Problem running Get-ADUser with variable in ForEach loop

Welcome Forums General PowerShell Q&A Problem running Get-ADUser with variable in ForEach loop

This topic contains 2 replies, has 2 voices, and was last updated by

 
Participant
1 week, 2 days ago.

  • Author
    Posts
  • #176470

    Participant
    Topics: 3
    Replies: 5
    Points: 29
    Rank: Member

    Hi All,

    I have file full of userPrincipleName with a single value per line

    user1@example.com
    user2@example.com
    etc...

    When I try to add these users to a group I am getting an error.  I have tested the commands with a single user successfully so I am confident in the syntax and this should work.

    $group = "GroupName"
    $updatedUserFile = "D:\user-file.txt"
    
    # Loop through input file to update groups
    ForEach ($user in ( Get-Content $updatedUserFile)) {
    
        # Remove any extra whitespace
        $user.trim()
    
        # Get AD user object based on FDU NetID and add object to group
        Get-ADUser -Filter {userPrincipalName -eq $user } | Add-ADPrincipalGroupMembership -MemberOf $group
    
    }
    
    user1@example.com
    Add-ADPrincipalGroupMembership : Object reference not set to an instance of an object.
    At C:\Util\updateMMLab-Authorized-Accounts.ps1:36 char:57
    + ... palName -eq $user } | Add-ADPrincipalGroupMembership -MemberOf $group
    + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo : NotSpecified: (:) [Add-ADPrincipalGroupMembership], NullReferenceException
    + FullyQualifiedErrorId : ActiveDirectoryCmdlet:System.NullReferenceException,Microsoft.ActiveDirectory.Management.Commands.AddADPrincipalGroupMembership
    
    

    I have tried casting $user to a string as well as assigning it to a variable before using it in the Get-ADUser -Filter commandlet.  Neither worked.  It seems that the Get-ADUser -Filter isn't finding the user.

    Thank you in advance,

    -Chris

     

     

  • #176482

    Participant
    Topics: 8
    Replies: 1203
    Points: 706
    Helping Hand
    Rank: Major Contributor

    Basically, if your user query fails and the user is not found, you are passing a NULL value to Add-ADPrincipalGroupMembership, which is the error you are seeing. You should add a search and error handling to your script:

    $group = "GroupName"
    $updatedUserFile = "D:\user-file.txt"
    
    # Loop through input file to update groups
    ForEach ($user in ( Get-Content $updatedUserFile)) {
    
        # Remove any extra whitespace
        $user.trim()
    
        # Get AD user object based on FDU NetID and add object to group
        $adUser = Get-ADUser -Filter {userPrincipalName -eq $user }
        
        if ($user) { 
            try {
                Add-ADPrincipalGroupMembership -MemberOf $group -ErrorAction Stop
                'Successfully updated user {0} group membership for {1}' -f $user, $group
            }
            catch {
                'Failed updated user {0} group membership for {1}' -f $user, $group
            }
        }
        else {
            '{0} was not found in Active Directory' -f $user
        }
    
    }
    
  • #176509

    Participant
    Topics: 3
    Replies: 5
    Points: 29
    Rank: Member

    Hi Robert,

    Thanks for the quick response.  I will implement the error handling.  While prepping a test file to use with your solution I noticed that my userPrincipleNames were padded with trailing white space.  So to me that means that my trim() is not working.  Have you had to solve this before?

    -Chris

You must be logged in to reply to this topic.