我正在尝试创建一个powershell函数,它将创建网络上不活动计算机的列表。我不明白我做错了什么,我希望有人能看到我的错误,
Function Get-OldNames {
# to get an accurate list of machines that haven't logged in within a certain amount of time, we need to
# query all the DCs in the domain then aggregate all the logins together to find the most recent to compare
# against. This function performs that search against the specified OU then returns a list of computer names
# as an array of strings
# Set the target OU
$targetOU = "OU=Computers,OU=NewYork,OU=US,DC=contoso,DC=com"
# Set the number of days to check for inactive computers
$inactiveDays = -90
[System.DateTime]$todaysDate = (Get-Date -Format d)
$inactiveDate = $todaysDate.AddDays($inactiveDays)
$inactiveDateValue = (Get-Date $inactiveDate).ToFileTime()
# Get all domain controllers in the current domain
$domainControllers = Get-ADDomainController -Filter *
# Initialize an empty array to hold the results
$inactiveComputers = @()
# Loop through each domain controller and query for logons of computers in the target OU
foreach ($dc in $domainControllers) {
$dcName = $dc.Name
Write-Host "Querying $dcName..."
$inactiveComputers += Get-ADComputer -Filter 'Enabled -eq $true' -SearchBase $targetOU -Server $dcName -Properties LastLogon | Select-Object Name, LastLogon, @{Name='LastLogonAsDate';Expression={[DateTime]::FromFileTime($_.LastLogon)}}
}
# Sort the results by last logon time and filter the output
return $inactiveComputers | Sort-Object LastLogon | Group-Object Name | Where-Object LastLogon -ge $inactiveDateValue | ForEach-Object Name
}我的错误是,我的列表是空的,无论我设置$inactivedays为,-90,-30,或任何,没有区别。如果将return语句中的过滤器更改为-le而不是-ge,则会获得聚合机器名称的填充列表。我不知道我错过了什么。
1条答案
按热度按时间lymnna711#
在按
$inactiveDateValue进行筛选之前,您按“名称”对结果进行了分组。分组后的结果没有LastLogon属性,因此Where-Object会说$null永远不会大于$inactiveDateValue。以下是如何在每个DC之间检查每个组的最后一次登录:
我更喜欢
LastLogonDate,因为它易于阅读,并且它在DC之间复制。它通常足够准确(在14天内)在任何DC上。下面是一些其他的改进