All geek questions in one place

Passing a string in the Get-ADUser filter parameter causes an error - property not found in pscustomobject

I am trying to create a new Active Directory user, but first I check that the user no longer exists with Get-ADUser . I import user data from the HR department and create custom properties:

 $newUsers = Import-Csv $csvFile | Select-Object -Property @{n='EmpNum';e={$_.'Employee Number'}}, @{n='UPN';e={$_.'Email Address'}}, @{n='Alias';e={$_.'Email Address'.Split("@")[0]}} #### etc

When I view objects from a CSV file, I use the UPN property to search for a user in Active Directory:

 foreach ($newUser in $newUsers) { $exists = Get-ADUser -Filter {UserPrincipalName -eq $newUser.UPN} -Properties * -Server $adServer -Credential $adCred ... }

The filter causes an error:

 Get-ADUser : Property: 'UPN' not found in object of type: 'System.Management.Automation.PSCustomObject'. At C:\Users\bphillips.NEWHOPEOFIN\Dropbox\Powershell\NewHire\AddNewDSP.ps1:50 char:15 + $exists = Get-ADUser -Filter {UserPrincipalName -eq $newUser.UPN} -Propertie ...

I tried this: -Filter {UserPrincipalName -eq $ ("$ newUser.UPN"), but this does not help; I get another error

 Get-ADUser : Cannot process argument because the value of argument "path" is not valid. Change the value of the "path" argument and run the operation again. At C:\Users\bphillips.NEWHOPEOFIN\Dropbox\Powershell\NewHire\AddNewDSP.ps1:50 char:15 + $exists = Get-ADUser -Filter {UserPrincipalName -eq $("$newUser.UPN")} -Prop ...

$newUser is a string, so I don’t understand why it causes a problem. Hard coding of UserPrincipalName looks like " test@ourcompany.com " works, but $newUser.UPN will not work. **

 PS C:\> $newUser.UPN.GetType() IsPublic IsSerial Name BaseType -------- -------- ---- -------- True True String System.Object

and

 PS C:\> $newUser.UPN | gm TypeName: System.String

$newUser.UPN contains a valid string value

 PS C:\> $newUser.UPN ypope@ourcompany.net

What do I need to do to get $newUser.UPN to be recognized as a string for a filter parameter? What happens, I don’t understand?

+1
source share
3 answers

BNF for filter query strings does not allow expressions as a second operand in comparison, only values ​​(my selection):

Syntax:
The following syntax uses the Backus-Naur form to show how to use the PowerShell expression language for this parameter.

<Filter> :: = "{" <FilterComponentList> "}"
<FilterComponentList> :: = <FilterComponent> | <FilterComponent> <JoinOperator> <FilterComponent> | <NotOperator> <FilterComponent>
<FilterComponent> :: = <attr> <FilterOperator> <value> | "(" <FilterComponent> ")"
<FilterOperator> :: = "-eq" | "-le" | "-ge" | "-ne" | "-lt" | "-gt" | "-approx" | "-bor" | "-band" | "-recursivematch" | "-like" | "-notlike"
<JoinOperator> :: = "-and" | "-or"
<NotOperator> :: = "-not"
<& amp; GT; :: = <PropertyName> | <LDAPDisplayName attribute> <value> :: = <compare this value with <attr> using the specified <FilterOperator β†’>

Put the value of the property you want to compare in the variable, and use this variable in comparison. You can also define a filter as an actual string, at least for clarity (even though it looks like the filter is not a script block).

 $upn = $newUser.UPN $exists = Get-ADUser -Filter "UserPrincipalName -eq '$upn'" ...
+3
source

Expressions may be inside the Get-ADUser filter block, but they must be properly wrapped with quotation marks.

 Get-ADUser -Filter "UserPrincipalName -eq '$($newUser.UPN)'"
0
source

  • Never use a script block ( { ... } ) as an argument -Filter - parameter type -Filter [string] - create your filter as a string.

  • Despite the apparent convenience, using a block script works only in very limited scenarios and causes confusion when it does not work - for example, when using access to properties, since in this case.

See this answer for more information.

0
source

Source: https://habr.com/ru/post/1202957/

More articles:


All Articles