I am new-ish to PowerShell and am having a problem. I am trying to get a users password last set date and time from a domain and then add 90 days to it. So far I have:
$PLS_date = (get-aduser randomuser -Properties PasswordLastSet | Select passwordlastset) | out-string
"Password will expire on $((get-date).adddays(90)($PLS_date))"
However this spits out an error:
+ "Password will expire on $((get-date).adddays(90)($PLS_date))"
+ ~
Unexpected token '(' in expression or statement.
+ CategoryInfo : ParserError: (:) [], ParentContainsErrorRecordException
+ FullyQualifiedErrorId : UnexpectedToken
I have search around to try and find what i am doing wrong but cannot figure it out.
Help!
Try it this way:
$pwdLastSet = Get-ADUser username -Properties PasswordLastSet | Select-Object -ExpandProperty PasswordLastSet
if ( $pwdLastSet ) {
"Password will expire on: {0}" -f $pwdLastSet.AddDays(90)
}
Related
I have a super simple script that I swear I use almost every day, but for some unknown reason my $_. variable is null.
Could someone please spot check it? there is only one column in the CSV I am importing, however it has no header so i don't know if that is what is causing it.
$results = import-csv C:\####\####\####\finddestinguishednamesof.csv | foreach-object {
Get-ADGroup $_. -Properties SamAccountName,DistinguishedName
}
$results | select SamAccountName,DistinguishedName |
Export-Csv C:\Users\laruemi\Desktop\test.csv -NoTypeInformation
I keep getting this error and do not know why.
Get-ADGroup : Cannot validate argument on parameter 'Identity'. The Identity property on the argument is null or empty.
At C:\Users\laruemi\Desktop\getdestinguishedname.ps1:2 char:13
+ Get-ADGroup $_. -Properties SamAccountName,DistinguishedName
+ ~~
+ CategoryInfo : InvalidData: (:) [Get-ADGroup], ParameterBindingValidationException
+ FullyQualifiedErrorId : ParameterArgumentValidationError,Microsoft.ActiveDirectory.Management.Commands.GetADGroup
The list of CSV's I am importing is just a list of SAMAccountNames with no header. i dont think that should cause this error, but it might. Can someone please give me a sanity check?
Good afternoon,
i've trawled the usual places, here, MS, Scritping guy, Month of lunches etc. to try and answer to my problem. I have a list of users identified by email address and i would like to change their currently blank attributes with the information below.
so:
33 = GLOBAL
34 = 4
35 = SMTP:User#NewDomain.com
Get-ADUser -filter {(Mail -like 'User#OldDomain.com')} -Properties * | Set-ADUser -Replace #{$_.MSExchExtensionAttribute33="GLOBAL"; $_.MSExchExtensionAttribute34="4"; $_.msExchExtensionAttribute35="SMTP:User#NewDomain.com"};
However, when i run the commands i receive this error:
A null key is not allowed in a hash literal.
At line:1 char:98
+ ... roperties * | Set-ADUser -Add #{$_.MSExchExtensionAttribute34="4"; $_ ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidOperation: (System.Collections.Hashtable:Hashtable) [], RuntimeException
+ FullyQualifiedErrorId : InvalidNullKey
i've used variations on this code in the past without issue to replace attributes that already have values in place so i wonder if that's part of the error.
Any help would be greatly appreciated.
The syntax for changing a (custom) attribute is
Set-ADUser $userName -add #{'MSExchExtensionAttribute33'="Global"}
I hope this solves the issue you're facing.
Like #theo suggested: leave out the $_ variable, and additionally: requesting properties is not needed at all when setting them. So try this, it works on my machine:
Get-ADUser -filter {(Mail -like 'User#OldDomain.com')} |
Set-ADUser -Replace #{MSExchExtensionAttribute33="GLOBAL"; MSExchExtensionAttribute34="4"; msExchExtensionAttribute35="SMTP:User#NewDomain.com"}
We just recently added a domain to our accepted domains and e-mail address policy. While many of our users follow that policy, we have a third domain that some users have as their primary address that does not follow an address policy. I need to take those users and add an SMTP Address in the format of firstname.lastname#domain2.com.
E.g., john.doe#domain3.com (primary) has john.doe#domain1.com as an alias and needs to have john.doe#domain2.com added as an SMTP Address.
I have the following code but am receiving errors:
$Users = Get-Mailbox -ResultSize Unlimited | Where-Object {($_.PrimarySMTPAddress -like "*domain3.com*)}
foreach ($a in $Users) {
$b = Get-User $a.Primary.SMTPAddress
$a.EmailAddresses.Add("$($b.Firstname + "." + $b.Lastname)#domain2.com")
}
$Users |%{Set-Mailbox $_.PrimarySMTPAddress -EmailAddresses $_.EmailAddresses
Errors are as follows:
Cannot process argument transformation on parameter 'Identity'. Cannot convert the "john.doe#domain3.com" value of type "Microsoft.Exchange.Data.SmtpAddress" to type "Microsoft.Exchange.Configuration.Tasks.UserIdParameter".
+ CategoryInfo : InvalidData: (:) [Get-User], ParameterBindin...mationException
+ FullyQualifiedErrorId : ParameterArgumentTransformationError,Get-User
Exception calling "Add" with "1" argument(s): "The address '.#domain2.com' is invalid: ".#domain2.com" isn't a valid SMTP address. The domain name can't contain spaces and it has to have a prefix and a suffix, such as example.com."
At C:\_scripts\SmtpAdd.ps1:4 char:23
+ $a.emailaddresses.Add <<<< ("$($b.Firstname + "." + $b.LastName)#domain2.com")
+ CategoryInfo : NotSpecified: (:) [], MethodInvocationException
+ FullyQualifiedErrorId : DotNetMethodException
Cannot process argument transformation on parameter 'Identity'. Cannot convert the "john.due#domain3.com" value of type "Microsoft.Exchange.Data.SmtpAddress" to type "Microsoft.Exchange.Configuration.Tasks.MailboxIdParameter".
+ CategoryInfo : InvalidData: (:) [Set-Mailbox], ParameterBindin...mationException
+ FullyQualifiedErrorId : ParameterArgumentTransformationError,Set-Mailbox
Thanks
I think the problem starts with this line:
$b = Get-User $a.Primary.SMTPAddress
Get-User fails to return a valid user as $a.Primary.SMTPAddress doesn't return a type that Get-User can use. That then causes EmailAddresses.Add to fail as $b is null. Set-Mailbox fails for the same reason as Get-User
Try this instead (you'll also need to do this on the Set-Mailbox line):
$b = Get-User $a.Primary.SMTPAddress.ToString()
Firstly,
I am very new to powershell. Everytime I think i get the logic i go WTF.. If this was bash it would be so easy etc..
what am I trying to do exactly ...
Get all computers from AD that Meet the Xiopwb* criteria. Once i have the list I need to change the permissions on the \\Xiopwb20\Nsiwebroot Directory to ONLY INCLUDE Domain Administrators and A Security group "webadmins"
My Logic:
Get all computers from AD that meet Xio*PWB*
Take just the NAME of objects in that list
for ever "name" in that list do Get-ACL \\Name from list\Nsiwebroot
remove *
add user / group.
What I have:
PS C:\Windows\system32> Get-ADComputer -filter * | Where-Object {$_.Name -like "xiopwb*"} | Select Name | ForEach-Object { Get-Acl \\$_.Name\nsiwebroot}
all up to the "ForEach" works... I get just the names of the PC's that I need etc..
Simple as possible I don't need a 100 line script.
Thanks
** update **
it is double \ its just not showing it... no idea why
Looks like it is doing what I want to a degree. However its spitting out the format funky. #{Name=XIOPWB09}
PS C:\Windows\system32> Get-ADComputer -filter * | Where-Object {$_.Name -like "xiopwb*"} | Select Name | ForEach-Object {get-acl "\\$_\D$\nsiwebroot"}
get-acl : Cannot find path '\#{Name=XIOPWB09}\D$\nsiwebroot' because it does not exist.
At line:1 char:99
+ ... opwb*"} | Select Name | ForEach-Object {get-acl "\$_\D$\nsiwebroot"}
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : ObjectNotFound: (:) [Get-Acl], ItemNotFoundException
+ FullyQualifiedErrorId : GetAcl_PathNotFound_Exception,Microsoft.PowerShell.Commands.GetAclCommand
get-acl : Cannot find path '\#{Name=XIOPWB06}\D$\nsiwebroot' because it does not exist.
At line:1 char:99
+ ... opwb*"} | Select Name | ForEach-Object {get-acl "\$_\D$\nsiwebroot"}
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : ObjectNotFound: (:) [Get-Acl], ItemNotFoundException
+ FullyQualifiedErrorId : GetAcl_PathNotFound_Exception,Microsoft.PowerShell.Commands.GetAclCommand
"Select Name" returns an Object with Table Header Name. "Select -ExpandProperty Name" is What needed here, which will convert it o String.
Regards,
kvprasoon
I'm learning Powershell and I'm trying to understand why this isn't working. I verified that -Identity accepts pipeline so I'm guessing its the type of value its passing but I don't understand why this doesn't work
Get-ADUser -Identity (Import-Csv .\GROUP.csv)
GROUP.csv is a file on my desktop which contains a list of SIDs. I can read it with no issues when just doing an Import-Csv .\GROUP.csv. Here is the result
S-1-5-21-583907252-1979792683-725345543-112088
S-1-5-21-583907252-1979792683-725345543-48881
S-1-5-21-583907252-1979792683-725345543-48880
S-1-5-21-583907252-1979792683-725345543-53776
S-1-5-21-583907252-1979792683-725345543-125569
S-1-5-21-583907252-1979792683-725345543-120374
S-1-5-21-583907252-1979792683-725345543-48882
S-1-5-21-583907252-1979792683-725345543-183175
S-1-5-21-583907252-1979792683-725345543-183136
S-1-5-21-583907252-1979792683-725345543-183130
S-1-5-21-583907252-1979792683-725345543-183112
S-1-5-21-583907252-1979792683-725345543-176034
S-1-5-21-583907252-1979792683-725345543-176023
S-1-5-21-583907252-1979792683-725345543-176022
S-1-5-21-583907252-1979792683-725345543-176002
S-1-5-21-583907252-1979792683-725345543-175974
S-1-5-21-583907252-1979792683-725345543-175931
S-1-5-21-583907252-1979792683-725345543-175889
S-1-5-21-583907252-1979792683-725345543-175836
S-1-5-21-583907252-1979792683-725345543-175804
S-1-5-21-583907252-1979792683-725345543-183195
S-1-5-21-583907252-1979792683-725345543-183180
S-1-5-21-583907252-1979792683-725345543-31219
S-1-5-21-583907252-1979792683-725345543-176037
S-1-5-21-583907252-1979792683-725345543-82576
S-1-5-21-583907252-1979792683-725345543-175905
S-1-5-21-583907252-1979792683-725345543-175777
S-1-5-21-583907252-1979792683-725345543-175765
On top of that I can use the Get-ADUser -Identity and that works fine.
Why do I get the following when trying piping the one to the other?
Cannot convert 'System.Object[]' to the type 'Microsoft.ActiveDirectory.Management.ADUser' required by parameter 'Identity'.
Specified method is not supported.
At line:1 char:22
+ Get-ADUser -Identity (Get-Content .\group.txt)
+ ~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidArgument: (:) [Get-ADUser], ParameterBindingException
+ FullyQualifiedErrorId : CannotConvertArgument,Microsoft.ActiveDirectory.Management.Commands.GetADUser
The -identity parameter doesn't accept array as input but it accept pipeline input by value than you can do:
Import-Csv .\GROUP.csv | Get-ADUser
If the name of the first column in .csv file is sid then you can try this option too
(Import-CSV .\Group.csv) | foreach-object { get-aduser -Identity $_.sid }