1

我有下面的 powershell 脚本,我正在其中创建一个新用户并尝试设置其所需的属性。我面临的问题是,我无法通过创建“获取密码”功能来设置随机密码。请看一看。

Import-Module ActiveDirectory
[xml]$dataSource = Get-Content C:\Names1.xml

$name = Read-Host 'Please enter the table name : '

$user_logon = $dataSource.names.$name | ? { $_.Rule_Label -eq 'Regular service account (user logon)'}

$display_name = $dataSource.names.$name | ? { $_.Rule_Label -eq 'Regular service account (display name)'}

$pre_windows = $dataSource.names.$name | ? { $_.Rule_Label -eq 'Regular service account (pre-Windows 2000)'}

Function GET-Temppassword() { 
Param(
[int]$length=10, 
[string[]]$sourcedata 
)

For ($loop=1; $loop –le $length; $loop++) { 
        $TempPassword+=($sourcedata | GET-RANDOM)
        }

return $TempPassword
}

switch ($name) 
{ 
    DevTable{foreach($dataRecord in $dataSource) 
    {
    try     
    {
    $cn=$user_logon.Output_Value
    $sAMAccountName=$user_logon.Output_Value
    $givenName=$user_logon.Output_Value
    $sn=$user_logon.Output_Value 
    $displayName=$display_name.Output_Value 
    $userPrincipalName=$sAMAccountName + “@test.com”;

    $alphabet=$NULL;For ($a=65;$a –le 90;$a++) {$alphabet+=,[char][byte]$a }
    GET-Temppassword –length 10 –sourcedata $alphabet

    New-ADUser $cn -SamAccountName $sAMAccountName -GivenName $givenName -Surname $sn -DisplayName $displayName -UserPrincipalName $userPrincipalName -accountPassword (ConvertTo-SecureString -AsPlainText $alphabet -Force) -PasswordNeverExpires $true -Path "OU=Service,OU=Accounts,DC=xyz,DC=com"  

    set-aduser $cn -replace @{comment="xxyyzz"}
    set-aduser $cn -replace @{"account"=1}      

    Add-ADGroupMember -Identity xyz -Member $cn
    Add-ADGroupMember -Identity abc -Member $cn

    write-host "New DevTable ADUser has been created!!!";
    }

    catch [Exception]
    {

        write-host "Error - Requested AD Service Account is already present...Please check & confirm " -foreground "red"
    }
    }   
    break;
    }

    default {"The table could not be determined!!!"}    

}   

[System.GC]::Collect()

另外,我想知道这是否是设置随机密码的最合适方法。

谢谢。

4

1 回答 1

1 
$alphabet=$NULL;For ($a=65;$a –le 90;$a++) {$alphabet+=,[char][byte]$a }
GET-Temppassword –length 10 –sourcedata $alphabet

New-ADUser $cn -SamAccountName $sAMAccountName -GivenName $givenName -Surname $sn -DisplayName $displayName -UserPrincipalName $userPrincipalName -accountPassword (ConvertTo-SecureString -AsPlainText $alphabet -Force) -PasswordNeverExpires $true -Path "OU=Service,OU=Accounts,DC=rjfdev,DC=com"

您没有捕获从Get-Temppassword. 您将$alphabet作为用户帐户的新密码传递。试试这个(未经测试):

$alphabet=$NULL;For ($a=65;$a –le 90;$a++) {$alphabet+=,[char][byte]$a }
$TempPassword = GET-Temppassword –length 10 –sourcedata $alphabet

New-ADUser $cn -SamAccountName $sAMAccountName -GivenName $givenName -Surname $sn -DisplayName $displayName -UserPrincipalName $userPrincipalName -accountPassword (ConvertTo-SecureString -AsPlainText $TempPassword -Force) -PasswordNeverExpires $true -Path "OU=Service,OU=Accounts,DC=rjfdev,DC=com"
于 2013-06-19T16:17:58.457 回答