Get-ADuser : The search filter cannot be recognized

Question

Hope you will be able to help. When I issue the below command:

$g = get-ADGroupMember -Server sbintldirectory.com -Identity group1
$n = get-ADGroupMember -Server ad.msdsprd.com -Identity group1
$g.samaccountname | where {$n.samaccountname -notcontains $psitem} | out-file c:\temp\new.txt
$users = gc C:\Temp\new.txt
$a = $users | foreach {Get-ADuser -LDAPFilter "(samaccountname=$_)" -Server dc:3268}
$a | select samaccountname, distinguishedName | out-file c:\temp\list.txt
$group = "CN=group1,OU=Testing,DC=domain,DC=com"
get-content "c:\temp\list.txt" | ForEach `
{
Get-ADuser -LDAPFilter "(samaccountname eq $_)" -Server dc:3268 | ForEach `
{Add-ADGroupMember -Identity $group -Members $_.distinguishedName}
}

Result:

Get-ADuser : The search filter cannot be recognized
At line:10 char:1
+ Get-ADuser -LDAPFilter "(samaccountname eq $_)" -Server dc:3268 | Fo ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : NotSpecified: (:) [Get-ADUser], ADException
    + FullyQualifiedErrorId : The search filter cannot be recognized,Microsoft.ActiveDirectory.Management.Commands.GetADUser

Many thanks.

Answer 1

You are using -LDAPFilter incorrectly on this line:

Get-ADuser -LDAPFilter "(samaccountname=$_)" -Server dc:3268

-LDAPFilter is for writing a filter in LDAP syntax.

You are merely trying to get a specific user, where $_ already represents the username:

Get-ADuser -Identity $_ -Server dc:3268

Refer to the documentation on Get-ADUser for details about the properties.