gpt4 book ai didi

powershell - 汇总ADSI LDAP查询

转载 作者:行者123 更新时间:2023-12-03 01:17:49 25 4
gpt4 key购买 nike

我正在 Activity 目录中搜索特定组织单位下的用户,我想使用ADSI进行更改。

# get all users from the organizational unit
$accounts = Get-ADObject -filter 'objectClass -eq "user"' -SearchBase $dsn

# iterate over user objects
foreach ($account in $accounts) {
# unfortunately we have to use ADSI over the set-aduser cmdlet as we neeed to touch remote desktop attribues
$user = [ADSI]"LDAP://" + ($account.DistinguishedName).ToString()

# get logon name
$SamAccountName = $user.psbase.InvokeGet("SamAccountName")

# Profile Attributes
$user.psbase.InvokeSet("ProfilePath", "")
$user.psbase.InvokeSet("ScriptPath", "DIR\Logon.cmd")
$user.psbase.InvokeSet("HomeDrive", "H:")
$user.psbase.InvokeSet("HomeDirectory", "\\host\users$\${SamAccountName}")

# Remote Desktop Services Attributes
$user.psbase.InvokeSet("TerminalServicesProfilePath", "")
$user.psbase.InvokeSet("TerminalServicesHomeDirectory", "\\host\users$\${SamAccountName}")
$user.psbase.InvokeSet("TerminalServicesHomeDrive", "H:")

# Write attributes back to global catalog
$user.SetInfo()
}

一切都很好,直到涉及到 $user = [ADSI]"LDAP://" + ($account.DistinguishedName).ToString()部分。

Method invocation failed because [System.DirectoryServices.DirectoryEntry] does not contain a method named 'op_Addition'.
At \\tsclient\D\SourceCode\PowerShell\Set-ADUserAttributes.ps1:37 char:5
+ $user = [ADSI]"LDAP://" + ($account.DistinguishedName).ToString()
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidOperation: (op_Addition:String) [], RuntimeException
+ FullyQualifiedErrorId : MethodNotFound

Exception calling "InvokeGet" with "1" argument(s): "Unspecified error
"
At \\tsclient\D\SourceCode\PowerShell\Set-ADUserAttributes.ps1:40 char:5
+ $SamAccountName = $user.psbase.InvokeGet("SamAccountName")
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : NotSpecified: (:) [], MethodInvocationException
+ FullyQualifiedErrorId : DotNetMethodException

似乎没有查询被执行。但是, $account.DistinguishedName包含正确的LDAP路径(我已经手动测试过)。

那么,我在这里做错了什么?

最佳答案

您尝试通过在添加之前将“LDAP://”强制转换为[ADSI]来添加到ADSI对象。

首先对弦进行分类,然后进行转换:

$user = [ADSI]("LDAP://" + $account.DistinguishedName)

关于powershell - 汇总ADSI LDAP查询,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/24698680/

25 4 0
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com