PS Operate AD

原創 paoling2010 2018-08-24 22:29

PowerShell provides very broad set ofmethods to work with Active Directory , one of them is ADSI adapter. It allowsto quickly and relatively easy automate mundane actions or perform sameoperations.

In this blog, please let me share someexamples of using ADSI adapter.

1. CreateSystem.DirectoryServices.DirectoryEntry (ADSI) object

$ouObject=New-ObjectSystem.DirectoryServices.DirectoryEntry("LDAP://<IPAddress>/cn=users,dc=<dcName>,dc=com","<user>","<password>")

172.16.58.10 is the IP address of Domain Controller, alsowe need to provide user name and pass work to access domain controller.

NOTE: If you can’tload System.DirectoryServices.DirectoryEntry, you can loadthis assembly explicitly.

[System.Reflection.Assembly]::LoadWithPartialName("System.DirctoryServices")

2. After connected to domain controller,we can create users with $ouObject.

$newUser=$ouObject.create("user", "CN=user01")

$newUser.setinfo()#savenew user

Please save the new user before specifyother properties, some of properties setting:

$newUser.put("pwdLastSet", -1)#don'tneed change password when next logon

$newUser.setpassword("@WSX3edc")

$newUser.put("userAccountControl",66048) #passwordnever expires

$newUser.setinfo()

3. Create a new group named Group01

$ouObject=New-ObjectSystem.DirectoryServices.DirectoryEntry("LDAP://<IPAddress>/cn=users,dc=<dcName>,dc=com","<user>","<password>")

$newGroup=$ouObject.create("group","cn=Group1")

$newGroup.setInfo()

4. Create a new OUnamed OU_Test

$mainOU=New-ObjectSystem.DirectoryServices.DirectoryEntry("LDAP://<IPAddress>/cn=users,dc=<dcName>,dc=com","<user>","<password>")

$newOU=$mainOU.create("OrganizationalUnit","OU=OU_Test")

$newOU.setinfo()

5. Move user01 to another OU_Test

$user=New-ObjectSystem.DirectoryServices.DirectoryEntry("LDAP://<IPAddress>/cn=users,dc=<dcName>,dc=com","<user>","<password>")

$to=New-ObjectSystem.DirectoryServices.DirectoryEntry("LDAP://<IPAddress>/cn=users,dc=<dcName>,dc=com","<user>","<password>")

$user.PSBase.Moveto($to, "cn="+$user.name)

6. Add user01 to a Group01

$user=New-ObjectSystem.DirectoryServices.DirectoryEntry("LDAP://<IPAddress>/cn=users,dc=<dcName>,dc=com","<user>","<password>")

$group=New-ObjectSystem.DirectoryServices.DirectoryEntry("LDAP://<IPAddress>/cn=users,dc=<dcName>,dc=com","<user>","<password>")

$group.add("LDAP://"+$user.distinguishedName)

$group.setinfo()

 

發表評論
所有評論
還沒有人評論,想成為第一個評論的人麼? 請在上方評論欄輸入並且點擊發布.
相關文章

powershell 批量添加TMG ISA 域名集

dif_dis 2018-08-27 14:33:11

symantec backup exec 備份Exchange DAG mailbox databases query and write error

dif_dis 2018-08-27 14:33:09

Powershell 簡單爬蟲示例 附,爬知乎示例 加代理

dif_dis 2018-08-27 14:33:09

windows組策略開機腳本 Powershell 安裝Symantec示例

dif_dis 2018-08-27 14:32:56

C# 調用PowerShell 腳本文件建立Exchange2010帳戶及郵箱

zhpfaff 2018-08-27 03:25:52

powershell2.0 使用腳本建立exchange2010的用戶帳號及郵箱

zhpfaff 2018-08-27 03:25:42

C#調用PowerShell管理Exchange2010

zhpfaff 2018-08-27 03:25:42

Powershell獲取當前路徑

Listenrose 2018-08-27 03:10:59

Powershell隨筆

Listenrose 2018-08-27 03:10:56

【PowerShell 一天一練】 7. 從網絡拷貝和刪除rar文件

zhourongbiao 2018-08-26 11:39:51

【PowerShell 一天一練】 2. 創建文件夾

zhourongbiao 2018-08-26 11:39:51

【PowerShell 一天一練】 3. 調用winrar解壓

zhourongbiao 2018-08-26 11:39:51

【notes 1】manning windows powershell in action

zhourongbiao 2018-08-26 11:39:51

轉並學習: 將rar文件轉換爲zip格式

zhourongbiao 2018-08-26 11:39:51

轉並學習:powershell 命令五味(別名列表,文件操作……)

zhourongbiao 2018-08-26 11:39:51