Change user password (Active Directory) using php and powershell

Asked

Viewed 597 times

-1

I need to change the password of an AD user using php and powershell would be like: connect to AD with ldap, write powershell codeline in php and run it, make it run in AD too, wrote a line to show a user’s parameters but it doesn’t work!

if (ldap_bind($ldap_con, $ldap_dn, $ldap_pass))
{
    echo Shell_Exec('Get-ADUser -Identity Usuario -Properties mail');

}

I checked the apache error.log and this appears:

The term 'Get-Aduser' is not recognized as cmdlet, fun‡Æo, script file or program name Oper vel. Check the spelling of the name or, if a path has been included, see if the path is correct and try again.

php powershell active-directory

  • trial echo Shell_Exec('powershell Get-ADUser -Identity Usuario -Properties mail');

  • Nothing appears

2 answers

0

Try invoking the using:

 -NoProfile -Command "seus comandos"  ==  -nop -c  "seus comandos"
  • Or else.
 -Ex -Command "seus comandos" == -ex -c  "seus comandos"
if (ldap_bind($ldap_con, $ldap_dn, $ldap_pass))
{
    echo Shell_Exec('powershell.exe -nop -c "Set-ADAccountPassword -Identity Usuario_AD -NewPassword $senha_nova -Reset"')
}
  • Or else.
if (ldap_bind($ldap_con, $ldap_dn, $ldap_pass))
{
    echo Shell_Exec('powershell.exe -nop -c "Set-ADAccountPassword -Identity Usuario_AD -OldPassword (ConvertTo-SecureString -AsPlainText "senha_antiga" -Force) -NewPassword (ConvertTo-SecureString -AsPlainText "senha_nova" -Force')
}

Optionally, if it is left to the user himself to do it, just schedule for the next login:

if (ldap_bind($ldap_con, $ldap_dn, $ldap_pass))
{
    echo Shell_Exec('powershell.exe -nop -c "Set-ADUser -Identity Usuario_AD -ChangePasswordAtLogon $true"')
}

See more details:

Set-Adaccountpassword

Run a Powershell script from PHP

0

Have you tried to force the module import before running Get-Aduser?

Import-Module ActiveDirectory

Browser other questions tagged php powershell active-directory

You are not signed in. Login or sign up in order to post.