Active Directory
--
Questions
--
Followers
Top Experts
AD User Search in PowerShell
Trying to set the logon script field on users in a SUB OU.
I can change it for all users in the domain (including all OU's and sub-OU's) with this:
For example, doing this:
I can change it for all users in the domain (including all OU's and sub-OU's) with this:
Import-Module ActiveDirectory
$users=Get-ADUser -Filter *
foreach($u in $users)
{
Set-ADUser $u -ScriptPath "map.bat"
}For example, doing this:
Import-Module ActiveDirectory
$OU = "OU=TopOU,OU=SubOU,DC=mydomain,DC=local"
$users=Get-ADUser -Filter * -SearchBase $OU
foreach($u in $users)
{
Set-ADUser $u -ScriptPath "map.bat"
}Zero AI Policy
We believe in human intelligence. Our moderation policy strictly prohibits the use of LLM content in our Q&A threads.
I don't see an issue with script, if your account have sufficient permission on that OU then it should work. Are you able to manually add the script path for users in that OU? Is this a single domain environment?
Try with the -Server switch to specify the domain name or domain controller..
Try with the -Server switch to specify the domain name or domain controller..
Get-ADUser -Filter * -SearchBase "OU=TopOU,OU=SubOU,DC=mydomain,DC=local" -Server DC.mydomain.local | Set-ADUser –scriptPath "map.bat" -Server DC.mydomain.local
Yeah, I'm logged in with Administrator, and I can add it manually, AND my first script will add the path, but it adds it to EVERY user in the domain.
I got the same thing when adding -Server server.mydomain.local ... there is something it doesn't like about line 3 if I add anything besides the -Filter option.
I got the same thing when adding -Server server.mydomain.local ... there is something it doesn't like about line 3 if I add anything besides the -Filter option.
Hmm.. It work in my lab without any issue.. Can you post the exact error?
EARN REWARDS FOR ASKING, ANSWERING, AND MORE.
Earn free swag for participating on the platform.
Get-ADUser : Directory object not found
At line:2 char:8
+ $users=Get-ADUser -Filter * -SearchBase "OU=TopOU,OU=SubOU,DC=mydomain,DC=local" ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : ObjectNotFound: (:) [Get-ADUser], ADIdentityNotFoundException
+ FullyQualifiedErrorId : ActiveDirectoryCmdlet:Microsoft.ActiveDirectory.Management.ADIdentityNotFoundException,
Microsoft.ActiveDirectory.Management.Commands.GetADUser
ASKER CERTIFIED SOLUTION
membership
Log in or create a free account to see answer.
Signing up is free and takes 30 seconds. No credit card required.
Ha ha ... the DN has to be in this order:
OU=SubOU,OU=TopOU,DC=mydom
I had TopOU listed first ... switched it and it works like it should ... makes sense to follow the branch back up the chain, from sub-OU, to parent OU, to domain, to TLD.
I stabbed with about every variation I could think of ... I just hadn't thought it through logically :)
Thanks!
OU=SubOU,OU=TopOU,DC=mydom
I had TopOU listed first ... switched it and it works like it should ... makes sense to follow the branch back up the chain, from sub-OU, to parent OU, to domain, to TLD.
I stabbed with about every variation I could think of ... I just hadn't thought it through logically :)
Thanks!
Active Directory
--
Questions
--
Followers
Top Experts
Active Directory (AD) is a Microsoft brand for identity-related capabilities. In the on-premises world, Windows Server AD provides a set of identity capabilities and services, and is hugely popular (88% of Fortune 1000 and 95% of enterprises use AD). This topic includes all things Active Directory including DNS, Group Policy, DFS, troubleshooting, ADFS, and all other topics under the Microsoft AD and identity umbrella.