使用PowerShell在数组中查找通配符匹配

0

我有一个要在其上进行ActiveDirectory查找的用户列表,但我不想在弹出到我的列表中的系统帐户上进行查找。我要检查的列表将具有用户帐户的全名。我想使用可预测的模式对照该列表。

我正在编写的代码目前看起来像这样:

$Usertest = "BUILTIN\Administrator"
$SystemUsers = @(
    'NT AUTHORITY\*',
    'BUILTIN\*',
    'S-*',
    'Everyone'
 )
if ($SystemUsers -contains $UserTest)
{
    Write-Host "$Usertest is a system or deleted account"
}
else
{
    Write-Host "$Usertest exists in Active Directory"
}

显然,上面的代码无法正常工作,但确实可以传达我要完成的工作。

powershell  user-accounts  array 
cyborgcommando0
source

Answers:

1

下午,

您尝试执行的操作有一些错误:

单引号

$SystemUsers = @(
    'NT AUTHORITY\*',
    'BUILTIN\*',
    'S-*',
    'Everyone'
 )

单引号是文字字符串,并且不能互斥。在这种情况下,您将寻找名为的用户NT Authority\*。通过将它们更改为双引号-您将开始匹配模式。有关更多信息,请参见Microsoft文档网站上的关于报价规则

逃离

在PowerShell中,“ \”是转义字符。为了逃避斜线-将它们加倍:

$SystemUsers = @(
    "NT AUTHORITY\\*",
    "BUILTIN\\*",
    "S-1*",
    "Everyone"
 )

有关此的更多信息-看看Stack OverFlow 上的这个问题。另外,与匹配S-*将为您提供大量您不想要的匹配,请尝试"S-1*"。自Windows 2000以来,Windows SID尚未真正更改,因此这是一件相当安全的事情

遍历数组

简而言之-使用通配符时,字符串不会与数组进行比较。 本文为您演示了这一点。

比较数组中所有项目的最简单方法是遍历数组:

ForEach ($SystemUser in $SystemUsers) { }

不包含比赛

匹配是匹配数组中项目的更好方法。Microsoft的“ 关于比较运算符”页面将为您提供一个快速入门,但除此之外,它的负载也更多。尝试类似的方法:

ForEach ($SystemUser in $SystemUsers) {
    if ($Usertest -match $SystemUser)
    {
        Write-Host "$Usertest is a system or deleted account"
    }
    else
    {
        Write-Host "$Usertest exists in Active Directory"
    }
}

全部放在一起

$Usertest = "BUILTIN\Administrator"
$SystemUsers = @(
    "NT AUTHORITY\\*",
    "BUILTIN\\*",
    "S-1*",
    "Everyone"
 )

 ForEach ($SystemUser in $SystemUsers) {
    if ($Usertest -match $SystemUser)
    {
        Write-Host "$Usertest is a system or deleted account"
    }
    else
    {
        Write-Host "$Usertest exists in Active Directory"
    }
 }

这将为您提供匹配的输出:

BUILTIN \ Administrator存在于Active Directory中

BUILTIN \ Administrator是系统帐户或已删除的帐户

BUILTIN \ Administrator存在于Active Directory中

BUILTIN \ Administrator存在于Active Directory中

...但是这只有一半解决了您的问题-您只真正在乎是否有比赛,更不用说2、3或4了。如果找到了比赛,您也不想继续测试!将其扩展为包括swtch,将行打印移至末尾并完成作业:

$Usertest = "BUILTIN\Administrator"
$SystemUsers = @(
   "NT AUTHORITY\\*",
   "BUILTIN\\*",
   "S-1*",
   "Everyone"
)

$HasUserBeenMatchedYet = $false
    ForEach ($SystemUser in $SystemUsers) {
        if ($Usertest -match $SystemUser) {
            $HasUserBeenMatchedYet = $true
            break
        }
    }

if ($HasUserBeenMatchedYet -eq $true) {
    Write-Host "$Usertest is a system or deleted account"
} else {
    Write-Host "$Usertest exists in Active Directory"
}

BUILTIN \ Administrator是系统帐户或已删除的帐户

MyStupidFakeUser存在于Active Directory中

奖励积分!

让用户将其放在数组中进行测试并遍历这些数组:

$Usertests = @("MyStupidFakeUser", "NT Authority\Someone")
$SystemUsers = @(
   "NT AUTHORITY\\*",
   "BUILTIN\\*",
   "S-1*",
   "Everyone"
)

ForEach ($UserTest in $userTests) {
    $HasUserBeenMatchedYet = $false
        ForEach ($SystemUser in $SystemUsers) {
            if ($Usertest -match $SystemUser) {
                $HasUserBeenMatchedYet = $true
                break
            }
        }

    if ($HasUserBeenMatchedYet -eq $true) {
        Write-Host "$Usertest is a system or deleted account"
    } else {
        Write-Host "$Usertest exists in Active Directory"
    }
}

...现在您要做的就是实际上测试它们是否在AD中- 看看PowerShell中的Get-ADUser

Fazer87
source
By using our site, you acknowledge that you have read and understand our Cookie Policy and Privacy Policy.
Licensed under cc by-sa 3.0 with attribution required.