系统运维
豆子公司是上市公司,每年都需要审计。因此离职用户的信息不能删掉,只能disable掉。有的时候,桌面需要把一个离职用户的邮件重新添加到另一个用户的别名,以便继续接收邮件。但是Office365默认配置情况下 一个已经disable掉的用户,不管怎么改他都不会继续同步,这样造成的结果就是桌面经常修改的顺序不对,造成了本地的AD已经改了,但是修改的东西不会同步到office365, 或者直接office365认为已经有记录了,拒绝添加新的记录。
鉴于桌面支持的不靠谱,豆子每天都需要看看同步状态,然后通知桌面修改。登录主界面,然后点击DirSync Errors就能看见了
冲突的smtp地址记录
如何能自动获取这个界面呢?豆子刚开始找了半天的API,始终没找到,甚至都开始打爬虫的注意了,后来终于找到了相关的命令
https://docs.microsoft.com/en-us/powershell/module/msonline/get-msoldirsyncprovisioningerror?view=azureadps-1.0
下面是完整的脚本
Get-PSSession | Remove-PSSession
$username = aaa@bbb.com
$secureStringPwd = ConvertTo-SecureString -AsPlainText password -Force
$creds = New-Object System.Management.Automation.PSCredential -ArgumentList $username, $secureStringPwd
Connect-MsolService -Credential $UserCredential
$Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://outlook.office365.com/powershell-liveid/ -Credential $creds -Authentication Basic -AllowRedirection
Import-PSSession $Session
$result=Get-MsolDirSyncProvisioningError | select Displayname, LastDirSyncTime, ObjectId, ObjectType, @{n=\\\'Error\\\';e={$_.ProvisioningErrors.ErrorCategory}}, UserPrincipalName
$from = helpdesk@bbb.com
$to = aaa@bbb.com
$smtp = smtp.office365.com
$sub = Office365 Sync Error
$secpasswd = ConvertTo-SecureString Password -AsPlainText -Force
$mycreds = New-Object System.Management.Automation.PSCredential ($from, $secpasswd)
$a = <style>
$a = $a BODY{background-color:Lavender ;}
$a = $a TABLE{border-width: 1px;border-style: solid;border-color: black;border-collapse: collapse;}
$a = $a TH{border-width: 1px;padding: 0px;border-style: solid;border-color: black;background-color:thistle}
$a = $a TD{border-width: 1px;padding: 0px;border-style: solid;border-color: black;background-color:PaleGoldenrod}
$a = $a </style>
#import-csv C:\\\\scripts\\\\users.csv | ConvertTo-Html -Body <H1> User List </H1> -Head $a | out-file C:\\\\temp\\\\tt.html
$htmlbody=$result| ConvertTo-Html -Body <H1> Office365 DirSync Errors </H1> <H2>For Further details, please visit https://portal.office.com/adminportal/home#/dirsyncobjecterrors</H2> -Head $a
Send-MailMessage -To $to -From $from -Subject $sub -Body ($htmlbody|Out-String) -Credential $mycreds -SmtpServer $smtp -DeliveryNotificationOption Never -BodyAsHtml -UseSsl -port 587 收到邮件通知
成功之后设置一个计划任务
$settingspath=\\\'C:\\\\users\\\\yuan.li\\\\Documents\\\\GitHub\\\\Powershell\\\\SyncErrorNotification.ps1\\\'
if (Get-ScheduledTask -TaskName \\\'SyncNotification\\\' -ErrorAction SilentlyContinue){
Unregister-ScheduledTask -TaskName \\\'SyncNotification\\\' -Confirm:$false
}
$Action = New-ScheduledTaskAction -Execute \\\'C:\\\\Windows\\\\System32\\\\WindowsPowerShell\\\\v1.0\\\\powershell.exe\\\' -Argument -executionpolicy bypass -File \\\'$settingspath\\\'
$Trigger = New-ScheduledTaskTrigger -Daily -At \\\'10AM\\\'
register-ScheduledTask -Action $Action -Trigger $Trigger -Settings (New-ScheduledTaskSettingsSet -Compatibility Win8) -User \\\'aa\\\' -Password \\\'pass\\\' -RunLevel Highest -TaskName \\\'SyncNotification\\\'
Start-ScheduledTask -TaskName \\\'SyncNotification结果如下
更多关于云服务器,域名注册,虚拟主机的问题,请访问西部数码官网:www.west.cn
