运行Powershell脚本以使用Import-Csv和New-QADUser将用户从csv导入到Active Directory时出错

Question

My script looks like this:

$Users = Import-Csv "C:\users.csv"
foreach ($User in $Users)
{
    New-QADUser -Name $User.Name `
        -ParentContainer $User.OU `
        -FirstName $User.FirstName `
        -LastName $User.LastName `
        -UserPassword $User.userPassword `
        -SamAccountName $User.sAMAccountName `
}

When I run it I get the following error:

DefaultNamingContext                               Type            
--------------------                               ----            
DC=example,DC=domain,DC=org                  ActiveDirectory 
The server is unwilling to process the request. (Exception from HRESULT: 0x80072035)
At :line:5 char:12
+   New-QADUser <<<<  -Name $User.Name `

My CSV looks like this:

Name,FirstName,LastName,sAMAccountName,UserPassword,OU
Joe Bob,Joe,Bob,jb241277,4gh60b4,"OU=2010,OU=Sub,OU=Users,OU=MAIN,DC=example,DC=domain,DC=org"

Not sure what is going on, any help would be appreciated. This is a child domain in a forest on Win2K8 Ent.

Answer 1

It is possible that this action is being attempted against a Global Catalog for some reason. Your code works fine for me, but I get the error when I attempt to do it against a GC, which is expected. The connect-QADService cmdlet specifies where you want to connect. If you're setting this before your new-qaduser code, double-check to make sure that "-UseGlobalCatalog" is not in there.

As a troubleshooting step you can try to specify a specific Domain Controller to see if that changes your error.

$Users = Import-Csv "C:\users.csv"
foreach ($User in $Users)
{
    New-QADUser -Name $User.Name `
        -ParentContainer $User.OU `
        -FirstName $User.FirstName `
        -LastName $User.LastName `
        -UserPassword $User.userPassword `
        -SamAccountName $User.sAMAccountName `
        -Service $DomainController `
}

That will tell it to perform the action against a specific domain controller and not a Global Catalog.