我正在我们的测试环境中进行一些自动化,我们有powershell脚本来将windows客户端加入域或工作组。
我在尝试将windows 7客户端从域移动到工作组时遇到麻烦,在客户端的机器帐户不存在于域中的情况下。
代码如下:
$User = administrator
$Password = ConvertTo-SecureString "<password>" -AsPlainText -Force
$DomainCred = New-Object System.Management.Automation.PSCredential $User, $Password
remove-computer -credential $DomainCred -force -passthru -verbose
这是返回的错误:
VERBOSE: Performing operation "Remove-Computer" on Target "localhost".
Remove-Computer: This command cannot be executed on target computer ('xxx')
due to following error: No mapping between account names and security IDs was done.
At line :1 char:16
+ remove-computer <<<< -credential $DomainCred -force -passthru -verbose
+ CategoryInfo : InvalidOperation: (xxx:String) [Remove-Computer],
InvalidOperationException
+ FullyQualifiedErrorId : InvalidOperationException,Microsoft.Powershell.
Commands.RemoveComputerCommand
但是,如果我尝试使用GUI(计算机属性,高级系统设置,计算机名称,更改…),它会提示输入凭据并成功。
我如何将这个操作复制到powershell命令中,以便它可以实际地完成?
尝试Add-Computer,像这样(未测试):
Add-Computer -WorkgroupName "WORKGROUP" -Force
我知道Add-Computer和Remove-Computer之间的唯一区别是Remove-Computer也禁用计算机帐户,这可能会给你这个错误,因为计算机帐户不存在。
我有两个选择。
01选项
$Workgroup = "CL-01" #IF you want to add computer to domain edit here(Domain name)
$Password = "Password" | ConvertTo-SecureString -asPlainText -Force
$Username = "$WorkgroupUsername"
$Credential = New-Object System.Management.Automation.PSCredential($Username,$Password)
Add-Computer -WorkGroup $Workgroup -Credential $credential
Restart-Computer -Force
选项2和为什么选项2在脚本中存储密码不是一个有利的选择,所以我建议采用选项2
$Workgroup = "CL-01"#IF you want to add computer to domain edit here(Domain name)
$Password = Read-Host -Prompt "Enter password for $user" -AsSecureString
$Username = "$WorkgroupUsername"
$credential = New-Object System.Management.Automation.PSCredential($Username,$Password)
Add-Computer -WorkGroup $Workgroup -Credential $credential
Restart-Computer -Force
注意:以管理员身份运行所有脚本!!
希望这将帮助!!干杯! !