我正在寻找一种使用PowerShell修改非Active Directory LDAP对象的方法。我在网上发现了许多脚本来访问LDAP对象信息,但没有一个脚本显示如何修改它们。以下是我通过组合我在网上找到的各种脚本得到的最接近的。我无法超越" $ c.Bind()"因为我总是得到一个" LDAP服务器不可用"错误。我知道服务器名称是正确的,它已启动并运行。
有人有什么想法吗?
[System.Reflection.Assembly]::LoadWithPartialName("System.DirectoryServices.Protocols")
[System.Reflection.Assembly]::LoadWithPartialName("System.Net")
$credentials = new-object System.Net.NetworkCredential("cn=adminID,o=edu","password")
$NetWareServer=New-Object System.DirectoryServices.Protocols.LdapDirectoryIdentifier("LDAP://ldapserver.system.edu:636")
$c = New-Object System.DirectoryServices.Protocols.LdapConnection($NetWareServer, $credentials)
$c.SessionOptions.SecureSocketLayer = $true;
$c.SessionOptions.ProtocolVersion = 3
$c.AuthType = [System.DirectoryServices.Protocols.AuthType]::Basic
$c.Bind()
$r = (new-object "System.DirectoryServices.Protocols.ModifyRequest")
$r.DistinguishedName = "uid=testID,ou=test,o=edu";
$a = New-Object "System.DirectoryServices.Protocols.DirectoryAttributeModification"
$a.Name = "description"
$a.Operation = [System.DirectoryServices.Protocols.DirectoryAttributeOperation]::Add
$a.Add("testdescription")
$r.Modifications.Add($a)
$re = $c.SendRequest($r);
if ($re.ResultCode -ne System.directoryServices.Protocols.ResultCode]::Success)
{
write-host "Failed!"
write-host ("ResultCode: " + $re.ResultCode)
write-host ("Message: " + $re.ErrorMessage)
}
答案 0 :(得分:0)
尝试使用uid而不是cn作为凭据。尝试连接时不使用SSL。验证端口和用户信息是否正确,以及服务器和该端口是否可以从您所在的位置访问。
我就这样做了:
$c = New-Object -TypeName System.DirectoryServices.Protocols.LdapConnection -ArgumentList "ldapserver.system.edu:636"
$c.SessionOptions.SecureSocketLayer = $true;
$c.SessionOptions.ProtocolVersion = 3
$c.AuthType = [System.DirectoryServices.Protocols.AuthType]::Basic
if ([string]::IsNullOrWhiteSpace($ConnectWithUser))
{
$ConnectWithUser = Read-Host -Prompt "User:"
}
if ([string]::IsNullOrWhiteSpace($ConnectWithPassword))
{
$ConnectWithPassword = Read-Host -Prompt "Password:" -AsSecureString
}
$ConnectWithUser = "uid="+$ConnectWithUser+",OU=admins,O=edu"
$credentials = New-Object -TypeName System.Net.NetworkCredential -ArgumentList $ConnectWithUser,$ConnectWithPassword
$c.Bind($credentials)