在同一函数中添加随机passwortgenerator

时间:2019-03-04 13:59:05

标签: powershell

是否可以在此功能中添加随机密码生成器?

Function Create-User([String] $Username, [String] $Name, [String] $Surname, [String] $OU, [String] $Group){

    $User = Get-ADUser -Filter {sAMAccountName -eq $Username}
    }

2 个答案:

答案 0 :(得分:1)

我在您的函数中添加了$password变量,您可以选择使用该变量。存储在变量中的值是一个安全字符串。如果需要向用户提供密码值,则可以通过不通过管道传递到ConvertTo-SecureString cmdlet来首先捕获该密码。

Function Create-User([String] $Username, [String] $Name, [String] $Surname, [String] $OU, [String] $Group){

$password = ((33..126) | ForEach-Object {[char]$_} | get-random -count 20) -join "" | ConvertTo-SecureString -asplaintext -force
New-AdUser -accountpassword $password # You will need to add the rest of your parameters here

}

您可以将-count的值更改为满足安全策略要求的值。上面的示例使用从ASCII表位置33到126的随机字符生成一个20个字符的密码。您可以随意更新该范围,但是您认为合适。

答案 1 :(得分:0)

您可以添加一个小的功能来生成密码。 下面的代码创建一个混合了大小写字母,数字和密码(如果需要)的密码。

function New-Password {
    [CmdletBinding()]
    param(
        [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)]
        [ValidatePattern("[0-9]")]
        [int]$Length = 12,

        [switch]$IncludeSymbols
    )

    $pw = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789"
    if ($IncludeSymbols) {
        $pw += "!$%^-_:;{}<>#&@]~"
    }
    return -join ([Char[]]$pw | Get-Random -Count $length)
}

在您的“创建用户”功能中使用,如下所示:

Function Create-User {
    [CmdletBinding()]
    param(
        [String]$Username, 
        [String]$Name, 
        [String]$Surname,
        [String]$OU
    )

    # call the New-Password function to get a plain text password.
    $plainTextPassword = New-Password -Length 8
    $securePassword    = $plainTextPassword | ConvertTo-SecureString -AsPlainText -Force

    # the New-AdUser cmdlet has many parameters. Best use splatting for these.
    $splat = @{
        SamAccountName  = $Username
        Name            = $Name
        Surname         = $Surname
        Path            = $OU
        AccountPassword = $securePassword
        # add more parameters as you see fit here
        # see https://docs.microsoft.com/en-us/powershell/module/addsadministration/new-aduser?view=win10-ps
    }
    New-AdUser @splat

    # output the user and the generated password because you will not be able to retrieve this later..
    [PSCustomObject]@{
        User     = $Username
        Password = $plainTextPassword
    }
}

示例:

Create-User -Username jdoe -Name 'John Doe' -Surname Doe -OU 'OU=Users, OU=DepartmentX, DC=yourdomain, DC=com'

将输出

User Password
---- --------
jdoe 4Wvhud02
相关问题
最新问题