Good afternoon,
i've trawled the usual places, here, MS, Scritping guy, Month of lunches etc. to try and answer to my problem. I have a list of users identified by email address and i would like to change their currently blank attributes with the information below.
so:
33 = GLOBAL
34 = 4
35 = SMTP:User#NewDomain.com
Get-ADUser -filter {(Mail -like 'User#OldDomain.com')} -Properties * | Set-ADUser -Replace #{$_.MSExchExtensionAttribute33="GLOBAL"; $_.MSExchExtensionAttribute34="4"; $_.msExchExtensionAttribute35="SMTP:User#NewDomain.com"};
However, when i run the commands i receive this error:
A null key is not allowed in a hash literal.
At line:1 char:98
+ ... roperties * | Set-ADUser -Add #{$_.MSExchExtensionAttribute34="4"; $_ ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidOperation: (System.Collections.Hashtable:Hashtable) [], RuntimeException
+ FullyQualifiedErrorId : InvalidNullKey
i've used variations on this code in the past without issue to replace attributes that already have values in place so i wonder if that's part of the error.
Any help would be greatly appreciated.
The syntax for changing a (custom) attribute is
Set-ADUser $userName -add #{'MSExchExtensionAttribute33'="Global"}
I hope this solves the issue you're facing.
Like #theo suggested: leave out the $_ variable, and additionally: requesting properties is not needed at all when setting them. So try this, it works on my machine:
Get-ADUser -filter {(Mail -like 'User#OldDomain.com')} |
Set-ADUser -Replace #{MSExchExtensionAttribute33="GLOBAL"; MSExchExtensionAttribute34="4"; msExchExtensionAttribute35="SMTP:User#NewDomain.com"}
Related
I have a super simple script that I swear I use almost every day, but for some unknown reason my $_. variable is null.
Could someone please spot check it? there is only one column in the CSV I am importing, however it has no header so i don't know if that is what is causing it.
$results = import-csv C:\####\####\####\finddestinguishednamesof.csv | foreach-object {
Get-ADGroup $_. -Properties SamAccountName,DistinguishedName
}
$results | select SamAccountName,DistinguishedName |
Export-Csv C:\Users\laruemi\Desktop\test.csv -NoTypeInformation
I keep getting this error and do not know why.
Get-ADGroup : Cannot validate argument on parameter 'Identity'. The Identity property on the argument is null or empty.
At C:\Users\laruemi\Desktop\getdestinguishedname.ps1:2 char:13
+ Get-ADGroup $_. -Properties SamAccountName,DistinguishedName
+ ~~
+ CategoryInfo : InvalidData: (:) [Get-ADGroup], ParameterBindingValidationException
+ FullyQualifiedErrorId : ParameterArgumentValidationError,Microsoft.ActiveDirectory.Management.Commands.GetADGroup
The list of CSV's I am importing is just a list of SAMAccountNames with no header. i dont think that should cause this error, but it might. Can someone please give me a sanity check?
I created a new custom attribute like: newattribute1, but when I want to change the value in PowerShell, I got an error.
Set-ADUser -Identity test1 -newattribute1 123as
The error message:
Set-ADUser : A parameter cannot be found that matches parameter name
'newattribute1'.
At line:1 char:29
+ Set-ADUser -Identity test1 -newattribute1 123as
+ ~~~~~~~~~~~~~~
+ CategoryInfo : InvalidArgument: (:) [Set-ADUser], ParameterBindingException
+ FullyQualifiedErrorId : NamedParameterNotFound,Microsoft.ActiveDirectory.Management.Commands.SetADUser
I always use:
Set-ADUser -identity <username> -replace #{CustomAttribute="YourData"}
By using the replace function, you can specify the custom attribute that you created. It an easy way to change attributes which cannot be specified by the cmdlet itself. This doesn't only work for custom attributes, you can use the replace function for attributes such as phone number. Anything that the cmdlet doesn't let you modify by default.
On a bit of a side note, you can't just make up parameters to add to an existing cmdlet like you had -newattribute1 123as.
You will need to modify a copy of the ADUser object, then write the copy back using the -Instance parameter of Set-ADUser:
$user = Get-ADUser -Identity $samaccountname -Properties *
$user.YourCustomAttribute = $NewCustomAttributeValue
Set-ADUser -Instance $User
See Get-Help Set-ADUser.
When we create a public folder and mail enable in Exchange Online, the default email address is #domain.onmicrosoft.com
Our folder names are "NNNNN_Folder name" where NNNNN is a 5 digit number.
I would like to set the primary email address of the public folder to NNNNN#domain.com
I have tried many variations of this:
Get-PublicFolder -Recurse -Identity "\X\Y\Z"|
Sort-Object Identity –Descending|
Select-Object -first 4|
Set-MailPublicFolder -PrimarySmtpAddress {$_.name.substring(0,5)+"#domain.com"}
and receive errors about interpreting the resulting email address:
Cannot process argument transformation on parameter 'PrimarySmtpAddress'. Cannot convert value
"$_.name.substring(0,5)+"#domain.com"" to type "Microsoft.Exchange.Data.SmtpAddress". Error: "The email
address "$_.name.substring(0,5)+"#domain.com"" isn't correct. Please use this format: user name, the # sign,
followed by the domain name. For example, tonysmith#contoso.com or tony.smith#contoso.com."
+ CategoryInfo : InvalidData: (:) [Set-MailPublicFolder], ParameterBindin...mationException
+ FullyQualifiedErrorId : ParameterArgumentTransformationError,Set-MailPublicFolder
+ PSComputerName : outlook.office365.com
I also tried setting the EmailAddress of the PublicFolder to NNNNN#domain.com in the same operation.
-EmailAddresses #{$_.name.substring(0,5)+"#domain.com"}
It doesn't seem to be evaluating the argument or I'm missing something else?
If I change Set-MailPublicFolder ... with
% {$_.name.substring(0,5) + "#domain.com"}
I do see the email addresses I am expecting.
Thanks,
Craig.
See this version.
From Microsoft command documentation, the identity parameter is required (see this)
I am also not sure it can take the array and process each individual without specifying a foreach.
See this modified versions.
$PublicFolders = Get-PublicFolder -Recurse -Identity "\X\Y\Z"| Sort-Object Identity –Descending | Select-Object -first 4
$PublicFolders | foreach {
$NewEmail = "$($_.name.substring(0,5))#domain.com"
Write-Host "Settings MailPublicFolder with name $($_.Identity) to $NewEmail" -ForegroundColor Cyan
Set-MailPublicFolder -Identity $_.Identity -PrimarySmtpAddress $NewEmail
}
I'm writing a PowerShell script to create a new Active Directory group and automatically put it in the correct OU, depending on what department the user is in. The script gets the department from the user in Active Directory and then needs to use that as the name of the OU in active directory. When I don't use the variable in the AD path, this script works.
[string]$department = Get-ADUser -identity johndoe -properties department | Select department
New-ADGroup -Name NewADGroup -GroupScope Global -path “OU=($department),OU=SubDepartment,OU=MainDepartment,DC=OrgName”
However, when I try to use the variable $department as above, I get the following error:
New-ADGroup : The object name has bad syntax
At C:\Users\JohnDoe\Desktop\CreateNewGroup.ps1:7 char:1
+ New-ADGroup -Name NewADGroup -GroupScope Global -path
"OU=($department ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : NotSpecified: (CN=NewADGroup,DC=OrgName
:String) [New-ADGroup], ADException
+ FullyQualifiedErrorId : ActiveDirectoryServer:8335,Microsoft.ActiveDirec
tory.Management.Commands.NewADGroup
How can I call that variable inside the Active Directory path?
You actually have 2 issues here that are common pitfalls.
$department is not a string per se but a string representation of an object with a deparment property. You need to break the string out. That is what -ExpandProperty was for. If you looked at your department now you would see something like #{Department="IT"}
You are also having issues with variable expansion in strings.
[string]$department = Get-ADUser -identity johndoe -properties department | Select -Expandproperty department
New-ADGroup -Name NewADGroup -GroupScope Global -path "OU=$department,OU=SubDepartment,OU=MainDepartment,DC=OrgName"
If you are not calling properties or complex object then removing the brackets is sufficient. Else you can just use a sub expression "OU=$($department),OU=SubDepartment,OU=MainDepartment,DC=OrgName". Without the $ sign the brackets were considered part of the string.
try a dollar sign in front of the opening parenthesis like this:
"OU=$($department)..."
Im trying to add multiple compuers (from a txt file) to be part of a certain security group.
sample from input.txt
COL7DM2CP1
COLC5RNDP1
using the following powershell input:
Get-Content C:\Scripts\input.txt | Add-ADPrincipalGroupMembership -MemberOf 'AMATU.SCCM.Office2010.Std'
however im getting the following outpout error:
Add-ADPrincipalGroupMembership : Cannot find an object with identity: 'COL7DM2CP1' under: 'DC=actuant,DC=pri'.
At C:\Scripts\Add bulk ADcomputer to group.ps1:1 char:36
+ Get-Content C:\Scripts\input.txt | Add-ADPrincipalGroupMembership -MemberOf 'AMA ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : ObjectNotFound: (COL7DM2CP1:ADPrincipal) [Add-ADPrincipalGroupMembership], ADIdentityN
otFoundException
+ FullyQualifiedErrorId : SetADPrincipalGroupMembership:ProcessRecordOverride,Microsoft.ActiveDirectory.Manageme
nt.Commands.AddADPrincipalGroupMembership
The issue is that the Add-PrinicpalGroupMembership does not know what object you are looking for. It does not query AD for the simple computername, it assumes the FQDN. If you wanted to pass it just a name, you'll need to give it's full AD Distinguished Name.
An easy way around this is to use Get-ADcomputer and pass that to Add-PrinicpalGroupMembership
Get-Content C:\Scripts\input.txt | Get-ADComputer | Add-ADPrincipalGroupMembership -MemberOf 'AMATU.SCCM.Office2010.Std'