Avatar of jat0369
jat0369
 asked on

Automating get-qaduser (pass credentials)

Hello Everyone.

I'm trying to script a fully automated script to query an OU from a machine not currently connected to a domain.  I've got the script fully working as long as I manually pass my credentials at the time the script runs.  I have a restricted service account setup for this purpose and I can't seem to figure out how to pass the username and password through the script.  I don't care if the username and password are exposed.

So far, I've created...

$secUN = convertto-securestring "xxx.com\Service-Account" -AsPlaintext -force
$secPW = convertto-securestring "password!" -AsPlaintext -force
$MyCreds = New-Object System.Management.Automation.PSCredential ($secUN, $secPW)
connect-qadservice xxx.com =credential $MyCreds -ConnectionPassword $MyCreds
get-qaduser -searchroot  'xxx.com/workstations/staging/' -sizelimit 0 | select-object name, description | export-csv c:\install\staging\staging.csv
disconnect-qadservice

Open in new window

What am I missing? How can I run get-qadcomputer and pass a username/password through it?
Powershell

Avatar of undefined
Last Comment
jat0369

8/22/2022 - Mon
kollenh

Using the 'connect-qadservice' cmdlet, use either -ConnectionAccount & -ConnectionPassword OR the -Credential parameter, but not both.  Since you've already written your script to use the PSCredential object, stick with that.

connect-qadservice xxx.com -credential $MyCreds

Open in new window

jat0369

ASKER
Thanks KollenH.

I did as you said, but now I'm getting:
Connect-QADService : Index was outside the bounce of the array
at line: 1 char:19
+ connect-qadservice <<<< xxxx.com -credential $MyCreds
          + CategoryInfo                : NotSpecified: (:) [Connect-QADService], IndexOutOfRangeException
          +FullyQualifiedErrorID : System.IndexOutofRangeException, Quest.ActiveRoles.ArsPowerShellSnapin.Commands.ConnectCmdlet

Any idea how to correct this? So far my code is as follows:

$secUN = convertto-securestring "xxx.com\username" -AsPlaintext -force
$secPass = ConvertTo-SecureString "Password1!" -AsPlainText -force

$MyCreds = New-Object System.Management.Automation.PSCredential ($secUN, $secPass)
connect-qadservice xxx.com -credential $MyCreds
get-qadcomputer -searchroot 'xxx.com/workstations/stores/staging' -sizelimit 0 | select-object Name,description | export-csv c:\install\Staging.csv

Open in new window

kollenh

That looks like it's having a problem with the QAD cmdlet; did you make sure the QAD snapin is loaded?  I'd include a check in the script or load them explicitly each time.

Get-PSSnapin | ? {$_.name -eq 'Quest.ActiveRoles.ADManagement'}

Open in new window

This is the best money I have ever spent. I cannot not tell you how many times these folks have saved my bacon. I learn so much from the contributors.
rwheeler23
jat0369

ASKER
QAD Snapin is loaded from my profile. Confirmed it just now.
Just ran it again and it's still erroring out with the same as before.
ASKER CERTIFIED SOLUTION
kollenh

Log in or sign up to see answer
Become an EE member today7-DAY FREE TRIAL
Members can start a 7-Day Free trial then enjoy unlimited access to the platform
Sign up - Free for 7 days
or
Learn why we charge membership fees
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.
Not exactly the question you had in mind?
Sign up for an EE membership and get your own personalized solution. With an EE membership, you can ask unlimited troubleshooting, research, or opinion questions.
ask a question
jat0369

ASKER
Working great now. Thank you KollenH! I really appreciate all your help. I couldn't have done this without you.