We try to create new-mailbox in office 365 account using the cmdlet
New-Mailbox -UserPrincipalName chris#contoso.com -Alias chris -Database "Mailbox Database 1"
in WindowsPowershell ISE.To our surprise -UserPrincipalName is not a recognizable.However,using the following cmdlet ,we are able to create new mail box
New-Mailbox -Name "abcd" -MicrosoftOnlineServicesID "abcd#abcdwe.onmicrosoft.com" -Password $Password
here -MicrosoftOnlineServicesID is well recognizable and runs successfully also.
Note:I mean recognizable since when I type -MicrosoftOnlineServicesID in Windows Powershell ISE,the intellisense pops up a suggestion.
My question is why is the parameter -MicrosoftOnlineServicesID is recognizable and why the prameter -UserPrincipalName is not recognizable?
Note:In the same way as -UserPrincipalName , the parameter -TemplateInstance and many other parameters are not recognizable or not working properly.
Please carify what we need to include/import to make these cmdlets recognizable.
Related
What is the best way to add a user in a hybrid on-prem/o365 deployment with a mailbox? If I go into Exchange Admin Center on either the on-prem or o365 and add a recipient it replicates it out to the other EAC as well as adding the user to active directory on prem. Looking thru the powershell documentation it looks like the New-Mailbox command should do that but I cant get it to work. Here is what I have so far.
Connect-ExchangeOnline -Credential $credential -ShowProgress $true
Connect-AzureAD -Credential $credential
Connect-MsolService -Credential $credential
New-Mailbox -MicrosoftOnlineServicesID $uName"#mydomain.com" -Name "$fName $lName" -Password $secureString -ResetPasswordOnNextLogon $true
This creates the mailbox/user in o365 portal but not in on/off-prem EAC or active directory.
Steps:
First Create user and Assign a License
"New-ADUser -Name "user" -Accountpassword (Read-Host -AsSecureString "AccountPassword") -Enabled $true"
Enable remote Mailbox
"Enable-RemoteMailbox user -RemoteRoutingAddress user#domain.mail.onmicrosoft.com"
So i'm trying to create a list of new users in powershell on my windows server 2012 r2. I want the users name as Mike, Linda, Kurt. I run the following command
New-ADUser Kurt -enabled
I get an error as that does not work. I know that this command exists and works
New-ADUser Kurt
Is there a command to create a new user and set it to enabled without setting a password to it? I'm a beginner at powershell
You will need to add the $true value to the -Enabled flag, like so:
New-ADUser Kurt -Enabled $true
This is because the -Enabled flag expects a boolean value (true, false) to be sent to it.
Hello,
I am trying to automate the installation and promotion of domain controllers, which are being added to an existing root forest with no child domains. I'm using the following code to perform this action during a ConfigMgr Task Sequence (so the script itself is being run as System):
function Install-DomainController
{
param(
[string]$CUST_DSRMPassword,
[System.Management.Automation.PSCredential]$CUST_ADDSCredentials
)
Write-LogEntry -Type Information -Message "Promoting the Server to a Domain Controller..."
try
{
Install-ADDSDomainController `
-NoGlobalCatalog:$false `
-CreateDNSDelegation:$false `
-CriticalReplicationOnly:$false `
-Credential $CUST_ADDSCredentials `
-Adprepcredential $CUST_ADDSCredentials `
-DatabasePath "$NTDSPath" `
-DomainName "$DomainName" `
-InstallDNS:$true `
-LogPath "$NTDSPath" `
-ReplicationSourceDC "$CUST_DomainControllerToUse" `
-SysvolPath "$SysvolPath" `
-Force:$true `
-NoRebootOnCompletion:$true `
-SafeModeAdministratorPassword (ConvertTo-SecureString -AsPlainText $CUST_DSRMPassword -Force)
}
catch
{
$ErrorMessage = $_.Exception.Message
$FailedItem = $_.Exception.ItemName
Write-LogEntry -Type Error -Message "The Item '$FailedItem' caused the following error: '$ErrorMessage'!"
}
}
The credentials are being passed as a parameter formatted as [System.Management.Automation.PSCredential]. I can verify the credentials are correct by opening a cmd window, running powershell and using the following code during runtime:
$CUST_ADDSCredentials.Password
$CUST_ADDSCredentials.GetNetworkCredential()
$CUST_ADDSCredentials.GetNetworkCredential().Password
And I know the user I'm passing on to the cmdlet is infact a member of the domain admins, enterprise admins and schema admins. Yet I still recieve the following error message:
User is not DA or EA. VerifyUserCredentialPermissions error message:
You have not supplied user credentials that belong to the Domain
Admins group or the Enterprise Admins group. The installation may fail
with an access denied error. Do you want to continue?
I'm puzzled as to what I'm doing wrong here. Would I perhaps be required to run the cmdlet in a different context by opening a seperate PSSession and using Invoke-Command -Session -ScriptBlock{}? Or is there perhaps something obvious I'm missing?
Thankful for any help :-)
Best Regards,
Fred
I'm using a PowerShell script I found to add new AD users. It reads info from a CSV file, and everything works well, except that I need it to set the initial startup program for the new users. Here is the command:
New-ADUser $sam -GivenName $_.GivenName -DisplayName $_.DisplayName `
-UserPrincipalName ($sam + "#" + $dnsroot) -AccountPassword $setpass -Enabled $enabled `
-PasswordNeverExpires $expires -OtherAttributes #{'msTSInitialProgram'="programToRun"; 'msTSWorkDirectory'="directoryToRunIn"}
After looking at the user that is created, I see that it effectively ignores the -OtherAttributes.
Am I missing an attribute somewhere that is causing it to skip setting the initial program?
The 'msTSInitialProgram' attribute specifies the path and file name of the application that the user wants to start automatically when the user logs on to the terminal server. To set an initial application to start when the user logs on, the implementer must first set this property, and then set the TerminalServicesWorkDirectory property. If the implementer sets only the TerminalServicesInitialProgram property, the application starts in the user's session in the default user directory.
These attributes are implemented on Windows Server 2008 operating system, Windows Server 2008 R2 operating system, Windows Server 2012 operating system, and Windows Server 2012 R2 operating system.
On my Windows Server 2012 your command line works, run as administrator, works perfectly and assigned 'msTSInitialProgram' and 'msTSWorkDirectory' as you can see here under.
New-ADUser "T2" -GivenName "Tg" -DisplayName "T2" `
-UserPrincipalName ("T2#SILOGIX-ESS01.local") -Enabled $true -AccountPassword $(convertto-securestring "P#ssW0rD!" -asplaintext -force) `
-OtherAttributes #{'msTSInitialProgram'="programToRun"; 'msTSWorkDirectory'="directoryToRunIn"}
I need to create a new local user account, and then add them to the local Administrators group. Can this be done in PowerShell?
EDIT:
# Create new local Admin user for script purposes
$Computer = [ADSI]"WinNT://$Env:COMPUTERNAME,Computer"
$LocalAdmin = $Computer.Create("User", "LocalAdmin")
$LocalAdmin.SetPassword("Password01")
$LocalAdmin.SetInfo()
$LocalAdmin.FullName = "Local Admin by Powershell"
$LocalAdmin.SetInfo()
$LocalAdmin.UserFlags = 64 + 65536 # ADS_UF_PASSWD_CANT_CHANGE + ADS_UF_DONT_EXPIRE_PASSWD
$LocalAdmin.SetInfo()
I have this, but was wondering if there is anything more PowerShell-esque.
Another alternative is the old school NET USER commands:
NET USER username "password" /ADD
OK - you can't set all the options but it's a lot less convoluted for simple user creation & easy to script up in Powershell.
NET LOCALGROUP "group" "user" /add to set group membership.
As of PowerShell 5.1 there cmdlet New-LocalUser which could create local user account.
Example of usage:
Create a user account
New-LocalUser -Name "User02" -Description "Description of this account." -NoPassword
or Create a user account that has a password
$Password = Read-Host -AsSecureString
New-LocalUser "User03" -Password $Password -FullName "Third User" -Description "Description of this account."
or Create a user account that is connected to a Microsoft account
New-LocalUser -Name "MicrosoftAccount\usr name#Outlook.com" -Description "Description of this account."
Try using Carbon's Install-User and Add-GroupMember functions:
Install-User -Username "User" -Description "LocalAdmin" -FullName "Local Admin by Powershell" -Password "Password01"
Add-GroupMember -Name 'Administrators' -Member 'User'
Disclaimer: I am the creator/maintainer of the Carbon project.
As of 2014, here is a statement from a Microsoft representative (the Scripting Guy):
As much as we might hate to admit it, there are still no Windows
PowerShell cmdlets from Microsoft that permit creating local user
accounts or local user groups. We finally have a Desired State
Configuration (DSC ) provider that can do this—but to date, no
cmdlets.
Import-Csv C:\test.csv |
Foreach-Object {
NET USER $ _.username $ _.password /ADD
NET LOCALGROUP "group" $_.username /ADD
}
edit csv as username,password
and change "group" for your groupname
:) worked on 2012 R2
$sec_pass = ConvertTo-SecureString -String "SomePasword" -AsPlainText -Force
New-LocalUser -Name username -FullName username -PasswordNeverExpires -Password $sec_pass
Add-LocalGroupMember -Group Administrators -Member username