| external help file | DSInternals.PowerShell.dll-Help.xml |
|---|---|
| Module Name | DSInternals |
| online version | https://github.com/MichaelGrafnetter/DSInternals/blob/master/Documentation/PowerShell/Set-ADDBAccountControl.md |
| schema | 2.0.0 |
Modifies user account control values for an Active Directory account in an offline ntds.dit file.
Set-ADDBAccountControl [-Enabled <Boolean>] [-CannotChangePassword <Boolean>] [-PasswordNeverExpires <Boolean>]
[-SmartcardLogonRequired <Boolean>] [-UseDESKeyOnly <Boolean>] [-HomedirRequired <Boolean>] [-SkipMetaUpdate]
[-Force] [-SamAccountName] <String> -DatabasePath <String> [-LogPath <String>] [<CommonParameters>]
Set-ADDBAccountControl [-Enabled <Boolean>] [-CannotChangePassword <Boolean>] [-PasswordNeverExpires <Boolean>]
[-SmartcardLogonRequired <Boolean>] [-UseDESKeyOnly <Boolean>] [-HomedirRequired <Boolean>] [-SkipMetaUpdate]
[-Force] -ObjectSid <SecurityIdentifier> -DatabasePath <String> [-LogPath <String>] [<CommonParameters>]
Set-ADDBAccountControl [-Enabled <Boolean>] [-CannotChangePassword <Boolean>] [-PasswordNeverExpires <Boolean>]
[-SmartcardLogonRequired <Boolean>] [-UseDESKeyOnly <Boolean>] [-HomedirRequired <Boolean>] [-SkipMetaUpdate]
[-Force] -DistinguishedName <String> -DatabasePath <String> [-LogPath <String>] [<CommonParameters>]
Set-ADDBAccountControl [-Enabled <Boolean>] [-CannotChangePassword <Boolean>] [-PasswordNeverExpires <Boolean>]
[-SmartcardLogonRequired <Boolean>] [-UseDESKeyOnly <Boolean>] [-HomedirRequired <Boolean>] [-SkipMetaUpdate]
[-Force] -ObjectGuid <Guid> -DatabasePath <String> [-LogPath <String>] [<CommonParameters>]
Finds an account in Active Directory database file and modifies the appropriate bit(s) in its userAccountControl attribute.
PS C:\> Set-ADDBAccountControl -SamAccountName john -SmartcardLogonRequired $false -PasswordNeverExpires $true -DatabasePath .\ntds.ditFinds an account with name john, disables the smart card logon requirement, and unexpires its password.
Indicates whether the account can change its password.
Type: Boolean
Parameter Sets: (All)
Aliases:
Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: FalseSpecifies the path to a domain database, for instance, C:\Windows\NTDS\ntds.dit.
Type: String
Parameter Sets: (All)
Aliases: Database, DBPath, DatabaseFilePath, DBFilePath
Required: True
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: FalseSpecifies the identifier of an account on which to perform this operation.
Type: String
Parameter Sets: ByDN
Aliases: dn
Required: True
Position: Named
Default value: None
Accept pipeline input: True (ByPropertyName)
Accept wildcard characters: FalseIndicates whether the account is enabled.
Type: Boolean
Parameter Sets: (All)
Aliases:
Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: FalseForces the cmdlet to perform the desired operation.
Type: SwitchParameter
Parameter Sets: (All)
Aliases:
Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: FalseIndicates whether a home directory is required for the account.
Type: Boolean
Parameter Sets: (All)
Aliases:
Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: FalseSpecifies the path to a directory where the transaction log files are located. For instance, C:\Windows\NTDS. The default log directory is the one that contains the database file itself.
Type: String
Parameter Sets: (All)
Aliases: Log, TransactionLogPath
Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: FalseSpecifies the identifier of an account on which to perform this operation.
Type: Guid
Parameter Sets: ByGuid
Aliases: Guid
Required: True
Position: Named
Default value: None
Accept pipeline input: True (ByPropertyName)
Accept wildcard characters: FalseSpecifies the identifier of an account on which to perform this operation.
Type: SecurityIdentifier
Parameter Sets: BySID
Aliases: Sid
Required: True
Position: Named
Default value: None
Accept pipeline input: True (ByPropertyName)
Accept wildcard characters: FalseIndicates whether the password of the account can expire.
Type: Boolean
Parameter Sets: (All)
Aliases:
Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: FalseSpecifies the identifier of an account on which to perform this operation.
Type: String
Parameter Sets: ByName
Aliases: Login, sam
Required: True
Position: 0
Default value: None
Accept pipeline input: True (ByPropertyName)
Accept wildcard characters: FalseIndicates that the replication metadata of the affected object should not be updated.
Type: SwitchParameter
Parameter Sets: (All)
Aliases: SkipMeta, NoMetaUpdate, NoMeta, SkipObjMeta, NoObjMeta, SkipMetaDataUpdate, NoMetaDataUpdate
Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: FalseIndicates whether a smart card is required to logon.
Type: Boolean
Parameter Sets: (All)
Aliases:
Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: FalseIndicates whether the account is restricted to use only Data Encryption Standard (DES) encryption types for keys.
Type: Boolean
Parameter Sets: (All)
Aliases:
Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: FalseThis cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. For more information, see about_CommonParameters.
Set-ADDBAccountPassword Set-ADDBAccountPasswordHash Enable-ADDBAccount Disable-ADDBAccount Unlock-ADDBAccount Get-ADDBAccount