我见过其他类似的问题,但我希望完全自动化该过程,到目前为止我找到的所有示例都缺少我需要的部分。此外,这是我编写的第一个 poweshell 脚本,因此有点不合时宜。
我想将用户添加到活动目录,但必须满足以下设置。
- 将用户添加到多个活动目录组
- 为用户设置静态 IP(通常在“拨入”选项卡下)
- 设置用户密码
这是我目前的脚本
'***Active Directory User Creation***'
$firstname = Read-Host 'First Name:'
$lastname = Read-Host 'Last Name:'
$email = Read-Host 'E-mail:'
$username = Read-Host 'Windows Username:'
$userDefaultPass = Read-Host 'Use Default Password(y/n):'
while($userDefaultPass -ne 'n' -and $userDefaultPass -ne 'y')
{
$userDefaultPass = Read-Host 'Use Default Password(y/n)'
}
if($userDefaultPass -eq 'y')
{
$password = 'password012'
}
elseif($userDefaultPass -eq 'n')
{
$password = '/'
$tempPass = '\'
while($tempPass -ne $password)
{
if($password -ne '/')
{
'Passwords do not match!'
}
$password = ConvertTo-SecureString Read-Host 'Enter Password'
$tempPass = ConvertTo-SecureString Read-Host 'Re-enter Password'
}
}
New-ADUser
-AccountPassword $password
-ChangePasswordAtLogon $true
-DisplayName $lastname + ', ' + $firstname
-Enabled $true
-Name $lastname + ', ' + $firstname
-SamAccountName smithj
-Path “OU=Users,OU=Company,DC=home,DC=local”
-givenname $firstname
-surname $lastname
-userprincipalname ($username + “@test.local”)
-PasswordNeverExpires $true
}
Add-ADGroupMember -Identity TestGroup -Member $Username
修订: 这是我的最终脚本
import-module ActiveDirectory
# This script creates a user to the active directory
#'***Active Directory User Creation***'
$firstname = $args[0]
$lastname = $args[1]
$username = $args[2]
$password = ConvertTo-SecureString $args[3] -AsPlainText -Force
$passwordExpires = $args[4]
$domain = $args[5]
$userPrincipal = ($username + $domain)
New-ADUser `
-AccountPassword $password `
-DisplayName ($username) `
-Enabled $true `
-Name ($firstname + " " + $lastname) `
-SamAccountName $username `
-Path “CN=Users,DC=myDomain,DC=myCompany,DC=com” `
-givenname $firstname `
-surname $lastname `
-ChangePasswordAtLogon $true `
-userprincipalname ($userPrincipal) `