我在域中使用PowerShell脚本创建新用户时出现问题:Helpdesk将以管理员身份调用.bat,此bat调用脚本文件以自动创建。在此脚本中,将创建并导入两个会话,以在本地使用Exchange和AD-cmdlet。在导入期间/之后,会抛出第二个/第三个凭证掩码,但单击“取消”将不会出现,脚本将无任何问题地运行。然而,这会使帮助台烦恼。当直接从ISE运行.ps1时,掩码将不会显示。此外,当C&Ping将脚本的创建/导入部分转换为新文件并以与之前相同的方式调用它时也不会显示这些掩码。
这里是.ps1文件的一部分:
<#
.DESCRIPTION
Creates a new standard user
.NOTES
Requires : Exchange 2016 Remote Session
Req.OS Version : not tested
Req.PS Version : not tested
.EXAMPLE
Create-User.ps1 -datapath \\path\to\userdata.csv -credentialobject $cred
#>
Param (
[string]$datapath, <#Folder where the CSVs sit #>
[System.Management.Automation.CredentialAttribute()]$credentialobject = $null
)
#region SET global var definitions
$ErrorActionPreference = "Continue"
Start-Transcript -path $ScriptLogPath # | out-null
#endregion
#region SET var definitions
$userfile = "$datapath\userdata.txt"
$groupfile = "$datapath\groupdata.txt"
#Exchange
$MSXremotingserver = "exchangehostname"
$MSXdatabasenames = @("msx_db")
#AD
$domaincontroller = "dchostname"
$ADremotingserver = $domaincontroller
$BaseDN = "OU=Users,DC=domain,DC=local"
#endregion
#region Import Userdata
# CSV's are getting imported here - WORKING
#endregion
#region INIT Remotesession
#Get AD Creds / use given AD Creds
if (($credentialobject -ne $null) -and (($credentialobject.GetType()).name -eq "PSCredential")){
$UserCredential = $credentialobject
}else{
$UserCredential = Get-Credential
# Get credentials to create the remote-sessions. Seems to be working.
}
$MSXSession = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionURI http://$MSXremotingserver/powershell -Credential $UserCredential
echo "import..."
$null = Import-PSSession $MSXSession -AllowClobber -DisableNameChecking # | out-null
# After the import (Progress bars running through on top of the PS) another credential-mask appearing, "Cancel" makes the script run through without further errors.
echo "OK"
$ADSession = New-PSsession -Computername $ADremotingserver -Credential $UserCredential
Invoke-Command -Command {Import-Module ActiveDirectory -DisableNameChecking} -Session $ADSession # | out-null
echo "import..."
Import-PSSession -Session $ADSession -Module "ActiveDirectory" -Prefix Remote -AllowClobber -DisableNameChecking # | out-null
# After the import (Progress bars running through on top of the PS) another credential-mask appearing, "Cancel" makes the script run through without further errors.
echo "OK"
#AD-user already existing?
if ([bool](get-remoteaduser -LDAPFilter "(SamAccountName=$($userdata.Kuerzel))")){
#Throw custom error - AD-User bereits vorhanden!
}
#build Account...
# AD-user and Mailbox are created and configured. WORKING!
#endregion
#region END Script
Get-PSSession | Remove-PSSession
Stop-Transcript
Write-Host "Beende Skript..."
start-sleep -Seconds 3
exit 10000
#endregion
以下是.ps1的调用方式:
%systemroot%\System32\WindowsPowerShell\v1.0\powershell.exe -executionpolicy bypass -file \\helpdeskserver\powershell_userdata$\Create-User.ps1 \\helpdeskserver\path\to\csv"
我不知道该怎么办。尝试了每个命令的许多不同版本,尝试管道输入/输出,没有什么会做..谷歌似乎不知道这种行为,这里没有任何人在Stackoverflow ..
感谢您的任何提示和帮助,我将不胜感激!
此致,Ting3l
编辑:当启动没有管理权限的.bat文件时(或右键单击 - >其他用户... - > admin-account),第二个/第三个凭证对话框将不会出现,而是我得到一个“索引”范围“-exception。
也许这不重要,但你可以尝试通过Exit-PSSession退出会议。之后使用exit 1000。 Becoaser在你完成会话的会话中使用exit(其中所有代码都将被忽略,但脚本将成功完成)