无法使用来自 PHP 的 SSH 命令创建 Active Directory 用户
Can't create Active Directory user with SSH commands from PHP
我尝试从 PHP 页面使用 SSH 命令创建 Active Directory 用户:
include('Net/SSH2.php');
$path = "OU=HRTest,OU=Israel,OU=Users,OU=Solaredge,DC=solaredge,DC=local";
$name = "Test User2";
$title = "Some Position";
$password = "Welcome!";
$department = "IS";
$POBox = "01/05/2020";
$Company = "SolarEdge Technologies LTD.";
$GivenName = "Test";
$DisplayName = "Test User2";
$SamAccountName = "Test.u2";
$Enabled = "$true";
$server = "MyServerName";
$username = "MyUserName";
$pwd = "MyPassword";
$command = 'powershell New-ADUser -Path "'.$path.'" -Name "'.$name.'" -Title "'.$title.'" -Department "'.$department.'" -POBox "'.$POBox.'" -AccountPassword $("'.$password.'" | ConvertTo-SecureString -AsPlainText -Force) -Company "'.$Company.'" -GivenName "'.$GivenName.'" -DisplayName "'.$DisplayName.'" -SamAccountName "'.$SamAccountName.'" -Enabled '.$Enabled;
$ssh = new Net_SSH2($server);
if (!$ssh->login($username, $pwd)) {
exit('Login Failed');
}
echo $ssh->exec($command);
SSH 连接有效,但 PowerShell 生成此错误:
New-ADUser : Cannot convert 'System.Object[]' to the type 'System.String' required by parameter 'Path'. Specified
method is not supported.
At line:1 char:18
+ ... DUser -Path OU=HRTest,OU=Israel,OU=Users,OU=Solaredge,DC=solaredge,DC ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidArgument: (:) [New-ADUser], ParameterBindingException
+ FullyQualifiedErrorId : CannotConvertArgument,Microsoft.ActiveDirectory.Management.Commands.NewADUser
编辑 - 新错误:
'ConvertTo-SecureString' is not recognized as an internal or external command,
operable program or batch file.
您必须将所有可能包含特殊字符的字符串的引号传递给 PowerShell,以便它可以按预期解析您的字符串。此外, ConvertTo-SecureString 在这样调用时表现得很奇怪。 this 答案中描述了解决方案。我在以下行中包含了 ConvertTo-SecureString 的引号和解决方法:
$command = 'powershell "& {New-ADUser -Path \''.$path.'\' -Name \''.$name.'\' -Title \''.$title.'\' -Department \''.$department.'\' -POBox \''.$POBox.'\' -AccountPassword (ConvertTo-SecureString -AsPlainText \''.$password.'\' -Force) -Company \''.$Company.'\' -GivenName \''.$GivenName.'\' -DisplayName \''.$DisplayName.'\' -SamAccountName \''.$SamAccountName.'\' -Enabled '.$Enabled}";
将您的密码行更改为:
$password = "Welc0me!";
未经测试,只是在黑暗中拍摄,但如果您打印出 $command,它很可能会显示如下内容:
powershell New-ADUser -Path OU=HRTest,OU=Israel,OU=Users,OU=Solaredge,DC=solaredge,DC=local -Name ...
有了这个,你给路径参数一个数组:
[0]OU=HR测试
[1]OU=以色列
等等。
相反,您想将路径封装在引号中:
powershell New-ADUser -Path "OU=HRTest,OU=Israel,OU=Users,OU=Solaredge,DC=solaredge,DC=local" -Name ...
像这样的东西应该有用:
$command = 'powershell New-ADUser -Path "'.$path.'" -Name ...
我尝试从 PHP 页面使用 SSH 命令创建 Active Directory 用户:
include('Net/SSH2.php');
$path = "OU=HRTest,OU=Israel,OU=Users,OU=Solaredge,DC=solaredge,DC=local";
$name = "Test User2";
$title = "Some Position";
$password = "Welcome!";
$department = "IS";
$POBox = "01/05/2020";
$Company = "SolarEdge Technologies LTD.";
$GivenName = "Test";
$DisplayName = "Test User2";
$SamAccountName = "Test.u2";
$Enabled = "$true";
$server = "MyServerName";
$username = "MyUserName";
$pwd = "MyPassword";
$command = 'powershell New-ADUser -Path "'.$path.'" -Name "'.$name.'" -Title "'.$title.'" -Department "'.$department.'" -POBox "'.$POBox.'" -AccountPassword $("'.$password.'" | ConvertTo-SecureString -AsPlainText -Force) -Company "'.$Company.'" -GivenName "'.$GivenName.'" -DisplayName "'.$DisplayName.'" -SamAccountName "'.$SamAccountName.'" -Enabled '.$Enabled;
$ssh = new Net_SSH2($server);
if (!$ssh->login($username, $pwd)) {
exit('Login Failed');
}
echo $ssh->exec($command);
SSH 连接有效,但 PowerShell 生成此错误:
New-ADUser : Cannot convert 'System.Object[]' to the type 'System.String' required by parameter 'Path'. Specified
method is not supported.
At line:1 char:18
+ ... DUser -Path OU=HRTest,OU=Israel,OU=Users,OU=Solaredge,DC=solaredge,DC ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidArgument: (:) [New-ADUser], ParameterBindingException
+ FullyQualifiedErrorId : CannotConvertArgument,Microsoft.ActiveDirectory.Management.Commands.NewADUser
编辑 - 新错误:
'ConvertTo-SecureString' is not recognized as an internal or external command,
operable program or batch file.
您必须将所有可能包含特殊字符的字符串的引号传递给 PowerShell,以便它可以按预期解析您的字符串。此外, ConvertTo-SecureString 在这样调用时表现得很奇怪。 this 答案中描述了解决方案。我在以下行中包含了 ConvertTo-SecureString 的引号和解决方法:
$command = 'powershell "& {New-ADUser -Path \''.$path.'\' -Name \''.$name.'\' -Title \''.$title.'\' -Department \''.$department.'\' -POBox \''.$POBox.'\' -AccountPassword (ConvertTo-SecureString -AsPlainText \''.$password.'\' -Force) -Company \''.$Company.'\' -GivenName \''.$GivenName.'\' -DisplayName \''.$DisplayName.'\' -SamAccountName \''.$SamAccountName.'\' -Enabled '.$Enabled}";
将您的密码行更改为:
$password = "Welc0me!";
未经测试,只是在黑暗中拍摄,但如果您打印出 $command,它很可能会显示如下内容:
powershell New-ADUser -Path OU=HRTest,OU=Israel,OU=Users,OU=Solaredge,DC=solaredge,DC=local -Name ...
有了这个,你给路径参数一个数组:
[0]OU=HR测试 [1]OU=以色列
等等。
相反,您想将路径封装在引号中: powershell New-ADUser -Path "OU=HRTest,OU=Israel,OU=Users,OU=Solaredge,DC=solaredge,DC=local" -Name ...
像这样的东西应该有用:
$command = 'powershell New-ADUser -Path "'.$path.'" -Name ...