2
变化我有这样的PowerShell脚本的修改版本:https://social.technet.microsoft.com/Forums/scriptcenter/en-US/355d9293-e324-4f60-8eed-18bcc6d67fc0/adsiwinntcomputeradministratoruser-with-alternate-credentials?forum=ITCG能ADSI可以用来设置Windows密码帐户需要在首次登录
尝试与第一登录要求修改密码的帐户(如果它失败我可以使用ctrl + alt + del提示手动更改密码,但通常会在图像上对VM进行测试)。那重要的部分是:
Invoke-Command -ComputerName $ComputerName -Credential $Credential -ErrorVariable e -ArgumentList $ComputerName,$NewPassword,$User -ScriptBlock {
Param($ComputerName,$NewPassword,$User)
$Account = [ADSI]"WinNT://$ComputerName/$User,user"
$Account.PwdLastSet = 0
$Account.SetInfo()
$Account.SetPassword($NewPassword)
$Account.SetInfo()
$e
}
当我运行这对于不需要在首次登录改变它成功完成一笔账:
> Change-LocalPassword -User 'TestAccount' -Credential $wincred -OldPassword $OP -NewPassword $NP -ComputerName $computerName
Info::Change-LocalPassword::Changing password from <old> to <new>
Info::Change-LocalPassword::Service WinRM is already running on Localhost
Info::Change-LocalPassword::Trusted Hosts Value is: <computer>
Info::Change-LocalPassword Invoking Command: [adsi]WinNT://<computer>/TestAccount,user
True
当帐户运行,需要先登录:
Change-LocalPassword -User $Config.win_user -Credential $wincred -OldPassword $Config.winog_passwd -NewPassword $Config.win_passwd -ComputerName $computerName
Info::Change-LocalPassword::Changing password from <old> to <new>
Info::Change-LocalPassword::Service WinRM is already running on Localhost
Info::Change-LocalPassword::Trusted Hosts Value is: <computer>
Info::Change-LocalPassword Invoking Command: [adsi]WinNT://<computer>/<user>,user
[computer] Connecting to remote server <computer> failed with the following error message : Access is denied. For more information, see
the about_Remote_Troubleshooting Help topic.
+ CategoryInfo : OpenError: (<computer>:String) [], PSRemotingTransportException
+ FullyQualifiedErrorId : AccessDenied,PSSessionStateBroken
-Message Error::Change-LocalPassword::Could not set password for <user> on <computer> [computer] Connecting to remote server <computer> failed with the following error message : Access is denied. For more information, see the about_Remote_Troubleshooting Help topic.
False
本地管理员帐户是机器上唯一的帐户,它没有加入域。其他人是否遇到过这种情况并确定了解决方案
这似乎我在某种程度上是循环依赖。机器上唯一的帐户是我尝试更改密码的帐户。执行一个简单的调用命令失败,并使用凭据拒绝访问(假设因为必须先更改密码): – user5505180
'PS D:\ projects \ windows-cloudify> Invoke-Command - 计算机名$计算机名-Credential $ wincred -ScriptBlock {ls c:\ TEMP} [计算机]连接到远程服务器失败,并显示以下错误消息:访问被拒绝。有关更多信息,请参阅 about_Remote_Troubleshooting帮助主题。 + CategoryInfo:OpenError :(计算机:字符串)[],PSRemotingTransportException + FullyQualifiedErrorId:AccessDenied,PSSessionStateBroken' –
user5505180