Removing the no preauthentication required setting

Our final act on the account tab is to discover how we remove this setting.

$ou = "OU=England,DC=Manticore,DC=org"            
            
"`nMicrosoft"            
$name = "UserA"            
Get-ADUser -Identity $name |            
Set-ADAccountControl -DoesNotRequirePreAuth:$false            
            
"`nAD provider"            
$name = "UserB"            
$dn = "cn=$name,$ou"            
$flag = (Get-ItemProperty -Path AD:\$dn  -Name useraccountcontrol).useraccountcontrol -bxor 4194304            
Set-ItemProperty -Path AD:\$dn  -Name useraccountcontrol -Value "$flag" -Confirm:$false            
            
"`nQuest"            
$name = "UserC"            
$user = Get-QADUser -Identity $name -IncludeAllProperties            
            
$flag = $user.userAccountControl -bxor 4194304            
$user.userAccountControl = $flag            
Set-QADUser -Identity $name -ObjectAttributes @{userAccountControl = $flag}            
            
"`nScript"            
$name = "UserD"            
$dn = "cn=$name,$ou"            
$user = [adsi]"LDAP://$dn"            
            
$flag = $user.userAccountControl.value -bxor 4194304            
$user.userAccountControl = $flag            
            
$user.SetInfo()

Its just the reverse of adding the setting

Published Thu, Feb 23 2012 18:34 by RichardSiddaway
Filed under:

Leave a Comment

(required) 
(required) 
(optional)
(required) 
If you can't read this number refresh your screen
Enter the numbers above: