嗨,我想为该组创建代码以检查该组是否存在。但是,我无法工作,因为它成功地仅将用户和部分成员添加到该组中,但没有添加其他组,因为我设法在活动目录中创建了一个组,并且还从csv中读取了内容。这是我的代码和结果。似乎我在成功添加用户并包括添加组成员之后总是收到错误消息
结果
#Import required modules
Import-Module ActiveDirectory
# Prompt user for CSV file path
#$filepath = Read-Host -Prompt " Please enter the path to your CSV file".Trim()
#Store the data from Test.csv in the $listusers variable
$filepath = "C:\Test.csv"
# Create a new password for every each users
$securepassword = ConvertTo-SecureString "Password456!" -AsPlainText -Force
# Import the file into a variable
$listusers = Import-Csv $filepath
# Loop through each row and gather information
ForEach ($user in $listusers){
# #Getting values from the CSV headers contains the user's information
$fname = $user.'Frist Name'
$lname = $user.'Last Name'
$username = $user.'Username'
$emailaddress = $user.'Email Address'
$OUpath = $user.'Organizational Unit'
$users = Get-ADUser -Filter {SamAccountName -like $username}
# Echo output for the each new user
echo "Account created for $fname $lname in $OUpath"
#Check to see if the user already exists in AD
if ($users) # or (Get-ADUser -Filter {SamAccountName -eq $username})
{
#If user does exist, give a warning
Write-Warning "A user account with username $username already exist in Active Directory."
}
else
{
#if the user does not exist then proceed to create new account
# Create new AD user for each user read from the CSV file.
# The new account will be in created in OU directory path by the $Path variable
New-ADUser `
-SamAccountName $username `
-Name "$fname $lname" `
-GivenName $fname `
-Surname $lname ` -UserPrincipalName "$username@Razorfc.net" `
-Path $OUpath `
-AccountPassword $securepassword `
-EmailAddress $emailaddress `
-Enabled $True
}
}
#Add members of the group
Foreach($user in $listusers){
#Getting values from the CSV headers
$username = $user.'Username'
$groupmember = $user.'GroupName'
$groupmember2 = $user.'GroupName2'
$groupmember3 = $user.'GroupName3'
$GroupExists = Get-ADGroup -Filter {SamAccountName -like $groupmember}
$GroupExists2 = Get-ADGroup -Filter {SamAccountName -like $groupmember2}
$GroupExists3 = Get-ADGroup -Filter {SamAccountName -like $groupmember3}
$Members = Get-ADGroupMember -Identity $groupmember -Recursive | Select -ExpandProperty SAMAccountName
$Members2 = Get-ADGroupMember -Identity $groupmember2 -Recursive | Select -ExpandProperty SAMAccountName
$Members3 = Get-ADGroupMember -Identity $groupmember3 -Recursive | Select -ExpandProperty SAMAccountName
##Check to see if the user is already member in AD. If the user is not a member it will then add into the members of the group
if($Members -contains $username) {
Write-Host "$username is member of $groupmember".Trim()
Write-Host "$username is member of $groupmember2".Trim()
Write-Host "$username is member of $groupmember3".Trim()
}
if ($GroupExists , $GroupExists2 , $GroupExists3){
Write-Warning "A group name $groupmember, $groupmember2, $groupmember3 did not exsist"
}
else {
Write-Host "$Username is not a member. Adding the account now".Trim()
#Add members of the group
add-ADGroupMember -Identity $groupmember -Members $Username
add-ADGroupMember -Identity $groupmember2 -Members $Username
add-ADGroupMember -Identity $groupmember3 -Members $Username
}
}
#Exit the program
Read-Host -Prompt "Press Enter to exit.".Trim()
#Development by Dexter Ho Han Xiang
输出结果
Account created for Dexter Ho in OU=Users,OU=Razorfc,DC=Razorfc,DC=net
WARNING: A user account with username Dexter.H already exist in Active Directory.
Account created for Jack O'Conner in OU=Users,OU=Razorfc,DC=Razorfc,DC=net
WARNING: A user account with username Jack.O'C already exist in Active Directory.
Account created for Mary Wilson in OU=Users,OU=Razorfc,DC=Razorfc,DC=net
WARNING: A user account with username Mary.W already exist in Active Directory.
Account created for Jake Oliver in OU=Users,OU=Razorfc,DC=Razorfc,DC=net
WARNING: A user account with username Jake.O already exist in Active Directory.
Get-ADGroupMember : Cannot find an object with identity: 'SI & Joko World's' under: 'DC=Razorfc,DC=net'.
At C:\Create Users Read From CSV and Adding to the group members by Dexter Ho Han Xiang.ps1:73 char:17
+ ... $Members2 = Get-ADGroupMember -Identity $groupmember2 -Recursive | Se ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : ObjectNotFound: (SI & Joko World's:ADGroup) [Get-ADGroupMember], ADIdentityNotFoundException
+ FullyQualifiedErrorId : ActiveDirectoryCmdlet:Microsoft.ActiveDirectory.Management.ADIdentityNotFoundException,Microsoft.ActiveDirectory.Management.Commands.GetADGroupMember
Get-ADGroupMember : Cannot find an object with identity: 'PAN CI' under: 'DC=Razorfc,DC=net'.
At C:\Create Users Read From CSV and Adding to the group members by Dexter Ho Han Xiang.ps1:74 char:17
+ ... $Members3 = Get-ADGroupMember -Identity $groupmember3 -Recursive | Se ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : ObjectNotFound: (PAN CI:ADGroup) [Get-ADGroupMember], ADIdentityNotFoundException
+ FullyQualifiedErrorId : ActiveDirectoryCmdlet:Microsoft.ActiveDirectory.Management.ADIdentityNotFoundException,Microsoft.ActiveDirectory.Management.Commands.GetADGroupMember
Dexter.H is member of DL_Razorfc
Dexter.H is member of SI & Joko World's
Dexter.H is member of PAN CI
WARNING: A group name DL_Razorfc, SI & Joko World's, PAN CI did not exsist
Get-ADGroupMember : Cannot find an object with identity: 'SI & Joko World's' under: 'DC=Razorfc,DC=net'.
At C:\Create Users Read From CSV and Adding to the group members by Dexter Ho Han Xiang.ps1:73 char:17
+ ... $Members2 = Get-ADGroupMember -Identity $groupmember2 -Recursive | Se ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : ObjectNotFound: (SI & Joko World's:ADGroup) [Get-ADGroupMember], ADIdentityNotFoundException
+ FullyQualifiedErrorId : ActiveDirectoryCmdlet:Microsoft.ActiveDirectory.Management.ADIdentityNotFoundException,Microsoft.ActiveDirectory.Management.Commands.GetADGroupMember
Get-ADGroupMember : Cannot find an object with identity: 'PAN CI' under: 'DC=Razorfc,DC=net'.
At C:\Create Users Read From CSV and Adding to the group members by Dexter Ho Han Xiang.ps1:74 char:17
+ ... $Members3 = Get-ADGroupMember -Identity $groupmember3 -Recursive | Se ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : ObjectNotFound: (PAN CI:ADGroup) [Get-ADGroupMember], ADIdentityNotFoundException
+ FullyQualifiedErrorId : ActiveDirectoryCmdlet:Microsoft.ActiveDirectory.Management.ADIdentityNotFoundException,Microsoft.ActiveDirectory.Management.Commands.GetADGroupMember
Jack.O'C is member of DL_Razorfc
Jack.O'C is member of SI & Joko World's
Jack.O'C is member of PAN CI
WARNING: A group name DL_Razorfc, SI & Joko World's, PAN CI did not exsist
Get-ADGroupMember : Cannot find an object with identity: 'SI & Joko World's' under: 'DC=Razorfc,DC=net'.
At C:\Create Users Read From CSV and Adding to the group members by Dexter Ho Han Xiang.ps1:73 char:17
+ ... $Members2 = Get-ADGroupMember -Identity $groupmember2 -Recursive | Se ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : ObjectNotFound: (SI & Joko World's:ADGroup) [Get-ADGroupMember], ADIdentityNotFoundException
+ FullyQualifiedErrorId : ActiveDirectoryCmdlet:Microsoft.ActiveDirectory.Management.ADIdentityNotFoundException,Microsoft.ActiveDirectory.Management.Commands.GetADGroupMember
Get-ADGroupMember : Cannot find an object with identity: 'PAN CI' under: 'DC=Razorfc,DC=net'.
At C:\Create Users Read From CSV and Adding to the group members by Dexter Ho Han Xiang.ps1:74 char:17
+ ... $Members3 = Get-ADGroupMember -Identity $groupmember3 -Recursive | Se ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : ObjectNotFound: (PAN CI:ADGroup) [Get-ADGroupMember], ADIdentityNotFoundException
+ FullyQualifiedErrorId : ActiveDirectoryCmdlet:Microsoft.ActiveDirectory.Management.ADIdentityNotFoundException,Microsoft.ActiveDirectory.Management.Commands.GetADGroupMember
Mary.W is member of DL_Razorfc
Mary.W is member of SI & Joko World's
Mary.W is member of PAN CI
WARNING: A group name DL_Razorfc, SI & Joko World's, PAN CI did not exsist
Get-ADGroupMember : Cannot find an object with identity: 'SI & Joko World's' under: 'DC=Razorfc,DC=net'.
At C:\Create Users Read From CSV and Adding to the group members by Dexter Ho Han Xiang.ps1:73 char:17
+ ... $Members2 = Get-ADGroupMember -Identity $groupmember2 -Recursive | Se ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : ObjectNotFound: (SI & Joko World's:ADGroup) [Get-ADGroupMember], ADIdentityNotFoundException
+ FullyQualifiedErrorId : ActiveDirectoryCmdlet:Microsoft.ActiveDirectory.Management.ADIdentityNotFoundException,Microsoft.ActiveDirectory.Management.Commands.GetADGroupMember
Get-ADGroupMember : Cannot find an object with identity: 'PAN CI' under: 'DC=Razorfc,DC=net'.
At C:\Create Users Read From CSV and Adding to the group members by Dexter Ho Han Xiang.ps1:74 char:17
+ ... $Members3 = Get-ADGroupMember -Identity $groupmember3 -Recursive | Se ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : ObjectNotFound: (PAN CI:ADGroup) [Get-ADGroupMember], ADIdentityNotFoundException
+ FullyQualifiedErrorId : ActiveDirectoryCmdlet:Microsoft.ActiveDirectory.Management.ADIdentityNotFoundException,Microsoft.ActiveDirectory.Management.Commands.GetADGroupMember
Jake.O is member of DL_Razorfc
Jake.O is member of SI & Joko World's
Jake.O is member of PAN CI
答案 0 :(得分:0)
如您所述,用户已成功添加到AD,然后只有您遇到错误。因此,您可以使用两种方法来避免该错误。您可以尝试使用
Get-ADGroupMember -Identity $groupmember -Recursive | Select -ExpandProperty SAMAccountName | -ErrorAction SilentlyContinue
或者您可以尝试这样
try {
Get-ADComputer -Identity “something”
}
catch [Microsoft.ActiveDirectory.Management.ADIdentityNotFoundException]
{
Write-Warning “AD computer object not found”
}
catch {}