I'm trying to get users created in last 24 hours or today, from Azure or Msol. But whatever I tried is not working;
$When = ((Get-Date).AddDays(-1))
Get-AzureADUser -Filter {(whenCreated -ge $When)} -Properties whenCreated
But it gives me this error;
Get-AzureADUser : Cannot evaluate parameter 'Filter' because its argument is specified as a script block and there is
no input. A script block cannot be evaluated without input.
At line:6 char:25
+ Get-AzureADUser -Filter {(whenCreated -ge $When)} -Properties whenCre ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : MetadataError: (:) [Get-AzureADUser], ParameterBindingException
+ FullyQualifiedErrorId : ScriptBlockArgumentNoInput,Microsoft.Open.AzureAD16.PowerShell.GetUser
Related
hope you are doing well
I normally use this script to return the value of extensionattribute1
$a = read-host "enter badge"
get-aduser -Filter {extensionattribute1 -eq $a } -Properties * -server "Server" | format-list extensionattribute1,Title,AccountExpirationDate,DistinguishedName,SamAccountName,enabled,Description,Orginizations,extensionattributeies
and i get the results. but sometimes i get this strange error
get-aduser : Object reference not set to an instance of an object.
At line:2 char:1
get-aduser -Filter {extensionattribute1 -eq $a } -Properties * -serve ...
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
CategoryInfo : NotSpecified: (:) [Get-ADUser], NullReferenceException
FullyQualifiedErrorId : ActiveDirectoryCmdlet:System.NullReferenceException,Microsoft.ActiveDirectory.Management.Commands.GetADUser
normally it will be solved after a restart, but I want to fix it without restarting if possible.
thanks
I am trying to replace users description with a substring of his description. I want it to be just the first 10 letters. I try like this:
Get-ADUser abc -Properties description | Set-ADUser -Description "($($PSItem.Description).substring(0,10))"
Can you give me a hint how to make it work?
You never mentioned in what way it doesn't work for you but I assume it's because your SubString method never gets called but instead gets interpreted as text in your string. Try changing your line to the following instead and see if it does what you expect.
You could try it out first by just writing the output to screen rather than (potentially) updating your AD object with the wrong value.
Get-ADUser -abc -Properties Description | foreach { Write-Output "$($PSItem.Description.SubString(0,10))" }
And then run your line once you've made sure you have what you need.
Get-ADUser -abc -Properties Description | Set-ADUser -Description "$($PSItem.Description.SubString(0,10))"
this one gives good output:
Get-ADUser abc -Properties Description | foreach { Write-Output "$($PSItem.Description.SubString(0,10))" }
But this one not:
Get-ADUser abc -Properties Description | Set-ADUser -Description "$($PSItem.Description.SubString(0,10))"
it is giving error like this:
You cannot call a method on a null-valued expression. At line:1
char:71
+ ... on | Set-ADUser -description "$($PSItem.description.SubString(0,10))"
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidOperation: (:) [], RuntimeException
+ FullyQualifiedErrorId : InvokeMethodOnNull Set-ADUser : replace At line:1 char:44
+ ... scription | Set-ADUser -description "$($PSItem.description.SubString( ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidOperation: (CN=abc...C=DOMAIN,DC=com:ADUser) [Set-ADUser],
ADInvalidOperationException
+ FullyQualifiedErrorId : ActiveDirectoryServer:0,Microsoft.ActiveDirectory.Management.Commands.SetADUser
I am doing a powershell script that can update the Account Expires field in the AD based on sAMAccoutname but i faced some issue on Set-ADUser powershell command when it tried to update the Account Expires field in AD. I tested several way with various combination of command option but none of them work as expected
1st attempt
Set-ADUser -Identity xxxx00242 -accountExpires 130618739743580353
Error received
Set-ADUser : A parameter cannot be found that matches parameter name 'accountExpires'.
At line:1 char:31
+ Set-ADUser -Identity xxxx0242 -accountExpires 130618739743580353
+ ~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidArgument: (:) [Set-ADUser], ParameterBindingException
+ FullyQualifiedErrorId : NamedParameterNotFound,Microsoft.ActiveDirectory.Management.Commands.SetADUser
2nd attempt
Set-ADUser -identity xxxx0242 -Add #{accountExpires=" 130612691742815904"}
Error Received
Set-ADUser : The parameter is incorrect
At line:1 char:1
+ Set-ADUser -identity xxxx0242 -Add #{accountExpires=" 130612691742815 ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidOperation: (xxxx0242:ADUser) [Set-ADUser], ADInvalidOperationException
+ FullyQualifiedErrorId : ActiveDirectoryServer:87,Microsoft.ActiveDirectory.Management.Commands.SetADUser
3rd attempt
Set-ADUser -identity xxxx0242 -Add #{AccountExpirationDate=" 130612691742815904"}
Error Received
Set-ADUser : The specified directory service attribute or value does not exist
Parameter name: AccountExpirationDate
At line:1 char:1
+ Set-ADUser -identity xxxx0242 -Add #{AccountExpirationDate=" 13061269 ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidArgument: (xxxx0242:ADUser) [Set-ADUser], ArgumentException
+ FullyQualifiedErrorId : ActiveDirectoryCmdlet:System.ArgumentException,Microsoft.ActiveDirectory.Management.Comm
ands.SetADUser
my powershell version is 5.1.14393.206 or Set-ADUser cant update Account Expires field in AD?This is the link
You need to input a valid datetime.
For instance if you want to let the account expire in 1 month.
$date = Get-Date
$dateExpiry = $date.AddMonths(1)
Set-ADUser xxxx0242 -AccountExpirationDate $dateExpiry
Please note that the returned int64 value can easily be converted to a usable datetime for instance to add 6 months to it:
$currentExpiry = (Get-ADUser xxxx0242 -Properties AccountExpires).accountExpires
[datetime]$expireDate = $currentExpiry
$newExpireDate = $expireDate.AddMonths(6)
Set-ADUser xxxx0242 -AccountExpirationDate $newExpireDate
Hope this helps!
For a lab working on PowerShell, I have to target a specific OU and list the following information in a text file.
DistinguishedName
DNSHostName
Enabled
Name
ObjectClass
ObjectGUID
SamAccountName
SID
UserPrincipleName
I've found a ton of resources online on how to do this and continuously get an error no matter how I format it.
Here is my code:
$ou = 'OU=Testing,OU=Labs,OU=UWEC Computers DC=uwec, DC=edu'
$Computers = Get-ADComputer -Filter '*' -SearchBase $ou
$Computers | foreach {
$_.DNSHostName
} | Out-File -Filepath "C:\Windows\Temp\Lab7.txt"
I continuously get this error no matter what syntax I use:
Get-ADComputer : The object name has bad syntax
At line:1 char:1
+ Get-ADComputer -Filter '*' -SearchBase 'OU=Testing,OU=Labs,OU=UWEC Co ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : NotSpecified: (:) [Get-ADComputer], ADException
+ FullyQualifiedErrorId : ActiveDirectoryServer:8335,Microsoft.ActiveDirectory.Management.Commands.GetADComputer
The code you posted does not match the error you posted. However, the most likely reason for the error is a missing comma in your OU:
$ou = 'OU=Testing,OU=Labs,OU=UWEC Computers DC=uwec, DC=edu'
# ^right here
Change that into
$ou = 'OU=Testing,OU=Labs,OU=UWEC Computers,DC=uwec, DC=edu'
and the problem should disappear.
I'm trying to write a script that updates every user's msIIS-FTPRoot attribute where the user's description = ‘FTPuser’.
import-module activedirectory
$users = Get-ADUser -SearchBase "dc=NAME,dc=com" -Filter {Description -eq "FTPUser"}
Set-ADUser $users -Replace #{msIIS-FTPRoot='NewTEXT'}
I get the following error:
Missing '=' operator after key in hash literal.
At line:1 char:60
+ Set-ADUser $users -Replace #{msIIS-FTPRoot='\\SOMETEXT\' <<<< }
+ CategoryInfo : ParserError: (:) [], ParentContainsErrorRecordException
+ FullyQualifiedErrorId : MissingEqualsInHashLiteral
Using quotation marks on the attribute name solves your problem.
Set-ADUser $users -Replace #{'msIIS-FTPRoot'='NewTEXT'}