首页
酷软
游戏
媒体
- 电影
- 剧集
- 动画
- 记录
- 综艺
- MV
- 有声世界
云资源
源码
更多
- 文库
- 系统
- web
- 站长帮
- 玩电脑
- 玩游戏
- 玩手机
- 涨姿势
- 玩软件
- 云图志
- 看漫画
- 微读书
- PS玩家
- 网文网语
- 硬件数码
- 编程开发
- 神秘之旅
- 福利线报
- 商业资源
- 网赚相关
- 健康加油站
赞助专区
云盘专区
资源阁
缘聚岛
BT种子库

[玩转系统] 使用 PowerShell 设置本地用户帐户

作者：精品下载站日期：2024-12-14 07:42:06 浏览：16 分类：玩电脑

使用 PowerShell 设置本地用户帐户

首先，我要指出的是，使用 PowerShell 管理远程计算机上的本地用户帐户实际上非常容易。您需要做的就是学习如何使用 NET USER 命令并使用 Invoke-Command 执行它。

invoke-command { net user } -computername chi-core01

invoke-command { net user localadmin } -computername chi-core01

CHI-CORE01 上的 LocalAdmin 帐户当前已禁用（帐户活动等于否）。但启用和设置新密码非常容易。

invoke-command { net user localadmin P@ssw0rd /active:Yes } -computername chi-core01

但是，这不能很好地扩展，并且 NET USER 命令的功能可能会因操作系统而异。因此，这是一个利用 ADSI 执行相同操作的 PowerShell 函数。

#requires -version 2.0

Function Set-LocalUserAccount {
<#
.SYNOPSIS
Enable or disable a local user account.

.DESCRIPTION
This command will allow you to set the password of a local user account as well
as enable or disable it. By default, this command will not write anything to
the pipeline unless you use -Passthru.  You must run this under credentials 
that have administrator rights on the remote computer.

.PARAMETER ComputerName 
The name of the computer to connect to. This parameter has an alias of CN.
.PARAMETER UserName 
The name of the local user account on the computer.
.PARAMETER Password 
The new password to set. This parameter has an alias of PWD.
.PARAMETER Status 
Enable or disable the local user account.
.PARAMETER Passthru
Write the user account object to the pipeline
.EXAMPLE
PS C:\> Set-LocalUserAccount SERVER01,SERVER02 DBAdmin -status disable

Disable the local user account DBAdmin on SERVER01 and SERVER02

.EXAMPLE
PS C:\> get-content c:\work\computers.txt | set-localuseraccount LocalAdmin -password "^Crx33t7A"

Sets the password for account LocalAdmin on all computers in computers.txt

.NOTES
Version: 1.0
Author : Jeff Hicks (@JeffHicks)

Learn more:
 PowerShell in Depth: An Administrator's Guide (http://www.manning.com/jones2/)
 PowerShell Deep Dives (http://manning.com/hicks/)
 Learn PowerShell 3 in a Month of Lunches (http://manning.com/jones3/)
 Learn PowerShell Toolmaking in a Month of Lunches (http://manning.com/jones4/)


  ****************************************************************
  * DO NOT USE IN A PRODUCTION ENVIRONMENT UNTIL YOU HAVE TESTED *
  * THOROUGHLY IN A LAB ENVIRONMENT. USE AT YOUR OWN RISK.  IF   *
  * YOU DO NOT UNDERSTAND WHAT THIS SCRIPT DOES OR HOW IT WORKS, *
  * DO NOT USE IT OUTSIDE OF A SECURE, TEST SETTING.             *
  ****************************************************************

.INPUTS
String
.OUTPUTS
None or System.DirectoryServices.DirectoryEntry

#>

[cmdletbinding(SupportsShouldProcess=$True)]

Param (
[Parameter(Position=0,ValueFromPipeline=$True,ValueFromPipelineByPropertyName=$True)]
[ValidateNotNullorEmpty()]
[Alias("cn")]
[string[]]$ComputerName=$env:COMPUTERNAME, 
[Parameter(Position=1,Mandatory=$True,
HelpMessage="What is the name of the local user account?",
ValueFromPipelineByPropertyName=$True)]
[ValidateNotNullorEmpty()]
[string]$UserName, 
[Parameter(ValueFromPipelineByPropertyName=$True)]
[Alias("pwd")]
[string]$Password, 
[ValidateSet("Enable","Disable")]
[string]$Status="Enable",
[switch]$Passthru
)

Begin {
    Write-Verbose "Starting $($myinvocation.mycommand)"
    #define a constant to disable or enable an account
    New-Variable ADS_UF_ACCOUNTDISABLE 0x0002 -Option Constant

    Write-Verbose "Setting local user account $username"
} #begin

Process {
    foreach ($computer in $computername) {
        Write-Verbose "Connecting to $computer"
        Write-Verbose "Getting user account"

        $Account = [ADSI]"WinNT://$computer/$username,user"

        #validate the user account was found
        if (-NOT $Account.path) {
            Write-Warning "Failed to find $username on $computername"
            #bail out
            Return
        }

        #Get current enabled/disabled status
        if ($Account.userflags.value -band $ADS_UF_ACCOUNTDISABLE) {
          $Enabled = $False
        }
        else {
          $Enabled = $True
        }

        Write-verbose "Account enabled is $Enabled"

        if ($enabled -AND ($Status -eq "Disable")) {
            Write-Verbose "disabling the account"
            $value=$Account.userflags.value -bor $ADS_UF_ACCOUNTDISABLE
            $Account.put("userflags",$value)
        }
        elseif ((-NOT $enabled) -AND ($Status -eq "Enable")) {
            Write-Verbose "Enabling the account"
            $value=$Account.userflags.value -bxor $ADS_UF_ACCOUNTDISABLE
            $Account.put("userflags",$value)
        }
        else {
            #account is already in the desired state
            Write-Verbose "No change necessary"
        }

        if ($Password) {
            Write-Verbose "Setting acccount password"
            $Account.SetPassword($Password)
        }
    
        #Whatif
        if ($PSCmdlet.ShouldProcess("$computer$username")) {
            Write-Verbose "Committing changes"
            $Account.SetInfo()
         }
         if ($Passthru) {
            Write-Verbose "Passing object to the pipeline"
            $Account

         }
    } #foreach
} #process

End {    
    Write-Verbose "Ending $($myinvocation.mycommand)"
} #end
 
} #end Set-LocalUserAccount function

此函数应该适用于 PowerShell 2.0 及更高版本。帮助内容包括一些使用示例。您可以使用此命令简单地更改用户密码，或者在启用或禁用帐户的同时更改密码。启用和禁用是通过对 userflags 值和指示帐户已禁用的常量标志进行按位运算来完成的。

可能还有更多内容可以添加到命令中，例如设置评论属性以及帐户何时过期。但我现在将这些更改留给您。