使用 New-ADUser 时设置 ProtectedFromAccidentalDeletion 参数
set ProtectedFromAccidentalDeletion parameter when using New-ADUser
是否可以在使用 New-ADUser cmdlet 时设置 -ProtectedFromAccidentalDeletion 参数,还是必须在之后使用 Set-ADObject?
我可以将其设置为 "Users" 的默认值吗?
这是执行 man New-ADUser 时可用的参数列表
New-ADUser
[-Name] <string>
[-WhatIf] [-Confirm]
[-AccountExpirationDate <datetime>]
[-AccountNotDelegated <bool>]
[-AccountPassword <securestring>]
[-AllowReversiblePasswordEncryption <bool>]
[-AuthType <ADAuthType> {Negotiate | Basic}]
[-CannotChangePassword <bool>]
[-Certificates <X509Certificate[]>]
[-ChangePasswordAtLogon <bool>]
[-City <string>]
[-Company <string>]
[-CompoundIdentitySupported <bool>]
[-Country <string>]
[-Credential <pscredential>]
[-Department <string>]
[-Description <string>]
[-DisplayName <string>]
[-Division <string>]
[-EmailAddress <string>]
[-EmployeeID <string>]
[-EmployeeNumber <string>]
[-Enabled <bool>]
[-Fax <string>]
[-GivenName <string>]
[-HomeDirectory <string>]
[-HomeDrive <string>]
[-HomePage <string>]
[-HomePhone <string>]
[-Initials <string>]
[-Instance <ADUser>]
[-KerberosEncryptionType <ADKerberosEncryptionType> {None | DES | RC4 | AES128 | AES256}]
[-LogonWorkstations <string>]
[-Manager <ADUser>]
[-MobilePhone <string>]
[-Office <string>]
[-OfficePhone <string>]
[-Organization <string>]
[-OtherAttributes <hashtable>]
[-OtherName <string>]
[-PassThru]
[-PasswordNeverExpires <bool>]
[-PasswordNotRequired <bool>]
[-Path <string>]
[-POBox <string>]
[-PostalCode <string>]
[-PrincipalsAllowedToDelegateToAccount <ADPrincipal[]>]
[-ProfilePath <string>]
[-SamAccountName <string>]
[-ScriptPath <string>]
[-Server <string>]
[-ServicePrincipalNames <string[]>]
[-SmartcardLogonRequired <bool>]
[-State <string>]
[-StreetAddress <string>]
[-Surname <string>]
[-Title <string>]
[-TrustedForDelegation <bool>]
[-Type <string>]
[-UserPrincipalName <string>]
[<CommonParameters>]
我认为在使用 New-ADUser 时无法指定该参数,但是您可以在使用 New-ADObject commandlet 创建帐户时使用 -ProtectedFromAccidentalDeltion $true。请参阅下面来自 TechNet 的示例:
New-ADObject -name SaraDavisContact -type contact -ProtectedFromAccidentalDeletion $true -OtherAttributes @{'msDS-SourceObjectDN'="CN=FabrikamContacts,DC=CONTOSO,DC=COM"}
在上面的示例中,正在创建一个联系人,但您可以简单地更改逻辑来实现您想要的结果。
有关详细信息,请参阅本文:
https://technet.microsoft.com/en-us/library/ee617260.aspx
注意:请注意,New-ADObject 命令是一个更强大的命令行开关。
是否可以在使用 New-ADUser cmdlet 时设置 -ProtectedFromAccidentalDeletion 参数,还是必须在之后使用 Set-ADObject?
我可以将其设置为 "Users" 的默认值吗?
这是执行 man New-ADUser 时可用的参数列表
New-ADUser
[-Name] <string>
[-WhatIf] [-Confirm]
[-AccountExpirationDate <datetime>]
[-AccountNotDelegated <bool>]
[-AccountPassword <securestring>]
[-AllowReversiblePasswordEncryption <bool>]
[-AuthType <ADAuthType> {Negotiate | Basic}]
[-CannotChangePassword <bool>]
[-Certificates <X509Certificate[]>]
[-ChangePasswordAtLogon <bool>]
[-City <string>]
[-Company <string>]
[-CompoundIdentitySupported <bool>]
[-Country <string>]
[-Credential <pscredential>]
[-Department <string>]
[-Description <string>]
[-DisplayName <string>]
[-Division <string>]
[-EmailAddress <string>]
[-EmployeeID <string>]
[-EmployeeNumber <string>]
[-Enabled <bool>]
[-Fax <string>]
[-GivenName <string>]
[-HomeDirectory <string>]
[-HomeDrive <string>]
[-HomePage <string>]
[-HomePhone <string>]
[-Initials <string>]
[-Instance <ADUser>]
[-KerberosEncryptionType <ADKerberosEncryptionType> {None | DES | RC4 | AES128 | AES256}]
[-LogonWorkstations <string>]
[-Manager <ADUser>]
[-MobilePhone <string>]
[-Office <string>]
[-OfficePhone <string>]
[-Organization <string>]
[-OtherAttributes <hashtable>]
[-OtherName <string>]
[-PassThru]
[-PasswordNeverExpires <bool>]
[-PasswordNotRequired <bool>]
[-Path <string>]
[-POBox <string>]
[-PostalCode <string>]
[-PrincipalsAllowedToDelegateToAccount <ADPrincipal[]>]
[-ProfilePath <string>]
[-SamAccountName <string>]
[-ScriptPath <string>]
[-Server <string>]
[-ServicePrincipalNames <string[]>]
[-SmartcardLogonRequired <bool>]
[-State <string>]
[-StreetAddress <string>]
[-Surname <string>]
[-Title <string>]
[-TrustedForDelegation <bool>]
[-Type <string>]
[-UserPrincipalName <string>]
[<CommonParameters>]
我认为在使用 New-ADUser 时无法指定该参数,但是您可以在使用 New-ADObject commandlet 创建帐户时使用 -ProtectedFromAccidentalDeltion $true。请参阅下面来自 TechNet 的示例:
New-ADObject -name SaraDavisContact -type contact -ProtectedFromAccidentalDeletion $true -OtherAttributes @{'msDS-SourceObjectDN'="CN=FabrikamContacts,DC=CONTOSO,DC=COM"}
在上面的示例中,正在创建一个联系人,但您可以简单地更改逻辑来实现您想要的结果。
有关详细信息,请参阅本文:
https://technet.microsoft.com/en-us/library/ee617260.aspx
注意:请注意,New-ADObject 命令是一个更强大的命令行开关。