我想创建一个新的AD用户,但它显示的错误信息如下:
New-ADUser:对象名称语法错误 在C:\ Users \ sa \ Desktop \ AD User Script.ps1:22 char:1 + New-ADUser -Name" $ displayName" -UserPrincipalName"($姓名缩写)...... + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~~~~~~~~~~~~~~~~~ + CategoryInfo:NotSpecified:(CN = fbfb regbgfn ... IT,DC =,DC = it:String)[New-ADUser],ADException + FullyQualifiedErrorId:ActiveDirectoryServer:8335,Microsoft.ActiveDirectory.Management.Commands.NewADUser
$firstName = Read-Host "Indtast dit fornavn"
$middlename = Read-Host "Indtast dit mellemnavn (Hvis du ikke har et tryk Enter)"
$surname = Read-Host "Indtast dit efternavn"
$PlainPassword = "Admin100"
$SecurePassword = $PlainPassword | ConvertTo-SecureString -AsPlainText -Force
$group = Read-Host "Hvilken Gruppe? [1 - Help] [2 - Sof] [3 - In]"
$firstletter1 = $firstname.Substring(0, 1)
$secondletter = $firstname.Substring(0, 2)
$firstletter2 = $middlename.Substring(0, 1)
$firstletter3 = $surname.Substring(0, 1)
$displayName = "$firstName $middlename$surname"
if ($middlename -eq $Null) {
$initials = "$firstletter1$secondletter$firstletter3".ToLower()
Write-Host "$initials"
}
else {
$initials = "$firstletter1$firstletter2$firstletter3".ToLower()
Write-Host "$initials"
}
$Searcher = [ADSISearcher]"(sAMAccountName=$initials)"
$Results = $Searcher.FindOne()
If ($Results -eq $Null) {
If ($group -eq 1) {
New-ADUser -Name "$displayName" -UserPrincipalName "($initials)" -Path "OU=,OU=,OU-,OU=,DC=,DC=" -Enabled $true -AccountPassword $SecurePassword -ChangePasswordAtLogon $True -DisplayName "$initials" -GivenName "$firstname" -HomeDrive "P: \\fileshare\Privat\%$initials%" -Initials "$initials" -SamAccountName "$firstletter1" -Surname "$surname"
}
答案 0 :(得分:0)
您可以检查UserPrincipalName和sAMAccountName格式吗?一个例子是:
姓名:John Smith
UPN:smithj@example.com
sAMAccountName:smithj
UPN由UPN前缀(用户帐户名)和UPN后缀(DNS域名)组成。前缀使用“@”符号与后缀连接。例如,“某人@ example.com”。 UPN在目录林中的所有安全主体对象中必须是唯一的。这意味着可以重复使用UPN的前缀,而不是使用相同的后缀。