CODEWITHSUNDEEP
powershellactive-directory
ITHawaii1990
ITHawaii1990

Reputation: 41

How to fix Cannot find an object with Identity in Powershell Script

I'm trying to get this Powershell script to transfer group membership from one user to another in Active Directory. I am getting the error below stating it can't find the object with identity. This is odd because the user is in AD in the domain that I called upon and the first user that I am transferring the membership from is found without any issues. Any ideas?

Get-ADUser -server "ngcore01.test.hawaii.local" -Identity user11 -Properties memberof |
Select-Object -ExpandProperty memberof
Add-ADGroupMember -Member user22

This is the error:

Add-ADGroupMember : Cannot find an object with identity: 'user22' under: 'DC=test,DC=hawaii,DC=local'. At line:3 char:1 + Add-ADGroupMember -Members user22 + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + CategoryInfo : ObjectNotFound: (user22:ADGroup) [Add-ADGroupMember], ADIdentityNotFoundException + FullyQualifiedErrorId : ActiveDirectoryCmdlet:Microsoft.ActiveDirectory.Management.ADIdentityNotFoundException,Microsoft.ActiveDirectory. Management.Commands.AddADGroupMember

Upvotes: 2

Views: 28324

Answers (1)

Theo
Theo

Reputation: 61068

The error message shows that the Add-ADGroupMember cmdlet has difficulties finding a group with Identity user22 and that is because you do not supply this Identity value. (See: Add-ADGroupMember)

The memberof property returned by Get-ADUser is a collection of DistinguishedNames of the user’s direct group membership and you need to loop over the returned values in this collection to use as -Identity parameter on the call to Add-ADGroupMember

Try

(Get-ADUser -Server "ngcore01.test.hawaii.local" -Identity user11 -Properties memberof).memberof | ForEach-Object {
    Add-ADGroupMember -Identity $_ -Members user22
}

Upvotes: 1

Related Questions