• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1028
  • Last Modified:

Remove-QADGroupMember Giving Invalid URI Error On Only Some Groups

I am working on writing a script to automate some of the Active Directory tasks we perform when a user leaves our organization. One of those tasks is removing the user from all groups except "Domain Users." Here is a snippet of that code:
$AllGroups = Get-QADMemberOf $User
Foreach ($Group in $AllGroups)
{
	If ($Group -ne "Domain Users")
	{
		$null = Remove-QADGroupMember $Group -Member $User
		Write-Host "Removed $User from group: $Group ..."
	}
}

Open in new window

The problem is that for a select handful of groups this isn't working (it works great for most). I get this error:
Remove-QADGroupMember : Invalid URI: The hostname could not be parsed.
+ Remove-QADGroupMember <<<<  'ALL EXCH USERS' -Member mscruz
    + CategoryInfo          : NotSpecified: (:) [Remove-QADGroupMember], UriFormatException
    + FullyQualifiedErrorId : System.UriFormatException,Quest.ActiveRoles.ArsPowerShellSnapIn.Commands.RemoveGroupMemberCmdlet2

Open in new window

I have made sure that I have rights to these groups and have verified that I can make the same change manually in Active Directory.

Any Ideas?

Thanks,
-Al
0
Cacophony777
Asked:
Cacophony777
  • 4
  • 4
2 Solutions
 
kollenhCommented:
I suspect it has to do with the type of group.  If you look at those that have given you a problem, do you see a common thread?  Also, do you have a single-domain environment or multi-?
0
 
Cacophony777Author Commented:
Single Domain environment. What's weird is I have compared the group in the example above with a couple groups that I confirmed the script did work on and they all had the same security and all had the Group Scope set to Universal and Group Type as Security.

The line in the error that states "UriFormatException" leads me to believe that something is pulling over nice from the Get-QADMemberOF cmdlet. Only thing is, even if I just run  (Remove-QADGroup 'ALL EXCH USERS' -Member mscruz) on the command line I get the same error and that Syntax looks correct to me...
0
 
kollenhCommented:
I'm assuming your message above should have been "Remove-QADGroupMember" otherwise that is your problem..

Remove-QADGroupMember wants the DN of the group, so maybe try passing that explicitly?  In the script you'd use $group.dn
0
Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

 
Cacophony777Author Commented:
Yea... That was a typo.

Just tried using the DN when running the command and I'm getting the same result:
Remove-QADGroupMember : Invalid URI: The hostname could not be parsed.
At line:1 char:22
+ Remove-QADGroupMember <<<<  -identity 'CN=ALL EXCH USERS,OU=Distribution Lists,OU=COMHS,dc=*****,dc=***' -Member mscr
uz
    + CategoryInfo          : NotSpecified: (:) [Remove-QADGroupMember], UriFormatException
    + FullyQualifiedErrorId : System.UriFormatException,Quest.ActiveRoles.ArsPowerShellSnapIn.Commands.RemoveGroupMemb
   erCmdlet2

Open in new window

0
 
kollenhCommented:
Any chance that is a dynamically-generated DL?  Maybe try echoing out the DN of the group?  Something has to be different about that particular group.
0
 
Cacophony777Author Commented:
So I found me a work around.

If I use the MS ActiveDirectory Module (Remove-ADGroupMember) instead of Quest's ActiveRoles Snapin (Remove-QADGroupMember) it works...

I've never used the ActiveDirectory Module mostly because I had been using ActiveRoles with no issue. Is there any advantage to using one above the other?
0
 
kollenhCommented:
Actually I haven't used the MS module, either.  I'd say if it suits your needs, you're golden.

Sorry, I wasn't much help.
0
 
Cacophony777Author Commented:
Still not sure why I can't get this to work with Quest ActiveRoles, but I do have it working. Thanks to kollenh for the assistance. I still gave you some points for your time. :-)
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Protect Your Employees from Wi-Fi Threats

As Wi-Fi growth and popularity continues to climb, not everyone understands the risks that come with connecting to public Wi-Fi or even offering Wi-Fi to employees, visitors and guests. Download the resource kit to make sure your safe wherever business takes you!

  • 4
  • 4
Tackle projects and never again get stuck behind a technical roadblock.
Join Now