1、禁用账号
Disable-ADAccount -Identity li.si
or
Disable-ADAccount -Identity "CN=li.si,OU=yunwei,DC=kangbao,DC=com"
2、启用账号
Enable-ADAccount -Identity "li.si"
or
Enable-ADAccount -Identity "CN=li.si,OU=yunwei,DC=kangbao,DC=com"
3、获取所有禁用的用户,计算机和服务帐户
Search-ADAccount -AccountDisabled | FT Name,ObjectClass -A
Name ObjectClass
---- -----------
Guest user
Pattith user
PattiFul_51399 user
PattyFul-LPTOP computer
4、获取所有被禁用的用户
Search-ADAccount -AccountDisabled -UsersOnly | FT Name,ObjectClass -A
Name ObjectClass
---- -----------
Guest user
PattiFul user
PattiFul_51399 user
5、获取所有已过期的用户,计算机和服务帐户
Search-ADAccount -AccountExpired | FT Name,ObjectClass -A
Name ObjectClass
---- -----------
Evan Narvaez user
Patti Fuller user
David Chew user
6、获取将在指定时间内到期的所有用户,计算机和服务帐户
Search-ADAccount -AccountExpiring -TimeSpan 6.00:00:00 | FT Name,ObjectClass -A
Name ObjectClass
---- -----------
David Chew user
Evan Narvaez user
Patti Fuller user
此命令返回将在未来6天内到期的所有用户,计算机和服务帐户
7、获取所有已过期的帐户
Search-ADAccount -PasswordExpired | FT Name,ObjectClass -A
Name ObjectClass
---- -----------
David Chew user
Evan Narvaez user
Patti Fuller user
8、获取所有被锁定的帐户
Search-ADAccount -LockedOut | FT Name,ObjectClass -A
Name ObjectClass
---- -----------
Patti Fuller user
9、清除指定用户的帐户到期日期
Clear-ADAccountExpiration -Identity PattiFuller
此命令清除具有SamAccountName PattiFuller的用户的帐户到期日期。
10、将用户添加到组
将指定的用户帐户添加到组
Add-ADGroupMember -Identity SvcAccPSOGroup -Members SQL01,SQL02