我想以属于 Active Directory 的域用户身份执行运行命令

发布于 2025-01-11 22:44:19 字数 207 浏览 1 评论 0原文

我在系统管理器中使用 AWS-RunPowerShellScript。

当时，我们想使用dsadd-user命令添加AD用户。但这会导致错误，因为我没有访问权限。

因为我相信该命令是作为名为 ssm-user 的本地用户执行的。

我想以 Active Directory 的用户身份运行该命令 - 可以吗？

原文

分享到QQ

分享到微博

如果你对这篇内容有疑问，欢迎到本站社区发帖提问参与讨论，获取更多帮助，或者扫码二维码加入 Web 技术交流群。

发布评论

需要登录才能够评论，你可以免费注册一个本站的账号。

没︽人懂的悲伤 2025-01-18 22:44:19

• 是的，可以以属于Active Directory 的用户身份运行该命令，以使用'dsadd-user' 命令添加AD 用户。为此，您必须确保使用提升的（域管理员或本地管理员）权限执行此命令。另外，请确保执行命令的系统是域联合系统。最有可能的是，我建议您在域控制器上执行以下命令。

将用户添加到 Active Directory 的命令： -

 ‘ dsadd user <UserDN> [-samid <SAMName>] [-upn <UPN>] [-fn <FirstName>] [-mi <Initial>] [-ln <LastName>] [-display <DisplayName>] [-empid <EmployeeID>] [-pwd {<Password> | *}] [-desc <Description>] [-memberof <Group> ...] [-office <Office>] [-tel <PhoneNumber>] [-email <Email>] [-hometel <HomePhoneNumber>] [-pager <PagerNumber>] [-mobile <CellPhoneNumber>] [-fax <FaxNumber>] [-iptel <IPPhoneNumber>] [-webpg <WebPage>] [-title <Title>] [-dept <Department>] [-company <Company>] [-mgr <Manager>] [-hmdir <HomeDirectory>] [-hmdrv <DriveLetter>:][-profile <ProfilePath>] [-loscr <ScriptPath>] [-mustchpwd {yes | no}] [-canchpwd {yes | no}] [-reversiblepwd {yes | no}] [-pwdneverexpires {yes | no}] [-acctexpires <NumberOfDays>] [-disabled {yes | no}] [{-s <Server> | -d <Domain>}] [-u <UserName>] [-p {<Password> | *}] [-q] [{-uc | -uco | -uci}] ’

示例命令： -

‘ dsadd user “cn=John Smith,ou=SouthEmployees,dc=northwindtraders,dc=com” -disabled no –pwd C^h3Bdo9# -mustchpwd yes -memberof cn=janitors,ou=SouthEmployees,dc=northwindtraders,dc=com -acctexpires never ‘

• 用于通过 < 执行上述命令strong>AWS Systems Manager 控制台，请参阅下面的 AWS 文档链接了解更多详细信息： -

https://docs.aws.amazon.com/systems-manager/latest/userguide/integration-S3-PowerShell.html

• Yes, it is possible to run the command as a user belonging to Active Directory for adding an AD user using the ‘dsadd-user’ command. For that purpose, you will have to ensure that this command is executed with elevated (domain administrator or local administrator) privileges. Also, ensure that the system from which the command is executed is a domain joint system. Most probably, I would suggest you to execute the below commands on a domain controller.

Command for adding a user to Active Directory: -

 ‘ dsadd user <UserDN> [-samid <SAMName>] [-upn <UPN>] [-fn <FirstName>] [-mi <Initial>] [-ln <LastName>] [-display <DisplayName>] [-empid <EmployeeID>] [-pwd {<Password> | *}] [-desc <Description>] [-memberof <Group> ...] [-office <Office>] [-tel <PhoneNumber>] [-email <Email>] [-hometel <HomePhoneNumber>] [-pager <PagerNumber>] [-mobile <CellPhoneNumber>] [-fax <FaxNumber>] [-iptel <IPPhoneNumber>] [-webpg <WebPage>] [-title <Title>] [-dept <Department>] [-company <Company>] [-mgr <Manager>] [-hmdir <HomeDirectory>] [-hmdrv <DriveLetter>:][-profile <ProfilePath>] [-loscr <ScriptPath>] [-mustchpwd {yes | no}] [-canchpwd {yes | no}] [-reversiblepwd {yes | no}] [-pwdneverexpires {yes | no}] [-acctexpires <NumberOfDays>] [-disabled {yes | no}] [{-s <Server> | -d <Domain>}] [-u <UserName>] [-p {<Password> | *}] [-q] [{-uc | -uco | -uci}] ’

Example command: -

‘ dsadd user “cn=John Smith,ou=SouthEmployees,dc=northwindtraders,dc=com” -disabled no –pwd C^h3Bdo9# -mustchpwd yes -memberof cn=janitors,ou=SouthEmployees,dc=northwindtraders,dc=com -acctexpires never ‘

• For executing the above command through AWS Systems manager console, please refer to the AWS documentation link below for more details: -

https://docs.aws.amazon.com/systems-manager/latest/userguide/integration-S3-PowerShell.html

回复收藏 0 原文