Writing to Event Log with PowerShell - System.Object[ ] conversion error

This topic contains 3 replies, has 2 voices, and was last updated by Profile photo of Tony Bennett Tony Bennett 1 year, 1 month ago.

  • Author
    Posts
  • #32682
    Profile photo of Tony Bennett
    Tony Bennett
    Participant

    Hi,

    I'm trying to write a script that will write an event to the application log when a script is run that finds an account for which delegation has been configured. The code I've been trying to get working is this:

    $result=Get-ADGroupMember -Identity "Domain Admins" | ForEach-Object {Get-ADUser -Identity $_ -Properties AccountNotDelegated | Where-Object {$_.AccountNotDelegated -eq $false} | Format-Table DistinguishedName,AccountNotDelegated -AutoSize}

    If ($result -ne $null) {
    Write-EventLog -Logname Application -Source "My Test" -EntryType Warning -EventID 1 -Message $result}

    When I run this, I get the error:

    "Write-EventLog : Cannot convert 'System.Object[]' to the type 'System.String' required by parameter 'Message'.
    Specified method is not supported."

    Does anyone know how I might change this so I can get the output I'm after, without having to first write the data to a text file on the file system? All I'm trying to do is get a list of high level accounts that have delegation configured and log an event on it which the monitoring system can then pick up and alert on.

    Thanks

  • #32683
    Profile photo of Dave Wyatt
    Dave Wyatt
    Moderator

    The Format-Table and similar commands output a bunch of objects which are meant to be processed by the Out-* commands. You can't assign them directly to another command that expects a string, but you can pipe Format-Table to Out-String first:

    $result = Get-ADGroupMember -Identity "Domain Admins" |
              ForEach-Object {
                  Get-ADUser -Identity $_ -Properties AccountNotDelegated |
                  Where-Object {$_.AccountNotDelegated -eq $false}
              } |
              Format-Table DistinguishedName,AccountNotDelegated -AutoSize |
              Out-String
    

    For readability, I've split some of your code across multiple lines, and I've moved the pipe to Format-Table to be outside of your ForEach-Object loop (which was likely your intention; otherwise you'd end up with a separate table for every user.)

  • #32684
    Profile photo of Dave Wyatt
    Dave Wyatt
    Moderator

    Incidentally, try this and see if it works. Simplifies your code a bit, and it would be faster besides 🙂

    $result = Get-ADGroupMember -Identity "Domain Admins" |
              Get-ADUser -Properties AccountNotDelegated -Filter { AccountNotDeleted -eq $false } |
              Format-Table DistinguishedName,AccountNotDelegated -AutoSize |
              Out-String
    
  • #37230
    Profile photo of Tony Bennett
    Tony Bennett
    Participant

    Thanks Dave Wyatt, much appreciated 🙂

You must be logged in to reply to this topic.