尝试通过 Set-ADAccountPassword 重置用户密码时收到 NullReference。
我提出这个要求:
Get-ADUser -Filter * -SearchBase "DC=domain,DC=hu" -Properties OfficePhone, Mobile, SID | Where-Object { $_.OfficePhone -eq "888888" -or $_.Mobile -eq "888888" } | Select-Object SID | Set-ADAccountPassword -Reset -NewPassword (ConvertTo-SecureString -AsPlainText "HvUpJP13" -Force) -PAssThru | Unlock-ADAccount
我收到错误:
+ ... bject SID | Set-ADAccountPassword -Reset -NewPassword (ConvertTo-Secu ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : NotSpecified: (Microsoft.Activ...ement.ADAccount:ADAccount) [Set-ADAccountPassword], NullReference
Exception
+ FullyQualifiedErrorId : ActiveDirectoryCmdlet:System.NullReferenceException,Microsoft.ActiveDirectory.Management.Commands.
SetADAccountPassword
同时,如果我删除 Set-ADAccountPassword,则可以针对此请求定位用户。
Get-ADUser -Filter * -SearchBase "DC=domain,DC=hu" -Properties OfficePhone, Mobile, SID | Where-Object { $_.OfficePhone -eq "888888" -or $_.Mobile -eq "888888" } | Select-Object SID
SID
---
S-1-5-21-1684329652-2275368447-683485574-8603
为什么请求没有完成?
Set-ADAccountPasswordADAccount请参阅输入部分。
ADAccount-Identity当您在管道中使用
Select-Object SIDADUserWhere-Object { $_.OfficePhone -eq '888888' -or $_.Mobile -eq '888888' }
并使用
AD Filter# Note:
# `telephoneNumber` is the LDAP DisplayName of `officePhone`
# `mobile` is the LDAP DisplayName` of `MobilePhone`
Get-ADUser -LDAPFilter '(|(telephoneNumber=888888)(mobile=888888))' -SearchBase 'DC=domain,DC=hu' |
Set-ADAccountPassword -Reset -NewPassword (ConvertTo-SecureString -AsPlainText 'HvUpJP13' -Force) -PassThru |
Unlock-ADAccount