[Question] New-Aduser account password does not meet complexity… But it does.

Good Afternoon all,

We are upgrading our access points to cisco and we were previously using radius to authenticate the MAC address of the device to allow / deny access. The mac address of the devices were on Active Directory in the format (SamAccountName: ######-######)

With our cisco access points they want the SamAccountName to be ############ (no – in the name) for radius.

What we did was export the list of user accounts, remove the – in the mac address and put _Cisco in front of the Name/GivenName. The password is the same as the mac address.

I am trying to use the following script to create a user.

Import-csv C:CsvTest_Mac.CSV | ForEach-Object {New-Aduser -GivenName $_.NewGivenName ` -Name $_.NewName -UserPrincipalName $_.UserPrincipalName ` -SamAccountName $_.SamAccountName ` -AccountPassword (ConvertTo-SecureString $_.SamAccountName -AsPlainText -Force ) ` -CannotChangePassword $True -PasswordNeverExpires $True -DisplayName $_.NewGivenName ` -enabled $True -passthru} 

(Formatted with ` to make it fit better. )

We are getting an error when it comes to the password section. It says it does not meet complexity/length requirements. Pic of error However, If a user were to go and reset their password to the same password, it is fine. If I reset it in AD, it is fine.

Question: How Can I Create AD User accounts while setting the password in the process through AD?

submitted by /u/nightwolf92
[link] [comments]

Leave a Reply