Reputation: 942
Getting error parsing error when trying to run PowerShell script for Active Directory
I am writing a script that will update user attributes in Active Directory from a CSV file. I am down to only one error now and it is to do with the syntax. Not sure what the correct syntax is; I have provided the error that I receive when I run the script.
Here is the script to update AD users from CSV file.
#Updates AD user attributes from CSV file
$credential = Get-Credential
#Load data from file.csv
$ADUsers = Import-csv file_location
# Server
$server = "127.0.0.1"
# Count variable for number of users update
$count = 0
#Go through each row that has user data in the CSV we just imported
foreach ($User in $ADUsers)
{
# Read user data from each field in each row and assign to variables.
$Username = $User.Username
$Title = $User.Title
$Office = $User.Office
$Description = $User.Description
#Check to see if the user already exists in AD. If they do, we update.
if (Get-ADUser -Filter "SamAccountName -eq $Username" -Server $server -Credential $credential)
{
#Set User attributes
Set-ADUser -Title $Title -WhatIf `
-Office $Office -WhatIf `
-Description $Description -WhatIf
# Print that the user was updated
Write-Host $Username "- User attributes have been updated." -ForegroundColor Yellow
# Update Count
$count += 1
}
}
# Print the number of updated users
Write-Host $count "Users have been updated" -ForegroundColor Green
Here is the error I am getting when I run the script
Get-ADUser : Error parsing query: 'SamAccountName -eq ADUSER' Error Message: 'syntax error' at position: '20'.
At file_location from CSV.ps1:35 char:6
+ if (Get-ADUser -Filter "SamAccountName -eq $Username" -Server $se ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : ParserError: (:) [Get-ADUser], ADFilterParsingException
+ FullyQualifiedErrorId : ActiveDirectoryCmdlet:Microsoft.ActiveDirectory.Management.ADFilterParsingException,Microsoft.ActiveDirectory.Management.Commands.GetADUse
r
0 Users have been updated
Upvotes: 2
Views: 3240
Answers (1)
Reputation: 7057
Purely the error is probably caused by string expansion put single quotes around $UserName like:
Get-ADUser -Filter "SamAccountName -eq '$Username'" # and the rest of the parameters...
However, I should point out you usually don't need the filter parameter with the samAccountName. JUst do something like:
Get-ADUser $UserName # and the rest of the parameters...
Also You have -Whatif specified multiple times in the Set-ADUser command. This will cause issues after you get past the current issue.
You should try to avoid all that back-ticking. Use splatting instead. Here's an untested splatting example:
# Updates AD user attributes from CSV file
$credential = Get-Credential
# Load data from file.csv
$ADUsers = Import-csv file_location
# Count variable for number of users update
$count = 0
# Go through each row that has user data in the CSV we just imported
ForEach($User in $ADUsers)
{
# Ppopulate hash table for Get-ADUser splatting:
$GetParams =
@{
Identity = $User.Username
Server = '127.0.0.1'
Credential = $Credential
}
# Initialize hash table for Set-ADUser splatting:
$SetParams =
@{
Server = '127.0.0.1'
Identity = $User.Username
Title = $User.Title
Office = $User.Office
Description = $User.Description
Credential = $Credential
}
# Check to see if the user already exists in AD. If they do, we update.
if ( Get-ADUser @GetParams)
{
# Set User attributes
Set-ADUser @SetParams -WhatIf
# Print that the user was updated
Write-Host -ForegroundColor Yellow "$User - User attributes have been updated."
# Update Count
$count += 1
}
}
# Print the number of updated users
Write-Host $count "Users have been updated" -ForegroundColor Green
Please note this is not necessarily how I'd finish up the code. There are so many ways to do things and so much is guided by personal preference etc... In this case I'm limiting modifications to your original example to demonstrate only certain points like splatting. When, where & why to implement is up to you.
Another question you may want to think about is how robust you need this or any script to be. Do you need error handling? Do you want to report when a user in the CSV file isn't found in AD (which itself will echo an error)? Do you need a log file? Is this a one time effort or something that will run for years? etc...
Upvotes: 2
Related Questions
- Powershell script to add new users to Active Directory from a CSV file fails to work. The error suggests bad syntax but I am failing to see why
- Powershell AD script unable to export to csv
- Error running Powershell script from a .csv
- Powershell CSV Import Error - The object name has bad syntax
- Powershell exporting csv issue
- Powershell Export-CSV error
- Import-CSV for Active Directory Object Already Exists Error
- New-Aduser : The object name has bad syntax
- powershell, Variable: '_' found in expression: $_
- Import-csv into Active Directory