I'm trying to set user extension properties from a powershell code with an input coming from a CSV file.
I'm getting this error:
Set-AzureADUserExtension : The input object cannot be bound to any
parameters for the command either because the command does not take
pipeline input or the input and its properties do not match any of
the parameters that take pipeline input. At line:14 char:17
... $user | Set-AzureADUserExtension -ObjectId $upn -ExtensionName "e ...
CategoryInfo : InvalidArgument: (class User { ...Type: Member } :PSObject) [Set-AzureADUserExtension],
ParameterBindingException
FullyQualifiedErrorId : InputObjectNotBound,Microsoft.Open.AzureAD.Graph.PowerShell.Custom.SetAzureADUserExtension
I'm kind of new to this, so it's for sure not the best.
Does anyone have any suggestions?
Thanks!
If you are looking for help you will need to share your code, not just the error. I verified for you that Set-AzureADUserExtension does take pipeline input for all properties.
What I can't tell is where you set $UPN or why you are piping $user to the command since I can't see your code.
Related
I am new to PowerShell but I found I can use Substring to count to the right or left of a string within a variable. It appears though it is not supported for the output I am receiving. I am hoping someone can point me in the right direction. Thank you for any help.
Code to retrieve the computer name.
$compname = WmiObject -class Win32_ComputerSystem | Select-Object Name
$compname
$compname.Substring(9,0)
Here is the result and error:
Name
Computer-PC
Method invocation failed because [Selected.System.Management.ManagementObject] does not contain a method named 'Substring'.
At line:3 char:1
$compname.Substring(9,0)
+ CategoryInfo : InvalidOperation: (Substring:String) [], RuntimeException
+ FullyQualifiedErrorId : MethodNotFound
This error occurs because you're trying to use the Substring method on an object.
Take a look, if i do the same query that you did, it returns me an object with "Name" property:
And as the powershell error shows, you cannot call the substring method directly to an object. You must do it on a string, in this case, the property name. To solve you problem, you just need to call "Name" property in your query. Something like this:
$computerName = (Get-WmiObject Win32_ComputerSystem).Name
After that, you will be able to use "Substring" method because that query returns a string:
If any other problem occurs, i will be glad to help you :)
I'm going a little batty because I can't think of anything I'm doing wrong with this code snippet. I'm literally just trying to get a single user using Get-MsolUser using the parameter -UserPrincipalName in the following line:
$usr = Get-MsolUser -UserPrincipalName $wantedUser
I'm calling this code from within a function that originally had the $wantedUser variable as a parameter, but due to the issues I'm experiencing, I've tried to add it as a script variable, I've tried reassigning the parameter variable to a local function variable, but nothing works. I can put the raw user principal name in there like below:
$usr = Get-MsolUser -UserPrincipalName "james#contoso.com"
And it works... no problem. Queries and assigns the user information to the $usr variable as expected where the rest of my code logic works fine. I know I'm just probably stupidly looking over something simple, but for the life of me I can't figure it out. Can someone please shed some light on what I might be doing wrong? I know it's passing the value in there to some extent because I get an exception saying the following:
Get-MsolUser : User Not Found. User: "james#contoso.com".
At C:\locationWhereMyScriptIsLocated.ps1:19 char:12
+ $usr = Get-MsolUser -UserPrincipalName $wantedUser
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : OperationStopped: (:) [Get-MsolUser], MicrosoftOnlineException
+ FullyQualifiedErrorId : Microsoft.Online.Administration.Automation.UserNotFoundException,Microsoft.Online.Administration.Automation.GetUser
I don't have access to Get-MsolUser, but from what I can tell, the error message
Get-MsolUser : User Not Found. User: "james#contoso.com". suggests that the user name mistakenly contains embedded " chars. - that is, the verbatim value of $wantedUser may be "james#contoso.com" rather than the expected james#contoso.com.
Thus, as a quick fix, try:
$usr = Get-MsolUser -UserPrincipalName ($wantedUser -replace '"')
But it's worth investigating why these embedded " characters ended up in $wantedUser to begin with, and perhaps eliminate the problem at the source.
I am trying to remove all disabled users from my MSOL groups within the company. There are roughly 50 users and I have already removed them from all the DLs an Shared Mailboxes, but I still need to have them taken off of the MSOL groups. I have written something fairly simple to do so;
$import = Import-Csv "C:\Users\Person\Desktop\DisabledMSOL.csv"
foreach($user in $import) {
$DisabledUserParams = #{
PersonID = $user.GroupID
ObjectId = $user.ObjectId
}
Remove-MsolGroupMember -GroupObjectId $DisabledUserParams.ObjectId -GroupMemberType User -GroupmemberObjectId $DisabledUserParams.PersonID}
Problem is when I run this, it gives this error:
Remove-MsolGroupMember : Cannot bind parameter 'GroupMemberObjectId'. Cannot convert value "" to type "System.Guid"
Error: "Unrecognized Guid format."
At line:11 char:111
+ ... oupMemberType User -GroupmemberObjectId $DisabledUserParams.PersonID}
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidArgument: (:) [Remove-MsolGroupMember],
ParameterBindingException
+ FullyQualifiedErrorId :CannotConvertArgumentNoMessage,Microsoft.Online.Administration.Automation.RemoveGroupMember
Please let me know what you think.
*Also, How do you make the yellow outline at this site? I have never really found out how to do so.
Thank you.
If you have about 50 records in the csv file and you get about 50 errors when you try to run your script, I'd double check those column/property names
If you try to access a property that doesn't exist, Powershell will silently continue.
If you get a partial success (some records work others don't), I'd check the values in the csv for the failures. You may think you have a ObjectId but may not.
Lastly, check your delimiter. If the csv file is tab or pipe delimited, you'll need to specify that delimiter in the Import-Csv call.
Good Luck!
The reason why it did not work was because there was an issue of misunderstanding the cmndlets in Exchange online and the syntax that is tied with it. I do not have an on Prem server and we do all Exchange online. Despite it correctly grabbing the GUIDs from the CSV, it was the wrong syntax:
Remove-MsolGroupMember -GroupObjectId $DisabledUserParams.ObjectId -GroupMemberType User -GroupmemberObjectId $DisabledUserParams.PersonID}
The correct Syntax was:
Remove-RecipientPermission $DisabledUserParams.ObjectId -Trustee $DisabledUserParams.PersonID -AccessRights SendAs
For some reason the MSOL group came up as a mail group with only send as access; furthermore, it will only remove/add users using that syntax
Remove-RecipientPermission
Thank you for all your help though. I appreciate all the advice I get from this site.
Can someone tell what I am doing wrong in the below I wrote:
function set-harden {
[CmdletBinding(DefaultParameterSetName='NormalHardening')]
param (
[Parameter(ParameterSetName='DoNotRemoveFromDomain')]
[Parameter(ParameterSetName='PermitHTTP' ,Mandatory=$True)]
[Parameter(ParameterSetName='PermitHTTPS' ,Mandatory=$True)]
[switch]$DONOTRemovefromdomain,
[Parameter(ParameterSetName='PermitHTTP')]
[Parameter(ParameterSetName='DoNotRemoveFromDomain')]
[switch]$Permithttp,
[Parameter(ParameterSetName='PermitHTTPS')]
[Parameter(ParameterSetName='DoNotRemoveFromDomain')]
[switch]$Permithttps,
[Parameter(ParameterSetName='NormalHardening')]
$NormalHardening
)}
If($NormalHardening -eq ""){
Write-Host "Excellent!"
}
All I want to do is to let the user select -DONOTRemovefromdomain or -Permithttp or even -Permithttps. There could be a variety of options the user has to choose from.
When I run this below I get an error:
PS C:\Temp> set-harden -DONOTRemovefromdomain -Permithttp
set-harden : Parameter set cannot be resolved using the specified named parameters.
At line:1 char:1
+ set-harden -DONOTRemovefromdomain -Permithttp
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidArgument: (:) [set-harden], ParameterBindingException
+ FullyQualifiedErrorId : AmbiguousParameterSet,set-harden
Also, if I do not specify anything (so it should just go to the parameter NormalHardening) I get an nothing back:
PS C:\Temp> set-harden
PS C:\Temp>
You've specified two flags, DONOTRemovefromDomain and Permithttp that belong to two parameter sets, DoNotRemoveFromDomain and PermitHttp. The command parser has no way of knowing which parameter set you mean, so you get an error.
The reason you don't get an error when you don't specify anything is because you've set the default parameter set explicitly to NormalHardening. You've not set the Mandatory flag on the single parameter in this parameter set, and by default parameters are not mandatory so you're not seeing an error.
Instead of having all these parameter sets why not just have 2, one for the default and one for all the flags you want to set:
function set-harden {
[CmdletBinding(DefaultParameterSetName='NormalHardening')]
param (
[Parameter(ParameterSetName='Options')]
[switch]$DONOTRemovefromdomain,
[Parameter(ParameterSetName='Options')]
[switch]$Permithttp,
[Parameter(ParameterSetName='Options')]
[switch]$Permithttps,
[Parameter(ParameterSetName='NormalHardening')]
$NormalHardening
)}
If($PSCmdlet.ParameterSetName -eq "Options"){
Write-Host "Excellent!"
}
How, if the parameter set name is set to Options you can check and apply the flags. If it's set to NormalHarding then you know to use the $NormalHardening parameter.
Sean gave a good answer already about what's going on in your specific case, but I want to include some tips for troubleshooting parameter sets.
Get Help
Or more specifically, Get-Help. The parameter set syntax is automatically generated from the param block, so running Get-Help myFunction will show you how PowerShell is interpreting your parameter sets (how many, which parameters are mandatory or not in each set, etc.).
Trace the Call
If the sets look right but you're getting errors and aren't sure why, let PowerShell show you how it's binding parameters:
Trace-Command -Name ParameterBinding -Expression { Set-Harden -Permithttp } -PSHost
That can give you great insight on what's going on, and lead you to how you might fix that (or help you realize that you can't).
I have a simple Powershell function to perform an Active Directory LDAP lookup based on the SID of a user:
function SidToAdUser($sid) {[adsi]("LDAP://<SID=" + $sid + ">")}
If I wish to read an attribute from the returned User object, accessing it via an intermediary variable works fine:
$ad = SidToAdUser("S-1-5-21-968173855-142910291-87512543-670313")
$ad.department
However, attempting to access it directly from the return value of the function, like this:
SidToAdUser("S-1-5-21-968173855-142910291-87512543-670313").department
elicits an error:
format-default : The following exception occurred while retrieving member "distinguishedName": "An invalid dn syntax has been specified.
"
+ CategoryInfo : NotSpecified: (:) [format-default], ExtendedTypeSystemException
+ FullyQualifiedErrorId : CatchFromBaseGetMember,Microsoft.PowerShell.Commands.FormatDefaultCommand
Can anyone advise why exactly this would be the case, and how to correct it?
Thank you.
Your function call syntax is wrong.
(SidToAdUser S-1-5-21-968173855-142910291-87512543-670313).department
In powershell, function arguments are specified as space-separated values after the function name, not enclosed in parens.