在 AD 中创建多个用户并分配一个主目录
Create Multiple users in AD and assign a home directory
我对使用 PowerShell 和所有脚本语言还比较陌生,如果这是一个愚蠢的问题,我深表歉意。
我的脚本如下:
$pw = read-host "Password" -AsSecureString
Import-CSV D:\powershell_create_bulk_users\bulk_users1_Modified.csv | foreach {
New-ADUser -Name $_.Name -SamAccountName $_.SamAccountName -Surname $_.Surname -
DisplayName $_.DisplayName -Path $_.Path -AccountPassword $pw -ChangePasswordAtLogon
$false -Enabled $true
$fullPath = '\NAS\student\'
$driveLetter = "Z:"
$user = Get-ADUser $_.SamAccountName
Set-ADUser $User -HomeDrive $driveLetter -HomeDirectory $fullPath -ea Stop
$homeShare = New-Item -Path $fullPath -ItemType Directory -force -ea Stop
$acl = Get-Acl $homeShare
$FileSystemRights = [System.Security.AccessControl.FileSystemRights]"Modify"
$AccessControlType = [System.Security.AccessControl.AccessControlType]::Allow
$InheritanceFlags = [System.Security.AccessControl.InheritanceFlags]"ContainerInherit,
ObjectInherit"
$PropagationFlags = [System.Security.AccessControl.PropagationFlags]"InheritOnly"
$AccessRule = New-Object System.Security.AccessControl.FileSystemAccessRule ($User.SID,
$FileSystemRights, $InheritanceFlags, $PropagationFlags, $AccessControlType)
$acl.AddAccessRule($AccessRule)
Set-Acl -Path $homeShare -AclObject $acl -ErrorAction Stop
}
它可以很好地创建用户和驱动器,但只是 \NAS\student\ 而不是我理想中想要的,例如 \NAS2\student\Tsmith.
我也得到一个错误:
`New-Item : The path is not of a legal form.
At D:\powershell_create_bulk_users\bulk_users1_Modified.ps1:8 char:14
+ ... homeShare = New-Item -Path $fullPath -ItemType Directory -force -ea S ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidArgument: (\NAS\student\:String) [New-Item],
ArgumentException
+ FullyQualifiedErrorId :
CreateDirectoryArgumentError,Microsoft.PowerShell.Commands.NewItemCommand`
是否希望有人能为我指出正确的方向?
发生这种情况是因为您忘记了指定新主目录的名称 - New-Item 试图提供帮助,并说“调用者可能希望我创建一个名为 student 的文件夹path \NAS" - 但是 \NAS 不是目录,尝试打开它会导致您看到错误。
更改此行:
$fullPath = '\NAS\student\'
至:
$basePath = '\NAS\student\'
# construct full home directory path for user to basepath+username
$fullPath = Join-Path $basePath -ChildPath $_.SamAccountName
对 Set-ADUser 和 New-Item 的后续调用现在将正确创建主目录并将其设置为 \NAS\student\username
我对使用 PowerShell 和所有脚本语言还比较陌生,如果这是一个愚蠢的问题,我深表歉意。
我的脚本如下:
$pw = read-host "Password" -AsSecureString
Import-CSV D:\powershell_create_bulk_users\bulk_users1_Modified.csv | foreach {
New-ADUser -Name $_.Name -SamAccountName $_.SamAccountName -Surname $_.Surname -
DisplayName $_.DisplayName -Path $_.Path -AccountPassword $pw -ChangePasswordAtLogon
$false -Enabled $true
$fullPath = '\NAS\student\'
$driveLetter = "Z:"
$user = Get-ADUser $_.SamAccountName
Set-ADUser $User -HomeDrive $driveLetter -HomeDirectory $fullPath -ea Stop
$homeShare = New-Item -Path $fullPath -ItemType Directory -force -ea Stop
$acl = Get-Acl $homeShare
$FileSystemRights = [System.Security.AccessControl.FileSystemRights]"Modify"
$AccessControlType = [System.Security.AccessControl.AccessControlType]::Allow
$InheritanceFlags = [System.Security.AccessControl.InheritanceFlags]"ContainerInherit,
ObjectInherit"
$PropagationFlags = [System.Security.AccessControl.PropagationFlags]"InheritOnly"
$AccessRule = New-Object System.Security.AccessControl.FileSystemAccessRule ($User.SID,
$FileSystemRights, $InheritanceFlags, $PropagationFlags, $AccessControlType)
$acl.AddAccessRule($AccessRule)
Set-Acl -Path $homeShare -AclObject $acl -ErrorAction Stop
}
它可以很好地创建用户和驱动器,但只是 \NAS\student\ 而不是我理想中想要的,例如 \NAS2\student\Tsmith.
我也得到一个错误:
`New-Item : The path is not of a legal form.
At D:\powershell_create_bulk_users\bulk_users1_Modified.ps1:8 char:14
+ ... homeShare = New-Item -Path $fullPath -ItemType Directory -force -ea S ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidArgument: (\NAS\student\:String) [New-Item],
ArgumentException
+ FullyQualifiedErrorId :
CreateDirectoryArgumentError,Microsoft.PowerShell.Commands.NewItemCommand`
是否希望有人能为我指出正确的方向?
发生这种情况是因为您忘记了指定新主目录的名称 - New-Item 试图提供帮助,并说“调用者可能希望我创建一个名为 student 的文件夹path \NAS" - 但是 \NAS 不是目录,尝试打开它会导致您看到错误。
更改此行:
$fullPath = '\NAS\student\'
至:
$basePath = '\NAS\student\'
# construct full home directory path for user to basepath+username
$fullPath = Join-Path $basePath -ChildPath $_.SamAccountName
对 Set-ADUser 和 New-Item 的后续调用现在将正确创建主目录并将其设置为 \NAS\student\username