I am trying to run a cmdlet on each element of a list. but i am getting the error ObjectNotFound: (*@{samAccountName=my_ad_username}*:ADUser) [Get-ADUser], ADIdentityNotFoundException
for each element of my list.
Bellow is cmdlet
$users = Get-ADUser -Filter "*" -SearchBase "OU=Europe,DC=myDC,DC=com" | select samAccountName
$fr_all_grp_assigned_to_different_users = Foreach ($user in $users){
#Get-AdUser $user
}
Result
> Get-ADUser : Cannot validate argument on parameter 'Identity'. The
> Identity property on the argument is null or empty. At line:6 char:20
> + Get-aduser $user
> + ~~~~~
> + CategoryInfo : InvalidData: (:) [Get-ADUser], ParameterBindingValidationException
> + FullyQualifiedErrorId : ParameterArgumentValidationError,Microsoft.ActiveDirectory.Management.Commands.GetADUser
> Get-ADUser : Cannot validate argument on parameter 'Identity'. The
> Identity property on the argument is null or empty. At line:6 char:20
> + Get-aduser $user
Line 6 refers to #Get-AdUser $user
Can anyone help ?
Inside of your loop, you need to provide the SamAccountName
value to the -Identity
parameter of Get-ADUser
.
Get-ADUser -Identity $user.SamAccountName
Explanation:
You can execute Get-ADUser
by providing values manually to parameters or piping objects into the command and let advanced parameter assignment dynamically map values to parameters. Some parameters are positional in that you don't need to specify the parameter name when running the command with a value(s). These features/concepts exists across most PowerShell commands.
In the case of Get-ADUser Value
, Value
is automatically mapped to parameter -Identity
. -Identity
expects one of the following values:
- A distinguished name
- A GUID (objectGUID)
- A security identifier (objectSid)
- A SAM account name (sAMAccountName)
Get-ADUser
has a convenient feature where if you pass it a Microsoft.ActiveDirectory.Management.ADUser
object type (returned from a directory server) through a pipe or to the -Identity
parameter, it will automatically perform a search based on the provided values. If you provide it any other object type, it will not automatically select property values to pass to -Identity
. Piping to Select SamAccountName
returns a PSCustomObject
rather than an ADUser
object and then you lose your convenience.
Once you are dealing with objects that are not ADUser
, you must provide -Identity
with the actual value you want to query. In your case, that leaves you with two options.
Option 1: Select only SamAccountName values in your initial query
With this option, you can make use of the -ExpandProperty
or -Expand
parameter of Select-Object
to return only the values of the target property.
$users = Get-ADUser -Filter * -SearchBase "OU=Europe,DC=myDC,DC=com" |
Select-Object -ExpandProperty SamAccountName
$fr_all_grp_assigned_to_different_users = Foreach ($user in $users) {
Get-ADUser $user
}
Option 2: Use Member Access operator ( .
) to directly access the SamAccountName value
With this option you can use the syntax object.Property
to retrieve the Property
value.
# Using the singular object.Property ($user.SamAccountName)
$users = Get-ADUser -Filter * -SearchBase "OU=Europe,DC=myDC,DC=com" |
Select-Object SamAccountName
$fr_all_grp_assigned_to_different_users = Foreach ($user in $users) {
Get-ADUser $user.SamAccountName
}
Starting with PowerShell v3, you can use the same syntax on a collection to return a collection of values ( collection.Property
).
# Using collection.Property ($users.SamAccountName)
# $user contains only a SamAccountName value here
$users = Get-ADUser -Filter * -SearchBase "OU=Europe,DC=myDC,DC=com" |
Select-Object -ExpandProperty SamAccountName
$fr_all_grp_assigned_to_different_users = Foreach ($user in $users.SamAccountName) {
Get-ADUser $user
}
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.