Skip to content
July 4, 2026
  • Linkedin
  • Twitter
  • Facebook
  • Youtube

Daily CyberSecurity

Zero-hour alerts. Unmatched analysis.

Primary Menu
  • Home
  • CVE Watchtower
  • Cyber Criminals
  • Data Leak
  • Linux
  • Malware
  • Vulnerability
  • Submit Press Release
  • Vulnerability Report
Light/Dark Button
  • Home
  • Technique
  • Use powershell to manage domain users
  • Technique

Use powershell to manage domain users

Do Son June 2, 2017 4 minutes read

In the domain environment, often need to use the command line management domain users, then you can use the Active Directory command line tools Dsquery.exe, or CSVE, and Ldifde, in fact, the use of Windows Powershell to manage the operation is quite convenient.

The following to create a user example: Create a domain user The most basic Windows Powershell script looks like this:

$objOU=[ADSI]”LDAP://OU=People,DC=contoso,DC=com”

$objUser=$objU.Create(“user”,”CN=Mary North”)
$odjUser.Put=(“sAMAccountName”,”mary.north”)
$objUser.SetInfo()

The above code lists the four basic steps for creating a user using Active Directory using Windows Powershell.
The details will be described below.

Connect to the Active Directory container

To create an object like this, it is actually going to create an object for the object’s container. So the first need for the container, the implementation of a certain operation, that is, “method.” The first step is to connect to the container, and Windows Powershell can use the Active Directory service interface type adapter to cut into the Active Directory object. To connect to an Active Directory object, you must submit an LDAP query string, that is, the LDAP: // protocol identifier followed by the object’s DN. So the first line of code should look like this:

$objOU=[ADSI]"LDAP://OU=People,DC=contoso,DC=com"

Windows Powershell needs to use the ADSI type adapter to create objects that represent the People OU and assign it to the component. A variable named objOU reflects the identification of a variable type, starting with obj just a programming standard, but the actual variable can use any name.

Call the Create method

At this point, the variable $ objOU can represent the People OU. You can then use the container’s create method to let the container create the object. The Create method needs to provide two parameters: the object class and the object RDN. The object’s RDN refers to the name of the object under the parent container, and most object classes use the “CN = object name” format as its own RDN. However, the RDN of the OU is in the format “OU = organizational unit name”, and the domain’s RDN is “DN = domain name”. So the following code can use the “CN = Mary North” RDN to create user objects:

$objUser=$objU.Create("user","CN=Mary North")

The resulting object result is assigned to the variable $objUser and uses the variable to represent the object to be created for subsequent operations.

Fill in the user attributes

It is important to note that a new object and its changes are not saved until the changes are merged, and the changes can not be successfully merged before filling in all the necessary attributes. User object must be comfortable including windows 2000 before the login name. The LDAP name of the attribute is sAMAccountName, so the next line of code needs to assign sAMAccountName to the object, and you need to use the Put method. Put is the standard method for writing properties to an object, and Get is the standard method for retrieving object properties. The code here should look like this:

$odjUser.Put=("sAMAccountName","Mary North")

For user objects, there are other mandatory attributes, including the object’s security identifier (SID), but these objects will be automatically created when Active Directory is created when the new user is submitted to the directory.

Using the SetInfo method to merge changes

To merge changes, use the SetInfo method of the Active Directory object. The code here should look like this:

$objUser.SetInfo()

Fill in other user attributes

The above command creates a user that only contains the mandatory sAMAccountName attribute. When creating a user object, you also need to fill in other user attributes. Previously, the use of the user object Put method to write attributes, so here only need to repeatedly call the method, specify the need to add each attribute can be:

$odjUser.Put=(“sAMAccountName”, ”$samAccountName”)

$odjUser.Put=(“displayName”, ”$displayname”)
$odjUser.Put=(“sn”, “$sn”)
$objUser.SetInfo()

What is the user’s password? You can not set the user password using the Put method. Instead, you should use the SetPassword method, for example:

$objUser.SetPassword("passwd")

However, the SetPassword method can only be used after creating a user and calling the SetInfo () method, which means that in fact, we are the preferred to create a good account and then set a password for it. This is not a Windows Powershell bug or limitation, but the actual requirements for Kerberos and LDAP. However, security is not compromised because the account created is disabled.
So the status of the account is actually a flag (flag), can not be directly used Put command settings. The following commands are required:

$objUser.psbase.InvokeSet(“AccountDisabled”,$false)

$objUser.SetInfo()

 

Share this article:

Facebook Post LinkedIn Telegram
Tags: powershell

Search

Translation

CVE WATCHTOWER
🚨

Receive alerts for vulnerabilities being exploited in the wild.

⚡

Get notified instantly when a Proof of Concept (PoC) exploit is published.

🔍

Access critical info on vulnerabilities even when marked as "RESERVED".

🧠

Insights powered by decades of expertise and global intelligence sources.

🎯

Customize alerts with up to 10 keywords for your specific tech stack.

📊

Export the raw CVE database for SIEM integration and reporting.

Upgrade Package

🚨 Active Exploits in the Wild

  • CVE-2026-48282CVSS 10.0
    ColdFusion versions 2025.9, 2023.20 and earlier are affected by an Improper Limitation of a Pathname to a Restricted...
    Admin intel📅 Updated: Jul 3, 2026
  • CVE-2024-14037CVSS 9.8
    Redsea Cloud eHR contains an arbitrary file upload vulnerability that allows unauthenticated attackers to achieve remote code execution...
    Admin intel📅 Updated: Jul 3, 2026
  • CVE-2026-8451CVSS 8.8
    Insufficient input validation in NetScaler ADC and NetScaler Gateway leading to memory overread if NetScaler ADC or NetScaler Gateway is configured...
    Admin intel📅 Updated: Jul 2, 2026
  • CVE-2026-8037CVSS 9.6
    OS Command Injection Remote Code Execution Vulnerability in API in Progress ADC Products allows an un-authenticated attacker to...
    Admin intel📅 Updated: Jul 1, 2026
  • CVE-2026-45659CVSS 8.8
    Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.
    CISA KEV📅 Added to KEV: Jul 1, 2026
  • CVE-2026-48558CVSS 10.0
    SimpleHelp versions 5.5.15 and prior and 6.0 pre-release versions contain an authentication bypass vulnerability in the OIDC authentication...
    Admin intelCISA KEV📅 Added to KEV: Jun 29, 2026📅 Updated: Jun 29, 2026
  • CVE-2026-46817CVSS 9.8
    Vulnerability in the Oracle Payments product of Oracle E-Business Suite (component: File Transmission). Supported versions that are affected...
    Admin intel📅 Updated: Jun 29, 2026
  • CVE-2026-28496CVSS 9.4
    FOSSBilling is a free, open-source billing and client management system. Versions prior to 0.8.0 have a Server-Side Template...
    Admin intel📅 Updated: Jun 25, 2026
Powered by CVE Watchtower

🔴 Live Critical Threats

  • CVE-2026-58426CVSS 9.6
    Gitea Actions Artifacts V4 signed URL HMAC ambiguity allows cross-repository artifact read...
  • CVE-2026-58289CVSS 9.0
    Access of resource using incompatible type ('type confusion') in Microsoft Edge (Chromium-based)...
  • CVE-2026-22874CVSS 9.6
    Gitea versions up to and including 1.26.2 have incomplete SSRF protection in...
  • CVE-2026-20896CVSS 9.8
    Gitea Docker image versions up to and including 1.26.2 use REVERSE_PROXY_TRUSTED_PROXIES=* by...
  • CVE-2026-4321CVSS 9.8
    Improper neutralization of special elements used in an SQL command ('SQL injection')...
  • CVE-2026-14544CVSS 9.8
    A flaw was found in HPLIP (HP Linux Imaging and Printing Software)....
  • CVE-2026-9725CVSS 9.1
    The Printcart Web to Print Product Designer for WooCommerce plugin for WordPress...
  • CVE-2026-13768CVSS 10.0
    Gardyn devices expose a privileged iothubowner key. Access to this key will...
  • CVE-2026-57100CVSS 9.9
    Server-side request forgery (ssrf) in Microsoft Entra Provisioning Service (SyncFabric) allows an...
  • CVE-2026-45499CVSS 9.9
    Server-side request forgery (ssrf) in Azure OpenAI allows an authorized attacker to...
Powered by CVE WATCHTOWER

Get Zero-Hour Vulnerability Alerts

Critical CVEs, CVSS scores, and PoC updates — straight to your inbox every week.

    We respect your inbox. Unsubscribe anytime.

    Our Websites
  • Penetration Testing Tools
  • The Daily Information Technology
  • Daily CyberSecurity

    • About SecurityOnline.info
    • Advertise with us
    • Announcement
    • Contact
    • Contributor Register
    • Login
    • About SecurityOnline.info
    • Advertise on SecurityOnline.info
    • Contact Us

    When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works

    • Disclaimer
    • Privacy Policy
    • DMCA NOTICE
    • Linkedin
    • Twitter
    • Facebook
    • Youtube
    © 2017 - 2026 Daily CyberSecurity. All Rights Reserved.