locked
Adding User In Active Directory gives Error Directory Object not found powershell RRS feed

  • Question

  • Hi every one i am using the following code to add user to active directory but i am getting the error Directory object not found

    $NewUser = Read-Host "New Username"
    $firstname = Read-Host "First Name"
    $Lastname = Read-Host "Last Name"
    $NewName = "$firstname $lastname"
    
    
    New-ADUser -SamAccountName $NewUser -Name $NewName -GivenName $firstname -Surname   
    $lastname -Path "ou=Users,DC=mydomain,DC=local" -AccountPassword (Read-Host "New Password"   
    -AsSecureString)

    • Moved by Bill_Stewart Thursday, September 25, 2014 8:29 PM Poor quality question/outside forum scope
    Thursday, August 7, 2014 3:14 PM

Answers

  • I suspect the error is referencing your DistinguishedName (DN) path. Users is not an Organizational Unit, it's a Container. Try your DN like this: 'CN=Users,DC=mydomain,DC=local'
    • Proposed as answer by Mike Laughlin Thursday, August 7, 2014 3:44 PM
    • Marked as answer by Just Karl Tuesday, May 12, 2015 11:01 PM
    Thursday, August 7, 2014 3:38 PM
  • Try changing the path to "CN=Users, DC=mydomain,DC=local"

    Doh

    • Edited by Braham20 Thursday, August 7, 2014 3:41 PM Late to the party
    • Proposed as answer by Mike Laughlin Thursday, August 7, 2014 3:44 PM
    • Marked as answer by Just Karl Tuesday, May 12, 2015 11:01 PM
    Thursday, August 7, 2014 3:40 PM

All replies

  • I suspect the error is referencing your DistinguishedName (DN) path. Users is not an Organizational Unit, it's a Container. Try your DN like this: 'CN=Users,DC=mydomain,DC=local'
    • Proposed as answer by Mike Laughlin Thursday, August 7, 2014 3:44 PM
    • Marked as answer by Just Karl Tuesday, May 12, 2015 11:01 PM
    Thursday, August 7, 2014 3:38 PM
  • Try changing the path to "CN=Users, DC=mydomain,DC=local"

    Doh

    • Edited by Braham20 Thursday, August 7, 2014 3:41 PM Late to the party
    • Proposed as answer by Mike Laughlin Thursday, August 7, 2014 3:44 PM
    • Marked as answer by Just Karl Tuesday, May 12, 2015 11:01 PM
    Thursday, August 7, 2014 3:40 PM
  • i modified my script with your suggestion, it does work  but i cannt see the created user on The Users screen, but if i search for the user using 

    Get-AdUser -Filter Test

    i do get information for created user

    Thursday, August 7, 2014 3:42 PM
  • $NewUser = Read-Host "New Username"
    $firstname = Read-Host "First Name"
    $Lastname = Read-Host "Last Name"
    $NewName = "$firstname $lastname"


    New-ADUser -SamAccountName $NewUser -Name $NewName -GivenName $firstname -Surname $lastname -Path "CN=Users,DC=handmade,DC=local" -AccountPassword (Read-Host "New Password" -AsSecureString) -Enabled $true
    Thursday, August 7, 2014 3:42 PM
  • this query works but dont see user created in Users
    Thursday, August 7, 2014 3:43 PM
  • this query works but dont see user created in Users

    Might be a replication delay.

    Use the -Server parameter to point at a specific DC and then check ADUC there.


    Don't retire TechNet! - (Don't give up yet - 12,950+ strong and growing)

    Thursday, August 7, 2014 3:44 PM
  • Did you refresh the view?
    Thursday, August 7, 2014 3:45 PM
  • i modified my script with your suggestion, it does work  but i cannt see the created user on The Users screen, but if i search for the user using 

    Get-AdUser -Filter Test

    i do get information for created user


    You have to refresh the screen or close and reopen ADUC.

    ¯\_(ツ)_/¯

    Thursday, August 7, 2014 3:47 PM
  • sorry i am new to powershell can you please help a bit with query, where to user server parameter and how to check ADUC

    Thursday, August 7, 2014 3:47 PM
  • its created , i had to refresh the screen, also two more questions here i am not sure if i should ask here, how can i put a renter password match because at the moment i am asking only 1 time to user to enter password and also if user already exists, how can i modify my script

    Thursday, August 7, 2014 3:50 PM
  • $NewUser = Read-Host "New Username"
    $firstname = Read-Host "First Name"
    $Lastname = Read-Host "Last Name"
    $NewName = "$firstname $lastname"


     If (!(get-aduser $newuser)) {New-ADUser -SamAccountName $NewUser -Name $NewName -GivenName $firstname -Surname $lastname -Path "CN=Users,DC=handmade,DC=local" -AccountPassword (Read-Host "New Password" -AsSecureString) -Enabled $true}

    Matching the passwords doesn't seem necessary when an admin can reset them in case of a mistake.

    Thursday, August 7, 2014 3:55 PM
  • $NewUser = Read-Host "New Username"
    $firstname = Read-Host "First Name"
    $Lastname = Read-Host "Last Name"
    $NewName = "$firstname $lastname"


     If (!(get-aduser $newuser)) {New-ADUser -SamAccountName $NewUser -Name $NewName -GivenName $firstname -Surname $lastname -Path "CN=Users,DC=handmade,DC=local" -AccountPassword (Read-Host "New Password" -AsSecureString) -Enabled $true}

    Matching the passwords doesn't seem necessary when an admin can reset them in case of a mistake.

    Just FYI, this isn't going to work:

    If (!(Get-ADUser noexist)) {
    
        Write-Output 'User does not exist'
    
    } Else { 
    
        Write-Output 'User exists'
    
    }
    
    
    Get-ADUser : Cannot find an object with identity: 'noexist' under: 'DC=domain,DC=com'.
    At line:1 char:7
    + If (!(Get-ADUser noexist)) {
    +       ~~~~~~~~~~~~~~~~~~
        + CategoryInfo          : ObjectNotFound: (noexist:ADUser) [Get-ADUser], ADIdentityNotFoundException
        + FullyQualifiedErrorId : Cannot find an object with identity: 'noexist' under: 'DC=domain,DC=com'.,Microsoft.ActiveDirectory.Management.Comm 
       ands.GetADUser


    EDIT: srk786 - generally we try to keep threads to a single question. I'd recommend marking as many posts as you feel are answers to your original question and then starting a new thread for new questions.

    Don't retire TechNet! - (Don't give up yet - 12,950+ strong and growing)

    Thursday, August 7, 2014 4:00 PM
  • PS C:\powershell> If (!(Get-ADUser "jbraham")) {
    
        Write-Output 'User does not exist'
    
    } Else { 
    
        Write-Output 'User exists'
    
    }
    
    User exists

    Works perfectly for me in powershell V4??

    • Edited by Braham20 Thursday, August 7, 2014 4:04 PM Added the code
    Thursday, August 7, 2014 4:02 PM
  • PS C:\powershell> If (!(Get-ADUser "jbraham")) {
    
        Write-Output 'User does not exist'
    
    } Else { 
    
        Write-Output 'User exists'
    
    }
    
    User exists

    Works perfectly for me in powershell V4??


    Try it with a user that doesn't exist.


    EDIT: Just for completeness:

    If (!(Get-ADUser -Filter "SamAccountName -eq 'noexist'")) {
    
        Write-Output 'User does not exist'
    
    } Else { 
    
        Write-Output 'User exists'
    
    }
    
    
    User does not exist


    Don't retire TechNet! - (Don't give up yet - 12,950+ strong and growing)

    Thursday, August 7, 2014 4:08 PM
  • We call this incremental free consulting.

    ¯\_(ツ)_/¯

    Thursday, August 7, 2014 4:09 PM
  • I think Mike is referring to Get-ADUser and how it, and many other AD cmdlets, handle errors. If the user doesn't exist, it's going to throw the error and the rest of your If statement isn't going to run. The only way that I'm aware to handle this problem is to put the Get-ADUser check inside a try-catch block.

    Edit: Typo

    Thursday, August 7, 2014 4:11 PM
  • Aha, point taken! I'm going to blame a lack of sleep and coffee...
    Thursday, August 7, 2014 4:12 PM
  • Is there a way i can specify user logon information by adding it in my script, in gui it usually appear under full name and its in the form of test@mydomain.local
    Thursday, August 7, 2014 4:13 PM
  • Get-ADUSer fails the same way in V4.  I tis the standard behavior.


    ¯\_(ツ)_/¯

    Thursday, August 7, 2014 4:21 PM
  • Is there a way i can specify user logon information by adding it in my script, in gui it usually appear under full name and its in the form of test@mydomain.local

    You are asking for incremental design.  I recommend taking advantage of the learning materials here and learning the basics.  Start by learning how to use PowerShell help.  Next learn to use any Internet search engine to find examples of how to do things.


    ¯\_(ツ)_/¯

    Thursday, August 7, 2014 4:22 PM