We Keep Coding

Using a Variable as a Parameter - Powershell

I am trying to pass a variable through to be used as a parameter within a function. I'm not even sure if this is possible but below is what i am attempting to accomplish, what i have tried so far keeps kicking out a "positional parameter cannot be found that accepts argument" error
$Var = Read-host "enter Attribute number"
$CustomAtt = "CustomAttribute$Var"
Get-Mailbox -Identity $Email | Set-Mailbox -$CustomAtt "TestTest"

You cannot set cmdlet arguments that way in powershell. You can do what your are attempting to do by using a feature called argument splatting. Simply store your arguments in an array or hashtable and then apply them to the cmdlet using # symbol.
Like this:
$mailBoxAttributes = #{
$CustomAtt = "TestTest" }
Get-Mailbox -Identity $Email | Set-Mailbox #mailBoxAttributes

Set-ADuser extensionAttribute won't work but things like title will

I am writing a simple script that takes an already created user and updates an attribute based on what the admin put in.
The code works just fine if I replace extensionAttribute with for example title or something like that, but it won't with extensionAttributes.
I have tried a few things and other extensionAttributes but the code is so simple and it works with other Attributes. I am guess extensionAttributes require a bit more in the code that I am missing.
$name = Read-Host "AD Logon Name"
$key = Read-Host "Azure Key"
Set-ADUser $name -extensionAttribute6 $key -PassThru
Set-ADUser : A parameter cannot be found that matches parameter name 'extensionAttribute6'
Even though it exists it is not finding it.

Set-ADUser has a limited set of parameters covering the most commonly used attributes in AD. However, given the sheer amount of existing attributes and the fact that the AD schema is extensible, an attempt to have all attributes represented as parameters just wouldn't be feasible.
For attributes that are not represented as parameters use the parameter -Add or -Replace with a hashtable argument.
Set-ADUser $name -Replace #{'extensionAttribute6' = $key} -PassThru

Old thread, but this worked for me:
Import-Csv -Path "C:\data\12345.csv" |ForEach-Object {
Set-ADUser $_.samAccountName -replace #{
description = "$($_.description)"
extensionAttribute1 = "$($_.extensionAttribute1)"
extensionAttribute3 = "$($_.extensionAttribute3)"
initials = "$($_.initials)";
#additionalAttributeName = "$($_.additionalAttributeName)"
#additionalAttributeName = "$($_.additionalAttributeName)"
#additionalAttributeName = "$($_.additionalAttributeName)"
#additionalAttributeName = "$($_.additionalAttributeName)"
#additionalAttributeName = "$($_.additionalAttributeName)"
}
}
The top row of your .csv file would look like the following for this example:
samAccountname,description,extensionAttribute1,extensionAttribute3,initials

Test-Path PowerShell Issue

I am trying to search several servers to see if a specific Registry key exists.
It looks like the code below is working, but as I start to add the final part of the key, it stops "finding" stuff. I can start to add a*, then ab* as the last key, but as soon as I get to the third character or even the full string that I know is there, it comes back False saying it did not find it.
$servers = Get-Content c:\input.txt | `
Select-Object #{l='ComputerName';e={$_}},#{l='KeyExist';e={Test-Path "HKLM:\System\CurrentControlSet\services\*abcdefg*" }}
$servers | Format-Table -AutoSize

Your problem is that you run Test-Path against the local computer for each remote server name. Unfortunately Test-Path doesn't support querying remote registries.
You could use WMI:
$RegProv = [wmiclass]"\\$servername\root\default:StdRegProv"
if($RegProv.EnumKey(2147483650,"System\CurrentControlSet\services").sNames -like 'abc*'){
# key starting with abc exists
}
Wrap it in your calculated property like this:
#{Name='KeyExists';Expression={[bool](([wmiclass]"\\$_\root\default:StdRegProv").EnumKey(2147483650,"System\CurrentControlSet\services").sNames -like 'abc*')}}

You can check the remote registry like this :
So for each server it will get the registry value and it will store the value in the arraylist and will display the final result.
Presently in your code, you are basically checking locally only.
#####Get Registry Value ####
$main = "LocalMachine"
$path= "registry key path"
$servers = Get-Content c:\input.txt #-- Get all the servers
$arr=New-Object System.Collections.ArrayList
foreach ($Server in $servers)
{
$reg = [Microsoft.Win32.RegistryKey]::OpenRemoteBaseKey($main, $Server)
$regKey= $reg.OpenSubKey($path)
$Value = $regkey.GetValue($key)
$arr.Add($Value)
}
$arr
Note: Change the placeholders accordingly

Powershell checking if OU exist

I'm trying to check if an OU exist before creating it. My problem is that I have 2 mother OU "USER BY SITE" and "GROUP BY SITE", and I need to have the exact same OU in those 2, 1 for storing users, the other for storing groups.
So far I used this function :
function CheckOUExist
{
param($OUToSeek)
$LDAPPath = "LDAP://dc=Domain,dc=local"
$seek = [System.DirectoryServices.DirectorySearcher]$LDAPPath
$seek.Filter = “(&(name=$OUToSeek)(objectCategory=organizationalunit))”
$Result = $seek.FindOne()
return $Result
}
There is my problem, I always get the OU existing in "GROUP BY SITE" even if $LDAPPath = "OU=USERS BY SITE,DC=Domain,DC=local". Am I missing something there? Is there a way to for the [System.DirectoryServices.DirectorySearcher] to work only in the OU I gived in the $LDAPPath?
If you need more accurate detail, I'll gladly provide them.
Thank you in advance.

Try the Exists method, you get back true/false respectively:
[adsi]::Exists("LDAP://OU=test,DC=domain,DC=com")

The following, as suggested by Shay, works great if you're working with clean data.
[string] $Path = 'OU=test,DC=domain,DC=com'
[adsi]::Exists("LDAP://$Path")
Thanks for this great starting point! However, if you're verifying potentially unclean data, you'll get thrown an error. Some examples of possible errors are:
If the something isn't formatted properly
(ERR: An invalid dn syntax has been specified)
If the domain doesn't exist
(ERR: The server is not operational)
If the domain won't communicate with you
(ERR: A referral was returned from the server)
All of these errors should be caught with [System.Management.Automation.RuntimeException] or you can just leave the catch statement blank to catch all.
Quick Example:
[string] $Path = 'OU=test,DC=domain,DC=com'
try {
$ou_exists = [adsi]::Exists("LDAP://$Path")
} catch {
# If invalid format, error is thrown.
Throw("Supplied Path is invalid.`n$_")
}
if (-not $ou_exists) {
Throw('Supplied Path does not exist.')
} else {
Write-Debug "Path Exists: $Path"
}
More details:
http://go.vertigion.com/PowerShell-CheckingOUExists

The problem is the construction of the DirectorySearcher object. To properly set the search root, the DirectorySearcher needs to be constructed using a DirectoryEntry object ([ADSI] type accelerator), whereas you are using a string. When a string is used, the string is used as the LDAP filter and the search root is null, causing the searcher to use the root of the current domain. That is why it looks like it isn't searching the OU you want.
I think you will get the results you are looking for if you do something like the following:
$searchroot = [adsi]"LDAP://OU=USERS BY SITE,DC=Domain,DC=local"
$seek = New-Object System.DirectoryServices.DirectorySearcher($searchroot)
$seek.Filter = "(&(name=$OUToSeek)(objectCategory=organizationalunit))"
... etc ...
Notice that a DirectoryEntry is first constructed, which is then used to construct the DirectorySearcher.

How about:
#Requires -Version 3.0
# Ensure the 'AD:' PSDrive is loaded.
if (-not (Get-PSDrive -Name 'AD' -ErrorAction Ignore)) {
Import-Module ActiveDirectory -ErrorAction Stop
if (-not (Get-PSDrive -Name 'AD' -ErrorAction Silent)) {
Throw [System.Management.Automation.DriveNotFoundException] "$($Error[0]) You're likely using an older version of Windows ($([System.Environment]::OSVersion.Version)) where the 'AD:' PSDrive isn't supported."
}
}
Now that the AD: PSDrive is loaded, we have a couple of options:
$ou = "OU=Test,DC=Contoso,DC=com"
$adpath = "AD:\$ou"
# Check if this OU Exist
Test-Path $adpath
# Throw Error if OU doesn't exist
Join-Path 'AD:' $ou -Resolve
More info on this topic: Playing with the AD: Drive for Fun and Profit

Import-Module ActiveDirectory
Function CheckIfGroupExists{
Param($Group)
try{
Get-ADGroup $Group
}
catch{
New-ADGroup $Group -GroupScope Universal
}
}
Will also work

Assign a Get-WebAppPoolState returned value to a variable in Powershell

This code:
import-module WebAdministration
Get-WebAppPoolState AppPoolName
Produces the following output:
Value
- -
Stopped
But this code:
import-module WebAdministration
$state = Get-WebAppPoolState AppPoolName
WRITE-HOST $state
Produces this output:
Microsoft.IIs.PowerShell.Framework.CodeProperty
When I get the state of the App Pool using Get-WebAppPoolState, I need a boolean value of some sort to assign to the variable so I can use it in a conditional statement.
I cant use the Microsoft.IIs.PowerShell.Framework.CodeProperty line.
How do I correct this?

Get-WebAppPoolState is not returning a string but an object of type CodeProperty. You'll want the Value property from that object, i.e.:
$state = (Get-WebAppPoolState AppPoolName).Value;
I presume some display converter is kicking in the first case when it gets written to output which is why Stopped is displayed but not for writing to host so you get the default object representation (which is the type name) instead.

Not tested, but does this work better?
$state = $(Get-WebAppPoolState AppPoolName)

Another approach is to use the Select-Object cmdlet with ExpandProperty to get the value of 1 or more properties from an object.
$pool = "app-pool-name"
$state = Get-WebAppPoolState $pool | Select -ExpandProperty Value
Write-Host $state