function Check-ADUser
{
Param(
[Parameter(Mandatory=$true)]
[ValidateNotNullOrEmpty()]
[String] $Key,
[switch] $Force
)
# 确定查找内容
$Identities = @()
if (Test-Path $Key) {
$Identities += Get-Content $Key -encoding UTF8
} else {
$Identities += $Key
}
# 开始查找
$Users = @()
for ($i = 0; $i -lt $Identities.Count; $i++) {
if ($Force) {
$filter = "SamAccountName -eq `"$($Identities[$i])`""
} else {
$filter = "Name -like `"*$($Identities[$i])*`" -or EmployeeID -like `"*$($Identities[$i])*`" -or SamAccountName -eq `"$($Identities[$i])`""
}
#$userOfMain = Get-ADUser -Filter "$filter" -SearchBase 'OU=Vxi_Users_SH,DC=vxichina,DC=com' -Properties EmployeeID,Description,whenCreated,whenChanged,LockedOut,lockoutTime,LastLogonDate,UserWorkstations,AccountExpirationDate,MobilePhone,State -ErrorAction SilentlyContinue
#$userOfSub = Get-ADUser -Filter "$filter" -SearchBase 'OU=Apple_Users_SH,DC=apple,DC=vxichina,DC=com' -Properties EmployeeID,Description,whenCreated,whenChanged,LockedOut,lockoutTime,LastLogonDate,UserWorkstations,AccountExpirationDate,MobilePhone,State -server "ACMDCSH1.apple.vxichina.com" -ErrorAction SilentlyContinue
$userOfMain = Get-ADUser -Filter "$filter" -SearchBase 'DC=vxichina,DC=com' -Properties EmployeeID,Description,whenCreated,Modified,LockedOut,lockoutTime,LastLogonDate,UserWorkstations,AccountExpirationDate,ipPhone,State,PasswordNeverExpires,passwordlastset,pwdLastSet,telephoneNumber -ErrorAction SilentlyContinue
$userOfSub = Get-ADUser -Filter "$filter" -SearchBase 'DC=apple,DC=vxichina,DC=com' -Properties EmployeeID,Description,whenCreated,Modified,LockedOut,lockoutTime,LastLogonDate,UserWorkstations,AccountExpirationDate,ipPhone,State,PasswordNeverExpires,passwordlastset,pwdLastSet,telephoneNumber -server "ACMDCSH1.apple.vxichina.com" -ErrorAction SilentlyContinue
$Users += $userOfMain
$Users += $userOfSub
}
# 判断特殊状态
for ($j = 0; $j -lt $Users.Count; $j++) {
$lockouttime=$Users[$j].lockoutTime
if ($lockouttime -gt 0 -and $users.LockedOut -eq $true) {
$time=[DateTime]::FromFileTime($lockouttime)
Add-Member -InputObject $Users[$j] -MemberType NoteProperty -Name LockoutTimeStream -Value $time -Force
}
if ($Users[$j].AccountExpirationDate) {
$diffTime = $($Users[$j].AccountExpirationDate) - $([datetime]::Now)
$days = $diffTime.Days
if ($days -ge 0) {
$expires = "账户将在${days}天后过期"
} else {
$days=[Math]::Abs($days)
$expires="账户已过期${days}天"
}
Add-Member -InputObject $Users[$j] -MemberType NoteProperty -Name Expires -Value $expires -Force
}
if ($Users[$j].Enabled -eq $false) {
Add-Member -InputObject $Users[$j] -MemberType NoteProperty -Name Status -Value "已禁用" -Force
}
if ($Users[$j].PasswordNeverExpires) {
Add-Member -InputObject $Users[$j] -MemberType NoteProperty -Name PasswordExpires -Value "设置了帐户为密码永不过期" -Force
} else {
if ($Users[$j].pwdLastSet -eq 0) {
Add-Member -InputObject $Users[$j] -MemberType NoteProperty -Name PasswordExpires -Value "帐户属性设置为用户下次登录时须更改密码" -Force
} else {
$ed = 90 - $($(Get-Date) - $Users[$j].PasswordLastSet).Days
Add-Member -InputObject $Users[$j] -MemberType NoteProperty -Name PasswordExpires -Value "密码过期剩余天数为${ed}" -Force
}
}
}
Write-Host -Foreground White -BackgroundColor DarkRed -object "--查询开始--------------------------------------------------------------"
$Users
Write-Host -Foreground White -BackgroundColor DarkRed -object "--查询结束--------------------------------------------------------------"
Write-Host -Foreground White -BackgroundColor DarkRed -object "--查询结果:$($Users.Count)"
}