powershell - 向脚本添加 -WhatIf 或“仅记录”功能?
问题描述
所以我得到了下面的脚本。在过去的几周里,你们中的许多人都帮助了我。无论如何,我的老板希望我为此添加 -whatif 功能。或者运行某种模式,但只记录 whatif 部分。无论如何,我对整个功能都是新手,但如果您使用高级功能,那么您的功能可以访问其他可用的 Powershell 开关。但是如何对包含多个函数的脚本实现 -whatif 呢?是否像为每个函数添加参数一样简单?这是我的净化代码:
#---------------------------------------------------------[Initializations]--------------------------------------------------------
#Dot Source required Function Libraries
#. "\\server\e$\scripts\Logging_Functions.ps1"
. "c:\users\documents\powershell\Logging_Functions.ps1"
#Error Action
$ErrorActionPreference = 'silentlycontinue'
#Debug preference
$global:DebugPreference = "continue"
#----------------------------------------------------------[Declarations]----------------------------------------------------------
#Script Version
$sScriptVersion = "1.0"
Import-Module ActiveDirectory
#Log File Info
$sLogPath = "C:\Users\Documents\powershell\Logs"
#$sLogPath = "\\server\e$\Logs"
$sLogName = "Set-LitmosGroups_$(get-date -f yyyy-MM-dd_HH-mm-ss).log"
$sLogFile = Join-Path -Path $sLogPath -ChildPath $sLogName
$LogLine = $null
#Variable Initializations
#Org Unit where the target groups reside (Litmos)
$OU = "ou=test_litmos, ou=test accounts, ou=domain, dc=company, dc=net"
#Org unt containing the All Managers security group
$OU2 = "CN=All Managers,OU=Organizational,OU=Groups,OU=domain,DC=company,DC=net"
# Get member of the 'ALL Managers' security group
$Managers = Get-ADGroupMember -identity $OU2 | Select-Object -expandproperty samaccountname
# Get AD groups with Report to in the name in $ou
$ReportsTo = Get-adgroup -searchbase $ou -filter "Name -like 'Report to *'" |
Select-Object -expandproperty name
#----------------------------------------------------------[Functions]-------------------------------------------------------------
Function Get-DirectReport {
#requires -Module ActiveDirectory
<#
.SYNOPSIS
This script will get a user's direct reports recursively from ActiveDirectory unless specified with the NoRecurse parameter.
It also uses the user's EmployeeID attribute as a way to exclude service accounts and/or non standard accounts that are in the reporting structure.
.NOTES
Name: Get-DirectReport
Author: theSysadminChannel
Version: 1.0
DateCreated: 2020-Jan-28
.LINK
https://thesysadminchannel.com/get-direct-reports-in-active-directory-using-powershell-recursive -
.PARAMETER SamAccountName
Specify the samaccountname (username) to see their direct reports.
.PARAMETER NoRecurse
Using this option will not drill down further than one level.
.EXAMPLE
Get-DirectReport username
.EXAMPLE
Get-DirectReport -SamAccountName username -NoRecurse
.EXAMPLE
"username" | Get-DirectReport
#>
[CmdletBinding()]
param(
[Parameter(
Mandatory = $false,
ValueFromPipeline = $true,
ValueFromPipelineByPropertyName = $true
)]
[string] $SamAccountName,
[switch] $NoRecurse
)
BEGIN {}
PROCESS {
$UserAccount = Get-ADUser $SamAccountName -Properties DirectReports, DisplayName
$UserAccount | select -ExpandProperty DirectReports | ForEach-Object {
$User = Get-ADUser $_ -Properties DirectReports, DisplayName, Title, EmployeeID
if ($null -ne $User.EmployeeID) {
if (-not $NoRecurse) {
Get-DirectReport $User.SamAccountName
}
[PSCustomObject]@{
SamAccountName = $User.SamAccountName
UserPrincipalName = $User.UserPrincipalName
DisplayName = $User.DisplayName
Manager = $UserAccount.DisplayName
}
}
}
}
END {}
}
Function New-bhReportToGroup {
[CmdletBinding()]
$script:ReportsTo = $ReportsTo -replace ("Report to ", "")
if ($manager -notin $ReportsTo) {
new-adgroup -name "Report to $manager" -groupscope global -path $ou
#write-host "Report to $manager"
$LogLine = "New group for " + $manager + " has been created."
Log-Write -LogPath $sLogFile -LineValue $LogLine
}
else {
#write-host "group for $manager already exists"
$LogLine = "Group for " + $manager + " already exists."
Log-Write -LogPath $sLogFile -LineValue $LogLine
}
}
Function Get-bhDReports {
[CmdletBinding()]
$script:directreports = Get-Directreport $manager -norecurse | Select-Object samAccountName
if ($null -ne $directreports) {
#write-host "Got reports for $manager"
$LogLine = "Gathering direct reports for " + $manager
Log-Write -LogPath $sLogFile -LineValue $LogLine
} else {
#write-host "$manager has no reports"
$LogLine = $manager + " has no reports."
Log-Write -LogPath $sLogFile -LineValue $LogLine
}
}
Function Set-bhRTGmembers {
[CmdletBinding()]
#
# Get manager's 'report to <manager>' group again to update members
$managerReportToGroup = Get-ADGroup -SearchBase $OU -Filter "Name -like 'Report to $Manager'"
if ($managerReportToGroup) {
Add-ADGroupMember -identity $managerReportToGroup.Name -members $DirectReports
Add-ADGroupMember -identity $managerReportToGroup.name -members $Manager
#write-host "Report to $manager updated"
$LogLine = "Report to " + $Manager + " updated."
Log-Write -LogPath $sLogFile -LineValue $LogLine
}
else {
#write-host "Couldnt find group for $manager"
$LogLine = "Could not find group for " + $Manager
Log-Write -LogPath $sLogFile -LineValue $LogLine
}
}
Foreach ($Manager in $Managers) {
New-bhReportToGroup
Get-bhDReports
Set-bhRTGmembers
}
Foreach ($Report in $ReportsTo) {
$report = $report -replace ("Report to ","")
if ($Report -notin $managers)
{Remove-ADGroup -Identity "Report to $Report" -confirm:$false
write-host "$report removed"
$LogLine = $report + " user has fell out of scope, Report group removed."
Log-Write -LogPath $sLogFile -LineValue $LogLine
} else {
$LogLine = "No groups deleted.`n"
Log-Write -LogPath $sLogFile -LineValue $LogLine
}
}
解决方案
推荐阅读
- java - 测量 Hyperledger Fabric 项目的性能
- mongodb - 用新数据覆盖字段
- laravel - 使用拉取数据的 Vue 组件将推送数据的 Laravel 签名路由转换为签名路由
- elasticsearch - 从有子查询中的子项获取某些字段
- data-structures - 单for循环冒泡排序的时间复杂度
- mongodb - MongoDB中的不同字段乘法
- regex - 需要 \G 锚点,在最多 255 个字符串上捕获 IPS 组
- javascript - 在通用 Windows 应用程序 (UAP/UWP) 中使用 javascript 中的 window.location 时出现错误“无法重新定义不可配置的属性‘位置’”
- android - Android ImageView 找不到位图可以找到的资源
- python - Sending images by POST using python requests