Durch die Nutzung von AWS re:Post stimmt du den AWS re:Post Nutzungsbedingungen
AWS re:Postre:Post

System Manager PowerShell command to create AD User

0

I am trying to run a PowerShell command to create an ad user in an active directory hosted in one of the EC2 instances.

New-ADUser -Name 'Batman Gotham' -AccountPassword (ConvertTo-SecureString 'Password@1234' -AsPlainText -Force) -DisplayName 'Batman Gotham' -GivenName 'Batman' -SamAccountName 'batman.gotham@darknight.com' -Surname 'Gotham' -EmailAddress 'batman.gotham@darknight.com' -UserPrincipalName 'batman.gotham@darknight.com' -MobilePhone '8888888888' -Title 'Staff Super Hero' -Department 'Batman Cloud Services' -Enabled $True -StreetAddress 'Gotham Street' -City 'Gotham' -State 'CA' -Country 'USA' -Path 'CN=Users,OU=Operations,DC=darknight,DC=com' -employeeNumber '1234567' -ChangePasswordAtLogon $True

but I am getting the below error in the system manager and am not able to find more details about the error:

New-ADUser : The name provided is not a properly formed account name
At C:\ProgramData\Amazon\SSM\InstanceData\i-instanceid\document\orchestr
ation\853f5c41-fcbf-44e0-b7fb-qwe1234redfdd\awsrunPowerShellScript\0.awsrunPower
ShellScript\_script.ps1:1 char:1
+ New-ADUser -Name 'Batman Gotham' -AccountPassword (ConvertTo-SecureString 
'Passw ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~
    + CategoryInfo          : NotSpecified: (CN=Batman Gotha...darknight,DC=com 
   :String) [New-ADUser], ADException
    + FullyQualifiedErrorId : ActiveDirectoryServer:1315,Microsoft.ActiveDirec 
   tory.Management.Commands.NewADUser

Any recommendation.

Themen
Sicherheit, Identität & KonformitätManagement & Unternehmensführung
Tags
AWS Directory ServiceAWS Systemmanager
Sprache
English
snowcoder_07
gefragt vor einem Monat156 Aufrufe
1 Antwort
1

The error indicates that the SamAccountName provided in the New-ADUser command is not formatted correctly. The SamAccountName needs to be a valid account name that can be used to log into the domain. It typically looks like firstname.lastname or firstinitial.lastname.

Please try the following:

  • Use a valid account name format like 'batman.gotham' instead of the email address for SamAccountName and UserPrincipalName

  • Make sure the SamAccountName is unique in the domain

  • Remove any special characters or spaces from the SamAccountName

  • Verify the domain name specified with -Path is correct

  • Check if you have permissions to create users in the OU specified with -Path

Try the below command:

New-ADUser -Name 'Batman Gotham' -SamAccountName 'batman.gotham' -UserPrincipalName 'batman.gotham@darknight.com' -Path 'CN=Users,OU=Operations,DC=darknight,DC=com'

AWS
AWS-User-4970074
beantwortet vor einem Monat

Du bist nicht angemeldet. Anmelden um eine Antwort zu veröffentlichen.

Eine gute Antwort beantwortet die Frage klar, gibt konstruktives Feedback und fördert die berufliche Weiterentwicklung des Fragenstellers.

Richtlinien für die Beantwortung von Fragen

Relevanter Inhalt