如何从Powershell通过职务查询GAL?

 收藏

我正在阅读一份工作中涉及很多职位的文档,但我不知道这些人实际上是谁,我只知道他们的职位。

我知道此信息可在“全球通讯簿”中找到,但我不知道如何输入职务(我想是位置)并找回实际人员的姓名和联系信息。

是否有可能使用Powershell来以职位名称作为输入并以联系人作为输出来“几乎”在GAL中查找联系人?

o365当然...

回复
  • 转身说再见 回复

    至于...

    是否有可能使用Powershell来“几乎”查找联系人   GAL使用职位名称作为输入,使用联系人作为输出?

    ...简单的答案,是的。 您只需为其编写代码,就像它是本地Exchange一样,当然也可以通过PSRemote会话使用Exchange Online cmdlet。

    Connection to EXO us a daily use case and fully documented as to how, from Microsoft here: Connect to Exchange Online PowerShell

    $UserCredential = Get-Credential
    $Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://outlook.office365.com/powershell-liveid/ -Credential $UserCredential -Authentication Basic -AllowRedirection
    Import-PSSession $Session -DisableNameChecking
    

    或仅使用MS PowerSHellGallery.com的此脚本

    https://www.powershellgallery.com/packages/Connect-O365/1.5.4/Content/Connect-O365.ps1

    还是这个

    https://gallery.technet.microsoft.com/office/Connect-to-Office-53f6eb07/file/221497/1/Connect-Office365Services.ps1

    但是,请记住,GAL是从AD填充的。因此,如果您处于混合环境中,则只需点击本地AD即可获取。

    您具有内置的cmdlet,用于用户搜索AD和EXP / EXO:

    Get-Command -Name '*adaccount*' | Format-Table -AutoSize
    
    CommandType Name                                            Version Source         
    ----------- ----                                            ------- ------         
    Alias       Set-ADAccountPasswordHash                       3.4     DSInternals    
    Cmdlet      Clear-ADAccountExpiration                       1.0.1.0 ActiveDirectory
    Cmdlet      Disable-ADAccount                               1.0.1.0 ActiveDirectory
    Cmdlet      Enable-ADAccount                                1.0.1.0 ActiveDirectory
    Cmdlet      Get-ADAccountAuthorizationGroup                 1.0.1.0 ActiveDirectory
    Cmdlet      Get-ADAccountResultantPasswordReplicationPolicy 1.0.1.0 ActiveDirectory
    Cmdlet      Search-ADAccount                                1.0.1.0 ActiveDirectory
    Cmdlet      Set-ADAccountAuthenticationPolicySilo           1.0.1.0 ActiveDirectory
    Cmdlet      Set-ADAccountControl                            1.0.1.0 ActiveDirectory
    Cmdlet      Set-ADAccountExpiration                         1.0.1.0 ActiveDirectory
    Cmdlet      Set-ADAccountPassword                           1.0.1.0 ActiveDirectory
    Cmdlet      Unlock-ADAccount                                1.0.1.0 ActiveDirectory
    
    
    
    # get function / cmdlet details
    (Get-Command -Name Search-ADAccount).Parameters.Keys
    Get-help -Name Search-ADAccount -Full
    Get-help -Name Search-ADAccount -Online
    Get-help -Name Search-ADAccount -Examples
    
    Search-ADAccount -AccountDisabled | FT Name,ObjectClass -A  
    Search-ADAccount -AccountDisabled -UsersOnly | FT Name,ObjectClass -A   
    Search-ADAccount -AccountExpired | FT Name,ObjectClass -A   
    Search-ADAccount -AccountExpiring -TimeSpan 6.00:00:00 | FT Name,ObjectClass -A 
    Search-ADAccount -AccountInactive -TimeSpan 90.00:00:00 | FT Name,ObjectClass -A    
    Search-ADAccount -PasswordExpired | FT Name,ObjectClass -A  
    Search-ADAccount -PasswordNeverExpires | FT Name,ObjectClass -A 
    Search-ADAccount -LockedOut | FT Name,ObjectClass -A    
    Search-ADAccount -AccountDisabled -ComputersOnly | FT Name,ObjectClass -A   
    Search-ADAccount -AccountExpiring -DateTime "3/18/2009" | FT Name,ObjectClass -A    
    Search-AdAccount -AccountDisabled -SearchBase "DC=AppNC" -Server "FABRIKAM-SRV1:60000"  
    
    # Or just use
    (Get-Command -Name Get-ADUser).Parameters.Keys
    Get-help -Name Get-ADUser -Full
    Get-help -Name Get-ADUser -Online
    Get-help -Name Get-ADUser -Examples 
    
    
    # If you are really wanting to do this using EXP/EXO, then it provide a cmdlet to help
    Get-ADObject -ldapfilter "(&(objectClass=contact)(objectCategory=person)(!showinAddressBook=*))" -properties *
    

    您也可以使用ADAC为您编写此代码,只需单击以下步骤并保存代码即可根据需要进行修改。请遵循以下说明。

    Introduction to Active Directory Administrative Center Enhancements (Level 100)

    Learning PowerShell with Active Directory Administrative Center (PowerShell History Viewer)

    Step-By-Step: Utilizing PowerShell History Viewer in Windows Server 2012 R2

    Use Active Directory Administrative Center to Create PowerShell Commands in Windows Server 2012