I am trying to create a user in AD with a different user's credentials in one of many domains. The RSAT tools are more than likely not going to be available on the PC this will run on, so the nice built in commands aren't an option, which is why I turned to ADSI.
When running straight as someone with rights that works great. On a VM I am logged in as someone without rights in AD, and this works great.
When I run it in Powershell Studio I get
ERROR: [localhost] An error occurred while starting the background process. Error reported: The directory name is invalid.
ERROR: + CategoryInfo : OpenError: (localhost:String) [], PSRemotingTransportException
ERROR: + FullyQualifiedErrorId : -2147467259,PSSessionStateBroken
Here is the trouble spot.
- Write-Log "Creating an autologon user named $($textbox_Build_PCName.Text).$($currentMinistry.Domain) in $($combobox_Build_MinistryList.Text)"
- $Credential = Get-Credential ***\**** #User with rights in AD
- $GetProcessJob = Start-Job -ScriptBlock {
- param (
- $Domain,
- $PCName,
- $UserOU,
- $UPNSuffix,
- $BuildType,
- $ALPassword)
- $root = [ADSI]"LDAP://$($Domain)"
- $searcher = New-Object System.DirectoryServices.DirectorySearcher($root)
- $searcher.Filter = "(&(objectClass=user)(sAMAccountName= A$($PCName)))"
- $User = $searcher.FindOne()
- if ($User)
- {
- $found = $true
- [void][System.Windows.Forms.MessageBox]::Show('Problem Creating User, User Already Exists.', 'Creating User Error')
- }
- else
- {
- try
- {
- $notfound = $true
- [ADSI]$OU = "LDAP://$($UserOU)"
- $newUser = $OU.Create("user", "CN=A$($PCName)")
- $newUser.put("samaccountname", "A$($PCName)")
- $newUser.setinfo()
- }
- catch
- {
- [void][System.Windows.Forms.MessageBox]::Show('Problem Creating User, normally AD Permissions', 'Creating User Error')
- }
- try
- {
- $newUser.setpassword($currentMinistry.ALPassword)
- $newUser.put("description", $BuildType)
- $newUser.put("userWorkstations", $PCName)
- $newUser.put("userPrincipalName", "A$($PCName)$($UPNSuffix)")
- $newUser.put("userAccountControl", 66080)
- $newUser.setinfo()
- }
- catch
- {
- [void][System.Windows.Forms.MessageBox]::Show('Problem Modifying new user.')
- }
- $done = $true
- [void][System.Windows.Forms.MessageBox]::Show('User Creation Complete', 'Creating User')
- }
- } -Credential $Credential -ArgumentList @($currentMinistry.Domain, $textbox_Build_PCName.Text, "OU=Testing,OU=Desktop ,OU=Resource,DC=****,DC=****", $currentMinistry.UPNSuffix, $combobox_Build_PCBuild.SelectedItem.ToString(),"********")
- #Wait until the job is completed
- Wait-Job $GetProcessJob
- #Get the Job results
- $GetProcessResult = Receive-Job -Job $GetProcessJob
- #Print the Job results
- $GetProcessResult