Broken down into practical pointers and step-by-step instructions, the IT Service Excellence Tool Kit delivers expert advice for technology solution providers. Get your free copy now.
Issues with a powershell command get-aduser
We're experiencing an issue with a powershell command. We would like to run this command to simply retrieve the information on several objects. Unfortunately, we've been experiencing issues running the command against most (if not all) of our DCs. This is an issues that is going on intermitently, sometimes it happens sometimes it doesnt. Besides this error, I havent noticed any issues with our DCs. Does any one have any idea what this could mean?
Command:
get-aduser lesquivel -server celldepotdc2
Error:
get-aduser : A local error has occurred
At line:1 char:1
+ get-aduser lesquivel -server celldepotdc2
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : NotSpecified: (lesquivel:ADUser) [Get-ADUser], ADException
+ FullyQualifiedErrorId : ActiveDirectoryServer:8251
Further details:
- We have over 30 DCs in the domain which are 2008R2
- All admins in the team are experiencing this same error
Any insights on this would be much appreciated.
Command:
get-aduser lesquivel -server celldepotdc2
Error:
get-aduser : A local error has occurred
At line:1 char:1
+ get-aduser lesquivel -server celldepotdc2
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : NotSpecified: (lesquivel:ADUser) [Get-ADUser], ADException
+ FullyQualifiedErrorId : ActiveDirectoryServer:8251
Further details:
- We have over 30 DCs in the domain which are 2008R2
- All admins in the team are experiencing this same error
Any insights on this would be much appreciated.
Who is Participating?
Experts Exchange Solution brought to you by
Enjoy your complimentary solution view.
Get every solution instantly with premium.
Start your 7-day free trial.
I wear a lot of hats...
"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.
Check events on both the client and the DC you specify with the -server parameter to see if there's anything around the same time as the command was run.
Thank you all for your responses. Let me answer them:
@FOX
1. Yes, the command is being ran as an administrator.
2. The import was done automatically. We still ran the import-Module ActiveDirectory and the error occured again.
3. The FQDN is celldepot.local
@Qlemo
4. This is going on on most DCs (intermittent) but there are a few of them is happening all the time.
@footech
5. I will check the events on event viewer on both client and server and see whats up. I will come back with your answers.
@FOX
1. Yes, the command is being ran as an administrator.
2. The import was done automatically. We still ran the import-Module ActiveDirectory and the error occured again.
3. The FQDN is celldepot.local
@Qlemo
4. This is going on on most DCs (intermittent) but there are a few of them is happening all the time.
@footech
5. I will check the events on event viewer on both client and server and see whats up. I will come back with your answers.
Leo on one of your domain controllers run the command
repadmin /showrepl
YOu need to verify if your DCs are replicating successfully
repadmin /showrepl
YOu need to verify if your DCs are replicating successfully
Hello all, sorry for my delayed response.
I'm not seeing any events that might indicate an issue related to this command. THe DCs are replicated succesfully as per repadmin /showrepl. No issues there.
Any other ideas?
I will keep looking for events to see if I can catch something that might indicate an issue but so far, I dont see any,
I'm not seeing any events that might indicate an issue related to this command. THe DCs are replicated succesfully as per repadmin /showrepl. No issues there.
Any other ideas?
I will keep looking for events to see if I can catch something that might indicate an issue but so far, I dont see any,
This issue has been finally resolved. Investigating through logs we couldn't find any communication issues between the local computer and the DCs being targeted. We went back to basics and figured we should check the builtin users group in Active Directory Users and computers.
When checking this, we noticed that the group "Authenticated Users" was missing from a child domain. We added the group back in the Builtin / Users and this has fixed the issue.
Resolution for future cases:
- On all domains (child and parent domains) you have in your environment, check the Builtin container.
- Go to the Users group membership
- Check and make sure that the group "authenticated users" is present on all domains
- If there is a domain missing this group, request the AD team to added back again.
At least for us, this has resolved the issue. Thank you all for your replies.
When checking this, we noticed that the group "Authenticated Users" was missing from a child domain. We added the group back in the Builtin / Users and this has fixed the issue.
Resolution for future cases:
- On all domains (child and parent domains) you have in your environment, check the Builtin container.
- Go to the Users group membership
- Check and make sure that the group "authenticated users" is present on all domains
- If there is a domain missing this group, request the AD team to added back again.
At least for us, this has resolved the issue. Thank you all for your replies.
Experts Exchange Solution brought to you by
Your issues matter to us.
Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.
Start your 7-day free trialIt's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Powershell
From novice to tech pro — start learning today.
-
Microsoft ApplicationsCertification: MCSE Microsoft Certified Systems Engineer - Identity … 440 lessons
-
Microsoft ApplicationsCertification: MOS Microsoft Office Specialist - Excel 2010 Inter… 277 lessons
Question has a verified solution.
Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.
Have a better answer? Share it in a comment.
Experts Exchange Solution brought to you by
Enjoy your complimentary solution view.
Get every solution instantly with premium.
Start your 7-day free trial.
1. launched powershell as an administrator
2. Ran Import-Module ActiveDirectory (if it didn't load automatically)
3. Please list the fdqn of the domain after -server not just celldepotdc2