I am trying to replace users description with a substring of his description. I want it to be just the first 10 letters. I try like this:
Get-ADUser abc -Properties description | Set-ADUser -Description "($($PSItem.Description).substring(0,10))"
Can you give me a hint how to make it work?
You never mentioned in what way it doesn't work for you but I assume it's because your SubString method never gets called but instead gets interpreted as text in your string. Try changing your line to the following instead and see if it does what you expect.
You could try it out first by just writing the output to screen rather than (potentially) updating your AD object with the wrong value.
Get-ADUser -abc -Properties Description | foreach { Write-Output "$($PSItem.Description.SubString(0,10))" }
And then run your line once you've made sure you have what you need.
Get-ADUser -abc -Properties Description | Set-ADUser -Description "$($PSItem.Description.SubString(0,10))"
this one gives good output:
Get-ADUser abc -Properties Description | foreach { Write-Output "$($PSItem.Description.SubString(0,10))" }
But this one not:
Get-ADUser abc -Properties Description | Set-ADUser -Description "$($PSItem.Description.SubString(0,10))"
it is giving error like this:
You cannot call a method on a null-valued expression. At line:1
char:71
+ ... on | Set-ADUser -description "$($PSItem.description.SubString(0,10))"
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidOperation: (:) [], RuntimeException
+ FullyQualifiedErrorId : InvokeMethodOnNull Set-ADUser : replace At line:1 char:44
+ ... scription | Set-ADUser -description "$($PSItem.description.SubString( ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidOperation: (CN=abc...C=DOMAIN,DC=com:ADUser) [Set-ADUser],
ADInvalidOperationException
+ FullyQualifiedErrorId : ActiveDirectoryServer:0,Microsoft.ActiveDirectory.Management.Commands.SetADUser
Related
hope you are doing well
I normally use this script to return the value of extensionattribute1
$a = read-host "enter badge"
get-aduser -Filter {extensionattribute1 -eq $a } -Properties * -server "Server" | format-list extensionattribute1,Title,AccountExpirationDate,DistinguishedName,SamAccountName,enabled,Description,Orginizations,extensionattributeies
and i get the results. but sometimes i get this strange error
get-aduser : Object reference not set to an instance of an object.
At line:2 char:1
get-aduser -Filter {extensionattribute1 -eq $a } -Properties * -serve ...
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
CategoryInfo : NotSpecified: (:) [Get-ADUser], NullReferenceException
FullyQualifiedErrorId : ActiveDirectoryCmdlet:System.NullReferenceException,Microsoft.ActiveDirectory.Management.Commands.GetADUser
normally it will be solved after a restart, but I want to fix it without restarting if possible.
thanks
I'm trying to update AD user attributes:title, physicalDeliveryOfficeName and department from CSV file using powershell. I am new to powershell so I need some help. (please, and thanks in advance)
So, the idea is that filter for a match is displayName attribute and the script I use is:
Import-Module ActiveDirectory
$csv = Import-Csv C:\Temp\AD_import_test.csv
foreach ($line in $csv) {
$displayName = $line.displayName
Get-ADUser -Filter {displayName -eq $displayName} |
Set-ADUser -Title $($csv.title) -department $($csv.Department) -physicalDeliveryOfficeName $($csv.physicalDeliveryOfficeName) }
But the script is returning error:
Set-ADUser : Cannot convert 'System.Object[]' to the type 'System.String' required by parameter 'Title'. Specified method is not supported.
At line:6 char:19
+ Set-ADUser -Title $($csv.title) -department $($csv.Department) -physi ...
+ ~~~~~~~~~~~~~
+ CategoryInfo : InvalidArgument: (:) [Set-ADUser], ParameterBindingException
+ FullyQualifiedErrorId : CannotConvertArgument,Microsoft.ActiveDirectory.Management.Commands.SetADUser
Set-ADUser : Cannot convert 'System.Object[]' to the type 'System.String' required by parameter 'Title'. Specified method is not supported.
At line:6 char:19
+ Set-ADUser -Title $($csv.title) -department $($csv.Department) -physi ...
+ ~~~~~~~~~~~~~
+ CategoryInfo : InvalidArgument: (:) [Set-ADUser], ParameterBindingException
+ FullyQualifiedErrorId : CannotConvertArgument,Microsoft.ActiveDirectory.Management.Commands.SetADUser
You're using the wrong variable to assign those values. In your script $csv contains the entire .csv file, but within your foreach line you're loading each individual line into $line, and it's that which you need to set your value.
So in essence, $($csv.title) equals ALL of the title fields, not just the one you're interested in. That's why you're getting the error saying it's a System.Object[] rather than System.String... because it's not one single value.
I notice you have it correct on the "$displayName = $line.displayName" line, so it's just the Set-ADUser line that needs updating, as :
Set-ADUser -Title $($line.title) -department $($line.Department) -physicalDeliveryOfficeName $($line.physicalDeliveryOfficeName) }
Edit:
Also, with something like this a useful trick is to add some Write-Output lines to show what the variable contents are, so you can check if they match what you're expecting, for instance :
Write-Output $($line.title)
which then in the case of $line.title should show you a single value, whereas if you did $($csv.title) it would return multiple values and show you where the issue is.
You code seems good for me except the set-aduser you need to replace $csv with $line
Import-Module ActiveDirectory
$csv = Import-Csv C:\Temp\AD_import_test.csv
foreach ($line in $csv) {
$displayName = $line.displayName
Get-ADUser -Filter {displayName -eq $displayName} |
Set-ADUser -Title $($line.title) -department $($line.Department) -physicalDeliveryOfficeName $($line.physicalDeliveryOfficeName) }
I am doing a powershell script that can update the Account Expires field in the AD based on sAMAccoutname but i faced some issue on Set-ADUser powershell command when it tried to update the Account Expires field in AD. I tested several way with various combination of command option but none of them work as expected
1st attempt
Set-ADUser -Identity xxxx00242 -accountExpires 130618739743580353
Error received
Set-ADUser : A parameter cannot be found that matches parameter name 'accountExpires'.
At line:1 char:31
+ Set-ADUser -Identity xxxx0242 -accountExpires 130618739743580353
+ ~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidArgument: (:) [Set-ADUser], ParameterBindingException
+ FullyQualifiedErrorId : NamedParameterNotFound,Microsoft.ActiveDirectory.Management.Commands.SetADUser
2nd attempt
Set-ADUser -identity xxxx0242 -Add #{accountExpires=" 130612691742815904"}
Error Received
Set-ADUser : The parameter is incorrect
At line:1 char:1
+ Set-ADUser -identity xxxx0242 -Add #{accountExpires=" 130612691742815 ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidOperation: (xxxx0242:ADUser) [Set-ADUser], ADInvalidOperationException
+ FullyQualifiedErrorId : ActiveDirectoryServer:87,Microsoft.ActiveDirectory.Management.Commands.SetADUser
3rd attempt
Set-ADUser -identity xxxx0242 -Add #{AccountExpirationDate=" 130612691742815904"}
Error Received
Set-ADUser : The specified directory service attribute or value does not exist
Parameter name: AccountExpirationDate
At line:1 char:1
+ Set-ADUser -identity xxxx0242 -Add #{AccountExpirationDate=" 13061269 ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidArgument: (xxxx0242:ADUser) [Set-ADUser], ArgumentException
+ FullyQualifiedErrorId : ActiveDirectoryCmdlet:System.ArgumentException,Microsoft.ActiveDirectory.Management.Comm
ands.SetADUser
my powershell version is 5.1.14393.206 or Set-ADUser cant update Account Expires field in AD?This is the link
You need to input a valid datetime.
For instance if you want to let the account expire in 1 month.
$date = Get-Date
$dateExpiry = $date.AddMonths(1)
Set-ADUser xxxx0242 -AccountExpirationDate $dateExpiry
Please note that the returned int64 value can easily be converted to a usable datetime for instance to add 6 months to it:
$currentExpiry = (Get-ADUser xxxx0242 -Properties AccountExpires).accountExpires
[datetime]$expireDate = $currentExpiry
$newExpireDate = $expireDate.AddMonths(6)
Set-ADUser xxxx0242 -AccountExpirationDate $newExpireDate
Hope this helps!
I'm trying to get users created in last 24 hours or today, from Azure or Msol. But whatever I tried is not working;
$When = ((Get-Date).AddDays(-1))
Get-AzureADUser -Filter {(whenCreated -ge $When)} -Properties whenCreated
But it gives me this error;
Get-AzureADUser : Cannot evaluate parameter 'Filter' because its argument is specified as a script block and there is
no input. A script block cannot be evaluated without input.
At line:6 char:25
+ Get-AzureADUser -Filter {(whenCreated -ge $When)} -Properties whenCre ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : MetadataError: (:) [Get-AzureADUser], ParameterBindingException
+ FullyQualifiedErrorId : ScriptBlockArgumentNoInput,Microsoft.Open.AzureAD16.PowerShell.GetUser
I'm trying to write a script that updates every user's msIIS-FTPRoot attribute where the user's description = ‘FTPuser’.
import-module activedirectory
$users = Get-ADUser -SearchBase "dc=NAME,dc=com" -Filter {Description -eq "FTPUser"}
Set-ADUser $users -Replace #{msIIS-FTPRoot='NewTEXT'}
I get the following error:
Missing '=' operator after key in hash literal.
At line:1 char:60
+ Set-ADUser $users -Replace #{msIIS-FTPRoot='\\SOMETEXT\' <<<< }
+ CategoryInfo : ParserError: (:) [], ParentContainsErrorRecordException
+ FullyQualifiedErrorId : MissingEqualsInHashLiteral
Using quotation marks on the attribute name solves your problem.
Set-ADUser $users -Replace #{'msIIS-FTPRoot'='NewTEXT'}