Reputation: 21
Problem getting script accept groupname with blanks combined with dashes in Powershell
So I am writing some code doing import/export of AD-users in powershell and I ran into a really annoying problem. I am trying to get all members from a distribution group in AD, but it seems like Powershell (as I have written it) will not accept the group name "System Users - Department".
If I run Get-ADGroup 'System Users' ... it works
If I run Get-ADGroup 'System-Users' ... it works
If I run Get-AdGroup 'System Users - Department' it does not work and throws an "Cannot find an object with identity" exception error in return.
The easiest way would just be to change the name of the group, but I can't since it is used in a bunch of other configurations, that I do not control. So I need to find a way to let Powershell read and accept that group name.
Any ideas?
Upvotes: 1
Views: 676
Answers (1)
Reputation: 13452
Get-ADGroup expects the following 4 different types of identities:
- A distinguished name
- A GUID (objectGUID)
- A security identifier (objectSid)
- A security accounts manager account name (sAMAccountName)
As System Users - Department contains spaces, it can only be interpreted as a distinguished name, but a relative one and thus it may not be unique and it is dangerous to use it this way. I recommend using the sAMAccountName instead. Look it up for your group and use that to identify your group. You will have less trouble with special characters which leads to another possible explanation:
The displayName of a group may contain unicode characters. Are you sure which "minus"-looking character you use inside the display name of your group? Here are 4 different characters in one line to see the difference: - − – — (read more). When looking for the displayName, you have to know exactly which of those signs has been used to create the name. Otherwise you will not be able to match it in a string comparison. For typographical correctness, your displayName would contain an n-dash as it is surrounded by spaces. And it might do so, if it was copied from Word for example, but you will not get this sign by just pressing "minus" on your keyboard. This might be a reason for your problem, too.
Upvotes: 2
Related Questions
- get-adgroup will not accept group distinguished name in a variable
- Filtering Get-ADGroups with question mark wildcard doesn't seem to work
- Powershell - How to remove trailing spaces from a list of groups a user is in
- PowerShell Script Not Working As Intended When Getting AD Groups
- Unable to get name of the group
- Adding Active Directory group with spaces in name gives error in PowerShell script
- Powershell not returning expected groups
- PowerShell trying to list users who have group membership similar string
- Powershell & ActiveDirectory - trying to output users in a group and their membership
- Powershell Problems - Add-ADGroupMember variable not working