Reputation: 299
Get-ADPrincipalGroupMembership -Identity not accepting variable
Working in a few different domains, that have different naming schema's. So I'm writing a script that goes into each domain, and checks on their group membership.
First thing the script does is ask for the user's last name. Then I use Get-ADUser to select the samaccountname and tie it to a variable (samaccountname is the only name that Get-ADPrincipalGroupMembership -Identity parameter accepts).
But when I run the script using the variable for -Identity it doesn't find the user. If I type it in manually - it does find the user.
Here's the code:
$surname = Read-Host "Users Last Name"
$fullname = Get-ADUser -filter * | Where-Object {$_.surname -eq $surname} |
select samaccountname | Format-Table -HideTableHeaders | Out-String
Get-ADPrincipalGroupMembership -Identity $fullname | select name |
Format-Table -HideTableHeaders
The error I get shows that the variable is a string, and it is the correct user that it's searching for, but the error says it can't find that user.
Upvotes: 1
Views: 1298
Answers (1)
Reputation: 200293
Format-* cmdlets were made for displaying data to a user. Do not use them when further processing of the data is required/intended.
Change
... | select samaccountname | Format-Table -HideTableHeaders | Out-String
to
... | select -Expand samaccountname -First 1
and your problem will disappear.
Upvotes: 2
Related Questions
- How to search a string in multiple files and return the names of files in Powershell?
- How to get AD group membership for list of users in CSV file?
- How can I verify if an AD account is locked?
- Remove-ADPrincipalGroupMembership 'insufficient rights'
- Get-ADPrincipalGroupmembership : The server was unable to process the request due to an internal error
- Can I not use a variable in with Get-ADUser
- AD Account Will Not Create If Duplicate First Name & Second Name
- Combining get-aduser and get-qadmemberof
- Parsing variables into Get-ADUser CMDLT - Error parsing query