Creating a user in every domain and setting properties and passwords

I often have to create a user in every domain in our forest.
Everything works great except for the part where I set the password.
I have found a couple of examples in the newsgroups on how to set the
password and what I have now is exactly what someone said worked for
them. But it doesn't work for me. If I go though this step by step I
can verify the user is created just fine and I can even enable the
user account. But as soon as I run the line to set the password I get
the following error.

Does anyone know why this doesn't want to set the password for my user
accounts? I am running the latest v1.0 release of Powershell.

***************************

(Error message when set password line runs)

Exception calling "Invoke" with "2" argument(s): "Exception has been
thrown by the target of an invocation."
At line:20 char:30
+ $NewUser.psbase.Invoke( <<<< "SetPassword",$arrPassword[$i])

*****************************

(My code)

# Uses the ARNG.Domains component to get a list of FQDN's

$objDomains = New-Object -com "ARNG.Domains"
$arrDomainList = [system.__comobject].invokemember("ListNames",
[system.reflection.bindingflags]::invokemethod,$null,
$objDomains,"FQDN")
$arrDomainList = $arrDomainList | sort

# Creates the DN for each state, i.e. DC=AL,DC=NGB,DC=MIL

$arrDomainDNs = @()

foreach ($strDomainList in $arrDomainList)
{
$strDomainFQDN = $strDomainList
$strDomainDN = "DC=" + $strDomainFQDN.Replace(".",",DC=")
$arrDomainDNs = $arrDomainDNs + $strDomainDN
}

# Creates an array of State Codes, i.e. DC,AL,NV

$arrDomains = @()

foreach ($strDomainList in $arrDomainList)
{
$arrSplitDomainList = $strDomainList.Split(".")
$strDomain = $arrSplitDomainList[0]
$strDomain = $strDomain.toUpper()
$arrDomains = $arrdomains + $strDomain
}

# Adds the OU path to the Domain DN to form the DN where the account
will be created. Replaces ## with the State Code.

$arrOU = @()
$i = 0

foreach ($strDomainDN in $arrDomainDNs)
{
$strModOUPath = $strOUPath -replace "##",$arrDomains[$i]
$arrOU = $arrOU + $strModOUPath
$i++
}

# Takes the Inputed Logon Name and adds the State Code wherever ## is
located in the name.

$arrLogonName = @()
$arrFirstName = @()
$arrLastName = @()
$arrPassword = @()
$i = 0

foreach ($strDomains in $arrDomains)
{
$strModLogonName = $strLogonName.replace("##",$strDomains)
$arrLogonName = $arrLogonName + [string]$strModLogonName

$strModFirstName = $strFirstName.replace("##",$strDomains)
$arrFirstName = $arrFirstName + [string]$strModFirstName

$strModLastName = $strLastName.replace("##",$strDomains)
$arrLastName = $arrLastName + [string]$strModLastName

$strModPassword = $strPassword.replace("##",$strDomains)
$arrPassword = $arrPassword + [string]$strModPassword

$i++
}

$i = 0

foreach ($strDomainDN in $arrDomainDNs)
{

write-Host $arrDomainDNs[$i]
# Get an ADSI object for the domain

$ad = [ADSI] ("LDAP://" + $arrDomainDNs[$i])

# Get the Users OU

$ou = $ad.psbase.Children.Find($arrOU[$i])

# Add the user

$strUserCN = "CN=" + $arrLogonName[$i]

$NewUser = $ou.psbase.Children.Add($strUserCN,'User')

# Set the basic properties
$NewUser.Put("sAMAccountName",$arrLogonName[$i])
$NewUser.Put("displayName",$arrLogonName[$i])
$NewUser.Put("givenname",$arrFirstName[$i])
$NewUser.Put("sn",$arrLastName[$i])
$NewUser.Put("UserPrincipalName",$arrLogonName[$i] +
$strDomainSuffix)

# Commit changes
$NewUser.SetInfo()

# Set the password
$NewUser.psbase.Invoke("SetPassword",$arrPassword[$i])

# Enable the account
$NewUser.psbase.InvokeSet("AccountDisabled",$false)

# Commit changes
$NewUser.SetInfo()

$i++
}

On Feb 5, 2:58 pm, bryan.rutkow...@gmail.com wrote:
> I often have to create a user in every domain in our forest.
> Everything works great except for the part where I set the password.
> I have found a couple of examples in the newsgroups on how to set the
> password and what I have now is exactly what someone said worked for
> them. But it doesn't work for me. If I go though this step by step I
> can verify the user is created just fine and I can even enable the
> user account. But as soon as I run the line to set the password I get
> the following error.
>
> Does anyone know why this doesn't want to set the password for my user
> accounts? I am running the latest v1.0 release of Powershell.
>
> ***************************
>
> (Error message when set password line runs)
>
> Exception calling "Invoke" with "2" argument(s): "Exception has been
> thrown by the target of an invocation."
> At line:20 char:30
> + $NewUser.psbase.Invoke( <<<< "SetPassword",$arrPassword[$i])
>
> *****************************
>
> (My code)
>
> # Uses the ARNG.Domains component to get a list of FQDN's
>
> $objDomains = New-Object -com "ARNG.Domains"
> $arrDomainList = [system.__comobject].invokemember("ListNames",
> [system.reflection.bindingflags]::invokemethod,$null,
> $objDomains,"FQDN")
> $arrDomainList = $arrDomainList | sort
>
> # Creates the DN for each state, i.e. DC=AL,DC=NGB,DC=MIL
>
> $arrDomainDNs = @()
>
> foreach ($strDomainList in $arrDomainList)
> {
> $strDomainFQDN = $strDomainList
> $strDomainDN = "DC=" + $strDomainFQDN.Replace(".",",DC=")
> $arrDomainDNs = $arrDomainDNs + $strDomainDN
>
> }
>
> # Creates an array of State Codes, i.e. DC,AL,NV
>
> $arrDomains = @()
>
> foreach ($strDomainList in $arrDomainList)
> {
> $arrSplitDomainList = $strDomainList.Split(".")
> $strDomain = $arrSplitDomainList[0]
> $strDomain = $strDomain.toUpper()
> $arrDomains = $arrdomains + $strDomain
>
> }
>
> # Adds the OU path to the Domain DN to form the DN where the account
> will be created. Replaces ## with the State Code.
>
> $arrOU = @()
> $i = 0
>
> foreach ($strDomainDN in $arrDomainDNs)
> {
> $strModOUPath = $strOUPath -replace "##",$arrDomains[$i]
> $arrOU = $arrOU + $strModOUPath
> $i++
>
> }
>
> # Takes the Inputed Logon Name and adds the State Code wherever ## is
> located in the name.
>
> $arrLogonName = @()
> $arrFirstName = @()
> $arrLastName = @()
> $arrPassword = @()
> $i = 0
>
> foreach ($strDomains in $arrDomains)
> {
> $strModLogonName = $strLogonName.replace("##",$strDomains)
> $arrLogonName = $arrLogonName + [string]$strModLogonName
>
> $strModFirstName = $strFirstName.replace("##",$strDomains)
> $arrFirstName = $arrFirstName + [string]$strModFirstName
>
> $strModLastName = $strLastName.replace("##",$strDomains)
> $arrLastName = $arrLastName + [string]$strModLastName
>
> $strModPassword = $strPassword.replace("##",$strDomains)
> $arrPassword = $arrPassword + [string]$strModPassword
>
> $i++
>
> }
>
> $i = 0
>
> foreach ($strDomainDN in $arrDomainDNs)
> {
>
> write-Host $arrDomainDNs[$i]
> # Get an ADSI object for the domain
>
> $ad = [ADSI] ("LDAP://" + $arrDomainDNs[$i])
>
> # Get the Users OU
>
> $ou = $ad.psbase.Children.Find($arrOU[$i])
>
> # Add the user
>
> $strUserCN = "CN=" + $arrLogonName[$i]
>
> $NewUser = $ou.psbase.Children.Add($strUserCN,'User')
>
> # Set the basic properties
> $NewUser.Put("sAMAccountName",$arrLogonName[$i])
> $NewUser.Put("displayName",$arrLogonName[$i])
> $NewUser.Put("givenname",$arrFirstName[$i])
> $NewUser.Put("sn",$arrLastName[$i])
> $NewUser.Put("UserPrincipalName",$arrLogonName[$i] +
> $strDomainSuffix)
>
> # Commit changes
> $NewUser.SetInfo()
>
> # Set the password
> $NewUser.psbase.Invoke("SetPassword",$arrPassword[$i])
>
> # Enable the account
> $NewUser.psbase.InvokeSet("AccountDisabled",$false)
>
> # Commit changes
> $NewUser.SetInfo()
>
> $i++}

try enabling the user first, then set the password.

I just tried reversing enabling and setting the password. Got the
same error. Can anyone verify this is the correct way to set a
password on a user in RTW v1.0 of powershell.

On Feb 5, 7:00 pm, "ASCHNEIDER146" <aschneider...@gmail.com> wrote:
> On Feb 5, 2:58 pm, bryan.rutkow...@gmail.com wrote:
>
>
>
> > I often have to create a user in every domain in our forest.
> > Everything works great except for the part where I set the password.
> > I have found a couple of examples in the newsgroups on how to set the
> > password and what I have now is exactly what someone said worked for
> > them. But it doesn't work for me. If I go though this step by step I
> > can verify the user is created just fine and I can even enable the
> > user account. But as soon as I run the line to set the password I get
> > the following error.
>
> > Does anyone know why this doesn't want to set the password for my user
> > accounts? I am running the latest v1.0 release of Powershell.
>
> > ***************************
>
> > (Error message when set password line runs)
>
> > Exception calling "Invoke" with "2" argument(s): "Exception has been
> > thrown by the target of an invocation."
> > At line:20 char:30
> > + $NewUser.psbase.Invoke( <<<< "SetPassword",$arrPassword[$i])
>
> > *****************************
>
> > (My code)
>
> > # Uses the ARNG.Domains component to get a list of FQDN's
>
> > $objDomains = New-Object -com "ARNG.Domains"
> > $arrDomainList = [system.__comobject].invokemember("ListNames",
> > [system.reflection.bindingflags]::invokemethod,$null,
> > $objDomains,"FQDN")
> > $arrDomainList = $arrDomainList | sort
>
> > # Creates the DN for each state, i.e. DC=AL,DC=NGB,DC=MIL
>
> > $arrDomainDNs = @()
>
> > foreach ($strDomainList in $arrDomainList)
> > {
> > $strDomainFQDN = $strDomainList
> > $strDomainDN = "DC=" + $strDomainFQDN.Replace(".",",DC=")
> > $arrDomainDNs = $arrDomainDNs + $strDomainDN
>
> > }
>
> > # Creates an array of State Codes, i.e. DC,AL,NV
>
> > $arrDomains = @()
>
> > foreach ($strDomainList in $arrDomainList)
> > {
> > $arrSplitDomainList = $strDomainList.Split(".")
> > $strDomain = $arrSplitDomainList[0]
> > $strDomain = $strDomain.toUpper()
> > $arrDomains = $arrdomains + $strDomain
>
> > }
>
> > # Adds the OU path to the Domain DN to form the DN where the account
> > will be created. Replaces ## with the State Code.
>
> > $arrOU = @()
> > $i = 0
>
> > foreach ($strDomainDN in $arrDomainDNs)
> > {
> > $strModOUPath = $strOUPath -replace "##",$arrDomains[$i]
> > $arrOU = $arrOU + $strModOUPath
> > $i++
>
> > }
>
> > # Takes the Inputed Logon Name and adds the State Code wherever ## is
> > located in the name.
>
> > $arrLogonName = @()
> > $arrFirstName = @()
> > $arrLastName = @()
> > $arrPassword = @()
> > $i = 0
>
> > foreach ($strDomains in $arrDomains)
> > {
> > $strModLogonName = $strLogonName.replace("##",$strDomains)
> > $arrLogonName = $arrLogonName + [string]$strModLogonName
>
> > $strModFirstName = $strFirstName.replace("##",$strDomains)
> > $arrFirstName = $arrFirstName + [string]$strModFirstName
>
> > $strModLastName = $strLastName.replace("##",$strDomains)
> > $arrLastName = $arrLastName + [string]$strModLastName
>
> > $strModPassword = $strPassword.replace("##",$strDomains)
> > $arrPassword = $arrPassword + [string]$strModPassword
>
> > $i++
>
> > }
>
> > $i = 0
>
> > foreach ($strDomainDN in $arrDomainDNs)
> > {
>
> > write-Host $arrDomainDNs[$i]
> > # Get an ADSI object for the domain
>
> > $ad = [ADSI] ("LDAP://" + $arrDomainDNs[$i])
>
> > # Get the Users OU
>
> > $ou = $ad.psbase.Children.Find($arrOU[$i])
>
> > # Add the user
>
> > $strUserCN = "CN=" + $arrLogonName[$i]
>
> > $NewUser = $ou.psbase.Children.Add($strUserCN,'User')
>
> > # Set the basic properties
> > $NewUser.Put("sAMAccountName",$arrLogonName[$i])
> > $NewUser.Put("displayName",$arrLogonName[$i])
> > $NewUser.Put("givenname",$arrFirstName[$i])
> > $NewUser.Put("sn",$arrLastName[$i])
> > $NewUser.Put("UserPrincipalName",$arrLogonName[$i] +
> > $strDomainSuffix)
>
> > # Commit changes
> > $NewUser.SetInfo()
>
> > # Set the password
> > $NewUser.psbase.Invoke("SetPassword",$arrPassword[$i])
>
> > # Enable the account
> > $NewUser.psbase.InvokeSet("AccountDisabled",$false)
>
> > # Commit changes
> > $NewUser.SetInfo()
>
> > $i++}
>
> try enabling the user first, then set the password.

On Feb 6, 7:57 am, bryan.rutkow...@gmail.com wrote:
> I just tried reversing enabling and setting the password. Got the
> same error. Can anyone verify this is the correct way to set a
> password on a user in RTW v1.0 of powershell.
>
> On Feb 5, 7:00 pm, "ASCHNEIDER146" <aschneider...@gmail.com> wrote:> On Feb 5, 2:58 pm, bryan.rutkow...@gmail.com wrote:
>
> > > I often have to create a user in every domain in our forest.
> > > Everything works great except for the part where I set the password.
> > > I have found a couple of examples in the newsgroups on how to set the
> > > password and what I have now is exactly what someone said worked for
> > > them. But it doesn't work for me. If I go though this step by step I
> > > can verify the user is created just fine and I can even enable the
> > > user account. But as soon as I run the line to set the password I get
> > > the following error.
>
> > > Does anyone know why this doesn't want to set the password for my user
> > > accounts? I am running the latest v1.0 release of Powershell.
>
> > > ***************************
>
> > > (Error message when set password line runs)
>
> > > Exception calling "Invoke" with "2" argument(s): "Exception has been
> > > thrown by the target of an invocation."
> > > At line:20 char:30
> > > + $NewUser.psbase.Invoke( <<<< "SetPassword",$arrPassword[$i])
>
> > > *****************************
>
> > > (My code)
>
> > > # Uses the ARNG.Domains component to get a list of FQDN's
>
> > > $objDomains = New-Object -com "ARNG.Domains"
> > > $arrDomainList = [system.__comobject].invokemember("ListNames",
> > > [system.reflection.bindingflags]::invokemethod,$null,
> > > $objDomains,"FQDN")
> > > $arrDomainList = $arrDomainList | sort
>
> > > # Creates the DN for each state, i.e. DC=AL,DC=NGB,DC=MIL
>
> > > $arrDomainDNs = @()
>
> > > foreach ($strDomainList in $arrDomainList)
> > > {
> > > $strDomainFQDN = $strDomainList
> > > $strDomainDN = "DC=" + $strDomainFQDN.Replace(".",",DC=")
> > > $arrDomainDNs = $arrDomainDNs + $strDomainDN
>
> > > }
>
> > > # Creates an array of State Codes, i.e. DC,AL,NV
>
> > > $arrDomains = @()
>
> > > foreach ($strDomainList in $arrDomainList)
> > > {
> > > $arrSplitDomainList = $strDomainList.Split(".")
> > > $strDomain = $arrSplitDomainList[0]
> > > $strDomain = $strDomain.toUpper()
> > > $arrDomains = $arrdomains + $strDomain
>
> > > }
>
> > > # Adds the OU path to the Domain DN to form the DN where the account
> > > will be created. Replaces ## with the State Code.
>
> > > $arrOU = @()
> > > $i = 0
>
> > > foreach ($strDomainDN in $arrDomainDNs)
> > > {
> > > $strModOUPath = $strOUPath -replace "##",$arrDomains[$i]
> > > $arrOU = $arrOU + $strModOUPath
> > > $i++
>
> > > }
>
> > > # Takes the Inputed Logon Name and adds the State Code wherever ## is
> > > located in the name.
>
> > > $arrLogonName = @()
> > > $arrFirstName = @()
> > > $arrLastName = @()
> > > $arrPassword = @()
> > > $i = 0
>
> > > foreach ($strDomains in $arrDomains)
> > > {
> > > $strModLogonName = $strLogonName.replace("##",$strDomains)
> > > $arrLogonName = $arrLogonName + [string]$strModLogonName
>
> > > $strModFirstName = $strFirstName.replace("##",$strDomains)
> > > $arrFirstName = $arrFirstName + [string]$strModFirstName
>
> > > $strModLastName = $strLastName.replace("##",$strDomains)
> > > $arrLastName = $arrLastName + [string]$strModLastName
>
> > > $strModPassword = $strPassword.replace("##",$strDomains)
> > > $arrPassword = $arrPassword + [string]$strModPassword
>
> > > $i++
>
> > > }
>
> > > $i = 0
>
> > > foreach ($strDomainDN in $arrDomainDNs)
> > > {
>
> > > write-Host $arrDomainDNs[$i]
> > > # Get an ADSI object for the domain
>
> > > $ad = [ADSI] ("LDAP://" + $arrDomainDNs[$i])
>
> > > # Get the Users OU
>
> > > $ou = $ad.psbase.Children.Find($arrOU[$i])
>
> > > # Add the user
>
> > > $strUserCN = "CN=" + $arrLogonName[$i]
>
> > > $NewUser = $ou.psbase.Children.Add($strUserCN,'User')
>
> > > # Set the basic properties
> > > $NewUser.Put("sAMAccountName",$arrLogonName[$i])
> > > $NewUser.Put("displayName",$arrLogonName[$i])
> > > $NewUser.Put("givenname",$arrFirstName[$i])
> > > $NewUser.Put("sn",$arrLastName[$i])
> > > $NewUser.Put("UserPrincipalName",$arrLogonName[$i] +
> > > $strDomainSuffix)
>
> > > # Commit changes
> > > $NewUser.SetInfo()
>
> > > # Set the password
> > > $NewUser.psbase.Invoke("SetPassword",$arrPassword[$i])
>
> > > # Enable the account
> > > $NewUser.psbase.InvokeSet("AccountDisabled",$false)
>
> > > # Commit changes
> > > $NewUser.SetInfo()
>
> > > $i++}
>
> > try enabling the user first, then set the password.

Sorry about that last idea. I was thinking about the fact that you
have to create the user, do SetInfo, and then set the password and
SetInfo again. (which you are doing)

I ran into a problem with this using VBScript and the problem was that
my password did not meet complexity requirements for the domain, but
the error I was getting didn't tell me that. Does the password you're
using meet your Domain's complexity requirements?

Andy

That worked!! I forgot all about our password requirements. I wish
there was some better error reporting in Power Shell to report stuff
like this back. Would probably save countless man hours. Anyways,
thanks for the tip!

On Feb 6, 11:26 am, "ASCHNEIDER146" <aschneider...@gmail.com> wrote:
> On Feb 6, 7:57 am, bryan.rutkow...@gmail.com wrote:
>
>
>
> > I just tried reversing enabling and setting the password. Got the
> > same error. Can anyone verify this is the correct way to set a
> > password on a user in RTW v1.0 of powershell.
>
> > On Feb 5, 7:00 pm, "ASCHNEIDER146" <aschneider...@gmail.com> wrote:> On Feb 5, 2:58 pm, bryan.rutkow...@gmail.com wrote:
>
> > > > I often have to create a user in every domain in our forest.
> > > > Everything works great except for the part where I set the password.
> > > > I have found a couple of examples in the newsgroups on how to set the
> > > > password and what I have now is exactly what someone said worked for
> > > > them. But it doesn't work for me. If I go though this step by step I
> > > > can verify the user is created just fine and I can even enable the
> > > > user account. But as soon as I run the line to set the password I get
> > > > the following error.
>
> > > > Does anyone know why this doesn't want to set the password for my user
> > > > accounts? I am running the latest v1.0 release of Powershell.
>
> > > > ***************************
>
> > > > (Error message when set password line runs)
>
> > > > Exception calling "Invoke" with "2" argument(s): "Exception has been
> > > > thrown by the target of an invocation."
> > > > At line:20 char:30
> > > > + $NewUser.psbase.Invoke( <<<< "SetPassword",$arrPassword[$i])
>
> > > > *****************************
>
> > > > (My code)
>
> > > > # Uses the ARNG.Domains component to get a list of FQDN's
>
> > > > $objDomains = New-Object -com "ARNG.Domains"
> > > > $arrDomainList = [system.__comobject].invokemember("ListNames",
> > > > [system.reflection.bindingflags]::invokemethod,$null,
> > > > $objDomains,"FQDN")
> > > > $arrDomainList = $arrDomainList | sort
>
> > > > # Creates the DN for each state, i.e. DC=AL,DC=NGB,DC=MIL
>
> > > > $arrDomainDNs = @()
>
> > > > foreach ($strDomainList in $arrDomainList)
> > > > {
> > > > $strDomainFQDN = $strDomainList
> > > > $strDomainDN = "DC=" + $strDomainFQDN.Replace(".",",DC=")
> > > > $arrDomainDNs = $arrDomainDNs + $strDomainDN
>
> > > > }
>
> > > > # Creates an array of State Codes, i.e. DC,AL,NV
>
> > > > $arrDomains = @()
>
> > > > foreach ($strDomainList in $arrDomainList)
> > > > {
> > > > $arrSplitDomainList = $strDomainList.Split(".")
> > > > $strDomain = $arrSplitDomainList[0]
> > > > $strDomain = $strDomain.toUpper()
> > > > $arrDomains = $arrdomains + $strDomain
>
> > > > }
>
> > > > # Adds the OU path to the Domain DN to form the DN where the account
> > > > will be created. Replaces ## with the State Code.
>
> > > > $arrOU = @()
> > > > $i = 0
>
> > > > foreach ($strDomainDN in $arrDomainDNs)
> > > > {
> > > > $strModOUPath = $strOUPath -replace "##",$arrDomains[$i]
> > > > $arrOU = $arrOU + $strModOUPath
> > > > $i++
>
> > > > }
>
> > > > # Takes the Inputed Logon Name and adds the State Code wherever ## is
> > > > located in the name.
>
> > > > $arrLogonName = @()
> > > > $arrFirstName = @()
> > > > $arrLastName = @()
> > > > $arrPassword = @()
> > > > $i = 0
>
> > > > foreach ($strDomains in $arrDomains)
> > > > {
> > > > $strModLogonName = $strLogonName.replace("##",$strDomains)
> > > > $arrLogonName = $arrLogonName + [string]$strModLogonName
>
> > > > $strModFirstName = $strFirstName.replace("##",$strDomains)
> > > > $arrFirstName = $arrFirstName + [string]$strModFirstName
>
> > > > $strModLastName = $strLastName.replace("##",$strDomains)
> > > > $arrLastName = $arrLastName + [string]$strModLastName
>
> > > > $strModPassword = $strPassword.replace("##",$strDomains)
> > > > $arrPassword = $arrPassword + [string]$strModPassword
>
> > > > $i++
>
> > > > }
>
> > > > $i = 0
>
> > > > foreach ($strDomainDN in $arrDomainDNs)
> > > > {
>
> > > > write-Host $arrDomainDNs[$i]
> > > > # Get an ADSI object for the domain
>
> > > > $ad = [ADSI] ("LDAP://" + $arrDomainDNs[$i])
>
> > > > # Get the Users OU
>
> > > > $ou = $ad.psbase.Children.Find($arrOU[$i])
>
> > > > # Add the user
>
> > > > $strUserCN = "CN=" + $arrLogonName[$i]
>
> > > > $NewUser = $ou.psbase.Children.Add($strUserCN,'User')
>
> > > > # Set the basic properties
> > > > $NewUser.Put("sAMAccountName",$arrLogonName[$i])
> > > > $NewUser.Put("displayName",$arrLogonName[$i])
> > > > $NewUser.Put("givenname",$arrFirstName[$i])
> > > > $NewUser.Put("sn",$arrLastName[$i])
> > > > $NewUser.Put("UserPrincipalName",$arrLogonName[$i] +
> > > > $strDomainSuffix)
>
> > > > # Commit changes
> > > > $NewUser.SetInfo()
>
> > > > # Set the password
> > > > $NewUser.psbase.Invoke("SetPassword",$arrPassword[$i])
>
> > > > # Enable the account
> > > > $NewUser.psbase.InvokeSet("AccountDisabled",$false)
>
> > > > # Commit changes
> > > > $NewUser.SetInfo()
>
> > > > $i++}
>
> > > try enabling the user first, then set the password.
>
> Sorry about that last idea. I was thinking about the fact that you
> have to create the user, do SetInfo, and then set the password and
> SetInfo again. (which you are doing)
>
> I ran into a problem with this using VBScript and the problem was that
> my password did not meet complexity requirements for the domain, but
> the error I was getting didn't tell me that. Does the password you're
> using meet your Domain's complexity requirements?
>
> Andy

I've run into this problem in the past as well. The problem is in fact with
ADSI and not with Powershell. I vaguely recall there being a different way
of setting a user's password using alternate means that did provide better
return values, (via VC++) but waaay more complicated. Glad you got it
working

-Sami

"bryan.rutkowski@gmail.com" wrote:

> That worked!! I forgot all about our password requirements. I wish
> there was some better error reporting in Power Shell to report stuff
> like this back. Would probably save countless man hours. Anyways,
> thanks for the tip!
>
> On Feb 6, 11:26 am, "ASCHNEIDER146" <aschneider...@gmail.com> wrote:
> > On Feb 6, 7:57 am, bryan.rutkow...@gmail.com wrote:
> >
> >
> >
> > > I just tried reversing enabling and setting the password. Got the
> > > same error. Can anyone verify this is the correct way to set a
> > > password on a user in RTW v1.0 of powershell.
> >
> > > On Feb 5, 7:00 pm, "ASCHNEIDER146" <aschneider...@gmail.com> wrote:> On Feb 5, 2:58 pm, bryan.rutkow...@gmail.com wrote:
> >
> > > > > I often have to create a user in every domain in our forest.
> > > > > Everything works great except for the part where I set the password.
> > > > > I have found a couple of examples in the newsgroups on how to set the
> > > > > password and what I have now is exactly what someone said worked for
> > > > > them. But it doesn't work for me. If I go though this step by step I
> > > > > can verify the user is created just fine and I can even enable the
> > > > > user account. But as soon as I run the line to set the password I get
> > > > > the following error.
> >
> > > > > Does anyone know why this doesn't want to set the password for my user
> > > > > accounts? I am running the latest v1.0 release of Powershell.
> >
> > > > > ***************************
> >
> > > > > (Error message when set password line runs)
> >
> > > > > Exception calling "Invoke" with "2" argument(s): "Exception has been
> > > > > thrown by the target of an invocation."
> > > > > At line:20 char:30
> > > > > + $NewUser.psbase.Invoke( <<<< "SetPassword",$arrPassword[$i])
> >
> > > > > *****************************
> >
> > > > > (My code)
> >
> > > > > # Uses the ARNG.Domains component to get a list of FQDN's
> >
> > > > > $objDomains = New-Object -com "ARNG.Domains"
> > > > > $arrDomainList = [system.__comobject].invokemember("ListNames",
> > > > > [system.reflection.bindingflags]::invokemethod,$null,
> > > > > $objDomains,"FQDN")
> > > > > $arrDomainList = $arrDomainList | sort
> >
> > > > > # Creates the DN for each state, i.e. DC=AL,DC=NGB,DC=MIL
> >
> > > > > $arrDomainDNs = @()
> >
> > > > > foreach ($strDomainList in $arrDomainList)
> > > > > {
> > > > > $strDomainFQDN = $strDomainList
> > > > > $strDomainDN = "DC=" + $strDomainFQDN.Replace(".",",DC=")
> > > > > $arrDomainDNs = $arrDomainDNs + $strDomainDN
> >
> > > > > }
> >
> > > > > # Creates an array of State Codes, i.e. DC,AL,NV
> >
> > > > > $arrDomains = @()
> >
> > > > > foreach ($strDomainList in $arrDomainList)
> > > > > {
> > > > > $arrSplitDomainList = $strDomainList.Split(".")
> > > > > $strDomain = $arrSplitDomainList[0]
> > > > > $strDomain = $strDomain.toUpper()
> > > > > $arrDomains = $arrdomains + $strDomain
> >
> > > > > }
> >
> > > > > # Adds the OU path to the Domain DN to form the DN where the account
> > > > > will be created. Replaces ## with the State Code.
> >
> > > > > $arrOU = @()
> > > > > $i = 0
> >
> > > > > foreach ($strDomainDN in $arrDomainDNs)
> > > > > {
> > > > > $strModOUPath = $strOUPath -replace "##",$arrDomains[$i]
> > > > > $arrOU = $arrOU + $strModOUPath
> > > > > $i++
> >
> > > > > }
> >
> > > > > # Takes the Inputed Logon Name and adds the State Code wherever ## is
> > > > > located in the name.
> >
> > > > > $arrLogonName = @()
> > > > > $arrFirstName = @()
> > > > > $arrLastName = @()
> > > > > $arrPassword = @()
> > > > > $i = 0
> >
> > > > > foreach ($strDomains in $arrDomains)
> > > > > {
> > > > > $strModLogonName = $strLogonName.replace("##",$strDomains)
> > > > > $arrLogonName = $arrLogonName + [string]$strModLogonName
> >
> > > > > $strModFirstName = $strFirstName.replace("##",$strDomains)
> > > > > $arrFirstName = $arrFirstName + [string]$strModFirstName
> >
> > > > > $strModLastName = $strLastName.replace("##",$strDomains)
> > > > > $arrLastName = $arrLastName + [string]$strModLastName
> >
> > > > > $strModPassword = $strPassword.replace("##",$strDomains)
> > > > > $arrPassword = $arrPassword + [string]$strModPassword
> >
> > > > > $i++
> >
> > > > > }
> >
> > > > > $i = 0
> >
> > > > > foreach ($strDomainDN in $arrDomainDNs)
> > > > > {
> >
> > > > > write-Host $arrDomainDNs[$i]
> > > > > # Get an ADSI object for the domain
> >
> > > > > $ad = [ADSI] ("LDAP://" + $arrDomainDNs[$i])
> >
> > > > > # Get the Users OU
> >
> > > > > $ou = $ad.psbase.Children.Find($arrOU[$i])
> >
> > > > > # Add the user
> >
> > > > > $strUserCN = "CN=" + $arrLogonName[$i]
> >
> > > > > $NewUser = $ou.psbase.Children.Add($strUserCN,'User')
> >
> > > > > # Set the basic properties
> > > > > $NewUser.Put("sAMAccountName",$arrLogonName[$i])
> > > > > $NewUser.Put("displayName",$arrLogonName[$i])
> > > > > $NewUser.Put("givenname",$arrFirstName[$i])
> > > > > $NewUser.Put("sn",$arrLastName[$i])
> > > > > $NewUser.Put("UserPrincipalName",$arrLogonName[$i] +
> > > > > $strDomainSuffix)
> >
> > > > > # Commit changes
> > > > > $NewUser.SetInfo()
> >
> > > > > # Set the password
> > > > > $NewUser.psbase.Invoke("SetPassword",$arrPassword[$i])
> >
> > > > > # Enable the account
> > > > > $NewUser.psbase.InvokeSet("AccountDisabled",$false)
> >
> > > > > # Commit changes
> > > > > $NewUser.SetInfo()
> >
> > > > > $i++}
> >
> > > > try enabling the user first, then set the password.
> >
> > Sorry about that last idea. I was thinking about the fact that you
> > have to create the user, do SetInfo, and then set the password and
> > SetInfo again. (which you are doing)
> >
> > I ran into a problem with this using VBScript and the problem was that
> > my password did not meet complexity requirements for the domain, but
> > the error I was getting didn't tell me that. Does the password you're
> > using meet your Domain's complexity requirements?
> >
> > Andy
>
>
>