-
Notifications
You must be signed in to change notification settings - Fork 8
LDAP Object Creation
Jiri Formacek edited this page Nov 22, 2024
·
2 revisions
#password manipulation requires secure connection.
#Use one of supported encryption types to protect transmission channel
Get-LdapConnection -LdapServer mydomain.com -EncryptionType Kerberos
#We use transforms to convert values to LDAP native format when saving object to LDAP store
Register-LdapAttributeTransform -Name UnicodePwd
Register-LdapAttributeTransform -Name UserAccountControl
#Design the object
$Props = @{
distinguishedName='cn=user1,cn=users,dc=mydomain,dc=com'
objectClass='user'
sAMAccountName='User1'
unicodePwd='S3cur3Pa$$word'
userAccountControl='UF_NORMAL_ACCOUNT'
}
#Create the object according to design
$obj = new-object PSObject -Property $Props
#When dealing with password, LDAP server is likely
#to require encrypted connection
$Ldap = Get-LdapConnection -EncryptionType Kerberos
#Create the object in directory
$obj | Add-LdapObject -LdapConnection $Ldap