Reputation: 1484
dsacls - Invalid DN Syntax in powershell
I am trying to modify the servicePrincipalName permission within powershell script using the 'dsacls' command.
I am taking all the dynamic parameter as script arguments.
The script is not working when I form a command with the arguments variable I received. There is something I am missing with string manipulation.
$perStr ='"' + $strDN + '"' + ' /G ' + $DomainNetBIOSName + '\' + $SQLUser + ':RPWP;"servicePrincipalName"'
$ret = dsacls ${perStr}
The above gives an error:
Invalid DN Syntax
When I run with hardcoded values it runs fine.
Upvotes: 0
Views: 777
Answers (1)
Reputation: 36297
When I have a hard time constructing strings to use with external executables I tend to build the entire command and then use Invoke-Expression to run it. Something like this:
$perStr = '& dsacls --% "{0}" /G {1}\{2}:RPWP;"servicePrincipalName"' -f $strDN, $DomainNetBIOSName, $SQLUser
$ret = Invoke-Expression -Command $perStr
The --% will tell it to stop interpreting things beyond that point so it will take all arguments exactly as typed and pass them to the command. See if that works for you, and if not you may want to look at the content of $perStr to make sure that it looks right to you.
Upvotes: 1
Related Questions
- Powershell: A positional parameter cannot be found that accepts argument "xxx"
- The term 'param' is not recognized as the name of cmdlet
- How to Fix Ambiguous Parameter for Powershell Script
- Array missing argument
- powershell returning Get-ADComputer : The object name has bad syntax
- PowerShell variables not working as expected
- How do I fix "An Invalid dn syntax has been specified" in PowerShell
- Variable in powershell AD commands issue
- Issue with trying to pass variable into [adsisearcher]
- Error when applying PowerShell DSC configuration