .Synopsis
    Enables or disables a local user
    .Description
    This function enables or disables a local user
    .Example
    Set-LocalUser -userName ed -disable
    Disables a local user account named ed
    .Example
    Set-LocalUser -userName ed -password Password
    Enables a local user account named ed and gives it the password password
    .Parameter UserName
    The name of the user to either enable or disable
    .Parameter Password
    The password of the user once it is enabled
    .Parameter Description
    A description to associate with the user account
    .Parameter Enable
    Enables the user account
    .Parameter Disable
    Disables the user account
    .Parameter ComputerName
    The name of the computer on which to perform the action
    .Notes
    NAME: Set-LocalUser
    AUTHOR: ed wilson, msft
    LASTEDIT: 06/29/2011 12:40:43
    KEYWORDS: Local Account Management, Users
    HSG: HSG-6-30-2011
    .Link
    Http://www.ScriptingGuys.com/blog
    #Requires -Version 2.0
    #>
    [CmdletBinding()]
    Param(
    [Parameter(Position=0,
    Mandatory=$True,
    ValueFromPipeline=$True)]
    [string]$userName,
    [Parameter(Position=1,
    Mandatory=$True,
    ValueFromPipeline=$True,
    ParameterSetName='EnableUser')]
    [string]$password,
    [Parameter(ParameterSetName='EnableUser')]
    [switch]$enable,
    [Parameter(ParameterSetName='DisableUser')]
    [switch]$disable,
    [string]$computerName = $env:ComputerName,
    [string]$description = "modified via powershell"
    )
    $EnableUser = 512 # ADS_USER_FLAG_ENUM enumeration value from SDK
    $DisableUser = 2 # ADS_USER_FLAG_ENUM enumeration value from SDK
    $User = [ADSI]"WinNT://$computerName/$userName,User"

    if($enable)
    {
    $User.setpassword($password)
    $User.description = $description
    $User.userflags = $EnableUser
    $User.setinfo()
    } #end if enable
    if($disable)
    {
    $User.description = $description
    $User.userflags = $DisableUser
    $User.setinfo()
    } #end if disable
    } #end function Set-LocalUser

    Function Remove-LocalUser
    {
    <#
    .Synopsis
    This function deletes a local user
    .Description
    This function deletes a local user
    .Example
    Remove-LocalUser -userName "ed"
    Removes a new local user named ed.
    .Parameter ComputerName
    The name of the computer upon which to delete the user
    .Parameter UserName
    The name of the user to delete
    .Notes
    NAME: Remove-LocalUser
    AUTHOR: ed wilson, msft
    LASTEDIT: 06/29/2011 10:07:42
    KEYWORDS: Local Account Management, Users
    HSG: HSG-06-30-11
    .Link
    Http://www.ScriptingGuys.com/blog
    #Requires -Version 2.0
    #>
    [CmdletBinding()]
    Param(
    [Parameter(Position=0,
    Mandatory=$True,
    ValueFromPipeline=$True)]
    [string]$userName,
    [string]$computerName = $env:ComputerName
    )
    $User = [ADSI]"WinNT://$computerName"
    $user.Delete("User",$userName)
    } #end function Remove-LocalUser

    Function Remove-LocalGroup
    {
    <#
    .Synopsis
    This function deletes a local group
    .Description
    This function deletes a local group
    .Example
    Remove-LocalGroup -GroupName "mygroup"
    Creates a new local group named mygroup.
    .Parameter ComputerName
    The name of the computer upon which to delete the group
    .Parameter GroupName
    The name of the Group to delete
    .Notes
    NAME: Remove-LocalGroup
    AUTHOR: ed wilson, msft
    LASTEDIT: 06/29/2011 10:07:42
    KEYWORDS: Local Account Management, Groups
    HSG: HSG-06-30-11
    .Link
    Http://www.ScriptingGuys.com/blog
    #Requires -Version 2.0
    #>
    [CmdletBinding()]
    Param(
    [Parameter(Position=0,
    Mandatory=$True,
    ValueFromPipeline=$True)]
    [string]$GroupName,
    [string]$computerName = $env:ComputerName
    )
    $Group = [ADSI]"WinNT://$computerName"
    $Group.Delete("Group",$GroupName)
    } #end function Remove-LocalGroup

    function Test-IsAdministrator
    {
    <#
    .Synopsis
    Tests if the user is an administrator
    .Description
    Returns true if a user is an administrator, false if the user is not an administrator
    .Example
    Test-IsAdministrator
    #>
    param()
    $currentUser = [Security.Principal.WindowsIdentity]::GetCurrent()
    (New-Object Security.Principal.WindowsPrincipal $currentUser).IsInRole([Security.Principal.WindowsBuiltinRole]::Administrator)
    } #end function Test-IsAdministrator

    以上脚本来自于:http://gallery.technet.microsoft.com/scriptcenter/f75801e7-169a-4737-952c-1341abea5823

    New-LocalGroup                          
    New-LocalUser                      
    Remove-LocalGroup                    
    Remove-LocalUser                      
    Set-LocalGroup                          
    Set-LocalUser                  
    Set-LocalUserPassword     
    Test-IsAdministrator

  • 相关阅读:
    Promise简单使用,需要在ES6以上
    uni-app条件编译:#ifdef #ifndef #endif
    js获取年月日
    js验证手机号、身份证等
    json.stringify()与json.parse()
    Vuex基本使用的总结--转载
    ...mapMutations前面的三个点什么意思
    制作缩略图、远程缩略图
    node整个环境的启动
    redis命令
  • 原文地址:https://www.cnblogs.com/dreamer-fish/p/3365542.html
Copyright © 2020-2023  润新知