PS Operate AD
来源:互联网 发布:java可移植性 编辑:程序博客网 时间:2024/05/17 01:02
PowerShell provides very broad set ofmethods to work with Active Directory , one of them is ADSI adapter. It allowsto quickly and relatively easy automate mundane actions or perform sameoperations.
In this blog, please let me share someexamples of using ADSI adapter.
1. CreateSystem.DirectoryServices.DirectoryEntry (ADSI) object
$ouObject=New-ObjectSystem.DirectoryServices.DirectoryEntry("LDAP://<IPAddress>/cn=users,dc=<dcName>,dc=com","<user>","<password>")
172.16.58.10 is the IP address of Domain Controller, alsowe need to provide user name and pass work to access domain controller.
NOTE: If you can’tloadSystem.DirectoryServices.DirectoryEntry, you can loadthis assemblyexplicitly.
[System.Reflection.Assembly]::LoadWithPartialName("System.DirctoryServices")
2. After connected to domain controller,we can create users with $ouObject.
$newUser=$ouObject.create("user","CN=user01")
$newUser.setinfo()#savenew user
Please save the new user before specifyother properties, some of properties setting:
$newUser.put("pwdLastSet",-1)#don'tneed change password when next logon
$newUser.setpassword("@WSX3edc")
$newUser.put("userAccountControl",66048)#passwordnever expires
$newUser.setinfo()
3. Create a new group named Group01
$ouObject=New-ObjectSystem.DirectoryServices.DirectoryEntry("LDAP://<IPAddress>/cn=users,dc=<dcName>,dc=com","<user>","<password>")
$newGroup=$ouObject.create("group","cn=Group1")
$newGroup.setInfo()
4. Create a new OUnamed OU_Test
$mainOU=New-ObjectSystem.DirectoryServices.DirectoryEntry("LDAP://<IPAddress>/cn=users,dc=<dcName>,dc=com","<user>","<password>")
$newOU=$mainOU.create("OrganizationalUnit","OU=OU_Test")
$newOU.setinfo()
5. Move user01 to another OU_Test
$user=New-ObjectSystem.DirectoryServices.DirectoryEntry("LDAP://<IPAddress>/cn=users,dc=<dcName>,dc=com","<user>","<password>")
$to=New-ObjectSystem.DirectoryServices.DirectoryEntry("LDAP://<IPAddress>/cn=users,dc=<dcName>,dc=com","<user>","<password>")
$user.PSBase.Moveto($to,"cn="+$user.name)
6. Add user01 to a Group01
$user=New-ObjectSystem.DirectoryServices.DirectoryEntry("LDAP://<IPAddress>/cn=users,dc=<dcName>,dc=com","<user>","<password>")
$group=New-ObjectSystem.DirectoryServices.DirectoryEntry("LDAP://<IPAddress>/cn=users,dc=<dcName>,dc=com","<user>","<password>")
$group.add("LDAP://"+$user.distinguishedName)
$group.setinfo()
- PS Operate AD
- operate
- PS AD 命令之禁用AD账户!
- PS AD 之 Remove-aduser!
- PS AD 命令之New-ADGroup命令!
- PS AD命令之Add-ADGroupMember
- PS 之AD命令 之Remove-ADGroupMember!
- PS 之AD命令之Get-ADuser!
- PS AD命令之Get-adgroup!
- PS AD命令之 enable-adaccount!
- PS AD命令之Remove-adcomputer!
- PS AD命令之remove-adgroup!
- PS AD系列命令之new-aduser 新建用户命令!
- PS AD命令系列 之new-adcomputer命令!
- PS AD命令之set-adaccountpassword批量设置用户密码!
- Operate SSDBGrid
- file operate
- operate layout
- 5个小实例总结
- GLSL 初级教程 – Fragment Processor
- CultureInfo 不同 ToString 的结果不同
- 迭代法
- javascript设计模式--继承(上)
- PS Operate AD
- mysql join 语法说明与 inner join 语法用法实例 (一)
- (ORA-00972:标识符过长)ORACLE 对于表名长度的限制
- 控制台下用Win32 API打开文件对话框
- 当ListView有Header或footer时,onItemClick里的position不正确,可以用getAdapter()
- poj1503 大数相加
- emacs配置文件——.emacs
- gridview实现横向滚动
- PlaceHolder 类
