无法使用 Powershell 设置用户密码

发布于 2025-01-09 01:21:11 字数 731 浏览 0 评论 0原文

我正在尝试使用 powershell 创建一个具有特定密码的用户。下面的代码创建了用户，但当我尝试使用这个新用户搜索 AD 时，出现了拒绝凭据错误。同样，runas 命令告诉我密码错误。创建用户后，我还尝试了 Set-ADAccountPassword cmdlet，没有收到任何错误，但我可以确认我实际上并未设置密码。当我执行此操作时，我也找不到密码重置事件。当我使用“用户和计算机”用户界面时，我能够正确重置该用户的密码（并且我看到该事件）。我正在 DC 上以域管理员身份使用“以管理员身份运行”运行代码。

我设置了一个测试域，下面的代码工作正常，所以它与我的域有些奇怪。我尝试删除所有密码复杂性要求作为测试，但没有成功。关于其他要检查的事情的想法？

$Password="pa55Word!"
$Name="Tmp.User"
[securestring]$SecPass =  ConvertTo-SecureString -String $Password -AsPlainText -Force

New-ADUser -Name $Name -AccountPassword $SecPass -Enabled $True -ChangePasswordAtLogon $False

$Credential = New-Object System.Management.Automation.PSCredential $Name, $SecPass
Get-ADUser -Filter 'Name -eq $Name' -Credential $Credential

原文

I am trying to create a user with a specific password using powershell. The below code creates the user but then gives me a rejected credentials error when I attempt to search AD using this new user. Similarly a runas command tells me the password is bad. I have also tried the Set-ADAccountPassword cmdlet after creating the user and I get no error but I can confirm that I am not actually setting the password. I also can not find a password reset Event when I do this. When I use the "Users and Computers" UI, I am able to reset the password on this user properly (and I see the Event). I am running the code on the DC as a Domain Admin with 'Run as Administrator'.

I set up a test Domain and the below code works properly so it is something screwy with my domain. I have tried removing all password complexity requirements as a test but no luck. Ideas on other things to check?

$Password="pa55Word!"
$Name="Tmp.User"
[securestring]$SecPass =  ConvertTo-SecureString -String $Password -AsPlainText -Force

New-ADUser -Name $Name -AccountPassword $SecPass -Enabled $True -ChangePasswordAtLogon $False

$Credential = New-Object System.Management.Automation.PSCredential $Name, $SecPass
Get-ADUser -Filter 'Name -eq $Name' -Credential $Credential

分享到QQ

分享到微博