By default, AD cmdlets use your current credentials. This is great and handy (I can just run Get-QADUser
as the new command and it will work) but quite often you might want to specify another username/password. For example, when what you are planning to do requires a privileged account and the default account with which you logged in is just a Domain User.
Well, as usual, Connect-QADService
is here to help. There are two ways you can specify the credentials. As a username/password pair:
$pw = read-host "Enter password" -AsSecureString
connect-QADService -service 'server.company.com'-ConnectionAccount 'company\administrator'-ConnectionPassword $pw
Or use the Get-Credential
cmdlets which will display the familiar dialog box:
Connect-QADService -service 'server.company.com' -Credential ( Get-Credential )
Once you’ve run any of those all your subsequent AD cmdlets run under this new account until you run Disconnect-QADService which removes the connection and brings you back to the defaults:
Connect-QADService -service 'server.company.com' -Credential ( Get-Credential )
# now we are using the specified credentials
Get-QADUser
Disconnect-QADService
# now we are back to the current account
Tags: oneliner, AD cmdlets, cmdlets, one-liner, PowerShell, AD, Active Directory, Examples
And it looks so easy. I’ve tried to connect to a different domain with this cmdlet. I can connect, but as soon I try to list all machines in a certain OU with get-qadcomputer , it tells me the domain does not exist. Listing *all* computers in the domain does work, however…
Rick,
This looks very similar to the issue discussed in this forum thread: http://powergui.org/thread.jspa?threadID=4286&tstart=0
So it looks like there is some kind of issue. If you could post to the forum with the specific commands you are using and some description of your configuration, the guys there should be able to reproduce the bug and fix it as well as hopefully suggesting workaround so you are not stuck until you get the fix.
Dmitry
Hi
I know this is an old thread but is there a way to run a script under the context of a different user without having to answer the prompts. IE: I have an app that is running under local admin and i need it to run a script to query ad to see if a computer is there and just return its standard output?
it will run a = (get-qadcomputer computername).type
is this possible?
Hi All,
does someone has an answer to this point ?
Thanks a lot for all of us 🙂
Seb