[英]How do you unlock an Active Directory account on a different domain using PowerShell 2.0?
I found an amazing PowerShell script by LazyWinAdmin that kind of does what I want - but it is limited to just the current domain. 我发现LazyWinAdmin提供了一个了不起的PowerShell脚本,它可以满足我的要求-但仅限于当前域。 The way our network is set up we have different domains for certain types of accounts. 建立网络的方式对于某些类型的帐户,我们具有不同的域。
I am trying to write up a script that simply unlocks a specified user account on a specific domain. 我正在尝试编写一个脚本,该脚本可以简单地解锁特定域上的指定用户帐户。 Our system uses PowerShell 2.0 which is making this very difficult because I know that the later versions have Active Directory management cmdlets. 我们的系统使用PowerShell 2.0,这使这一工作变得非常困难,因为我知道更高版本具有Active Directory管理cmdlet。 Trust me, I have requested that we have a newer version of PowerShell installed on our systems but the company flat out refuses to budge. 相信我,我已经要求我们在系统上安装新版本的PowerShell,但是该公司坚决拒绝让步。
I feel kind of stupid because I have worked almost exclusively with the newer versions in the past so I got used to the various cmdlets rather than having to manually draft out every single thing I want to do. 我有点愚蠢,因为过去我几乎只使用较新的版本,所以我习惯了各种cmdlet,而不必手动草拟我想做的每件事。
You need to specify the search root to search from other domain. 您需要指定搜索根目录才能从其他域中搜索。
Original code in $buttonUnlock_Click: $ buttonUnlock_Click中的原始代码:
# Search for this account in the current domain
$Searcher = [ADSISearcher]"(sAMAccountName=$Name)"
$Results = $Searcher.FindOne()
Also in $buttonCheck_Click (it has no search code but just a comment): 同样在$ buttonCheck_Click中(它没有搜索代码,只是一个注释):
# Search for this account in the current domain
Change both to: 都更改为:
$searcher = New-Object DirectoryServices.DirectorySearcher
$searcher.Filter = "(sAMAccountName=$name)"
$searcher.SearchRoot = New-Object DirectoryServices.DirectoryEntry('LDAP://other.domain', 'user', 'pwd')
$results = $searcher.FindOne()
If current user already has permission to access the other domains, you may simply put [adsi]'LDAP://other.domain'
as search root. 如果当前用户已经具有访问其他域的权限,则可以简单地将[adsi]'LDAP://other.domain'
作为搜索根。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.