Solved

Problems Adding Devices from File Using Add-ADGroupMember

Posted on 2016-10-17
7
31 Views
Last Modified: 2016-10-19
I had question open for this same issue ( https://www.experts-exchange.com/questions/28976646/Error-Importing-Computer-Accounts-From-a-Text-File-using-Add-ADGroupMember.html)  before which Yo_Bee helped with with and did get it working. Thanks Yo_Bee!!!  

 When I tried to run the script again this morning. I am getting the following error..

Get-ADComputer : Cannot convert 'System.Object[]' to the type 'Microsoft.ActiveDirectory.Management.ADComputer'
required by parameter 'Identity'. Specified method is not supported.
At C:\AddingDevicesFromFileToGroup.ps1:9 char:33
+ $DN = (Get-ADComputer -Identity $devices).distinguishedname
+                                 ~~~~~~~~
    + CategoryInfo          : InvalidArgument: (:) [Get-ADComputer], ParameterBindingException
    + FullyQualifiedErrorId : CannotConvertArgument,Microsoft.ActiveDirectory.Management.Commands.GetADComputer

In my text file as soon as I narrow down my list to one device it works. It is almost like the foreach loop in not working

Import-Module ActiveDirectory

$devices = Get-Content 'C:\workstations.txt'
$grp = (Get-ADGroup -Identity '8021xEnabledDevices').distinguishedname

Foreach ($dn in $devices)

{
$DN = (Get-ADComputer -Identity $devices).distinguishedname

Add-ADGroupMember -Identity $grp -Members $dn}

Open in new window

0
Comment
Question by:compdigit44
  • 3
  • 3
7 Comments
 
LVL 39

Expert Comment

by:Adam Brown
ID: 41846969
The $DN = line is trying to pull the entire array in. Also, it's replacing the value of the $dn object you are creating in ($dn in $devices)

Try this out:
Import-Module ActiveDirectory

$devices = Get-Content 'C:\workstations.txt'
$grp = (Get-ADGroup -Identity '8021xEnabledDevices').distinguishedname

Foreach ($device in $devices)

{
$DN = (Get-ADComputer -Identity $device).distinguishedname

Add-ADGroupMember -Identity $grp -Members $dn}

Open in new window

0
 
LVL 84

Expert Comment

by:oBdA
ID: 41846970
You got somewhat confused concerning the variables ...
Import-Module ActiveDirectory

$devices = Get-Content 'C:\workstations.txt'
$grp = (Get-ADGroup -Identity '8021xEnabledDevices').distinguishedname

Foreach ($device in $devices) {
	$DN = (Get-ADComputer -Identity $device).distinguishedname
	Add-ADGroupMember -Identity $grp -Members $DN
}

Open in new window

0
 
LVL 19

Author Comment

by:compdigit44
ID: 41849298
Thank you both so very much... I must be tied and missing the but how does this different from the syntax I was using before?

I am trying to understanding this so I can become better in Powershell
0
NAS Cloud Backup Strategies

This article explains backup scenarios when using network storage. We review the so-called “3-2-1 strategy” and summarize the methods you can use to send NAS data to the cloud

 
LVL 84

Accepted Solution

by:
oBdA earned 500 total points
ID: 41849486
Everything was fine up until and including line 6:
Foreach ($dn in $devices)
Then came line 9 with two errors:
$DN = (Get-ADComputer -Identity $devices).distinguishedname
1. You already used $dn as loop variable, and you're reassigning it here as $DN.
2. You used the $devices array (containing the contents of 'C:\workstations.txt') instead of the loop variable as Identity for Get-ADComputer.

Alternatively, you can fill an array with the members and add them in one go:
Import-Module ActiveDirectory

$devices = Get-Content 'C:\workstations.txt'
$grp = (Get-ADGroup -Identity '8021xEnabledDevices').distinguishedname

$Members = @()
Foreach ($device in $devices) {
	$Members += (Get-ADComputer -Identity $device).distinguishedname
}
Add-ADGroupMember -Identity $grp -Members $Members

Open in new window


Finally, since you can use samAccountName as member identity, and a computer's samAccountName is its host name with a trailing $, you can even do without the Get-ADComputer to speed things up:
Import-Module ActiveDirectory

$grp = (Get-ADGroup -Identity '8021xEnabledDevices').distinguishedname
$Members = Get-Content 'C:\workstations.txt' | ForEach-Object {$_ + "`$"}

Add-ADGroupMember -Identity $grp -Members $Members

Open in new window

0
 
LVL 19

Author Comment

by:compdigit44
ID: 41850036
Wow great explaination and thank you very much.. I ran the script this morning using whatif first and worked perfect. Once I removed whatif I go the error message below

Get-ADComputer : Cannot bind parameter 'Identity' to the target. Exception setting "Identity": "Cannot validate
argument on parameter: 'Identity'. The argument is null or empty. Supply an argument that is not null or empty and
then try the command again."

The odd part if even though I got this error for each device on the list. It did end of adding them to the group?  Any thoughts on why I got the error?
0
 
LVL 84

Expert Comment

by:oBdA
ID: 41850048
Could be empty lines in devices.txt; how as that file generated? If in doubt, check with Notepad++ and "View > Show Symbol >  Show End Of Line" enabled.
0
 
LVL 19

Author Comment

by:compdigit44
ID: 41850075
good point...

I did a copy and paste of text from Excel so it could have extra  return characters...
0

Featured Post

Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this article, I am going to show you how to simulate a multi-site Lab environment on a single Hyper-V host. I use this method successfully in my own lab to simulate three fully routed global AD Sites on a Windows 10 Hyper-V host.
This article shows how to deploy dynamic backgrounds to computers depending on the aspect ratio of display
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

856 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question