我试图通过Powershell传递广告新用户的所有信息,如果我复制粘贴这个没问题,但是如果我在脚本中尝试相同的命令失败。
#####Write-Host "Im trying a connections to your AD DS"
Enter-PSSession -ComputerName DC -Credential dd\administrator
Start-Sleep -s 5
##### my vars
$name = Read-host "Vorname?"
$surname = Read-Host "Nachname?"
$password = "pa$$w0rd" | ConvertTo-SecureString -AsPlainText -Force
#####adding User
New-ADUser -Name "$surname $name" `
-Surname "$surname" `
-GivenName "$name" `
-SamAccountName "$surname" `
-UserPrincipalName "$surname@dd.zz" `
-AccountPassword $password
-ChangePasswordAtLogon $True `
-Enabled $True `
-Path 'OU=MUC,OU=User,DC=dd,DC=zz' `
-OtherAttributes @{'mail'="$name.$surname@dd.com"}
错误代码:
New-ADUser : Zugriff verweigert
In Zeile:18 Zeichen:1
+ New-ADUser -Name "$surname $name" `
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : PermissionDenied: (CN=fromtheother...C=dd,DC=zz:String) [New-ADUser], UnauthorizedAccessException
+ FullyQualifiedErrorId : ActiveDirectoryCmdlet:System.UnauthorizedAccessException,Microsoft.ActiveDirectory.Management.Commands.NewADUser
答案 0 :(得分:-1)
尝试打开Powershell ISE作为活动目录的管理员帐户(CTL + SHIFT + RIGHT-Click - > Run-As),然后从该界面打开脚本并运行它。这应该允许您使用正确的权限运行它。
如果您使用正确的权限在服务器上执行此操作。以管理员身份运行ISE,然后打开脚本并运行正确的权限。