Powershell New-ADUser failing from remote execution

Ashton Maevers 0 Reputation points
2023-03-31T14:54:24.2533333+00:00

Good morning all!
We are using Freshservice to try to automate some of our employee onboarding and are getting some access is denied errors when running. The App is essentially sending the powershell command on behalf of the account we have specifically set up for this app:
Access is denied At line:1 char:1 + New-ADUser -Name 'Freshservice.Test' -AccountPassword (ConvertTo-Secu ... + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + CategoryInfo : PermissionDenied: (CN=Freshservice...comany,DC=com:String) [New-ADUser], UnauthorizedAccessException + FullyQualifiedErrorId : ActiveDirectoryCmdlet:System.UnauthorizedAccessException,Microsoft.ActiveDirectory.Management.Commands.NewADUser

We have set up a local admin account to run these commands on our server, but not sure why they would be failing? I am on our application support/Fresh service team so unfortunately i am not super knowledgeable about this realm of things. I appreciate any info or help!

PowerShell
PowerShell
A family of Microsoft task automation and configuration management frameworks consisting of a command-line shell and associated scripting language.
2,140 questions
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. Rich Matheisen 45,111 Reputation points
    2023-03-31T15:14:48.96+00:00

    Whatever the account is that's being used doesn't have permission to create new AD users. This isn't a PowerShell problem, it's a problem for your AD admin to rectify by assigning the account to a group that has the necessary permissions to accomplish the work.

    0 comments No comments