Help with a script RRS feed

  • Question

  • Could someone please help.

    Basically the following line does not work .

    GET-ADUSER -filter * -SearchBase $OU -properties LastLogonDate | where { $_.LastLogonDate.AddDays($NumberDays) -lt $CurrentDate } | Format-Table 


    Get-ADUser : Cannot validate argument on parameter 'SearchBase'. The argument is null. Provide a valid value for the argument, and then try running the command again.
    At C:\scripts\old_users.ps1:20 char:34
    + GET-ADUSER -filter * -SearchBase $OU -properties LastLogonDate | wher ...
    +                                                       ~~~
        + CategoryInfo          : InvalidData: (:) [Get-ADUser], ParameterBindingValidationException
        + FullyQualifiedErrorId : ParameterArgumentValidationError,Microsoft.ActiveDirectory.Management.Commands.GetADUser

    It seems to have something to do with the -SearchBase syntax needing a string and $OU is invalid. Although this script has been said to work, could you shed some light on where I am going wrong. Below is the full script created by Sean Kearney. Please forgive me if this is the wrong place or wrong way to post this. I have posted in the original thread as well but have not received an answer and probably chocked up to people being to busy.

    thank you,



    # List all users in that have not logged on within  
    # XXX days in "Active Directory"  
    # This script requires the Active Directory Module from Microsoft.  
    # It works with Server 2008 R2 and higher Domain Controllers 
    # Get the Current Date  
    # Number of Days to check back.    
    # Organizational Unit to search  
    Import-Module ActiveDirectory 
    GET-ADUSER -filter * -SearchBase $OU -properties LastLogonDate | where { $_.LastLogonDate.AddDays($NumberDays-lt $CurrentDate } | Format-Table 
    # Add in a | DISABLE-ADAccount to AUTOMATICALLY Disable those accounts.  
    # Line should read like this if you want to do that  
    # GET-ADUSER -filter * -SearchBase $OU -properties LastLogonDate | where { $_.LastLogonDate.AddDays($NumberDays) -lt $CurrentDate } | Disable-ADAccount 

    • Edited by syebrexsr Thursday, September 29, 2016 8:20 PM
    Thursday, September 29, 2016 8:18 PM


All replies

  • You define $SearchBase above but then try to use $OU in Get-ADUser.

    Thursday, September 29, 2016 8:21 PM
  • Ok, so I will work on that line and possibly get rid of the second $searchbase.
    Thursday, September 29, 2016 8:41 PM
  • You define $SearchBase above but then try to use $OU in Get-ADUser.

    Thank you, so I changed the way I would get date and add days, then I got rid of the second searchbase. Then I a used selectobject and entered what I wanted for my results. 

    I also removed the -Searchbase from above and just made sure -searchbase points to $OU

    Original scrip was written by Sean Kearney and I just modified it to work for me. I am sure it works as is but I am new to this and it didn't work for me. His script is located below at the following website.

    Here is my finished script the does the trick and you can export it to txt or csv.



    # List all users in that have not logged on within  
    # XXX days in "Active Directory"  
    # This script requires the Active Directory Module from Microsoft.  
    # It works with Server 2008 R2 and higher Domain Controllers 

    # Get the Current Date  
    $Now = Get-Date  
    # Number of Days to check back.    
    $Date = $Now.AddDays(-180)  
    # Organizational Unit to search  
    $OU='OU=MJHALL Users,DC=mjhallandcompany,DC=com'  
    Import-Module ActiveDirectory 
    Get-ADUser -Filter  {(lastLogonTimeStamp -le $Date) -and (lastLogonTimeStamp -gt 0)} -Searchbase $OU -Properties LastLogonTimeStamp | Select-Object name, samaccountname, userprincipalname, distinguishedname, Enabled | Format-Table
    # Add in a | DISABLE-ADAccount to AUTOMATICALLY Disable those accounts.  
    # Line should read like this if you want to do that  
    # Get-ADUser -Filter {(lastLogonTimeStamp -le $Date) -and (lastLogonTimeStamp -gt 0)} -Searchbase $OU -Properties LastLogonTimeStamp | Disable-ADAccount 
    • Edited by syebrexsr Friday, September 30, 2016 4:40 PM
    Friday, September 30, 2016 4:19 PM