locked
Powershell script only works for some domains RRS feed

  • Question

  • Hi everyone, I have a script to append notes to the telephone tab in AD.


    {
    if ($request.length -lt 2) {Write-Host ""}
    Else {
    Get-ADuser $user -Server $Domain -Properties info |
    ForEach-Object {
    $info = $_.Info
    $_|Set-ADuser -Replace @{info="$Info`r`nAccount Modified as per $request"}}}
    }


    However this only works for some of the $domains I have.The $domain variable works correctly as it is being used for other scripts perfectly.

    This script only works for 2/5 domains I'm working with. Anyone have any ideas?

    Monday, June 4, 2018 8:02 PM

All replies

  • What are the versions of the domains?

    ws2008r2?

    Monday, June 4, 2018 8:27 PM
  • #1: Windows Server 2003
    #2: Windows Server 2003
    #3: Windows Server 2003
    #4: Windows Server 2003
    #5: Windows Server 2008
    #6: Windows Server 2008 R2

    it works on #2 and #5 only... strange

    Monday, June 4, 2018 8:38 PM
  • #1 works maybe 2/10 tries
    Monday, June 4, 2018 8:51 PM
  • Hi everyone, I have a script to append notes to the telephone tab in AD.


    {
    if ($request.length -lt 2) {Write-Host ""}
    Else {
    Get-ADuser $user -Server $Domain -Properties info |
    ForEach-Object {
    $info = $_.Info
    $_|Set-ADuser -Replace @{info="$Info`r`nAccount Modified as per $request"}}}
    }


    However this only works for some of the $domains I have.The $domain variable works correctly as it is being used for other scripts perfectly.

    This script only works for 2/5 domains I'm working with. Anyone have any ideas?

    You don't say what the "$domain" variable holds. Does it contain the name of a DC of the domain in which the user object exists?

    Are you connecting to a specific domain controller for each of the several domains, or are you using a global catalog server (which is also a domain controller for one domain)?

    I don't recall if the "info" property is replicated to the GC, but I doubt it is.


    --- Rich Matheisen MCSE&I, Exchange Ex-MVP (16 years)

    Monday, June 4, 2018 9:18 PM
  • Windows 2003 and 2008 are no longer supported and have not been for years.  I suspect the extensions required are either missing or are out of date.

    Note that this only works on Domain Controllers.  You cannot target member servers.

    You may also have domain issues.


    \_(ツ)_/

    Monday, June 4, 2018 9:22 PM
  • $domain holds the domain in which the user object exists.

    I am connecting to a specific domain controller for each of the several domains, $DC

    Monday, June 4, 2018 9:52 PM
  • Windows 2003 and 2008 are no longer supported and have not been for years.  I suspect the extensions required are either missing or are out of date.

    Note that this only works on Domain Controllers.  You cannot target member servers.

    You may also have domain issues.


    \_(ツ)_/

    Do you know where I can find more info on these extensions?
    Monday, June 4, 2018 9:53 PM
  • Each domain must have its own ADWS.  WS2003 does not natively support RSAT.  RSAT is included with WS2008r2 but must be separately installed from the server features.

    WS2003 AD must be upgraded to share in a WS2008r2 Forest correctly.


    \_(ツ)_/

    Monday, June 4, 2018 10:00 PM
  • Windows 2003 and 2008 are no longer supported and have not been for years.  I suspect the extensions required are either missing or are out of date.

    Note that this only works on Domain Controllers.  You cannot target member servers.

    You may also have domain issues.


    \_(ツ)_/

    Do you know where I can find more info on these extensions?

    I don't believe they are available anymore.  Have you tried searching?


    \_(ツ)_/

    Monday, June 4, 2018 10:01 PM
  • Well, the point is that you need to make sure that all you have installed on domain 1 works for all the other domains.

    Windows Server 2003 is out of support for about 5 or 6 years ago. Take a time to update it to 2012 r2 at least.

    It's an irresponsibility to have those domains stills active.

    Monday, June 4, 2018 10:11 PM
  • ADWS MUST be installed on at least one server in each domain that you want to query with PowerShell CmdLets.


    \_(ツ)_/

    Monday, June 4, 2018 10:17 PM
  • ADWS MUST be installed on at least one server in each domain that you want to query with PowerShell CmdLets.


    \_(ツ)_/

    Would the pre-cmdlet way of using the "[adsi]" adaptor work for him? Updating DCs can be a time-consuming process. Sometimes it even take updating other software that have dependencies on the existing behaviors of the old AD, or the new software won't run on the old hardware.

    Some like this:

    $user = [ADSI]"LDAP://<server>/cn=<user>,ou=<OU>,dc=<domain>,dc=<domain>"
    $info = $user.info
    $info = "$info`r`nblah bla blah"
    $user.put("info",$info)
    $user.SetInfo()



    --- Rich Matheisen MCSE&I, Exchange Ex-MVP (16 years)

    Tuesday, June 5, 2018 2:12 AM