Link to home
Start Free TrialLog in
Avatar of jat0369
jat0369

asked on

Automating get-qaduser (pass credentials)

Hello Everyone.

I'm trying to script a fully automated script to query an OU from a machine not currently connected to a domain.  I've got the script fully working as long as I manually pass my credentials at the time the script runs.  I have a restricted service account setup for this purpose and I can't seem to figure out how to pass the username and password through the script.  I don't care if the username and password are exposed.

So far, I've created...

$secUN = convertto-securestring "xxx.com\Service-Account" -AsPlaintext -force
$secPW = convertto-securestring "password!" -AsPlaintext -force
$MyCreds = New-Object System.Management.Automation.PSCredential ($secUN, $secPW)
connect-qadservice xxx.com =credential $MyCreds -ConnectionPassword $MyCreds
get-qaduser -searchroot  'xxx.com/workstations/staging/' -sizelimit 0 | select-object name, description | export-csv c:\install\staging\staging.csv
disconnect-qadservice

Open in new window

What am I missing? How can I run get-qadcomputer and pass a username/password through it?
Avatar of kollenh
kollenh
Flag of United States of America image

Using the 'connect-qadservice' cmdlet, use either -ConnectionAccount & -ConnectionPassword OR the -Credential parameter, but not both.  Since you've already written your script to use the PSCredential object, stick with that.

connect-qadservice xxx.com -credential $MyCreds

Open in new window

Avatar of jat0369
jat0369

ASKER

Thanks KollenH.

I did as you said, but now I'm getting:
Connect-QADService : Index was outside the bounce of the array
at line: 1 char:19
+ connect-qadservice <<<< xxxx.com -credential $MyCreds
          + CategoryInfo                : NotSpecified: (:) [Connect-QADService], IndexOutOfRangeException
          +FullyQualifiedErrorID : System.IndexOutofRangeException, Quest.ActiveRoles.ArsPowerShellSnapin.Commands.ConnectCmdlet

Any idea how to correct this? So far my code is as follows:

$secUN = convertto-securestring "xxx.com\username" -AsPlaintext -force
$secPass = ConvertTo-SecureString "Password1!" -AsPlainText -force

$MyCreds = New-Object System.Management.Automation.PSCredential ($secUN, $secPass)
connect-qadservice xxx.com -credential $MyCreds
get-qadcomputer -searchroot 'xxx.com/workstations/stores/staging' -sizelimit 0 | select-object Name,description | export-csv c:\install\Staging.csv

Open in new window

That looks like it's having a problem with the QAD cmdlet; did you make sure the QAD snapin is loaded?  I'd include a check in the script or load them explicitly each time.

Get-PSSnapin | ? {$_.name -eq 'Quest.ActiveRoles.ADManagement'}

Open in new window

Avatar of jat0369

ASKER

QAD Snapin is loaded from my profile. Confirmed it just now.
Just ran it again and it's still erroring out with the same as before.
ASKER CERTIFIED SOLUTION
Avatar of kollenh
kollenh
Flag of United States of America image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of jat0369

ASKER

Working great now. Thank you KollenH! I really appreciate all your help. I couldn't have done this without you.