Home > Software engineering >  Issue with creat bulk ad user by using import local machine csv as variable and pass to remote serve
Issue with creat bulk ad user by using import local machine csv as variable and pass to remote serve

Time:09-08

I try to import local csv file and creat aduser in remote server. Both local machine and remote server are join domain. I can import csv in remote server and create aduser, but I don't know how to import local csv and pass to remote server.

It's show

cmdlet New-ADUser at command pipeline position 1
Supply values for the following parameters:
Name:

Here is my example.csv column name

LastName,FirstName,EmpolyID,LoginName,GroupName,OU

Here is my code.

$Users = Import-CSV E:\example.csv
$Session = New-PSSession -Computername server1 -Credential [email protected]
foreach ($User in $Users) {
    Invoke-Command -Session $Session -Scriptblock {
    Param($FirstName, $LastName, $EmpolyID, $OU, $GroupName)
    New-ADUser
    -Name ($FirstName   $LastName)
    -DisplayName ($FirstName   $LastName)
    -Surname $LastName
    -GivenName $FirstName
    -SamAccountName $EmpolyID
    -Path $OU
    -Description $User.EmpolyID
    -Enable $true
    -ChangePasswordAtLogon $true
    -AccountPassword ConvertTo-SecureString "changpassfirst" -AsPlainText -Force
    Add-ADGroupMember -Identity $GroupName -Members $EmpolyID
    } -ArgumentList $User.FirstName, $User.LastName, $User.EmpolyID, $User.OU, $User.GroupName
}

CodePudding user response:

$Users = Import-CSV E:\example.csv
$Session = New-PSSession -Computername server1 -Credential [email protected]
$Group = "MyGroup"

$code = {
    $GroupName = $using:group
    $userArray = $using:Users
    foreach ($user in $userArray){
        $paramsHt = @{
            Name=($user.FirstName   $user.LastName)
            DisplayName=($user.FirstName   $user.LastName)
            SurName=$user.LastName
            GivenName=$user.FirstName
            smaAccountName=$user.EmpolyID
            Path=$user.OU
            Description=$user.EmpolyID
            Enable=$true
            ChangePasswordAtLogon=$true
            AccountPassword=(ConvertTo-SecureString "changpassfirst" -AsPlainText -Force)
        }
        $null = new-aduser @paramsHt
        $null = Add-ADGroupMember -Identity $GroupName -Members $EmpolyID
    }
}

invoke-command -session $session -scriptblock $code

You try to access a variable available on the caller machine from a remote machine. You can do so by using $using, so you do not need the parameter -argumentlist. If you want to go the -argumentlist route you can access those values by indexing the array, e.g. $args[0].

There is no need to call invoke-command foreach user, you only want to connect to a single target machine so you only need to call it one time.

So in principle this would do the trick. But you will face another issue: kerberos double hop. You jump from machineA to machineB and execute code which calls machineC (Domain Controller) = double hop. You can workaround this issue by passing over credentials to the new-aduser cmdlet.

Is it really needed to jump on another machine, can't you talk to active directory from machineA?

Page link:https//www.codepudding.com/Softwareengineering/537936.html

Prev:PowerShell, Cannot remove BOM from file
Next:Where can I view the secondary rate limit of GitHub REST api?
  • Related

About Us:  Contact Us      Terms of Service       Privacy Policy

Copyright © 2010-2023,Powered By CodePudding