Get-ADObject无法在php中运行

问题描述 投票:0回答:2

我试图通过PHP查询GC。我只是运行简单的测试查询。但它没有与get-adobject一起运行。但如果我使用get-aduser我可以得到结果。真奇怪。即使非常简单的get-adobject查询也无效。例如下面。

$user="xyzabc";
$queryfilter="\"samaccountname=$user\"";
$cmd='powershell "Get-ADObject -LDAPFilter ('.$queryfilter.') –Server abc1.xyz.com:3268"';

然后我运行exec($ cmd),它没有给出任何结果/错误。奇怪的是,即使我对变量进行硬编码仍然无法正常工作或给出任何错误。我使用exec运行了许多其他的powershell查询,没有任何问题。但这个get-adobject给了我很多时间。有人可以帮帮我吗。

php powershell
2个回答
0
投票

尝试

Get-ADObject -LDAPFilter "(SamAccountName =$user)"

或使用DN或GUID

0
投票

完全披露 - 我不是一个PHP人,所以我从来没有尝试过使用PHP的PoSH。所以,请参阅PHP和PowerShell上的这篇文章

PHP | Passing parameters into Powershell script

当Get-ADUser获取所有用户信息时,您试图通过在用户上使用Get-ADObject来实现什么?

甚至Get-ADObject文档也专门用于获取用户对象和信息,以使用GetADUser cmdlet。

https://technet.microsoft.com/en-us/library/ee617198.aspx?f=255&MSPPError=-2147217396

您正在使用带引号的括号字符串,因此无法获得您期望的变量的扩展。

其次,$ cmd将会产生操作的结果。

示例来自我的测试实验室

Get-ADObject -LDAPFilter ('samaccountname=Administrator') –Server DC01


DistinguishedName                      Name...

CN=Administrator,CN=Users,DC=sateam... Administrator...


Get-ADObject -LDAPFilter "(samaccountname=$User)" –Server DC01


Get-ADObject : The search filter cannot be recognized
At line:1 char:1
+ Get-ADObject -LDAPFilter "(samaccountname=$User)" –Server DC01
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : NotSpecified: (:) [Get-ADObject], ADException
    + FullyQualifiedErrorId : ActiveDirectoryServer:8254,Microsoft.ActiveDirectory.Management.Commands.GetADObject


$User = 'Administrator'
Get-ADObject -LDAPFilter ("samaccountname=$user") –Server DC01

DistinguishedName                      Name...

CN=Administrator,CN=Users,DC=sateam... Administrator...



powershell Get-ADObject -LDAPFilter ("samaccountname=$user") –Server DC01

Check user role
Current user - Administrator is running as a local Administrator
Check PowerShell Execution Policy
Unrestricted

DistinguishedName                      Name...

CN=Administrator,CN=Users,DC=sateam... Administrator...


$cmd = powershell Get-ADObject -LDAPFilter ("samaccountname=$user") –Server DC01
$cmd

Check user role
Current user - Administrator is running as a local Administrator
Check PowerShell Execution Policy
Unrestricted

DistinguishedName                      Name...

CN=Administrator,CN=Users,DC=sateam... Administrator...

如果您尝试构建cmd字符串,则方法是相同的

PS C:\ Scripts> $ User ='Administrator'

PS C:\Scripts> $cmd = 'powershell Get-ADObject -LDAPFilter ("samaccountname=$user") –Server DC01'

PS C:\Scripts> $cmd   This will not run the above, it will just output it
powershell Get-ADObject -LDAPFilter ("samaccountname=$user") –Server DC01

PS C:\Scripts> &$cmd  this will run the above but will error because you are shelling out to the powershell console 
                      and that user variable has no meaning unless you have a way in php to pass it, and having powershell recognize how to run what you sent it.

& : The term 'powershell Get-ADObject -LDAPFilter ("samaccountname=$user") –Server DC01' is not recognized as the name of a cmdlet, function, 
script file, or operable program. Check the spelling of the name, or if a path was included, verify that the path is correct and try again.
At line:1 char:2
+ &$cmd  this will run the above but will error because you are shelling out to t ...
+  ~~~~
    + CategoryInfo          : ObjectNotFound: (powershell Get-...Server DC01:String) [], CommandNotFoundException
    + FullyQualifiedErrorId : CommandNotFoundException


$Error | Format-List -Force

Exception             : System.Management.Automation.CommandNotFoundException: The term 'powershell Get-ADObject -LDAPFilter ("samaccountname=$user") 
                        –Server DC01' is not recognized as the name of a cmdlet, function, script file, or operable program. Check the spelling of 
                        the name, or if a path was included, verify that the path is correct and try again.
                           at System.Management.Automation.CommandDiscovery.LookupCommandInfo(String commandName, CommandTypes commandTypes, 
                        SearchResolutionOptions searchResolutionOptions, CommandOrigin commandOrigin, ExecutionContext context)
                           at System.Management.Automation.CommandDiscovery.LookupCommandProcessor(String commandName, CommandOrigin commandOrigin, 
                        Nullable`1 useLocalScope)
                           at System.Management.Automation.ExecutionContext.CreateCommand(String command, Boolean dotSource)
                           at System.Management.Automation.PipelineOps.AddCommand(PipelineProcessor pipe, CommandParameterInternal[] commandElements, 
                        CommandBaseAst commandBaseAst, CommandRedirection[] redirections, ExecutionContext context)
                           at System.Management.Automation.PipelineOps.InvokePipeline(Object input, Boolean ignoreInput, CommandParameterInternal[][] 
                        pipeElements, CommandBaseAst[] pipeElementAsts, CommandRedirection[][] commandRedirections, FunctionContext funcContext)
                           at System.Management.Automation.Interpreter.ActionCallInstruction`6.Run(InterpretedFrame frame)
                           at System.Management.Automation.Interpreter.EnterTryCatchFinallyInstruction.Run(InterpretedFrame frame)
TargetObject          : powershell Get-ADObject -LDAPFilter ("samaccountname=$user") –Server DC01
CategoryInfo          : ObjectNotFound: (powershell Get-...Server DC01:String) [], CommandNotFoundException
FullyQualifiedErrorId : CommandNotFoundException
ErrorDetails          : 
InvocationInfo        : System.Management.Automation.InvocationInfo
ScriptStackTrace      : at <ScriptBlock>, <No file>: line 1
PipelineIterationInfo : {}
PSMessageDetails      :
最新问题
© www.soinside.com 2019 - 2024. All rights reserved.