找不到与参数名称匹配的参数 'PipelineVariable'
A parameter cannot be found that matches parameter name 'PipelineVariable'
在加入同一个 Windows 2008 R2 Active Directory 域的两台不同机器上,一个 Windows 7 工作站和一个 Windows 2008 R2 服务器,我收到以下错误运行一个PowerShell script written by a Microsoft Field Engineer I downloaded from the Microsoft TechNet Gallery:
PS C:\Users\User1\Desktop> .\Find-PossibleMissingSPN.ps1
Get-ADObject : A parameter cannot be found that matches parameter name 'PipelineVariable'.
At C:\Users\User1\Desktop\Find-PossibleMissingSPN.ps1:37 char:114
+ Get-ADObject -LDAPFilter $filter -SearchBase $DN -SearchScope Subtree -Proper
ties $propertylist -PipelineVariable <<<< account | ForEach-Object {
+ CategoryInfo : InvalidArgument: (:) [Get-ADObject], ParameterBi
ndingException
+ FullyQualifiedErrorId : NamedParameterNotFound,Microsoft.ActiveDirectory
.Management.Commands.GetADObject
各种 google 搜索都没有找到答案。有谁知道如何解决这个问题?这是实际代码:
#.Synopsis
# To find possibly missing SPN registrations due to manual mistakes.
[CmdletBinding()]
Param
(
# start the search at this DN. Default is to search all of the domain.
[string]$DN = (Get-ADDomain).DistinguishedName
)
#
# define the SPN service classes to look for. Other types are mostly automated and should be OK.
#
$servicesclasses2check = @("host", "cifs", "nfs", "http", "mssql")
#
# get computers and users with a nonzero SPN within the given DN.
#
$filter = '(&(servicePrincipalname=*)(|(objectcategory=computer)(objectcategory=person)))'
$propertylist = @("servicePrincipalname", "samaccountname")
Get-ADObject -LDAPFilter $filter -SearchBase $DN -SearchScope Subtree -Properties $propertylist -PipelineVariable account | ForEach-Object {
#
# Create list of interesting SPNs for each account. Strong assumption for all code: SPN is syntactically correct.
#
$spnlist = $account.servicePrincipalName | Where-Object {
($serviceclass, $hostname, $service) = $_ -split '/'
($servicesclasses2check -contains $serviceclass) -and -not $service
}
#
# Look for cases where there is no pair of (host, host.domain) SPNs.
#
foreach ($spn in $spnlist)
{
($serviceclass, $hostname, $service) = $spn -split '/'
if ($service) { $service = "/$service" }
($fullname, $port) = $hostname -split ':'
if ($port) { $port = ":$port" }
($shortname, $domain) = $fullname -split '[.]'
#
# define the regexp matching the missing SPN and go look for it
#
if ($domain) {
$needsSPN = "${serviceclass}/${shortname}${port}${service}`$"
$needsSPNtxt = "${serviceclass}/${shortname}${port}${service}"
} else {
$needsSPN = "$serviceclass/${shortname}[.][a-zA-Z0-9-]+.*${port}${service}`$"
$needsSPNtxt = "$serviceclass/${shortname}.<domain>${port}${service}"
}
#
# search the array of SPNs to see if the _other_ SPN is there. If not, we have problem case.
#
if (-not ($spnlist -match $needsSPN))
{
[PSCustomobject] @{
samaccountname = $account.samaccountname
presentSPN = $spn
missingSPN = $needsSPNtxt
}
}
}
}
-PipelineVariable 通用参数仅在 PowerShell v4+ 中可用。您需要升级到更高版本才能正常工作。
在加入同一个 Windows 2008 R2 Active Directory 域的两台不同机器上,一个 Windows 7 工作站和一个 Windows 2008 R2 服务器,我收到以下错误运行一个PowerShell script written by a Microsoft Field Engineer I downloaded from the Microsoft TechNet Gallery:
PS C:\Users\User1\Desktop> .\Find-PossibleMissingSPN.ps1
Get-ADObject : A parameter cannot be found that matches parameter name 'PipelineVariable'.
At C:\Users\User1\Desktop\Find-PossibleMissingSPN.ps1:37 char:114
+ Get-ADObject -LDAPFilter $filter -SearchBase $DN -SearchScope Subtree -Proper ties $propertylist -PipelineVariable <<<< account | ForEach-Object {
+ CategoryInfo : InvalidArgument: (:) [Get-ADObject], ParameterBi ndingException + FullyQualifiedErrorId : NamedParameterNotFound,Microsoft.ActiveDirectory .Management.Commands.GetADObject
各种 google 搜索都没有找到答案。有谁知道如何解决这个问题?这是实际代码:
#.Synopsis
# To find possibly missing SPN registrations due to manual mistakes.
[CmdletBinding()]
Param
(
# start the search at this DN. Default is to search all of the domain.
[string]$DN = (Get-ADDomain).DistinguishedName
)
#
# define the SPN service classes to look for. Other types are mostly automated and should be OK.
#
$servicesclasses2check = @("host", "cifs", "nfs", "http", "mssql")
#
# get computers and users with a nonzero SPN within the given DN.
#
$filter = '(&(servicePrincipalname=*)(|(objectcategory=computer)(objectcategory=person)))'
$propertylist = @("servicePrincipalname", "samaccountname")
Get-ADObject -LDAPFilter $filter -SearchBase $DN -SearchScope Subtree -Properties $propertylist -PipelineVariable account | ForEach-Object {
#
# Create list of interesting SPNs for each account. Strong assumption for all code: SPN is syntactically correct.
#
$spnlist = $account.servicePrincipalName | Where-Object {
($serviceclass, $hostname, $service) = $_ -split '/'
($servicesclasses2check -contains $serviceclass) -and -not $service
}
#
# Look for cases where there is no pair of (host, host.domain) SPNs.
#
foreach ($spn in $spnlist)
{
($serviceclass, $hostname, $service) = $spn -split '/'
if ($service) { $service = "/$service" }
($fullname, $port) = $hostname -split ':'
if ($port) { $port = ":$port" }
($shortname, $domain) = $fullname -split '[.]'
#
# define the regexp matching the missing SPN and go look for it
#
if ($domain) {
$needsSPN = "${serviceclass}/${shortname}${port}${service}`$"
$needsSPNtxt = "${serviceclass}/${shortname}${port}${service}"
} else {
$needsSPN = "$serviceclass/${shortname}[.][a-zA-Z0-9-]+.*${port}${service}`$"
$needsSPNtxt = "$serviceclass/${shortname}.<domain>${port}${service}"
}
#
# search the array of SPNs to see if the _other_ SPN is there. If not, we have problem case.
#
if (-not ($spnlist -match $needsSPN))
{
[PSCustomobject] @{
samaccountname = $account.samaccountname
presentSPN = $spn
missingSPN = $needsSPNtxt
}
}
}
}
-PipelineVariable 通用参数仅在 PowerShell v4+ 中可用。您需要升级到更高版本才能正常工作。