We have mixed desktop operating systems consisting of windows 7 and windows 10. I have a login script that gathers various information from a powershell script that runs each time a user logs in. The windows 7 powershell is only version 2 which means I cannot use get-aduser, I am therefore challenged to query this information out of AD using a different method that would be compatible with both win7 and win10. I have this line of code that does not use get-aduser and successfully produces a list of all AD users on powershell 5(win10), however when I attempt to use it on powershell 2 it produces the error below.
My questions are these:
What do I need to change to get the script working on powershell version2 ?
How can I get it to output the current user as opposed to all the users in AD
thank you for any help in advance
<position> : The following exception was thrown when trying to enumerate the collection: "Configuration system failed t
o initialize".
At line:1 char:1
+ <<<< (New-Object DirectoryServices.DirectorySearcher "ObjectClass=user").FindAll() | Select-object -property path
+ CategoryInfo : NotSpecified: (:) [], ExtendedTypeSystemException
+ FullyQualifiedErrorId : ExceptionInGetEnumerator
(New-Object DirectoryServices.DirectorySearcher “ObjectClass=user”).FindAll() | Select-object -property path
Related
I have a PowerShell script which checks the currently signed in user as part of its start-up process. I'm using .Net to do this by adding the assembly:
Add-Type -AssemblyName System.DirectoryServices.AccountManagement
$cUser = [System.DirectoryServices.AccountManagement.UserPrincipal]::Current
For almost everyone this works fine and I get a UserPrincipal object that I can use elsewhere, however there are a couple of users who get the following error when running it:
Unable to cast object of type 'System.DirectoryServices.AccountManagement.GroupPrincipal' to type 'System.DirectoryServices.AccountManagement.UserPrincipal'. At line:2 char:1
+ [System.DirectoryServices.AccountManagement.UserPrincipal]::Current
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : OperationStopped: (:) [], InvalidCastException
+ FullyQualifiedErrorId : System.InvalidCastException
This is on a standard Windows 10 20H2 install and doesn't matter if PowerShell is running elevated or not. I've never seen this call return anything other than a UserPrincipal before, so I would be grateful for any advice: is this something I can deal with in code, or is there some underlying issue with the machines that are returning this exception?
I don't know if this is what you're looking for:
$cUser = Get-ADUser $Env:Username -Properties *
This has the most important attributes that you can use for whatever you want later on. It provides as much attribute as the code you posted that didn't work for some of the user.
We have mixed desktop operating systems consisting of windows 7 and windows 10. I have a login script that gathers various information from a powershell script that runs each time a user logs in. The windows 7 powershell is only version 2 which means I cannot use get-aduser, I am therefore challenged to query this information out of AD using a different method that would be compatible with both win7 and win10. I have this line of code that does not use get-aduser and successfully produces a list of all AD users on powershell 5(win10), however when I attempt to use it on powershell 2 it produces the error below.
My questions are these:
What do I need to change to get the script working on powershell version2 ?
How can I get it to output the current user as opposed to all the users in AD
thank you for any help in advance
<position> : The following exception was thrown when trying to enumerate the collection: "Configuration system failed t
o initialize".
At line:1 char:1
+ <<<< (New-Object DirectoryServices.DirectorySearcher "ObjectClass=user").FindAll() | Select-object -property path
+ CategoryInfo : NotSpecified: (:) [], ExtendedTypeSystemException
+ FullyQualifiedErrorId : ExceptionInGetEnumerator
(New-Object DirectoryServices.DirectorySearcher “ObjectClass=user”).FindAll() | Select-object -property path
I would like to set Edge as an Assigned Access to a User.
I'm using the following PowerShell Command:
Set-AssignedAccess -AppUserModelId Microsoft.MicrosoftEdge -UserName xy
But I always get the following error (translated from German):
System error 1376 has occurred.
The specified local group does not exist.
New-CimInstance : A general error has occurred, for which
no specific error code is available.
C:\WINDOWS\system32\WindowsPowerShell\v1.0\Modules\AssignedAccess\AssignedAccess.psm1:300
Zeichen:13
+ New-CimInstance -ClassName WEDL_AssignedAccess -Property ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : NotSpecified: (WEDL_AssignedAccess:CimInstance) [New-CimInstance], CimException
+ FullyQualifiedErrorId : MI RESULT 1,Microsoft.Management.Infrastructure.CimCmdlets.NewCimInstanceCommand
The local user exists, and the app exists too. I also logged in with the user I want to set the assignedaccess to make sure the profile is set u0p correctly
This happened on two different Windows 10 (build 14393) machines
I'm on PSVersion:
PS C:\WINDOWS\system32> $psversiontable.psversion.toString()
5.1.14393.1944
Does anybody know how to solve this?
Ran in to this yesterday. From what i could tell the "local group" thats referenced is actually the admin group.
I ran the following commands in an elevated powershell prompt:
Net localgroup administrators /add.
This creates a local Administrators group.
Net localgroup administratörer administrators /add.
This adds the administrators group to the local admin group (Administratörer is the Swedish localization of Administrators, use the local version depending on your country and replace it).
After this is done, run your previous commands.
Give it a try, hope it helps :)
//Chris
Set-AssignedAccess -UserName weakusername -AUMID Microsoft.MicrosoftEdge_8wekyb3d8bbwe!MicrosoftEdge
Hi I've just resently started to use powershell on my server. Though when I run the script I get the error:
New-ADUser : Unable to find a default server with Active Directory Web Services running.
At C:\Users\Administrator\Desktop\Powerwhell Script, H1 case.ps1:6 char:1
+ New-ADUser -name $_."fornavn"
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : ResourceUnavailable: (:) [New-ADUser], ADServerDownException
+ FullyQualifiedErrorId : ActiveDirectoryServer:1355,Microsoft.ActiveDirectory.Management.Commands.NewADUser
I have attached the script and my .csv file. Hope any of you can help me figuring it out.
(Don't worry about the information, it's for a school assignment)
Script
.csv file
It looks like your script can not find the domain control on your domain. Simply use the -Server parameter and give it the Full Qualified Domain Name or IP of the domain control.
New-ADUser -Server "ServerName.Domain.com"
If this doesn't work you might not have Active Directory Management Gateway Service installed on your domain control (Download Here). With Windows server 2012 R2 make sure you have the following feature installed.
The headers warning you are seeing is because Import-Csv is unable to get the headings from your CSV file for some reason, and replaces the header name with H1,H2 ... Hx. For example:
fornavn efternavn H1 beskrivelse, ...
------- --------- ----- -----------
Keld Bruun KB Adm.Ledergruppe, ...
You can get round this you can giving Import-Csv the names of your columns via the -Header parameter. Note that these do not have to be the same as the ones in the CSV, as the new column headers will overwrite the CSV.
Import-Csv "C:\H1, Powershell.csv" -Header 'fornavn','efternavn','forkortelse','beskrivelse','email','brugernavn','kode','kontor','fuldnavn'
I wrote a script to take an AD user, disable the user, remove the user from group memberships and move the user to an OU. I originally wrote this on our Windows 2008 R2 DC (I know, bad idea) and I wanted to run the script locally on my Win 7 SP1 machine. It has the AD role installed as stated in this article (http://blogs.msdn.com/b/rkramesh/archive/2012/01/17/how-to-add-active-directory-module-in-powershell-in-windows-7.aspx)
I ran on both the DC and my Win7 machine $PSVersionTable and they are exactly the same. I can run ADSIEDIT.msc on the Win 7 machine. The error is occurring when doing an AD user lookup. See error output below:
Here is my script: https://github.com/nocode99/powershell/blob/master/UserDisableGroupRemoval.ps1
Property 'filter' cannot be found on this object; make sure it exists and is settable.
At C:\Admin\test.ps1:23 char:12
+ $ADsearch. <<<< filter = "(&(objectClass=user)(sAMAccountName=$user))"
+ CategoryInfo : InvalidOperation: (filter:String) [], RuntimeException
+ FullyQualifiedErrorId : PropertyNotFound
You cannot call a method on a null-valued expression.
At C:\Admin\test.ps1:24 char:32
+ $ADfind = $ADsearch.findOne <<<< ()
+ CategoryInfo : InvalidOperation: (findOne:String) [], RuntimeException
+ FullyQualifiedErrorId : InvokeMethodOnNull
Any ideas? The ActiveDirectory module imports with no issues and I want my users to run this locally on their machine rather than the DC.
Looks like I needed to include a filter before the lookup and added:
$adsearch = [adsisearcher]""
though I'm not sure why this works without the filter on AD server itself.