The Add-AcctADAccount returns an object that contains the following parameters;
The number of accounts that were added successfully
The number of accounts that were not added.
The list of accounts that failed to be added. Each one has the following parameters;
This can be one of the following
An identity with the same SID already exists.
An error occurred in the service while attempting a database operation.
The operation could not be completed because the database for the service is not configured.
An error occurred in the service while attempting a database operation - communication with the database failed for
for various reasons.
Contacting Active Directory failed.
Failed to access the OU in Active Directory.
Failed to access the default computers container in Active Directory.
Failed to create the computer account in Active Directory.
Failed to read the newly created computer account in Active Directory.
Failed to get the SID for the created account from Active Directory.
Failed to set the SAM account name in Active Directory for the account created.
Failed to set the user account controller properties for the account created in Active Directory.
Failed to save the changes made to the created computer account in Active Directory.
Failed to set the password for the created computer account in Active Directory.
Failed to enable the newly created computer account in Active Directory.
The computer name for the computer to create is in use in Active Directory.
Failed to get the distinguished name for the created computer account in ActiveDirectory.
Failed to set the Dns Host Name property for the created computer account in ActiveDirectory.
Failed to set the DisplayName property for the created computer account in ActiveDirectory.
Failed to set the ServicePrincipalName property for the created computer account in ActiveDirectory.
Any other error information
The list of accounts that were successfully added. Each object
provides details of the identity and contains the following information:
The Sid of the identity.
The account name for the identity.
The domain name that the account was created in.
The current state of the AD account. This can be one of the following:
The account is locked or disabled in AD.
The account is in AD and available to be consumed by the other Machine Creation Services.
The account is in AD and is being consumed by the other Machine Creation Services.
The account is in AD and no longer consumed by other Machine Creation Services. However, the password is no longer known so cannot be reused without 'Repairing' the account. See repair-AcctADAccount for details.
Indicates if the identity pool is locked.