- June 9, 2016 at 9:29 am #42399
I try to list all the users with their PasswordLastSet with this
`get-aduser -filter * -Server FQDN -SearchBase "OU=Test,OU=Test1,DC=domain,DC=local" -properties PasswordLastSet |sort name | ft name, PasswordLastSet`
problem is the PasswordLastSet is almost always blank.
If I run the command with different admin credentials I get, sometime, some of the user with the correct data in it.
I notice looking around a lot of people do this searches with the DirectorySearcher Class.
It seems to be a permission problem of some sort, but I can't pinpoint exactly what and why a domain admin should be prevented to read this data that is certainly not a secret, especially for a domain admin.
Anybody can shed some light on the matter?
June 9, 2016 at 9:37 am #42404
- This topic was modified 3 months, 2 weeks ago by Mik.
I found the trick, I was running the PowerShell with the wrong set of credential.
With all this remoting it's easy to lost the track of who enter where.
Now it works.
Sorry for the useless post. I wanted to delete it but I can't find a way.June 9, 2016 at 10:51 am #42406
Indeed I encounter the same problem in Lync 2015, if I run this command from the shell
`Enable-CsUser -Identity 'domain.local\ciccio.p' -RegistrarPool "registar.domain.local" -SipAddressType SamAccountName -SipDomain domain.com
I get an error for insufficient rights, if I enable the same user, from the same server, with the same credential it works fine.
- This reply was modified 3 months, 2 weeks ago by Mik.
You must be logged in to reply to this topic.