acer460527

Forum Replies Created

Viewing 15 posts - 46 through 60 (of 94 total)
  • Author
    Posts
  • Participant
    Topics: 41
    Replies: 94
    Points: 560
    Rank: Major Contributor

    this gives all the users accounts on cfdc01.mydomain.Com

    Participant
    Topics: 41
    Replies: 94
    Points: 560
    Rank: Major Contributor

    CredSSP not allowed on our domain

     

    Participant
    Topics: 41
    Replies: 94
    Points: 560
    Rank: Major Contributor

    weird thing is that the orginal code

    ran today without throwing any errors.
    I’m still learning to improve my powershell skills and would like to use Rob’s proposed solution since my script is just a 1.0 version so to speak and needs improvement on logging stuff

    this script is just 1 part of the total offboarding tasks that I’m currently doing

    Ideally I would like to create a separate script that is going to check :
    if the folders exist

    if the required files exist
    to check and setup the different sessions I need.

    the second script

    is going to hide all users from the Global address list

    the next script is this one that is the above one to perform the offboarding tasks

    the last one is to remove all the groups a user is Member of through AzureAD

    and using 1 ps file to call all different scripts in the required order especially for the AzureAD script since there is a 30 min delay due to syncing between on prem AD and AzureAD

    I’m happy to share what I have sofar and also happy to get feedback on how to improve my code where needed

    Participant
    Topics: 41
    Replies: 94
    Points: 560
    Rank: Major Contributor

    Rob,
    I agree that it works when you run it straight on your AD server I’m pretty sure that it has something to do with the PSSession.

    Paul

     

    Participant
    Topics: 41
    Replies: 94
    Points: 560
    Rank: Major Contributor

    Unfortunately same result
    $User results in
    SamAccountName email DISPLAY NAME active
    ————– —– ———— ——
    Paul [email protected] Paul+lastname  True

    $SamAccountName = Paul

    error message

     

    Participant
    Topics: 41
    Replies: 94
    Points: 560
    Rank: Major Contributor

    Hi Rob,

    thanks for your time to write this down really appreciated. I get however an error on this line

    when I request the content of $user.SamAccountName I do get as result “Paul”

    when I just run the above mentioned ADuser … I get the same error message as above

    Please advice

    Paul

    • This reply was modified 4 months, 3 weeks ago by acer460527.
    • This reply was modified 4 months, 3 weeks ago by acer460527.
    Participant
    Topics: 41
    Replies: 94
    Points: 560
    Rank: Major Contributor

    this is returning the correct value

    PS C:\WINDOWS\system32> $manager = (get-aduser (get-aduser $user.SamAccountName -Properties manager).manager).Name

    PS C:\WINDOWS\system32> $manager
    Stijn …….
    individually everything works I’ve been testing this but for some reason running all together giving me the above message and everything is executed as required.
    However I would like to run this without any messages and trying to understand why I get this message and on top of that solve it so that I don’t have it anymore

     

    Participant
    Topics: 41
    Replies: 94
    Points: 560
    Rank: Major Contributor

    Instead, can you try using Invoke-Command instead of implicit remoting.

    Instead, can you try using Invoke-Command instead of implicit remoting.

    if I use the invoke command nothing works

    Paul

    Participant
    Topics: 41
    Replies: 94
    Points: 560
    Rank: Major Contributor

    @kvprasoon,

    you mean something like

    invoke-command -session $Adsession -scriptblock {}
    and put everything in the scriptblock?

    any reason why you prefer the invoke command above implicit remoting?

    Participant
    Topics: 41
    Replies: 94
    Points: 560
    Rank: Major Contributor

    in addition when I run the set-aduser seperately they are executed correctly without any error messages
    is there a way to group this in one single line?
    something like set-ADuser $user.SamAccountName

    -clear manager department

    -description $description

    -add -add @{‘extensionattribute15’=(Get-Date).ToString(“yyyy-MMM-dd”)}

    or would this not make any difference?

    Participant
    Topics: 41
    Replies: 94
    Points: 560
    Rank: Major Contributor

    I managed to reduce the nr of errors to 1
    the only thing I get an error on is set-ADUser but all the things that I modify on the given account are executed.

    in this part I modified my script “changed line 4 into line 5

    and in order to move the user from current location to the disabled folder  I changed the first line into the second line

    I just would like to understand the error message about the ad user and how to solve that
    this is the remaining message

    Paul

    • This reply was modified 4 months, 4 weeks ago by acer460527.
    Participant
    Topics: 41
    Replies: 94
    Points: 560
    Rank: Major Contributor

    Hi Doug

    even when the file is placed on the remote machine it still gives me the same error

    as mentioned it does 99% of the job as it should only the disabling does not seem to work

     

    Paul

    in reply to: execute .bat file on remote computer #222840
    Participant
    Topics: 41
    Replies: 94
    Points: 560
    Rank: Major Contributor

    twilightScripter thanks for your help

    it’s working now

     

    in reply to: Counter in for each loop not working #222429
    Participant
    Topics: 41
    Replies: 94
    Points: 560
    Rank: Major Contributor

    Thanks Olaf you are the life saver 🙂

     

    in reply to: filecopy with PSdrive #221913
    Participant
    Topics: 41
    Replies: 94
    Points: 560
    Rank: Major Contributor

    Hi

    no it’s suppose to be like this

    I adapted the names for not reveling the company name

    Paul

Viewing 15 posts - 46 through 60 (of 94 total)