New-QADUser : A parameter cannot be found that matches parameter name 'proxyAddresses' - powershell

I created a script for bulk user creation in AD and it works correctly:
Import-CSV C:\Users\NewUsers.csv |
ForEach-Object {
New-QADUser -Name $_.Name -FirstName $_.FirstName -LastName $_.LastName -Office $_.Office -Title $_.Title -Description $_.Description -Department $_.Department -Company $_.Company -City $_.City -StateOrProvince $_.State -UserPassword $_.UserPassword -SamAccountName $_.SamAccountName -UserPrincipalName $_.UserPrincipalName -DisplayName $_.DisplayName -ParentContainer $_.ParentContainer -mail $_.mail -manager $_.manager
}
But I want another thing.
Apart from creating a user with those parameters I want to also get the following:
proxyAddresses
targetAddress
extensionAttribute1
extensionAttribute3
But when running the script adding those parameters it gives me an error:
Import-CSV C:\Users\NewUsers.csv |
ForEach-Object {
New-QADUser -Name $_.Name -FirstName $_.FirstName -LastName $_.LastName -Office $_.Office -Title $_.Title -Description $_.Description -Department $_.Department -Company $_.Company -City $_.City -StateOrProvince $_.State -UserPassword $_.UserPassword -SamAccountName $_.SamAccountName -UserPrincipalName $_.UserPrincipalName -DisplayName $_.DisplayName -ParentContainer $_.ParentContainer -mail $_.mail -manager $_.manager -proxyAddresses $_.proxyAddresses -targetAddress $_.targetAddress -extensionAttribute1$_. extensionAttribute1 -extensionAttribute3 $_.extensionAttribute3
}
The error is:
[PS] C:\Users\Prueba>.\NewUsers.ps1 New-QADUser : A parameter cannot
be found that matches parameter name 'proxyAddresses'. At
C:\Users\Prueba\NewUsers.ps1:1 char:505
+ ... ger $.manager -proxyAddresses $.proxyAddresses -targetAddress $_.targetAddress ...
+ ~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidArgument: (:) [New-QADUser], ParameterBindingException
+ FullyQualifiedErrorId : NamedParameterNotFound,Quest.ActiveRoles.ArsPowerShellSnapIn.Powershell.Cmdlets.NewUserCmdlet
How can I solve this issue?


Looks from your error like there is no specific ProxyAddresses parameter switch, there isn't one for the native PS New-AdUser command either, but this works:
New-AdUser -Name $name -OtherSettings #{
'proxyAddresses' = $myproxyaddresses
}

Related

Powershell issue when creating new user then give them group and move to specific OU

I'm quite new to PowerShell and still at entry-level. I'm running into an issue with my script and hope to seek some help here.
The objective I wanted to achieve is:
Create new users from .csv where their attribute values are filled
bases on their jobtitle: Add different groups, move the user to different OU
My script did work with user account creation and adding groups, but after I added the OU moving part, it failed. I'm attaching my script here and the error message, any advice would be really really helpful!!
Thank you very much in advance.
Import-Module activedirectory
$ADUsers = Import-csv 'D:\OneDrive - testit\IT Dept\PowerShell\Scripts\Case_Study\New_Employee_Action\RA_Test3.csv'
foreach ($User in $ADUsers)
{
$Lastname = $User.EnglishLastName
$Firstname = $User.EnglishFirstName
$department = $User.Department
$Username = $User.Account
$Password = $User.Password
$email = $User.Email
$displayname= $User.Displayname
$employeeid = $User.EmployeeID
$employeenumber = $User.EmployeeNumber
$OU = "OU=Rachel test,OU=Users,OU=testit,DC=testit,DC=edu,DC=cn"
$city = $User.city
$zipcode = $User.Zipcode
$jobtitle = $User.JobTitle
$company = $User.Company
$employeeType = $User.employeeType
if (Get-ADUser -F {SamAccountName -eq $Username})
{
Write-Warning "A user account with username $Username already exists in Active Directory."
}
else
{
New-ADUser `
-SamAccountName $Username `
-UserPrincipalName "$Username#testit.edu.cn" `
-Name "$Firstname $Lastname" `
-GivenName $Firstname `
-Surname $Lastname `
-Enabled $True `
-DisplayName "$displayname" `
-Path $OU `
-EmployeeID $employeeid `
-EmployeeNumber $employeenumber `
-City $city `
-PostalCode $zipcode `
-Title $jobtitle `
-Company $company `
-Department $department `
-EmailAddress $email `
-AccountPassword (convertto-securestring $Password -AsPlainText -Force) -ChangePasswordAtLogon $True `
-OtherAttributes #{'employeeType'=$employeeType}
}
$RA_Groups = #("Chinese Staff","$testStaffUsers","testUsers","Research Assistants")
$OU_RA = "OU=Research Assistant,OU=Academic,OU=Staff,OU=Users,OU=testit,DC=testit,DC=edu,DC=cn"
ForEach ($ADUser in $ADUsers)
{
if($jobtitle -eq 'Research Fellow (RF)'){
foreach($RA_Group in $RA_Groups){
Add-ADGroupMember -Identity $RA_Group -Members $Username
}
Move-ADObject -Identity $Username -TargetPath $OU_RA
Write-Output "Moved Account $($Username) to $($OU_RA)"
Write-Output "User $($Username) has been added to group $($RA_Groups)"
}
}
}
Add-ADGroupMember : Cannot find an object with identity: '' under: 'DC=testit,DC=edu,DC=cn'.
At D:\OneDrive - testIT\IT Dept\PowerShell\Scripts\Case_Study\New_Employee_Action\New_Employee_test.ps1:88 char:17
+ ... Add-ADGroupMember -Identity $RA_Group -Members $Username
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : ObjectNotFound: (:ADGroup) [Add-ADGroupMember], ADIdentityNotFoundException
+ FullyQualifiedErrorId : ActiveDirectoryCmdlet:Microsoft.ActiveDirectory.Management.ADIdentityNotFoundException,Microsoft.ActiveDirectory.Management.Commands.AddADGroupMember
Move-ADObject : Cannot find an object with identity: 'test.RA' under: 'DC=testit,DC=edu,DC=cn'.
At D:\OneDrive - testit\IT Dept\PowerShell\Scripts\Case_Study\New_Employee_Action\New_Employee_test.ps1:90 char:13
+ Move-ADObject -Identity $Username -TargetPath $OU_RA
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : ObjectNotFound: (test.RA:ADObject) [Move-ADObject], ADIdentityNotFoundException
+ FullyQualifiedErrorId : ActiveDirectoryCmdlet:Microsoft.ActiveDirectory.Management.ADIdentityNotFoundException,Microsoft.ActiveDirectory.Management.Commands.MoveADObject
Moved Account test.RA to OU=Research Assistant,OU=Academic,OU=Staff,OU=Users,OU=testit,DC=testit,DC=edu,DC=cn
User test.RA has been added to group Chinese Staff testUsers Research Assistants

There seem to be two problems here:
Move-ADObject : Cannot find an object with identity: 'test.RA'
Move-ADObject does not take the samaccountname as an input - the documentation indicates it wants either a distinguished name or a GUID. To solve this, once you have created the account, you can either Get-ADUser the username (to get the GUID / DN) or bodgy it up using your already known values from the script - I'd recommend using Get-ADUser for simplicity
$dn = Get-ADUser $username | Select-Object -expand DistinguishedName
Move-ADObject -Identity $dn -TargetPath $OU_RA
Add-ADGroupMember : Cannot find an object with identity: ''
You've defined the groups with names, but one is defined as a variable instead - it's likely here you're experiencing the error. You can see in the below that $testStaffUsers is a variable (identified by the $). Removing the $, or ensuring the variable is defined, would resolve the problem.
$RA_Groups = #("Chinese Staff","$testStaffUsers","testUsers","Research Assistants")
would become
$RA_Groups = #("Chinese Staff","testStaffUsers","testUsers","Research Assistants")

can't create userS via powershell

I can't import users in powershell with a script via an csv file, but If I print the parameters on the screen,it shows them as it should.
what I am doing wrong? in my life plenty with that mustache, but plis focus on the script.
is running windows server 2016 on the powershell ise, on virtualbox
The Script:
If(-Not(Get-ADOrganizationalUnit -Filter {Name -eq "991-5D"}))
{New-ADOrganizationalUnit "991-5D" -Path (Get-ADDomain).DistinguishedName}
If(-Not(Get-ADOrganizationalUnit -Filter {Name -eq "911-5V"}))
{New-ADOrganizationalUnit "911-5V" -Path (Get-ADDomain).DistinguishedName}
$domain=(Get-ADDomain).DNSRoot
Import-Csv -Path "C:\Alumnos.csv" | foreach-object {
[int]$number= $_.X
If($number -ge 10 -and $number -le 26)
{
$UO="991-5D"
}
//there are many others O.U.
$ou= "UO="+$UO+","+$domain
$UPN = $_.LETRA+$_.PATERNO+$_.X+"#"+ "$domain"
$CUENTA= $_.LETRA+$_.PATERNO+$_.X
New-ADUser -SamAccountName $CUENTA -UserPrincipalName $CUENTA -Name $_.NOMBRE
-SurName $_.PATERNO -GivenName $_.NOMBRE -EmailAddress $UPN -AccountPassword
(ConvertTo-SecureString "Leica666" -AsPlainText -force) -Path $ou
-Enabled $true -ChangePasswordAtLogon $true -Verbose}
the data:
X,PATERNO,MATERNO,NOMBRE,SEGUNDO,LETRA
10,ARÉVALO,CORNEJO,NICOLÁS,ALEJANDRO,N
11,BARRIOS,MONTERO,BENJAMÍN,IGNACIO,B
12,BUSTAMANTE,LOYOLA,IGNACIO,HERNANDO,I
13,BUSTOS,GARRIDO,ARTURO,IGNACIO,A
this are the results on each line:
+ New-ADUser -SamAccountName $CUENTA -UserPrincipalName $CUENTA -Name $ ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo:NotSpecified: (CN=IGNACIO,UO=9...da.com:String)
[New-ADUser], ADException
+ FullyQualifiedErrorId : ActiveDirectoryServer:8335,
Microsoft.ActiveDirectory.Management.Commands.NewADUser
the head:
X,PATERNO,MATERNO,NOMBRE,SEGUNDO,LETRA
echo:
#{X=42; PATERNO=PAYACÁN; MATERNO=ZAPATA; NOMBRE=NICOLÁS; SEGUNDO=N; LETRA=}.NOMBRE
I know that reads the file and instead of reading just the column reads all the line($_), and then prints whatever I wrote next to it(".name", ".section", etc).

I've made some variable and format changes to make this code more successful.
$domain=Get-ADDomain
Import-Csv -Path "C:\Alumnos.csv" |
Foreach-Object {
[int]$number= $_.X
If($number -ge 10 -and $number -le 26)
{
$UO="991-5D"
}
$ou = "OU={0},{1}" -f $UO,$domain.DistinguishedName
$UPN = "{0}{1}{2}#{3}" -f $_.LETRA,$_.PATERNO,$_.X,$domain.DNSRoot
$CUENTA= "{0}{1}{2}" -f $_.LETRA,$_.PATERNO,$_.X
New-ADUser -SamAccountName $CUENTA -UserPrincipalName $UPN -Name $_.NOMBRE `
-SurName $_.PATERNO -GivenName $_.NOMBRE -EmailAddress $UPN `
-AccountPassword (ConvertTo-SecureString "Leica666" -AsPlainText -force) -Path $ou `
-Enabled $true -ChangePasswordAtLogon $true -Verbose
}
Explanation:
$domain: I've made this an ADDomain object. This allows the DistinguishedName and DNSRoot properties to be accessed where appropriate.
-f operator: I used the format operator to make it easier to read the string concatenation attempts.
$ou: This is constructed using the DistinguishedName of the domain. This is the proper format for the OU path.
$UPN: This is constructed using the DNSRoot of the domain. It can obviously be different than your domain, but must be in an email address or FQDN format.
Additional Comments:
You are setting -Name to be $_.NOMBRE. This could be problematic because Name must be unique in each OU. Name is used to build the CN, which is where uniqueness is required. If you have NICOLAS in OU 991-5D, you are going to get an error if you try to create another NICOLAS in the same place. IMHO, I would do something different. You could also implement the use of splatting for building the properties of your New-ADUser command, but that is only for readability purposes. Below is an example of splatting:
$NewUserProperties = #{
SamAccountName = $CUENTA
UserPrincipalName = $UPN
Name = $_.NOMBRE
Surname = $_.PATERNO
GivenName = $_.NOMBRE
EmailAddress = $UPN
AccountPassword = (ConvertTo-SecureString "Leica666" -AsPlainText -force)
Path = $ou
Enabled = $true
ChangePasswordAtLogon = $true
}
New-ADUser #NewUserProperties -Verbose

Bulkuser creation in AD using powershell

I am trying to upload bulk users to my AD using the code below.
But it keep giving me an error.
import-csv C:\Users\Administrator\Desktop\properties1.csv |ForEach-Object {New-ADUser -path "OU=Users,OU=ICTLAB,DC=gdgshj,DC=com" -UserPrincipalName $_.UserPrincipalName -SamAccountName $_.SamAccountName -GivenName $_.GivenName -Name $_.Name -DisplayName $_.DisplayName -profilepath $_.Profilepath Set-ADAccountPassword -Identity $_.SamAccountName -Reset -NewPassword (ConvertTo-SecureString -AsPlainText $_.Password -Force) Enable-ADAccount -Identity $_.SamAccountName }
The error is as attached.

You need a statement terminator for the New-ADUser cmdlet, before calling Set-ADAccountPassword.
You can either use ;, or place Set-ADAccountPassword on a separate line:
Import-Csv C:\Users\Administrator\Desktop\properties1.csv |ForEach-Object {
New-ADUser -path "OU=Users,OU=ICTLAB,DC=gdgshj,DC=com" -UserPrincipalName $_.UserPrincipalName -SamAccountName $_.SamAccountName -GivenName $_.GivenName -Name $_.Name -DisplayName $_.DisplayName -profilepath $_.Profilepath
Set-ADAccountPassword -Identity $_.SamAccountName -Reset -NewPassword (ConvertTo-SecureString -AsPlainText $_.Password -Force)
Enable-ADAccount -Identity $_.SamAccountName
}
You can also chain the commands together in a single pipeline, if you use the -PassThru switch on New-ADUser and Set-ADAccountPassword (notice the | at the end of each line):
Import-Csv C:\Users\Administrator\Desktop\properties1.csv |ForEach-Object {
New-ADUser -path "OU=Users,OU=ICTLAB,DC=gdgshj,DC=com" -UserPrincipalName $_.UserPrincipalName -SamAccountName $_.SamAccountName -GivenName $_.GivenName -Name $_.Name -DisplayName $_.DisplayName -profilepath $_.Profilepath -PassThru |
Set-ADAccountPassword -Reset -NewPassword (ConvertTo-SecureString -AsPlainText $_.Password -Force) -PassThru |
Enable-ADAccount
}

Bulk AD Users Creation

I am working on a PowerShell command where I have a .csv file with a certain attributes, but am actually stuck in completing it.
The attributes of my .csv file are in the following order:
userPrincipalName
sAMAccountName
password
givenName
sn
displayName
description
Path
title
company
memberOf
department
mustChangePassword
My current code is this:
$Users = Import-Csv -Path "C:\BulkUsers.csv"
foreach ($User in $Users)
{
$UPN = $User.userPrincipalName
$SAM = $User.sAMAccountName
$Password = $User.password
$UserFirstname = $User.givenName
$UserLastname = $User.sn
$Displayname = $User.givenName + " " + $User.sn
$Description = $User.description
$Path = $User.Path
$Title = $User.title
$Company = $User.company
$Group = $User.memberOf
$Department = $User.department
New-ADUser -UserPrincipalName $UPN -SamAccountName $SAM -AccountPassword (ConvertTo-SecureString $Password -AsPlainText -Force) -GivenName "$UserFirstname" -Surname "$UserLastname" -DisplayName "$Displayname" -Description "$Description" -Path "$Path" -title "$Title" -company "$Company" -memberOf "$Group" -department "$Department" -ChangePasswordAtLogon $true
}
Am getting the below error while executing it:
New-ADUser : A parameter cannot be found that matches parameter name 'memberOf'.
At line:15 char:292
+ ... any "$Company" -memberOf "$Group" -department "$Department" -ChangePasswordAtLo ...
+ ~~~~~~~~~
+ CategoryInfo : InvalidArgument: (:) [New-ADUser], ParameterBindingException
+ FullyQualifiedErrorId : NamedParameterNotFound,Microsoft.ActiveDirectory.Management.Commands.NewADUser

The error message is pretty straightforward. If you take a look at the documentation for the New-ADUser cmdlet you'll see that it doesn't have a parameter -memberOf. To add the newly created user to a group use the Add-ADGroupMember cmdlet.
$Account = New-ADUser ... -PassThru
Add-ADGroupMember -Identity $Group -Members $Account
This is assuming that the memberOf field from the CSV contains just a single group name or distinguished name.
The additional parameter -PassThru allows you to assign the created account object to a variable, so you can use that variable in the group assignment. Without that parameter New-ADUser runs silently (without output).

exchange 2013 bulk create mailboxes error

I am trying to import a list of users from a csv file and I get the following error:
script:
PS C:\Software> import-csv C:\Software\lastDumpPolished.csv | % {
New-ADUser -Name $_.Name -SamAccountName $_.SamAccountName `
-DisplayName $_.Name -Surname $_.Sn -GivenName $_.GivenName `
-AccountPassword (ConvertTo-SecureString password1234 `
-AsPlainText -Force) -Enabled:$true -Title $_.Title `
-Description $_.describtion -Company Myland `
-OfficePhone $_.Telephone -HomeDrive Z: `
-HomeDirectory $homedrive -ChangePasswordAtLogon:$true `
} | Enable-Mailbox -Identity $_.SamAccountName -Alias $_.SamAccountName
Error:
Enable-Mailbox : Cannot bind argument to parameter 'Identity' because it is null.
At line:1 char:443
+ ... lbox -Identity $_.SamAccountName -Alias $_.SamAccountName
+ ~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidData: (:) [Enable-Mailbox], ParameterBind
ingValidationException
+ FullyQualifiedErrorId : ParameterArgumentValidationErrorNullNotAllowed,M
icrosoft.Exchange.Management.RecipientTasks.EnableMailbox
Powershell doesn't remember $_.SamAccountName for some reason.
It there an easy 'inline method' of setting it to a variable that can be used after the pipe?
How do I get rid of that error so I can create and enable the mailboxes in bulk?

import-csv C:\Software\lastDumpPolished.csv | % {
New-ADUser -Name $_.Name -SamAccountName $_.SamAccountName `
-DisplayName $_.Name -Surname $_.Sn -GivenName $_.GivenName `
-AccountPassword (ConvertTo-SecureString password1234 `
-AsPlainText -Force) -Enabled:$true -Title $_.Title `
-Description $_.describtion -Company Myland `
-OfficePhone $_.Telephone -HomeDrive Z: `
-HomeDirectory $homedrive -ChangePasswordAtLogon:$true `
} | % { Enable-Mailbox -Identity $_.SamAccountName -Alias $_.SamAccountName }