acer460527

Forum Replies Created

Viewing 15 posts - 1 through 15 (of 88 total)
  • Author
    Posts
  • in reply to: howto restart code from the top #245919
    Participant
    Topics: 37
    Replies: 88
    Points: 511
    Rank: Major Contributor

    Hi Doug

    thanks for the explanation of the function Since I’m learning and a complete noob in functions I’ve got a question concerning this part

    
    
    $users = import-csv c:\temp\csv\toRemove.csv
    
    $users | foreach {
        foreach($attempt in 1..3)
        {
            Remove-AzureGroupMember -Users $_ -Errorlog “c:\temp\groupdeletionErrors.txt”
            Start-Sleep -Seconds 1
        }
    }
    

    in my original code I already import this list
    $users = import-csv c:\temp\csv\toRemove.csv

    this means that you use this list twice?
    for me it would just be sufficient to call the function again after lets say 2 min

    I did find another alternative  by modifying the Else statement by adding this code

    write-host “$($user.Email) cannot be removed at this time”
    write-warning “Syncing between AD and AzureAD is slow, we have to wait till the next Cycle is done….Sorry for the inconvenience”
    start-sleep 120
    
    ./Offboarding2.ps1
    

    and in the offboarding2 I’m checking again if when the last sync is done and when the script went through that cycle to continue with removing all the groups this user was member off

    you way is obviously faster

    would this work

    foreach($attempt in 1..3){
    
    Remove-AzureGroupMember -Errorlog “c:\temp\groupdeletionErrors.txt”
    
    Start-Sleep -Seconds 1
    
    }
    
    

    thanks again for your much appreciated input

    Paul

    in reply to: reset counter #245553
    Participant
    Topics: 37
    Replies: 88
    Points: 511
    Rank: Major Contributor

    thanks Andy for your reaction,

    the waiting period is nothing more then waiting till the sync is done between on premises AD and AzureAD because I can only continue when the account of this given user is disabled.

    I think that from time to time the Sync is slower then the script itself which will result in the fact that the account is not updated in AzureAD in time.

    hope this helps

    in reply to: how to avoid error message being displayed #245250
    Participant
    Topics: 37
    Replies: 88
    Points: 511
    Rank: Major Contributor

    @rob Simmers
    thanks for the explanation

    in reply to: how to avoid error message being displayed #245090
    Participant
    Topics: 37
    Replies: 88
    Points: 511
    Rank: Major Contributor

    HI Olaf and Doug thanks for your reactions was not aware that you could nest 2 try blocks together

     

     

    in reply to: how to avoid error message being displayed #244925
    Participant
    Topics: 37
    Replies: 88
    Points: 511
    Rank: Major Contributor

    Hi Olaf,
    sorry I have to disagree here

    in my First test

    
    
    $givenname = “paul”
    $firstletter = $givenname.Substring(0,1)
    $lastname =”Washington”
    $TestSam = $firstletter + $lastname
    $testAccountNameExist = get-user -Identity $TestSam
    if(!($testAccountNameExist -eq “”)){
    write-host -ForegroundColor Yellow “This Username: $TestSam already excists going for alternative name please wait”
    

    I know the user exists so I want to go to round 2 by using this code

    
    
    if(!($testAccountNameExist -eq $null)){
    $Firstletter = $givenname.Substring(0,2)
    $TestSam = $firstletter + $lastname}
    try{
    $testAccountNameExist = get-user -Identity $TestSam
    }catch [ManagementObjectNotFoundException]{
    
    “this accountname does not excist”}
    
    

    where my try block is

    try{ 
    $testAccountNameExist = get-user -Identity $TestSam 
    }catch [ManagementObjectNotFoundException]
    { “this accountname does not excist”}

    or am I missing something here?

    in reply to: how to avoid error message being displayed #244796
    Participant
    Topics: 37
    Replies: 88
    Points: 511
    Rank: Major Contributor

    Hi Olaf thanks for your reaction

    What am I doing wrong with my try catch?

    I’ve modified it into this

    $givenname = “paul”
    $firstletter = $givenname.Substring(0,1)
    $lastname =”Washington”
    $TestSam = $firstletter + $lastname
    $testAccountNameExist = get-user -Identity $TestSam
    if(!($testAccountNameExist -eq “”)){
    write-host -ForegroundColor Yellow “This Username: $TestSam already excists going for alternative name please wait”
    
    if(!($testAccountNameExist -eq $null)){
    $Firstletter = $givenname.Substring(0,2)
    $TestSam = $firstletter + $lastname}
    try{
    $testAccountNameExist = get-user -Identity $TestSam
    }catch [ManagementObjectNotFoundException]{
    
    “this accountname does not excist”}
    
    
    write-host -ForegroundColor Cyan “Username that is available is :” $TestSam
    
    
    
    }
    

    but the error message remains

    The operation couldn’t be performed because object ‘pawashington’ couldn’t be found on ‘mydomain.com’.
    + CategoryInfo : NotSpecified: (:) [Get-User], ManagementObjectNotFoundException
    + FullyQualifiedErrorId : [Server=myserver,RequestId=12a93894-a1ff-47d1-b3e3-d91d34c542b7,TimeStamp=7/26/2020 11:21:26 AM] [FailureCate
    gory=Cmdlet-ManagementObjectNotFoundException] 7A347785,Microsoft.Exchange.Management.RecipientTasks.GetUser
    + PSComputerName : mydomain.com
    

     

    Participant
    Topics: 37
    Replies: 88
    Points: 511
    Rank: Major Contributor

    Dave,

    makes sence how would I manage to remove every disabled user from the distribution groups and avoiding errors?

     

    Participant
    Topics: 37
    Replies: 88
    Points: 511
    Rank: Major Contributor

    Dave thanks for your answer

    when I run this code it works on the active users but on the disabled users I get the below mentioned error message

    $users = import-csv c:\temp\csv\toRemove.csv
    
    foreach($user in $users){
    
    $email = “$($user.email)”
    
    $mailbox = Get-Mailbox -Identity $email
    
    $DN=$mailbox.DistinguishedName
    
    $Filter = “Members -like “”$DN”””
    
    $DistributionGroupsList = Get-DistributionGroup -ResultSize Unlimited -Filter $Filter
    
    $DistributionGroupsList
    
    ForEach ($item in $DistributionGroupsList) {
    Remove-DistributionGroupMember -Identity $item.DisplayName –Member $email -Confirm:$false
    }
    }
    
    

    I get the following error message

    The operation couldn’t be performed because object ‘[email protected]’ couldn’t be found on
    ‘xxxxxx.PROD.OUTLOOK.COM’.
    + CategoryInfo : NotSpecified: (:) [Get-Mailbox], ManagementObjectNotFoundException
    + FullyQualifiedErrorId : [Server=servername,RequestId=3677493e-a17d-4d93-ab7e-7567764e1a25,TimeStamp=7/8/2020 5:46:21 PM] [Fail
    ureCategory=Cmdlet-ManagementObjectNotFoundException] ,Microsoft.Exchange.Management.RecipientTasks.GetMailbox
    + PSComputerName : office365
    
    

    when running this code while the user is still active I do get the distributionlists he’s member of

    Participant
    Topics: 37
    Replies: 88
    Points: 511
    Rank: Major Contributor

    Olaf,

    I want to remove the users, but the thing is when a user is leaving the company I can deal with that as long as the account is active. for the already deactivated users I’m strugling to get it to work, because I get that error message posted in the original post thrown at me

    Participant
    Topics: 37
    Replies: 88
    Points: 511
    Rank: Major Contributor

    Hi Olaf,

    still no  luck,
    another thing that is weird is that whenever the user account is still active it will work

    $email = “[email protected]”
    
    $mailbox = Get-Mailbox -Identity $email
    
    $DN=$mailbox.DistinguishedName
    
    $Filter = “Members -like “”$DN”””
    
    $DistributionGroupsList = Get-DistributionGroup -ResultSize Unlimited -Filter $Filter
    
    Write-host `n
    Write-host “Listing all Distribution Groups:”
    Write-host `n
    $DistributionGroupsList | ft
    
    $answer = Read-Host “Would you like to proceed and remove $email from all distribution groups ( y / n )?”
    
    While (“y”,”n” -notcontains $answer) {
    $answer = Read-Host “Would you like to proceed and remove $email from all distribution groups ( y / n )?”
    }
    
    If ($answer -eq ‘y’) {
    
    ForEach ($item in $DistributionGroupsList) {
    Remove-DistributionGroupMember -Identity $item.DisplayName –Member $email -Confirm:$false
    }
    
    Write-host `n
    Write-host “Successfully removed”
    
    Remove-Variable * -ErrorAction SilentlyContinue
    }
    
    Else
    
    {
    Remove-Variable * -ErrorAction SilentlyContinue
    }
    
    

    do you happen to know why removing the distribution groups for disabled users is such a pain?

     

    Participant
    Topics: 37
    Replies: 88
    Points: 511
    Rank: Major Contributor

    Hi Olaf,

    thanks for your suggestion however no joy still the same error message

     

    Paul

    in reply to: split array #236206
    Participant
    Topics: 37
    Replies: 88
    Points: 511
    Rank: Major Contributor

    thanks for your answers

     

    Paul

    in reply to: install modules for all usersz #234103
    Participant
    Topics: 37
    Replies: 88
    Points: 511
    Rank: Major Contributor

     

    Hi Olaf

    We need to RDP in to each server.

    You should not do this.

    I’m open for suggestions

    in reply to: populate aduser with manager name #233539
    Participant
    Topics: 37
    Replies: 88
    Points: 511
    Rank: Major Contributor

    thanks Olaf

    wasn’t aware that the samaccount was also possible

     

    Paul

    in reply to: counter fails #232591
    Participant
    Topics: 37
    Replies: 88
    Points: 511
    Rank: Major Contributor

    found the solution I changed

    while ($counter -ne $GracePeriodMin -and $zcounter -ne -1)
    

    to

    while ($zcounter -ne -1)
    

    to solve this problem
    thanks Olaf for your help in this

Viewing 15 posts - 1 through 15 (of 88 total)