Exchange 统计用户登录情况

$recipientType = @{

1 = ‘UserMailbox’

2 = ‘Linked Mailbox’

4 = ‘Shared Mailbox’

8 = ‘Exchange 2003 Legacy’

16 = ‘Room’

32 = ‘Equipment’

64 = ‘Mail Contact’

128 = ‘Mail User’

256 = ‘Mail universal Distribution Group’

512 = ‘Mail non universal Group’

1024 = ‘Mail universal Security Group’

2048 = ‘Dynamic Distribution Group’

4096 = ‘Mail-Enabled Public Folder’

8192 = ‘System Attendant Mailbox’

16384 = ‘Systemmailbox/Mailbox Database Mailbox’

32768 = ‘Cross Forest Mail Contact’

65536 = ‘User’

131072 = ‘Contact’

262144 = ‘Universal Distribution Group’

524288 = ‘Universal Security Group’

1048576 = ‘Non-Universal Group’

2097152 = ‘Disabled User’

4194304 = ‘Microsoft Exchange’

8388608 = ‘Arbitration Mailbox’

16777216 = ‘MailboxPlan’

33554432 = ‘LinkedUser’

268435456 = ‘RoomList’

536870912 = ‘DiscoverySearchMailbox’

1073741824 = ‘Role Group’

2147483648 = ‘RemoteUserMailbox’

4294967296 = ‘Computer’

8589934592 = ‘RemoteRoomMailbox’

17179869184 = ‘RemoteEquipmentMailbox’

34359738368 = ‘RemoteSharedMailbox’

68719476736 = ‘PublicFoldermailbox’

137438953472 = ‘Team Mailbox’

274877906944 = ‘RemoteTeamMailbox’

549755813888 = ‘Monitoring Mailbox’

1099511627776 = ‘Group Mailbox’

2199023255552 = ‘LinkedRoomMailbox’

4398046511104 = ‘AuditLogMailbox’

8796093022208 = ‘RemoteGroupMailbox’

17592186044416 = ‘SchedulingMailbox’

35184372088832 = ‘GuestMailBox’

70368744177664 = ‘AuxAuditLogMailbox’

140737488355328 = ‘SupervisoryReview’

}

$date = (Get-Date).AddDays(-180) //统计180天内未登录用户

$properties = @(

'canonicalName'

'Enabled'

'LastLogonDate'

'whenCreated'

'msExchRecipientTypeDetails'

'userPrincipalName'

'SamAccountName'

'mailNickname'

'ProxyAddresses'

'displayName'

'givenName'

'sn'

'title'

'department'

'physicalDeliveryOfficeName'

'telephoneNumber'

'mobile'

'streetAddress'

'l'

'st'

'postalCode'

'c'

)

Use -notlike “*” for empty/no mailboxes

Get-ADUser -Filter ‘ProxyAddresses -like “*” -and lastLogonDate -lt $date’ -Properties $properties -ResultSetSize 2000 |

ForEach-Object {

    [PSCustomObject]@{ 

        Path        = $_.CanonicalName

        'AD Status' = ('Disabled', 'Enabled')[[Int32]$_.Enabled]

        LastLogonDate = $_.LastLogonDate

        WhenCreated   = $_.WhenCreated

        RecipientType = $(if ($_.msExchRecipientTypeDetails) {$recipientType[$_.msExchRecipientTypeDetails]})

        userPrincipalName = $_.userPrincipalName

        SamAccountName = $_.SamAccountName

        mailNickname = $_.mailNickname

        Primaryemail = $_.ProxyAddresses -cmatch '^SMTP:' -replace '^smtp:'

        ProxyAddresses = $_.ProxyAddresses

        displayName = $_.displayName

        givenName = $_.givenName

        sn = $_.sn

        title = $_.title

        department = $_.department

        physicalDeliveryOfficeName = $_.physicalDeliveryOfficeName

        telephoneNumber = $_.telephoneNumber

        mobile = $_.mobile

        streetAddress = $_.streetAddress

        l = $_.l

        st = $_.st

        postalCode = $_.postalCode

        c = $_.c

    }

} |

Export-Csv $home\desktop\Inactivembxreport.csv -NoTypeInformation -Encoding Utf8

Windows ActiveDirectory 移除用户所属的组

$UserToRemove = “lijianhang@thtfpc.com”

Try {
#Connect to Exchange Online
# Connect-ExchangeOnline

#Get All Distribution Lists - Excluding Mail enabled security groups
$Groups = Get-ADGroup -Filter *  |  Where {($_.GroupCategory -contains "Distribution" -or $_.GroupCategory  -contains "Security")}  | Select-Object -Property  SamAccountName
#$Groups = Get-Distributiongroup -resultsize unlimited |  Where {( $_.GroupType  -contains "Security")}

#Loop through each Distribution Lists
ForEach ($Group in $Groups)
{
    #Check if the Distribution List contains the particular user
    If ((Get-DistributionGroupMember $Group.Name | Select -Expand PrimarySmtpAddress) -contains $UserToRemove)
    {
        Remove-DistributionGroupMember -Identity $Group.Name -Member $UserToRemove -Confirm:$false
        Write-host "Removed user from group '$Group'" -f Green
    }
}

}
Catch {
write-host -f Red “Error:” $_.Exception.Message
}

将用户移除所属AD组

$ouPath = “DC=thtfpc,DC=com”
$users = Get-ADUser -SearchBase $ouPath -Filter {Enabled -eq $false}
foreach ($user in $users) {
$userDN = $user.DistinguishedName
$groups = Get-ADPrincipalGroupMembership -Identity $userDN | Where-Object { $_.Name -ne “Domain Users” }
foreach ($group in $groups) {
Remove-ADGroupMember -Identity $group -Members $user -Confirm:$false
}
}

Windows ActiveDirectory 批量迁移用户

从 CSV 文件禁用用户

您还可以禁用逗号（.csv）文本文件中列出的所有 Active Directory 用户帐户。该文件必须包含一个标头，然后包含一个用户名列表，每行一个。我的CSV文件只有一列（标题为“名称”），所以我的逗号分隔文件没有逗号！如果 CSV 文件包含多个列，则脚本将忽略这些额外的列。

如：

首先将 CSV 文件的内容作为对象（$users）导入，然后使用ForEach循环禁用文本文件每一行上的用户。下面是 PowerShell 脚本：

180天非活动用户，这里-TimeSpan可以手动指定日期

$timespan = New-Timespan -Days 180
Search-ADAccount -UsersOnly -AccountInactive -TimeSpan $timespan | Select-Object UserPrincipalName ,Name | Export-Csv -Path C:\InactiveUser.csv -Encoding UTF8 -NoTypeInformation

$users=Import-CSV c:\InactiveUser.csv

ForEach ($User01 in $users) { Disable-ADAccount -Identity $($user.name)

Get-ADUser -Identity $User01.Name | foreach {Move-ADObject -Identity $_.ObjectGuid -TargetPath ‘OU=DisableUsers,OU=2024年,OU=离职员工,DC=abc,DC=com’ }

}

若要检查结果，请使用搜索 ADAccountcmdlet：Search-ADAccount -AccountDisabled -UsersOnly | Select-Object Name, SamAccountName

值得注意的是，由于 Active Directory 同步LastLogOnDate属性的方式，在使用Search-ADAccountcmdlet 指定 –AccountInactive参数时返回的结果可能不准确多达 9-14 天

windows 磁盘健康检查

chkdsk 命令介绍

chkdsk 一直是微软自带的磁盘检测工具，对磁盘的健康状态没有做过多的说明。用于检查硬盘和卷上的文件系统完整性并修复逻辑错误和坏扇区. 它遍历所有数据列表，确保磁盘上的内容都是正确的。

CHKDSK实用程序会标记硬盘上的坏扇区，以便Windows知道不要从这些坏扇区存储或读取数据。Windows停止访问标记的坏扇区，会导致存储在这些坏扇区中的数据永久丢失。

当你运行CHKDSK时，它会执行操作来修复逻辑文件系统，尽管这可能会导致数据丢失。CHKDSK过程有五个阶段，其中三个是强制性的，两个是可选的。当你在CMD中运行磁盘修复命令CHKDSK时，你可以看到该实用程序的各个阶段。

⚙️阶段1. 检查基本文件系统结构

⚙️阶段2. 检查文件名链接

⚙️阶段3. 检查安全描述符

⚙️阶段4. 在用户文件数据种查找损坏的集群（可选）

⚙️阶段5. 查找损坏的空间集群（可选）

磁盘健康状态和smart

Modern hard drives have a feature known as S.M.A.R.T. (Self-Monitoring, Analysis, and Reporting Technology,) which allows you to quickly see their health status. Though this feature should automatically notify you if there are any issues with your drive, you can check it manually if you think something’s not right.

现代硬盘有一项名为S.M.A.R.T.(自我监控、分析和报告技术)的功能，可让您快速查看其健康状态。虽然此功能会自动通知您驱动器是否有任何问题，但如果您认为有问题，可以手动检查。

windows 自带的磁盘健康检查命令

wmic diskdrive get status

Get-WmiObject -namespace root\wmi –class MSStorageDriver_FailurePredictStatus