Jump to content
Welcome to our new Citrix community!
  • 0

Adding AD accounts with powershell on Citrix Cloud

Tomasz Murawski1709159844




I am trying to create a machine catalog using powershell SDK in citrix cloud. I run into an issue that I need to authenticate on my local domain.

Citrix documentation says to use "[-ADPassword <SecureString>]" so I am directly converting it from plain text and I think this is what it doesnt like. Any ideas how it should be done?


PS C:\temp> $password = ConvertTo-SecureString "Passw0rd!" -AsPlainText -force
PS C:\temp> New-AcctADAccount -Count 1 -IdentityPoolUid $idpool -ADUserName "domain\user" -ADPassword $password -verbose
VERBOSE: Locating Identity Pool in database.
VERBOSE: Making initial DA check for New-ADAccount rights.
VERBOSE: Locking the IdentityPool.
VERBOSE: Locked Identity Pool for account creation.
VERBOSE: Generating AD Account name for index 2
VERBOSE: Generating AD Account password for AD Account DOMAINP1XA332
VERBOSE: Creating AD Account DOMAINP1XA332
VERBOSE: Impersonate user logon failed, Win32 Error Code: 1326
VERBOSE: Status result from ConvertExternalDllReturnValue is Citrix.ADIdentity.Sdk.AdIdentityStatus.InvalidParametersForADOperation
VERBOSE: Failed to create AD Account.
VERBOSE: Creating account - name: DOMAINP1XA332 SID:  failed with error InvalidParametersForADOperation
VERBOSE: Setting the start count to the next value: 2
VERBOSE: Created 0 new AD accounts.
VERBOSE: Unlocking Identity Pool.

SuccessfulAccounts SuccessfulAccountsCount FailedAccountsCount FailedAccounts
------------------ ----------------------- ------------------- --------------
{}                                       0                   1 {DOMAINP1XA332}


Link to comment

4 answers to this question

Recommended Posts

  • 0

Seems I am still having a problem. The scenario is:


I have Domain A and Domain B, Domain A is fully trusted by domain B. I need to script creation of computer objects in citrix cloud instance with powershell. My cloud connectors and VDAs are in domain B, but I need to run everything from domain A.


What I have noticed.

You can use powershell credential object to successfully create computer accounts in citrix cloud only when you create that object in domain B, which is our target domain. Otherwise it won't accept it.




How can I create a secure string with my password stored on a device that it wont be used on? This method is implemented in CVAD gui on citrix cloud where you basically just enter credentials no matter where you connect from.

Link to comment

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Create New...