Board logo

标题: [转载代码] PowerShell对系统本地用户和组的增删查改 [打印本页]

作者: DAIC    时间: 2015-7-22 13:15     标题: PowerShell对系统本地用户和组的增删查改

新增本地用户
  1. Function New-LocalUser
  2. {
  3.   <#
  4.    .Synopsis
  5.     This function creates a local user
  6.    .Description
  7.     This function creates a local user
  8.    .Example
  9.     New-LocalUser -userName "ed" -description "cool Scripting Guy" `
  10.         -password "password"
  11.     Creates a new local user named ed with a description of cool scripting guy
  12.     and a password of password.
  13.    .Parameter ComputerName
  14.     The name of the computer upon which to create the user
  15.    .Parameter UserName
  16.     The name of the user to create
  17.    .Parameter password
  18.     The password for the newly created user
  19.    .Parameter description
  20.     The description for the newly created user
  21.    .Notes
  22.     NAME:  New-LocalUser
  23.     AUTHOR: ed wilson, msft
  24.     LASTEDIT: 06/29/2011 10:07:42
  25.     KEYWORDS: Local Account Management, Users
  26.     HSG: HSG-06-30-11
  27.    .Link
  28.      Http://www.ScriptingGuys.com/blog
  29. #Requires -Version 2.0
  30. #>
  31. [CmdletBinding()]
  32. Param(
  33.   [Parameter(Position=0,
  34.       Mandatory=$True,
  35.       ValueFromPipeline=$True)]
  36.   [string]$userName,
  37.   [Parameter(Position=1,
  38.       Mandatory=$True,
  39.       ValueFromPipeline=$True)]
  40.   [string]$password,
  41.   [string]$computerName = $env:ComputerName,
  42.   [string]$description = "Created by PowerShell"
  43. )
  44. $computer = [ADSI]"WinNT://$computerName"
  45. $user = $computer.Create("User", $userName)
  46. $user.setpassword($password)
  47. $user.put("description",$description)
  48. $user.SetInfo()
  49. } #end function New-LocalUser
复制代码


原文地址 https://gallery.technet.microsoft.com/scriptcenter/f75801e7-169a-4737-952c-1341abea5823
作者: DAIC    时间: 2015-7-22 13:16

新增本地组
  1. Function New-LocalGroup
  2. {
  3. <#
  4.    .Synopsis
  5.     This function creates a local group
  6.    .Description
  7.     This function creates a local group
  8.    .Example
  9.     New-LocalGroup -GroupName "mygroup" -description "cool local users"
  10.     Creates a new local group named mygroup with a description of cool local users.
  11.    .Parameter ComputerName
  12.     The name of the computer upon which to create the group
  13.    .Parameter GroupName
  14.     The name of the Group to create
  15.    .Parameter description
  16.     The description for the newly created group
  17.    .Notes
  18.     NAME:  New-LocalGroup
  19.     AUTHOR: ed wilson, msft
  20.     LASTEDIT: 06/29/2011 10:07:42
  21.     KEYWORDS: Local Account Management, Groups
  22.     HSG: HSG-06-30-11
  23.    .Link
  24.      Http://www.ScriptingGuys.com/blog
  25. #Requires -Version 2.0
  26. #>
  27. [CmdletBinding()]
  28. Param(
  29.   [Parameter(Position=0,
  30.       Mandatory=$True,
  31.       ValueFromPipeline=$True)]
  32.   [string]$GroupName,
  33.   [string]$computerName = $env:ComputerName,
  34.   [string]$description = "Created by PowerShell"
  35. )
  36.   $adsi = [ADSI]"WinNT://$computerName"
  37.   $objgroup = $adsi.Create("Group", $groupName)
  38.   $objgroup.SetInfo()
  39.   $objgroup.description = $description
  40.   $objgroup.SetInfo()
  41. } #end function New-LocalGroup
复制代码

作者: DAIC    时间: 2015-7-22 13:17

修改本地组(向组内添加或删除本地用户)
  1. Function Set-LocalGroup
  2. {
  3.   <#
  4.    .Synopsis
  5.     This function adds or removes a local user to a local group
  6.    .Description
  7.     This function adds or removes a local user to a local group
  8.    .Example
  9.     Set-LocalGroup -username "ed" -groupname "administrators" -add
  10.     Assigns the local user ed to the local administrators group
  11.    .Example
  12.     Set-LocalGroup -username "ed" -groupname "administrators" -remove
  13.     Removes the local user ed to the local administrators group
  14.    .Parameter username
  15.     The name of the local user
  16.    .Parameter groupname
  17.     The name of the local group
  18.    .Parameter ComputerName
  19.     The name of the computer
  20.    .Parameter add
  21.     causes function to add the user
  22.    .Parameter remove
  23.     causes the function to remove the user
  24.    .Notes
  25.     NAME:  Set-LocalGroup
  26.     AUTHOR: ed wilson, msft
  27.     LASTEDIT: 06/29/2011 10:23:53
  28.     KEYWORDS: Local Account Management, Users, Groups
  29.     HSG: HSG-06-30-11
  30.    .Link
  31.      Http://www.ScriptingGuys.com/blog
  32. #Requires -Version 2.0
  33. #>
  34. [CmdletBinding()]
  35. Param(
  36.   [Parameter(Position=0,
  37.       Mandatory=$True,
  38.       ValueFromPipeline=$True)]
  39.   [string]$userName,
  40.   [Parameter(Position=1,
  41.       Mandatory=$True,
  42.       ValueFromPipeline=$True)]
  43.   [string]$GroupName,
  44.   [string]$computerName = $env:ComputerName,
  45.   [Parameter(ParameterSetName='addUser')]
  46.   [switch]$add,
  47.   [Parameter(ParameterSetName='removeuser')]
  48.   [switch]$remove
  49. )
  50. $group = [ADSI]"WinNT://$ComputerName/$GroupName,group"
  51. if($add)
  52.   {
  53.    $group.add("WinNT://$ComputerName/$UserName")
  54.   }
  55.   if($remove)
  56.    {
  57.    $group.remove("WinNT://$ComputerName/$UserName")
  58.    }
  59. } #end function Set-LocalGroup
复制代码

作者: DAIC    时间: 2015-7-22 13:19

修改本地用户(禁用或启用)
  1. function Set-LocalUser
  2. {
  3.   <#
  4.    .Synopsis
  5.     Enables or disables a local user
  6.    .Description
  7.     This function enables or disables a local user
  8.    .Example
  9.     Set-LocalUser -userName ed -disable
  10.     Disables a local user account named ed
  11.    .Example
  12.     Set-LocalUser -userName ed -password Password
  13.     Enables a local user account named ed and gives it the password password
  14.    .Parameter UserName
  15.     The name of the user to either enable or disable
  16.    .Parameter Password
  17.     The password of the user once it is enabled
  18.    .Parameter Description
  19.     A description to associate with the user account
  20.    .Parameter Enable
  21.     Enables the user account
  22.    .Parameter Disable
  23.     Disables the user account
  24.    .Parameter ComputerName
  25.     The name of the computer on which to perform the action
  26.    .Notes
  27.     NAME:  Set-LocalUser
  28.     AUTHOR: ed wilson, msft
  29.     LASTEDIT: 06/29/2011 12:40:43
  30.     KEYWORDS: Local Account Management, Users
  31.     HSG: HSG-6-30-2011
  32.    .Link
  33.      Http://www.ScriptingGuys.com/blog
  34. #Requires -Version 2.0
  35. #>
  36. [CmdletBinding()]
  37. Param(
  38.   [Parameter(Position=0,
  39.       Mandatory=$True,
  40.       ValueFromPipeline=$True)]
  41.   [string]$userName,
  42.   [Parameter(Position=1,
  43.       Mandatory=$True,
  44.       ValueFromPipeline=$True,
  45.       ParameterSetName='EnableUser')]
  46.   [string]$password,
  47.   [Parameter(ParameterSetName='EnableUser')]
  48.   [switch]$enable,
  49.   [Parameter(ParameterSetName='DisableUser')]
  50.   [switch]$disable,
  51.   [string]$computerName = $env:ComputerName,
  52.   [string]$description = "modified via powershell"
  53. )
  54. $EnableUser = 512 # ADS_USER_FLAG_ENUM enumeration value from SDK
  55. $DisableUser = 2  # ADS_USER_FLAG_ENUM enumeration value from SDK
  56. $User = [ADSI]"WinNT://$computerName/$userName,User"
  57. if($enable)
  58.   {
  59.       $User.setpassword($password)
  60.       $User.description = $description
  61.       $User.userflags = $EnableUser
  62.       $User.setinfo()
  63.   } #end if enable
  64. if($disable)
  65.   {
  66.       $User.description = $description
  67.       $User.userflags = $DisableUser
  68.       $User.setinfo()
  69.   } #end if disable
  70. } #end function Set-LocalUser
复制代码

作者: DAIC    时间: 2015-7-22 13:20

删除本地用户
  1. Function Remove-LocalUser
  2. {
  3. <#
  4.    .Synopsis
  5.     This function deletes a local user
  6.    .Description
  7.     This function deletes a local user
  8.    .Example
  9.     Remove-LocalUser -userName "ed"
  10.     Removes a new local user named ed.
  11.    .Parameter ComputerName
  12.     The name of the computer upon which to delete the user
  13.    .Parameter UserName
  14.     The name of the user to delete
  15.    .Notes
  16.     NAME:  Remove-LocalUser
  17.     AUTHOR: ed wilson, msft
  18.     LASTEDIT: 06/29/2011 10:07:42
  19.     KEYWORDS: Local Account Management, Users
  20.     HSG: HSG-06-30-11
  21.    .Link
  22.      Http://www.ScriptingGuys.com/blog
  23. #Requires -Version 2.0
  24. #>
  25. [CmdletBinding()]
  26. Param(
  27.   [Parameter(Position=0,
  28.       Mandatory=$True,
  29.       ValueFromPipeline=$True)]
  30.   [string]$userName,
  31.   [string]$computerName = $env:ComputerName
  32. )
  33. $User = [ADSI]"WinNT://$computerName"
  34. $user.Delete("User",$userName)
  35. } #end function Remove-LocalUser
复制代码

作者: DAIC    时间: 2015-7-22 13:20

删除本地组
  1. Function Remove-LocalGroup
  2. {
  3. <#
  4.    .Synopsis
  5.     This function deletes a local group
  6.    .Description
  7.     This function deletes a local group
  8.    .Example
  9.     Remove-LocalGroup -GroupName "mygroup"
  10.     Creates a new local group named mygroup.
  11.    .Parameter ComputerName
  12.     The name of the computer upon which to delete the group
  13.    .Parameter GroupName
  14.     The name of the Group to delete
  15.    .Notes
  16.     NAME:  Remove-LocalGroup
  17.     AUTHOR: ed wilson, msft
  18.     LASTEDIT: 06/29/2011 10:07:42
  19.     KEYWORDS: Local Account Management, Groups
  20.     HSG: HSG-06-30-11
  21.    .Link
  22.      Http://www.ScriptingGuys.com/blog
  23. #Requires -Version 2.0
  24. #>
  25. [CmdletBinding()]
  26. Param(
  27.   [Parameter(Position=0,
  28.       Mandatory=$True,
  29.       ValueFromPipeline=$True)]
  30.   [string]$GroupName,
  31.   [string]$computerName = $env:ComputerName
  32. )
  33. $Group = [ADSI]"WinNT://$computerName"
  34. $Group.Delete("Group",$GroupName)
  35. } #end function Remove-LocalGroup
复制代码

作者: DAIC    时间: 2015-7-22 13:21

测试一个用户是不是管理员
  1. function Test-IsAdministrator
  2. {
  3.     <#
  4.     .Synopsis
  5.         Tests if the user is an administrator
  6.     .Description
  7.         Returns true if a user is an administrator, false if the user is not an administrator
  8.     .Example
  9.         Test-IsAdministrator
  10.     #>
  11.     param()
  12.     $currentUser = [Security.Principal.WindowsIdentity]::GetCurrent()
  13.     (New-Object Security.Principal.WindowsPrincipal $currentUser).IsInRole([Security.Principal.WindowsBuiltinRole]::Administrator)
  14. } #end function Test-IsAdministrator
复制代码





欢迎光临 批处理之家 (http://bbs.bathome.net/) Powered by Discuz! 7.2