16Nov/110
Set Network Access Permission with PowerShell natively!
On the Active Directory Dial-in tab there is a section titled Network Access Permission which many VPN systems use to control access on a per-account basis.
You can set the value of this property using native PowerShell commands!
Get-ADUser -Filter {samaccountname -eq "AccountNameHere"} -SearchBase "OU=Some OU, DC=domain, DC=local" | Set-ADUser -Clear msNPAllowDialIn
Get-ADUser -Filter {samaccountname -eq "AccountNameHere"} -SearchBase "OU=Some OU, DC=domain, DC=local" | Set-ADUser -Add @{msNPAllowDialIn=$FALSE}
April 30th, 2015 - 17:47
Thanks
You skip the first clear by using -replace instead of -Add
Get-ADUser -Filter {samaccountname -eq “AccountNameHere”} -SearchBase “OU=Some OU, DC=domain, DC=local” | Set-ADUser -replace @{msNPAllowDialIn=$FALSE}
April 21st, 2016 - 15:04
Even better, thanks!
August 16th, 2018 - 07:33
I use this command and it also works
Get-ADUser -identity username -Properties msNPAllowDialin | Set-ADUser -Replace @{msNPAllowDialin=$false}