1
很长时间潜伏者,但我终于找到了一个问题,我找不到答案,所以我决定是时候加入。我试图收集AD中超过X天的计算机列表($ DelCompDays)。然后根据DistinguishedName字段使用Identity标志删除该计算机。问题是,即使域名管理员信誉我越来越:删除ADComputer:访问被拒绝删除-ADComputer:访问被拒绝powershell
即使我运行Remove-ADComputer -Identity“全CN或短名称”我得到一个访问被拒绝。有人有主意吗?先谢谢你!
#Get AD computers older than $DelCompDays
$results = Search-ADAccount -ComputersOnly -AccountInactive -TimeSpan "$DelCompDays.00:00:00"
#Loop and try to delete
foreach ($result in $results){
if ($result -ne $NULL){
try {
Remove-ADComputer -Identity $result.DistinguishedName -confirm:$false
$Success = "Deleted: $result.DistinguishedName"
WriteCustomOutput -message "$Success" -foregroundcolor green -backgroundcolor DarkMagenta
}
catch {
$Error = "Failed to delete: $result.DistinguishedName"
WriteCustomOutput -message "$Error" -foregroundcolor Red -backgroundcolor Black
}
}
else{
$Warning = "No computers older than $ArcDays days to delete"
WriteCustomOutput -message "$Warning" -foregroundcolor yellow -backgroundcolor DarkMagenta
}
}
对象是否有意外删除位被选中?也许你可以看看其中一个计算机属性>对象选项卡>查看底部的复选框? –
感谢您的输入,他们实际上并没有。我找到了答案,并在下面发布了答案。事实证明,在非交互式运行时,remove-adcomputer传递证书的方式是一个问题。 @AdilHindistan – tottenham12712