none
Error while search AD Users in PowerShell Script RRS feed

  • Question

  • Hello Everyone,

    So I work as HelpDesk where I created a script that search AD Users and their information. Such as Name, Logon username, Category, Job Title, Department, Email, cellphone, work phone, iphone, Password Expired, Locked Out, Lock Out Time, Account Enabled, Account Expiration Date, etc.

    But the business I am working have 2 Domains, but sometimes give me 2 errors:

    1st One:

    dsquery failed:The parameter is incorrect.:Incorrect object type specified.
    type dsquery /? for help.

    This means that the same user was found on both domains but show only 1st Domain Information.

    2nd One:

    dsquery failed:The parameter is incorrect.:Incorrect object type specified.
    type dsquery /? for help.

    Get-ADuser : Cannot find an object with identity: 'username' under: 'DC=example,DC=example,DC=example'.
    At C:\Users\MyUser\EmployeesInfo.ps1:51 char:14
    +     $Employee = Get-ADuser $UserName -Properties *, 'msDS-UserPasswordExpiryTimeCom ...
    +    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
        + CategoryInfo          : ObjectNotFound: (username:ADUser) [Get-ADUser], ADIdentityNotFoundException
        + FullyQualifiedErrorId : Cannot find an object with identity: 'username' under: 'DC=example,DC=example,DC=example'.,Microsoft.ActiveDirectory.Management.Commands.GetADUser

    This means that the user was found on 1st domain but not on 2nd one.

    What I wanted is if the user is found on 1st domain will display the information, if not will search on 2nd Domain (example), and if both users are found on both domains will display the information of both domains with a warning that can see where the information is come from:

    Example:

    This is from 1st Domain:

     *Information*

    This is from 2nd Domain:

    *Information*

    Here's the code I currently have:

    Function Get-EmployeeInfo {
    
        [CmdletBinding()]
        Param(
            [Parameter(Mandatory = $True, Position = 1)]
            [string]$UserName
        )
        
    
        Import-Module ActiveDirectory
    	
    	$Employee = Get-ADuser $UserName -Properties *, 'msDS-UserPasswordExpiryTimeComputed'
        $Manager = (Get-ADUser $Employee.samaccountname)
        $PasswordExpiry = [datetime]::FromFileTime($Employee.'msDS-UserPasswordExpiryTimeComputed')
    	
    	if (dsquery Employee -samid $Employee){
    	 
        $AccountInfo = [PSCustomObject]@{
    		FirstName	  = $Employee.givenName
    		LastName	  = $Employee.sn
            Name          = $Employee.DisplayName
            UserName	  = $Employee.sAMAccountName
    		Category      = $Employee.businessCategory
    		Title         = $Employee.Title
            Department    = $Employee.Department
            Email         = $Employee.EmailAddress
            ipPhone       = $Employee.ipPhone
            Mobile        = $Employee.mobile
            HomePhone     = $Employee.homePhone
            Company       = $Employee.company
        }
     
        $AccountStatus = [PSCustomObject]@{
            PasswordExpired       = $Employee.PasswordExpired
            AccountLockedOut      = $Employee.LockedOut
            LockOutTime           = $Employee.AccountLockoutTime
            AccountEnabled        = $Employee.Enabled
            AccountExpirationDate = $Employee.AccountExpirationDate
            PasswordLastSet       = $Employee.PasswordLastSet
            PasswordExpireDate    = $PasswordExpiry
        }
    
    	
     
        $AccountInfo
     
        $AccountStatus
    	
    	} else {
    	
    	$Employee = Get-ADuser $UserName -Properties *, 'msDS-UserPasswordExpiryTimeComputed' -server example
        $Manager = (Get-ADUser $Employee.samaccountname)
        $PasswordExpiry = [datetime]::FromFileTime($Employee.'msDS-UserPasswordExpiryTimeComputed')
    	
    	$AccountInfoExample = [PSCustomObject]@{
            Name          = $Employee.DisplayName
            UserName	  = $Employee.sAMAccountName
    		Category      = $Employee.businessCategory
    		Title         = $Employee.Title
            Department    = $Employee.Department
            Email         = $Employee.EmailAddress
            ipPhone       = $Employee.ipPhone
            Mobile        = $Employee.mobile
            HomePhone     = $Employee.homePhone
            Company       = $Employee.company
        }
     
        $AccountStatusExample = [PSCustomObject]@{
            PasswordExpired       = $Employee.PasswordExpired
            AccountLockedOut      = $Employee.LockedOut
            LockOutTime           = $Employee.AccountLockoutTime
            AccountEnabled        = $Employee.Enabled
            AccountExpirationDate = $Employee.AccountExpirationDate
            PasswordLastSet       = $Employee.PasswordLastSet
            PasswordExpireDate    = $PasswordExpiry
        }
    	
    	$AccountInfoTin
     
        $AccountStatusTin
    	
    	}
    
    }
    Thank You all.

    • Moved by Bill_Stewart Wednesday, December 12, 2018 8:21 PM This is not "debug/fix/rewrite my script for me" forum
    Thursday, August 30, 2018 8:52 AM