Verifying user accounts exist in AD

This topic contains 7 replies, has 4 voices, and was last updated by Profile photo of Greg Dent Greg Dent 1 year, 10 months ago.

  • Author
    Posts
  • #22142
    Profile photo of Greg Dent
    Greg Dent
    Participant

    Hi guys,

    Another one that's caught me out – fairly simple goal – I have a list of usernames, that I would like to verify through powershell, whether the account exists.

    I'm not able to get it to work as intended though. The script runs without error but is obviously not reporting the right data. Not sure why, as I've used if statements many many times before, and never had such a problem. Maybe I'm missing some syntax or operators.

    Here's my code:

    $Users = import-csv "homedrives-jan15.csv"
    $OutFile = "homedrive-audit.csv"
    $Header = "username,account status"
    Add-Content -Path $OutFile -Value $Header
    foreach [$User in $Users] 
    {
    $GetUser = Get-AdUser -Filter {sAMAccountName -eq '$[$User.Username]'}
    if [$GetUser -eq $null] 
    	{
    	$Status = "User Not Found"
    	Write-Host "$[$User.Username] account not found"
    	}
    	Else 
    	{
    	$Status = "User Exists"
    	Write-Host "$[$User.Username] exists"
    	}	
    $OutData = $User.Username + "," + $Status
    Add-Content -Path $OutFile -Value $OutData
    }

    My issue is that both the terminal output AND the CSV output are all showing account not found for everything, which I know is obviously wrong. No matter what logic I use to verify the account, the script will only ever use the first if statement output, and completely ignore the Else statement.

    Anyone spot what I'm doing wrong here?

    Thanks!

  • #22143
    Profile photo of Don Jones
    Don Jones
    Keymaster

    I think you might be better off using -Identity instead of -Filter, since you know the samAccountName. That should return an error if it's not found, which you should be able to trap (setting -ErrorAction to Stop and using a Try/Catch construct). Testing for $null isn't really a great error-handling scenario.

    Now... I'm not sure if this is maybe something just from the Web software here... but you're consistently using [brackets] instead of (parentheses). In every instance, in what you posted above, that's incorrect. But I'm not sure if that's just an artifact of the web here, so it might not be the cause of your problem. I'd think that would have bombed with syntax errors if it was the real problem.

  • #22155
    Profile photo of Greg Dent
    Greg Dent
    Participant

    Hi Don. Yep I am using parenthesis, but the code tags are changing them to square brackets on here. Bit odd, since bracket types in code are v. important!

    I don't really need to catch errors, and I was trying to avoid over-complicating the script. I used the filter command with the express intention of it not outputting an error, which means the $null value can be used to determine if it found an account. If I use -Identity, then I get errors and it messes with the if/else qualifiers.

    Having said that, it behaves the same way regardless at the moment! I have tried it both ways. The only method I have not attempted is a try/catch construct.

  • #22156
    Profile photo of Greg Dent
    Greg Dent
    Participant

    Interestingly, I tried this on a single line:

    if [[get-aduser -filter {SamAccountName -eq 'foxr735'}] -eq $null] {write-host "Nope"} else {write-host "Yep"}

    This works fine. If I give it a duff username, it outputs a 'Nope', and a working one outputs a 'Yep' 🙂

    Don't understand why this isnt working on the import.

  • #22164
    Profile photo of Tim Pringle
    Tim Pringle
    Participant

    You're using single quotes, which does not expand strings.

    Try changing

    '$($User.Username)'
    

    to

    "$($User.Username)" 
    
  • #22166
    Profile photo of Wilfredo Perez
    Wilfredo Perez
    Participant

    What's in the homedrives-jan15.csv file. EX: SamAccountName (wperez) or is it Name (Perez, Wilfredo)

  • #22172
    Profile photo of Greg Dent
    Greg Dent
    Participant

    In response to Tim;

    I'll give that a try. I can never remember the difference between single and double quotes! That does actually make sense now I think about it, as it's showing the failed/null result for all accounts.

    Wilfredo; the CSV contains a list of AD user names (SAMAccountName format) with the heading of 'Username'.

    EDIT:
    The quotations are not the issue unfortunately! I'm getting the same problems.

  • #22179
    Profile photo of Greg Dent
    Greg Dent
    Participant

    Ok, I now have great success!

    It was an issue with the stringed variable I was trying to pass through, just not one of a quotation mark nature.

    I changed the following:

    $GetUser = Get-AdUser -Filter {sAMAccountName -eq '$[$User.Username]'}

    to....

    $UserAccount = $User.Username
    $GetUser = Get-AdUser -Filter {sAMAccountName -eq $UserAccount}

    And it ran first time without complaint and worked exactly as intended.

    Thanks for the assistance guys.

You must be logged in to reply to this topic.