未加星标

Check for a switch with PowerShell script

字体大小 | |
[系统(windows) 所属分类 系统(windows) | 发布者 店小二04 | 时间 2017 | 作者 红领巾 ] 0人收藏点击收藏

Check for a switch with PowerShell script
Q. How can I check for a switch using PowerShell?

A.I recently had to create a script that enabled a user to be specified then had to be added to two groups which represented the target location for access and a VLAN. Based on these values two group names were generated (based on a standard) then the user added to them. The groups already existed for all the possible locations and VLANs. After being passed the values a check is performed to ensure they exist. I also wanted the option to remove a user from the groups which is accomplished via a single switch RemoveMember. Then in the code you can check if the switch is passed using RemoveMember.IsPresent. Below is the full script.

<#

.SYNOPSIS

Enables a user for a VLAN for a specific location

.DESCRIPTION

Enables a user for a VLAN for a specific location

.PARAMETER Username

User name

.PARAMETER VLAN

User vlan

.PARAMETER Location

User location

.PARAMETER RemoveMember

User RemoveMember

.EXAMPLE

EnableVLANUser johnsav 99 DAL

#>

[cmdletbinding()]

Param(

[Parameter(ValuefromPipeline=$true,Mandatory=$true)][string]$username, [Parameter(ValuefromPipeline=$true,Mandatory=$true)][string]$vlan, [Parameter(ValuefromPipeline=$true,Mandatory=$true)][string]$loc, [Parameter(ValuefromPipeline=$false,Mandatory=$false)][switch]$RemoveMember)

#Check if the entries are valid

$vlangroupname = "VLAN" + $vlan + "GRP"

$locgroupname = "LOC" + $loc + "VLGRP"

$userobj = Get-ADUser -LDAPFilter "(SAMAccountName=$username)"

$vlanobj = Get-ADGroup -LDAPFilter "(SAMAccountName=$vlangroupname)"

$locobj = Get-ADGroup -LDAPFilter "(SAMAccountName=$locgroupname)"

$errorFound = $false

if ($userobj -eq $null) {"User not valid";$errorFound = $true}

if ($vlanobj -eq $null) {"VLAN not valid";$errorFound = $true}

if ($locobj -eq $null) {"Location not valid";$errorFound = $true}

if(!$errorFound)

{

Write-Verbose "Looking good and adding user to groups"

if($RemoveMember.IsPresent) #if removing

{

$userobj | Remove-ADPrincipalGroupMembership -MemberOf $vlanobj -Confirm:$false

$userobj | Remove-ADPrincipalGroupMembership -MemberOf $locobj -Confirm:$false

}

else #if adding

{

$userobj | Add-ADPrincipalGroupMembership -MemberOf $vlanobj

$userobj | Add-ADPrincipalGroupMembership -MemberOf $locobj

}

}

Usage is as follows to add:

.\EnableVLANUser.ps1 johnsav 100 DAL

To remove:

.\EnableVLANUser.ps1 johnsav 100 DAL RemoveMember

本文系统(windows)相关术语:三级网络技术 计算机三级网络技术 网络技术基础 计算机网络技术

主题: PowerShellANUADPDULGTI
分页:12
转载请注明
本文标题:Check for a switch with PowerShell script
本站链接:http://www.codesec.net/view/529915.html
分享请点击:


1.凡CodeSecTeam转载的文章,均出自其它媒体或其他官网介绍,目的在于传递更多的信息,并不代表本站赞同其观点和其真实性负责;
2.转载的文章仅代表原创作者观点,与本站无关。其原创性以及文中陈述文字和内容未经本站证实,本站对该文以及其中全部或者部分内容、文字的真实性、完整性、及时性,不作出任何保证或承若;
3.如本站转载稿涉及版权等问题,请作者及时联系本站,我们会及时处理。
登录后可拥有收藏文章、关注作者等权限...
技术大类 技术大类 | 系统(windows) | 评论(0) | 阅读(38)