DLally
Enthusiast
Enthusiast

Anyone actually able to run powershell/remote powershell to create active directory objects

I've gone through and setup my powershell host and have been able to run powershell/external powershell successfully but am stuck on invoking commands to create users in active directory.

I get this error every time now:

Microsoft.ActiveDirectory.Management.ADServerDownException: Unable to contact the server. This may be because this server does not exist, it is currently down, or it does not have the Active Directory Web Services running. ---> System.ServiceModel.CommunicationException: The socket connection was aborted. This could be caused by an error processing your message or a receive timeout being exceeded by the remote host, or an underlying network resource issue. Local socket timeout was '00:02:00'. ---> System.IO.IOException: The read operation failed, see inner exception. ---> System.ServiceModel.CommunicationException: The socket connection was aborted. This could be caused by an error processing your message or a receive timeout being exceeded by the remote host, or an underlying network resource issue. Local socket timeout was '00:02:00'. --->

6 Replies
qc4vmware
Virtuoso
Virtuoso

I created wrappers for the command line utilities and its worked flawlessly for years now.  Maybe not much help for your current issue but if you need to get something working quickly while you debug dsadd has been rock solid.  You can run it locally if you have windows based vCO or use the guest script manager package (if you haven't used this yet it is a much richer method of running a guest operation).

DLally
Enthusiast
Enthusiast

The guest script manager seems to do the trick. 

I am having a weird issue though.  I can perform my task fine, but when I try to make it more dynamic to be able to create objects on different domains, it's like it's not accepting the tasks from VCO.  I can copy/paste what my script is onto a server and it executes fine.  It only errors when executing from VCO.

Here's the error.

A positional parameter cannot be found that accepts argument 'ActiveDirectory'.

    + CategoryInfo          : NotSpecified: (:) [Write-Error], WriteErrorException

    + FullyQualifiedErrorId : Microsoft.PowerShell.Commands.WriteErrorException,vco_vmware35.ps

0 Kudos
qc4vmware
Virtuoso
Virtuoso

Can you paste in a sample of the command as well so I can see the full syntax?

0 Kudos
DLally
Enthusiast
Enthusiast

This is the command being passed through.. 

Import-Module ActiveDirectory

New-PSDrive –Name Test –PSProvider ActiveDirectory –Server ‘testdomain.com’ –root ‘//RootDSE/’ -Scope Global

CD Test:

New-ADUser `

-Name "$user" `

-SamAccountName  "$user" `

-DisplayName "$display" `

-userPrincipalName "$user" `

-description "$description" `

-AccountPassword (ConvertTo-SecureString "MyPassword123" -AsPlainText -Force) `

-ChangePasswordAtLogon $true  `

-Enabled $true

0 Kudos
DLally
Enthusiast
Enthusiast

It seems like the syntax isn't passing through on the New-PSDrive commands.... it keeps erroring off those

0 Kudos
houghtp
Contributor
Contributor

for your first issue (running ad cmdlets directly from vRO) put "forwardable = true" into your krb5.conf file in vRO.

http://professionalvmware.com/2014/03/vbrownbag-follow-up-using-vco-to-manage-active-directory-and-e...