我在我们的域中使用Powershell脚本创建新用户时遇到了问题: 服务台将以管理员身份调用.bat,该bat会调用脚本文件以自动执行创建。在此脚本中,创建和导入了两个会话,以在本地使用Exchange和AD-cmdlet。 在导入期间/之后,将抛出第二个/第三个凭据掩码,但是单击“取消”将不起作用,脚本将无任何问题地运行。但是,这使服务台很烦。 直接从ISE运行.ps1时,不会显示掩码。另外,当将脚本的“创建/导入”部分C&P压缩为新文件并以与以前相同的方式调用它时,也不会显示这些掩码。
这是.ps1-文件的一部分:
<#
.DESCRIPTION
Creates a new standard user
.NOTES
Requires : Exchange 2016 Remote Session
Req.OS Version : not tested
Req.PS Version : not tested
.EXAMPLE
Create-User.ps1 -datapath \\path\to\userdata.csv -credentialobject $cred
#>
Param (
[string]$datapath, <#Folder where the CSVs sit #>
[System.Management.Automation.CredentialAttribute()]$credentialobject = $null
)
#region SET global var definitions
$ErrorActionPreference = "Continue"
Start-Transcript -path $ScriptLogPath # | out-null
#endregion
#region SET var definitions
$userfile = "$datapath\userdata.txt"
$groupfile = "$datapath\groupdata.txt"
#Exchange
$MSXremotingserver = "exchangehostname"
$MSXdatabasenames = @("msx_db")
#AD
$domaincontroller = "dchostname"
$ADremotingserver = $domaincontroller
$BaseDN = "OU=Users,DC=domain,DC=local"
#endregion
#region Import Userdata
# CSV's are getting imported here - WORKING
#endregion
#region INIT Remotesession
#Get AD Creds / use given AD Creds
if (($credentialobject -ne $null) -and (($credentialobject.GetType()).name -eq "PSCredential")){
$UserCredential = $credentialobject
}else{
$UserCredential = Get-Credential
# Get credentials to create the remote-sessions. Seems to be working.
}
$MSXSession = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionURI http://$MSXremotingserver/powershell -Credential $UserCredential
echo "import..."
$null = Import-PSSession $MSXSession -AllowClobber -DisableNameChecking # | out-null
# After the import (Progress bars running through on top of the PS) another credential-mask appearing, "Cancel" makes the script run through without further errors.
echo "OK"
$ADSession = New-PSsession -Computername $ADremotingserver -Credential $UserCredential
Invoke-Command -Command {Import-Module ActiveDirectory -DisableNameChecking} -Session $ADSession # | out-null
echo "import..."
Import-PSSession -Session $ADSession -Module "ActiveDirectory" -Prefix Remote -AllowClobber -DisableNameChecking # | out-null
# After the import (Progress bars running through on top of the PS) another credential-mask appearing, "Cancel" makes the script run through without further errors.
echo "OK"
#AD-user already existing?
if ([bool](get-remoteaduser -LDAPFilter "(SamAccountName=$($userdata.Kuerzel))")){
#Throw custom error - AD-User bereits vorhanden!
}
#build Account...
# AD-user and Mailbox are created and configured. WORKING!
#endregion
#region END Script
Get-PSSession | Remove-PSSession
Stop-Transcript
Write-Host "Beende Skript..."
start-sleep -Seconds 3
exit 10000
#endregion
.ps1的调用方式如下:
%systemroot%\System32\WindowsPowerShell\v1.0\powershell.exe -executionpolicy bypass -file \\helpdeskserver\powershell_userdata$\Create-User.ps1 \\helpdeskserver\path\to\csv"
我不知道该怎么办。尝试了每个命令的许多不同版本,尝试管道输入/输出,无济于事。 Google似乎不知道这种行为,Stackoverflow上的任何人都没有。.
感谢您的提示和帮助,我会很感激!
关于Ting3l
编辑:在没有管理权限的情况下启动.bat文件时(或右键单击->其他用户。-> admin-account),第二个/第三个凭据对话框不会出现,而是显示“索引超出范围”-例外。
答案 0 :(得分:0)
也许无关紧要,但是您可以尝试通过Exit-PSSession退出会话。之后,使用exit 1000。当您在会话中使用exit时,Becoaser会完成会话(其中之后的所有代码将被忽略,但脚本将成功完成)