Remove From My Forums

SCCM Device Collection Members TO AD Security Group - Error Cannot find an object with identity: '$'

Question

Anyone have any idea why I would get this error? This One liner Command Script, works perfectly inside the SCCM Powershell Admin Console. However when i connect in by New-PSDrive i get the error below?

Even if i add the identity along with Distinguished name or SID, I still get the error.

Any ideas?

(Get-CMDevice -CollectionName "SCCMDeviceCollectionNameHere").name |ForEach-Object{Add-ADGroupMember "ADDGROUPNAMEHERE" -Members $_$ }

Add-ADGroupMember : Cannot find an object with identity: '$' under: 'DC=sub,DC=domain,DC=com'.
At C:\ADD-ADGroupMember2.ps1:11 char:83
+ ... Each-Object{Add-ADGroupMember "ADGROUPNameHere ...
+                 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : ObjectNotFound: ($:ADPrincipal) [Add-ADGroupMember], ADIdentityNotFoundException
    + FullyQualifiedErrorId : SetADGroupMember.ValidateMembersParameter,Microsoft.ActiveDirectory.Management.Commands.AddADGroupMember

Saturday, April 20, 2019 1:06 AM

Answers

0

Sign in to vote
That's good!

Now try this:

Get-CMDevice -CollectionName "Intl Home Worker PCI Subnet" | Select -ExpandProperty Name | ForEach-Object{ Add-ADGroupMember "ADDGROUPNAMEHERE" -Members $_ }

--- Rich Matheisen MCSE&I, Exchange Ex-MVP (16 years)

Rich... I think you might have solved it. I just added an extra " $ "
Get-CMDevice -CollectionName "DEVICECOLLECTIONNAMEHERE" |
Select -ExpandProperty Name |
ForEach-Object{ Add-ADGroupMember -Identity "SCCM_Intl_Home_Worker_PCI_Subnet" -Members $_$ }

It works!!!! No more error. That one little Select piece with Expand property did it! Now I will Automate it by Schedule to know for sure it works. Thanks for helping figure this out!
- Marked as answer by Chris480602 Wednesday, April 24, 2019 5:17 PM
- Edited by Chris480602 Wednesday, April 24, 2019 5:42 PM
Wednesday, April 24, 2019 4:43 PM

Reply

|

Quote

All replies

0

Sign in to vote

Looks like you've got an additional "$" in the "-Members" parameter value. It should be "$_", not "$_$"
--- Rich Matheisen MCSE&I, Exchange Ex-MVP (16 years)

Saturday, April 20, 2019 1:29 AM

Reply

|

Quote
0

Sign in to vote

Okay, I tried that before. I will give that another shot and see if it works. What I am doing here is the Device Collection has a list of Computer names in it. I am taking that and sending it to the Security Group. The idea is to automatically update the Security Group without any user interaction. So the names from “ CollectionName “ must be passed to Security Group. Works fine from SCCM powershell but it fails in regular power shell. SCCM is likely passing the parameter because it’s embedded into the Module.

Saturday, April 20, 2019 1:53 AM

Reply

|

Quote
0

Sign in to vote
If you're unsure what's being sent through the pipeline, try running this and see what's there:

(Get-CMDevice -CollectionName "SCCMDeviceCollectionNameHere").name | ForEach-Object{ $_ }

--- Rich Matheisen MCSE&I, Exchange Ex-MVP (16 years)
Saturday, April 20, 2019 2:33 AM

Reply

|

Quote
0

Sign in to vote
When i run that leaving inside the ForEach clause with $_ , there is no output. The problem happens only when it's passed to the AD Security group to add the members in:

Add-ADGroupMember "ADDADGROUPNAMEHERE" -Members $_
- Edited by Chris480602 Monday, April 22, 2019 3:36 PM
Monday, April 22, 2019 3:32 PM

Reply

|

Quote
0

Sign in to vote

You said this works with SCCM PowerShell? So if you open the SCCM console, go to the top left, click the little drop down arrow and select Connect via Windows PowerShell ISE, this will output all of the code that you need to import the SCCM module upon running the script. Just add your bit of code in the appropriate section.

To install the SCCM PowerShell modules you can simple install the SCCM console, and then run the script from that machine.

In the end, the only differene between using SCCM PowerShell vs your own is that you have to write the import-module seciton.

Monday, April 22, 2019 4:27 PM

Reply

|

Quote
0

Sign in to vote

Could this be your problem?

https://www.reddit.com/r/SCCM/comments/5oxp94/getcmdevice_returns_nothing_why/
--- Rich Matheisen MCSE&I, Exchange Ex-MVP (16 years)

Monday, April 22, 2019 6:10 PM

Reply

|

Quote
0

Sign in to vote

Tried it. Get the Same Error. For whatever reason, When i Click " Connect via Powershell " inside of SCCM I do not get the error.

Monday, April 22, 2019 9:56 PM

Reply

|

Quote
0

Sign in to vote
The resource ID wouldnt be the fix here because that is only associated with SCCM not Active Directory.

Also the Site Code is not the issue because i am able to connect to the PS-Drive Okay.

This strictly relates to passing a parameter to the argument from device collection to AD argument. Active Directory wants to accept it but when it's not launched from SCCM Console Powershell Connect it will not fill the Security Group with the Collection Members.

Still havent figured out what's causing this issue or how to fix it.
- Edited by Chris480602 Monday, April 22, 2019 11:19 PM
Monday, April 22, 2019 10:11 PM

Reply

|

Quote
0

Sign in to vote
Can you get the SCCM collection members without using the SCCM console connect to PowerShell? Sounds like the answer is yes.

Try this

$devices = Get-CMDevice -CollectionName "xxx" foreach($device in $devices) { Add-ADGroupMember -Identity "SomeName" -Members $device.Name }
Tuesday, April 23, 2019 1:54 PM

Reply

|

Quote

Here is what i get below. Unexpected token. This appears in the SCCM connect powershell window. When i run it in Powershell ISE it doesnt show an error at all, however it doesnt add any computers to the security group.

PS BW1:\> $devices = Get-CMDevice -CollectionName "DEVICECOLLECTIONNAMEHERE" foreach ($device in
$devices) { Add-ADGroupMember -Identity "ADGROUPNAMEHERE" -Members $device.Name }
At line:1 char:88
+ ... lectionName "DEVICECOLLECTIONNAMEHERE" foreach ($device in $device ...
+                                                                ~~
Unexpected token 'in' in expression or statement.
At line:1 char:87
+ ... CollectionName "DEVICECOLLECTIONNAMEHERE" foreach ($device in $dev ...
+                                                                  ~
Missing closing ')' in expression.
At line:1 char:99
+ ... e "DEVICECOLLECTIONNAMEHERE" foreach ($device in $devices) { Add-A ...
+                                                                 ~
Unexpected token ')' in expression or statement.
    + CategoryInfo          : ParserError: (:) [], ParentContainsErrorRecordException
    + FullyQualifiedErrorId : UnexpectedToken

Edited by Chris480602 Tuesday, April 23, 2019 5:32 PM

Tuesday, April 23, 2019 3:15 PM

0

Sign in to vote

Shouldn't foreach be on a new line?

Tuesday, April 23, 2019 5:42 PM

Reply

|

Quote
0

Sign in to vote
I thought It can be used as a statement, loop or a condition.

Ive seen it used multiple ways. I can change it. I just want to get this working so the Device Collection will automatically update the Security Group by command.

Ive seen some people struggle with this in Active Directory. Not sure what the cause is of this.
- Edited by Chris480602 Tuesday, April 23, 2019 5:47 PM
Tuesday, April 23, 2019 5:46 PM

Reply

|

Quote
0

Sign in to vote

did you run the code I posted? The blob you posted isn't correct

Tuesday, April 23, 2019 5:54 PM

Reply

|

Quote
0

Sign in to vote
@mrasmussen

Yes. I actually did use your code for that error above. What do i have wrong?

Your code doesnt throw in error in Powershell ISE but it does not add devices to the Security Group. In SCCM Powershell Window, it gives me an unexpected token error.
- Edited by Chris480602 Tuesday, April 23, 2019 6:05 PM
Tuesday, April 23, 2019 6:04 PM

Reply

|

Quote

does this work

$devices = Get-CMDevice -CollectionName "DEVICECOLLECTIONNAMEHERE" 
foreach ($device in $devices) 
{ 
$device.Name 
}

Tuesday, April 23, 2019 6:08 PM

0

Sign in to vote

@mrasmussen

Where does the ADD-ADGroupmember need to go, in order to add to the security group?

Tuesday, April 23, 2019 6:10 PM

Reply

|

Quote

Move the "foreach" to a new line.

$devices = Get-CMDevice -CollectionName "DEVICECOLLECTIONNAMEHERE"
foreach ($device in $devices) { 
    Add-ADGroupMember -Identity "ADGROUPNAMEHERE" -Members $device.Name 
}

--- Rich Matheisen MCSE&I, Exchange Ex-MVP (16 years)

Tuesday, April 23, 2019 6:12 PM

0

Sign in to vote
@Rich Matheisen [Ex-MVP (retired)]

Just tried it. Runs without error, but doesnt add anything to the security group.
- Edited by Chris480602 Tuesday, April 23, 2019 6:14 PM
Tuesday, April 23, 2019 6:14 PM

Reply

|

Quote
0

Sign in to vote

I was just verifying that the Get-CMDevice cmdlet was working properly, you should see a list of names ($device.Name)

Tuesday, April 23, 2019 7:10 PM

Reply

|

Quote
0

Sign in to vote
@Rich Matheisen [Ex-MVP (retired)]

Actually I do not see a list of names. With your code below:

$devices = Get-CMDevice -CollectionName "DEVICECOLLECTIONNAMEHERE" foreach ($device in $devices) { $device.Name }

There is no output with that above code inside Powershell ISE with Connection Script.
- Edited by Chris480602 Tuesday, April 23, 2019 7:14 PM
Tuesday, April 23, 2019 7:13 PM

Reply

|

Quote
0

Sign in to vote

That means that your Get-CMDevice isn't returning any devices. check that your CollectionName is correct.

Tuesday, April 23, 2019 7:18 PM

Reply

|

Quote
0

Sign in to vote
@mrasmussen

I just tested my original code and it is fine with exception of it not working in Powershell ISE. The Name still exists. I even tried your code with the Collection ID and it still didnt return any names.

(Get-CMDevice -CollectionName "SCCMDeviceCollectionNameHere").name |ForEach-Object{Add-ADGroupMember "ADDGROUPNAMEHERE" -Members $_$ }

In the VERBOSE output (of your code) I do see that it does show when i select the names from that collection name in the database.
- Edited by Chris480602 Tuesday, April 23, 2019 7:52 PM
Tuesday, April 23, 2019 7:32 PM

Reply

|

Quote
0

Sign in to vote

I didn't expect that it would. That change only fixes your coding problem.

I think you've already established that the Get-CMDevice -CollectionName "DEVICECOLLECTIONNAMEHERE" doesn't return anything.

Try adding "-Verbose" to that cmdlet's parameters and see if the output from that sheds any light on your situation.
--- Rich Matheisen MCSE&I, Exchange Ex-MVP (16 years)

Tuesday, April 23, 2019 9:14 PM

Reply

|

Quote
0

Sign in to vote

I didn't expect that it would. That change only fixes your coding problem.

I think you've already established that the Get-CMDevice -CollectionName "DEVICECOLLECTIONNAMEHERE" doesn't return anything.

Try adding "-Verbose" to that cmdlet's parameters and see if the output from that sheds any light on your situation.

--- Rich Matheisen MCSE&I, Exchange Ex-MVP (16 years)

That does display all of the members in my collection and it shows the WQL query. below:
VERBOSE: Finish: Execution of WQL query: SELECT * FROM SMS_CM_RES_COLL_BW1001FD. Processed 11 results in
00:00:01.7870961.
VERBOSE: Finish: Execution of WQL query: SELECT * FROM SMS_Collection WHERE Name = 'Intl Home Worker PCI Subnet'.
Processed 1 results in 00:00:01.9081675.

Tuesday, April 23, 2019 9:19 PM

Reply

|

Quote
0

Sign in to vote
So, is it possible that the objects simply have no member called "name"?

What's the class of an item returned from the query? What are the property names in an item?

This should get you the data needed to answer those two questions.

$devices = Get-CMDevice -CollectionName "DEVICECOLLECTIONNAMEHERE" $devices[0].GetType() $devices[0]|gm
Maybe "name" should be "MS-SMS-MP-Name"? That's just a wild guess based on the schema exensions from config manager.

--- Rich Matheisen MCSE&I, Exchange Ex-MVP (16 years)
Tuesday, April 23, 2019 11:48 PM

Reply

|

Quote
0

Sign in to vote
So, is it possible that the objects simply have no member called "name"?

What's the class of an item returned from the query? What are the property names in an item?

This should get you the data needed to answer those two questions.

$devices = Get-CMDevice -CollectionName "DEVICECOLLECTIONNAMEHERE" $devices[0].GetType() $devices[0]|gm
Maybe "name" should be "MS-SMS-MP-Name"? That's just a wild guess based on the schema exensions from config manager.

--- Rich Matheisen MCSE&I, Exchange Ex-MVP (16 years)

I copied just the " Name " Property under gm, else i can copy all of the output.

GetType

-----------------------------------------
TypeName : IResultObject#SMS_CM_RES_COLL_BW1001FD
Name : Name
MemberType : Property
Definition : Microsoft.ConfigurationManagement.ManagementProvider.WqlQueryEngine.WqlResultObject Name {get;set;}

GM

-------------------------------------------------------------------
Module : AdminUI.WqlQueryEngine.dll
Assembly : AdminUI.WqlQueryEngine, Version=5.0.0.0, Culture=neutral,
PublicKeyToken=31bf3856ad364e35
TypeHandle : System.RuntimeTypeHandle
DeclaringMethod :
BaseType : Microsoft.ConfigurationManagement.ManagementProvider.WqlQueryEngine.WqlResultObjectBa
se
UnderlyingSystemType : Microsoft.ConfigurationManagement.ManagementProvider.WqlQueryEngine.WqlResultObject
FullName : Microsoft.ConfigurationManagement.ManagementProvider.WqlQueryEngine.WqlResultObject
AssemblyQualifiedName : Microsoft.ConfigurationManagement.ManagementProvider.WqlQueryEngine.WqlResultObject,
AdminUI.WqlQueryEngine, Version=5.0.0.0, Culture=neutral,
PublicKeyToken=31bf3856ad364e35
Namespace : Microsoft.ConfigurationManagement.ManagementProvider.WqlQueryEngine
GUID : 07057d47-4533-38c5-9f32-f3b4b119f429
IsEnum : False
GenericParameterAttributes :
IsSecurityCritical : True
IsSecuritySafeCritical : False
IsSecurityTransparent : False
IsGenericTypeDefinition : False
IsGenericParameter : False
GenericParameterPosition :
IsGenericType : False
IsConstructedGenericType : False
ContainsGenericParameters : False
StructLayoutAttribute : System.Runtime.InteropServices.StructLayoutAttribute
Name : WqlResultObject
MemberType : TypeInfo
DeclaringType :
ReflectedType :
MetadataToken : 33554443
GenericTypeParameters : {}
DeclaredConstructors : {Void
.ctor(Microsoft.ConfigurationManagement.ManagementProvider.ConnectionManagerBase,
Microsoft.ConfigurationManagement.ManagementProvider.SmsNamedValuesDictionary,
System.Management.ManagementObject), Void
.ctor(Microsoft.ConfigurationManagement.ManagementProvider.ConnectionManagerBase,
Microsoft.ConfigurationManagement.ManagementProvider.SmsNamedValuesDictionary,
System.Management.ManagementBaseObject,
Microsoft.ConfigurationManagement.ManagementProvider.AsyncOperationDatabase)}
DeclaredEvents : {}
DeclaredFields : {}
DeclaredMembers : {System.Management.ManagementObject get_ManagedObject(), Void Dispose(Boolean), Void
Delete(), Void
Delete(Microsoft.ConfigurationManagement.ManagementProvider.ReportProgress)...}
DeclaredMethods : {System.Management.ManagementObject get_ManagedObject(), Void Dispose(Boolean), Void
Delete(), Void
Delete(Microsoft.ConfigurationManagement.ManagementProvider.ReportProgress)...}
DeclaredNestedTypes : {Microsoft.ConfigurationManagement.ManagementProvider.WqlQueryEngine.WqlResultObject+
<GetEnumerator>d__30}
DeclaredProperties : {System.Management.ManagementObject ManagedObject, System.Collections.Generic.Diction
ary`2[System.String,Microsoft.ConfigurationManagement.ManagementProvider.IResultObjec
t] EmbeddedProperties, System.Collections.Generic.Dictionary`2[System.String,Microsof
t.ConfigurationManagement.ManagementProvider.IResultObject] EmbeddedPropertyLists,
System.String OverridingObjectClass...}
ImplementedInterfaces : {System.IDisposable, System.ICloneable,
Microsoft.ConfigurationManagement.ManagementProvider.IResultObject2,
Microsoft.ConfigurationManagement.ManagementProvider.IResultObject...}
TypeInitializer :
IsNested : False
Attributes : AutoLayout, AnsiClass, Class, Public, BeforeFieldInit
IsVisible : True
IsNotPublic : False
IsPublic : True
IsNestedPublic : False
IsNestedPrivate : False
IsNestedFamily : False
IsNestedAssembly : False
IsNestedFamANDAssem : False
IsNestedFamORAssem : False
IsAutoLayout : True
IsLayoutSequential : False
IsExplicitLayout : False
IsClass : True
IsInterface : False
IsValueType : False
IsAbstract : False
IsSealed : False
IsSpecialName : False
IsImport : False
IsSerializable : False
IsAnsiClass : True
IsUnicodeClass : False
IsAutoClass : False
IsArray : False
IsByRef : False
IsPointer : False
IsPrimitive : False
IsCOMObject : False
HasElementType : False
IsContextful : False
IsMarshalByRef : False
GenericTypeArguments : {}
CustomAttributes : {}
Tuesday, April 23, 2019 11:57 PM

Reply

|

Quote
0

Sign in to vote

@Rich Matheisen [Ex-MVP (retired)]

Also here are all properties

PS BW1:\> $devices[0]|gm

TypeName: IResultObject#SMS_CM_RES_COLL_BW1001FD

Name MemberType Definition
---- ---------- ----------
Clone Method System.Object Clone(), System.Object ICloneable....
CompareTo Method int CompareTo(System.Object obj), int IComparabl...
ContainsObjectClass Method bool ContainsObjectClass(string type), bool IRes...
Delete Method void Delete(), void Delete(Microsoft.Configurati...
Dispose Method void Dispose(), void IDisposable.Dispose()
Equals Method bool Equals(System.Object obj)
ExecuteMethod Method Microsoft.ConfigurationManagement.ManagementProv...
FormatDisplayString Method string FormatDisplayString(string value), string...
FormatQuery Method string FormatQuery(string baseQuery, bool escape...
Get Method void Get(), void Get(Microsoft.ConfigurationMana...
GetArrayItems Method System.Collections.Generic.List[Microsoft.Config...
GetEnumerator Method System.Collections.IEnumerator GetEnumerator(), ...
GetHashCode Method int GetHashCode()
GetQualifierValue Method System.Object GetQualifierValue(string qualifier...
GetSingleItem Method Microsoft.ConfigurationManagement.ManagementProv...
GetType Method type GetType()
Put Method void Put(), void Put(Microsoft.ConfigurationMana...
SetArrayItems Method void SetArrayItems(string propertyName, System.C...
SetQualifierValue Method void SetQualifierValue(string qualifierName, Sys...
SetSingleItem Method void SetSingleItem(string propertyName, Microsof...
ToString Method string ToString()
Item ParameterizedProperty Microsoft.ConfigurationManagement.ManagementProv...
AADDeviceID Property Microsoft.ConfigurationManagement.ManagementProv...
AADTenantID Property Microsoft.ConfigurationManagement.ManagementProv...
ActivationLockBypassState Property Microsoft.ConfigurationManagement.ManagementProv...
ActivationLockBypassStateTimeStamp Property Microsoft.ConfigurationManagement.ManagementProv...
ActivationLockState Property Microsoft.ConfigurationManagement.ManagementProv...
ADLastLogonTime Property Microsoft.ConfigurationManagement.ManagementProv...
ADSiteName Property Microsoft.ConfigurationManagement.ManagementProv...
AMTFullVersion Property Microsoft.ConfigurationManagement.ManagementProv...
AMTStatus Property Microsoft.ConfigurationManagement.ManagementProv...
ATPLastConnected Property Microsoft.ConfigurationManagement.ManagementProv...
ATPOnboardingState Property Microsoft.ConfigurationManagement.ManagementProv...
ATPOrgId Property Microsoft.ConfigurationManagement.ManagementProv...
ATPSenseIsRunning Property Microsoft.ConfigurationManagement.ManagementProv...
CAComplianceEvalTime Property Microsoft.ConfigurationManagement.ManagementProv...
CAComplianceSetTime Property Microsoft.ConfigurationManagement.ManagementProv...
CAErrorDetails Property Microsoft.ConfigurationManagement.ManagementProv...
CAErrorLocation Property Microsoft.ConfigurationManagement.ManagementProv...
CAIsCompliant Property Microsoft.ConfigurationManagement.ManagementProv...
ClientActiveStatus Property Microsoft.ConfigurationManagement.ManagementProv...
ClientCertType Property Microsoft.ConfigurationManagement.ManagementProv...
ClientCheckPass Property Microsoft.ConfigurationManagement.ManagementProv...
ClientEdition Property Microsoft.ConfigurationManagement.ManagementProv...
ClientRemediationSuccess Property Microsoft.ConfigurationManagement.ManagementProv...
ClientState Property Microsoft.ConfigurationManagement.ManagementProv...
ClientType Property Microsoft.ConfigurationManagement.ManagementProv...
ClientVersion Property Microsoft.ConfigurationManagement.ManagementProv...
CNAccessMP Property Microsoft.ConfigurationManagement.ManagementProv...
CNIsOnInternet Property Microsoft.ConfigurationManagement.ManagementProv...
CNIsOnline Property Microsoft.ConfigurationManagement.ManagementProv...
CNLastOfflineTime Property Microsoft.ConfigurationManagement.ManagementProv...
CNLastOnlineTime Property Microsoft.ConfigurationManagement.ManagementProv...
CoManaged Property Microsoft.ConfigurationManagement.ManagementProv...
CurrentLogonUser Property Microsoft.ConfigurationManagement.ManagementProv...
DeviceAccessState Property Microsoft.ConfigurationManagement.ManagementProv...
DeviceCategory Property Microsoft.ConfigurationManagement.ManagementProv...
DeviceOS Property Microsoft.ConfigurationManagement.ManagementProv...
DeviceOSBuild Property Microsoft.ConfigurationManagement.ManagementProv...
DeviceOwner Property Microsoft.ConfigurationManagement.ManagementProv...
DeviceThreatLevel Property Microsoft.ConfigurationManagement.ManagementProv...
DeviceType Property Microsoft.ConfigurationManagement.ManagementProv...
Domain Property Microsoft.ConfigurationManagement.ManagementProv...
EASDeviceID Property Microsoft.ConfigurationManagement.ManagementProv...
EPAntispywareEnabled Property Microsoft.ConfigurationManagement.ManagementProv...
EPAntispywareSignatureLastUpdateDateTime Property Microsoft.ConfigurationManagement.ManagementProv...
EPAntispywareSignatureLastVersion Property Microsoft.ConfigurationManagement.ManagementProv...
EPAntivirusEnabled Property Microsoft.ConfigurationManagement.ManagementProv...
EPAntivirusSignatureLastUpdateDateTime Property Microsoft.ConfigurationManagement.ManagementProv...
EPAntivirusSignatureLastVersion Property Microsoft.ConfigurationManagement.ManagementProv...
EPClientVersion Property Microsoft.ConfigurationManagement.ManagementProv...
EPDeploymentDescription Property Microsoft.ConfigurationManagement.ManagementProv...
EPDeploymentErrorCode Property Microsoft.ConfigurationManagement.ManagementProv...
EPDeploymentState Property Microsoft.ConfigurationManagement.ManagementProv...
EPEnabled Property Microsoft.ConfigurationManagement.ManagementProv...
EPEngineVersion Property Microsoft.ConfigurationManagement.ManagementProv...
EPInfectionStatus Property Microsoft.ConfigurationManagement.ManagementProv...
EPLastFullScanDateTimeEnd Property Microsoft.ConfigurationManagement.ManagementProv...
EPLastFullScanDateTimeStart Property Microsoft.ConfigurationManagement.ManagementProv...
EPLastInfectionTime Property Microsoft.ConfigurationManagement.ManagementProv...
EPLastQuickScanDateTimeEnd Property Microsoft.ConfigurationManagement.ManagementProv...
EPLastQuickScanDateTimeStart Property Microsoft.ConfigurationManagement.ManagementProv...
EPLastThreatName Property Microsoft.ConfigurationManagement.ManagementProv...
EPPendingFullScan Property Microsoft.ConfigurationManagement.ManagementProv...
EPPendingManualSteps Property Microsoft.ConfigurationManagement.ManagementProv...
EPPendingOfflineScan Property Microsoft.ConfigurationManagement.ManagementProv...
EPPendingReboot Property Microsoft.ConfigurationManagement.ManagementProv...
EPPolicyApplicationDescription Property Microsoft.ConfigurationManagement.ManagementProv...
EPPolicyApplicationErrorCode Property Microsoft.ConfigurationManagement.ManagementProv...
EPPolicyApplicationState Property Microsoft.ConfigurationManagement.ManagementProv...
EPProductStatus Property Microsoft.ConfigurationManagement.ManagementProv...
ExchangeOrganization Property Microsoft.ConfigurationManagement.ManagementProv...
ExchangeServer Property Microsoft.ConfigurationManagement.ManagementProv...
IMEI Property Microsoft.ConfigurationManagement.ManagementProv...
IsActive Property Microsoft.ConfigurationManagement.ManagementProv...
IsAlwaysInternet Property Microsoft.ConfigurationManagement.ManagementProv...
IsAOACCapable Property Microsoft.ConfigurationManagement.ManagementProv...
IsApproved Property Microsoft.ConfigurationManagement.ManagementProv...
IsAssigned Property Microsoft.ConfigurationManagement.ManagementProv...
IsBlocked Property Microsoft.ConfigurationManagement.ManagementProv...
IsClient Property Microsoft.ConfigurationManagement.ManagementProv...
IsDecommissioned Property Microsoft.ConfigurationManagement.ManagementProv...
IsDirect Property Microsoft.ConfigurationManagement.ManagementProv...
IsInternetEnabled Property Microsoft.ConfigurationManagement.ManagementProv...
IsMDMActive Property Microsoft.ConfigurationManagement.ManagementProv...
IsObsolete Property Microsoft.ConfigurationManagement.ManagementProv...
IsSupervised Property Microsoft.ConfigurationManagement.ManagementProv...
IsVirtualMachine Property Microsoft.ConfigurationManagement.ManagementProv...
LastActiveTime Property Microsoft.ConfigurationManagement.ManagementProv...
LastClientCheckTime Property Microsoft.ConfigurationManagement.ManagementProv...
LastDDR Property Microsoft.ConfigurationManagement.ManagementProv...
LastHardwareScan Property Microsoft.ConfigurationManagement.ManagementProv...
LastInstallationError Property Microsoft.ConfigurationManagement.ManagementProv...
LastLogonUser Property Microsoft.ConfigurationManagement.ManagementProv...
LastMPServerName Property Microsoft.ConfigurationManagement.ManagementProv...
LastPolicyRequest Property Microsoft.ConfigurationManagement.ManagementProv...
LastSoftwareScan Property Microsoft.ConfigurationManagement.ManagementProv...
LastStatusMessage Property Microsoft.ConfigurationManagement.ManagementProv...
LastSuccessSyncTimeUTC Property Microsoft.ConfigurationManagement.ManagementProv...
LastSyncNowRequest Property Microsoft.ConfigurationManagement.ManagementProv...
LatestProcessingAttempt Property Microsoft.ConfigurationManagement.ManagementProv...
ManagementAuthority Property Microsoft.ConfigurationManagement.ManagementProv...
Name Property Microsoft.ConfigurationManagement.ManagementProv...
PasscodeResetState Property Microsoft.ConfigurationManagement.ManagementProv...
PasscodeResetStateTimeStamp Property Microsoft.ConfigurationManagement.ManagementProv...
PhoneNumber Property Microsoft.ConfigurationManagement.ManagementProv...
PolicyApplicationStatus Property Microsoft.ConfigurationManagement.ManagementProv...
PrimaryUser Property Microsoft.ConfigurationManagement.ManagementProv...
PSComputerName Property System.String PSComputerName {get;}
PSShowComputerName Property System.Boolean PSShowComputerName {get;set;}
RemoteLockState Property Microsoft.ConfigurationManagement.ManagementProv...
RemoteLockStateTimeStamp Property Microsoft.ConfigurationManagement.ManagementProv...
ResourceID Property Microsoft.ConfigurationManagement.ManagementProv...
ResourceType Property Microsoft.ConfigurationManagement.ManagementProv...
RetireStatus Property Microsoft.ConfigurationManagement.ManagementProv...
SerialNumber Property Microsoft.ConfigurationManagement.ManagementProv...
SiteCode Property Microsoft.ConfigurationManagement.ManagementProv...
SMSID Property Microsoft.ConfigurationManagement.ManagementProv...
SmsProviderObjectPath Property System.String SmsProviderObjectPath {get;}
Status Property Microsoft.ConfigurationManagement.ManagementProv...
SuppressAutoProvision Property Microsoft.ConfigurationManagement.ManagementProv...
SyncNowStatus Property Microsoft.ConfigurationManagement.ManagementProv...
Unknown Property Microsoft.ConfigurationManagement.ManagementProv...
UserDomainName Property Microsoft.ConfigurationManagement.ManagementProv...
UserName Property Microsoft.ConfigurationManagement.ManagementProv...
WipeStatus Property Microsoft.ConfigurationManagement.ManagementProv...

Wednesday, April 24, 2019 12:02 AM

Reply

|

Quote

@Rich Matheisen [Ex-MVP (retired)]

Here all properties

PS BW1:\> $devices[0]|gm

TypeName: IResultObject#SMS_CM_RES_COLL_BW1001FD

Name MemberType Definition
---- ---------- ----------
Clone Method System.Object Clone(), System.Object ICloneable....
CompareTo Method int CompareTo(System.Object obj), int IComparabl...
ContainsObjectClass Method bool ContainsObjectClass(string type), bool IRes...
Delete Method void Delete(), void Delete(Microsoft.Configurati...
Dispose Method void Dispose(), void IDisposable.Dispose()
Equals Method bool Equals(System.Object obj)
ExecuteMethod Method Microsoft.ConfigurationManagement.ManagementProv...
FormatDisplayString Method string FormatDisplayString(string value), string...
FormatQuery Method string FormatQuery(string baseQuery, bool escape...
Get Method void Get(), void Get(Microsoft.ConfigurationMana...
GetArrayItems Method System.Collections.Generic.List[Microsoft.Config...
GetEnumerator Method System.Collections.IEnumerator GetEnumerator(), ...
GetHashCode Method int GetHashCode()
GetQualifierValue Method System.Object GetQualifierValue(string qualifier...
GetSingleItem Method Microsoft.ConfigurationManagement.ManagementProv...
GetType Method type GetType()
Put Method void Put(), void Put(Microsoft.ConfigurationMana...
SetArrayItems Method void SetArrayItems(string propertyName, System.C...
SetQualifierValue Method void SetQualifierValue(string qualifierName, Sys...
SetSingleItem Method void SetSingleItem(string propertyName, Microsof...
ToString Method string ToString()
Item ParameterizedProperty Microsoft.ConfigurationManagement.ManagementProv...
AADDeviceID Property Microsoft.ConfigurationManagement.ManagementProv...
AADTenantID Property Microsoft.ConfigurationManagement.ManagementProv...
ActivationLockBypassState Property Microsoft.ConfigurationManagement.ManagementProv...
ActivationLockBypassStateTimeStamp Property Microsoft.ConfigurationManagement.ManagementProv...
ActivationLockState Property Microsoft.ConfigurationManagement.ManagementProv...
ADLastLogonTime Property Microsoft.ConfigurationManagement.ManagementProv...
ADSiteName Property Microsoft.ConfigurationManagement.ManagementProv...
AMTFullVersion Property Microsoft.ConfigurationManagement.ManagementProv...
AMTStatus Property Microsoft.ConfigurationManagement.ManagementProv...
ATPLastConnected Property Microsoft.ConfigurationManagement.ManagementProv...
ATPOnboardingState Property Microsoft.ConfigurationManagement.ManagementProv...
ATPOrgId Property Microsoft.ConfigurationManagement.ManagementProv...
ATPSenseIsRunning Property Microsoft.ConfigurationManagement.ManagementProv...
CAComplianceEvalTime Property Microsoft.ConfigurationManagement.ManagementProv...
CAComplianceSetTime Property Microsoft.ConfigurationManagement.ManagementProv...
CAErrorDetails Property Microsoft.ConfigurationManagement.ManagementProv...
CAErrorLocation Property Microsoft.ConfigurationManagement.ManagementProv...
CAIsCompliant Property Microsoft.ConfigurationManagement.ManagementProv...
ClientActiveStatus Property Microsoft.ConfigurationManagement.ManagementProv...
ClientCertType Property Microsoft.ConfigurationManagement.ManagementProv...
ClientCheckPass Property Microsoft.ConfigurationManagement.ManagementProv...
ClientEdition Property Microsoft.ConfigurationManagement.ManagementProv...
ClientRemediationSuccess Property Microsoft.ConfigurationManagement.ManagementProv...
ClientState Property Microsoft.ConfigurationManagement.ManagementProv...
ClientType Property Microsoft.ConfigurationManagement.ManagementProv...
ClientVersion Property Microsoft.ConfigurationManagement.ManagementProv...
CNAccessMP Property Microsoft.ConfigurationManagement.ManagementProv...
CNIsOnInternet Property Microsoft.ConfigurationManagement.ManagementProv...
CNIsOnline Property Microsoft.ConfigurationManagement.ManagementProv...
CNLastOfflineTime Property Microsoft.ConfigurationManagement.ManagementProv...
CNLastOnlineTime Property Microsoft.ConfigurationManagement.ManagementProv...
CoManaged Property Microsoft.ConfigurationManagement.ManagementProv...
CurrentLogonUser Property Microsoft.ConfigurationManagement.ManagementProv...
DeviceAccessState Property Microsoft.ConfigurationManagement.ManagementProv...
DeviceCategory Property Microsoft.ConfigurationManagement.ManagementProv...
DeviceOS Property Microsoft.ConfigurationManagement.ManagementProv...
DeviceOSBuild Property Microsoft.ConfigurationManagement.ManagementProv...
DeviceOwner Property Microsoft.ConfigurationManagement.ManagementProv...
DeviceThreatLevel Property Microsoft.ConfigurationManagement.ManagementProv...
DeviceType Property Microsoft.ConfigurationManagement.ManagementProv...
Domain Property Microsoft.ConfigurationManagement.ManagementProv...
EASDeviceID Property Microsoft.ConfigurationManagement.ManagementProv...
EPAntispywareEnabled Property Microsoft.ConfigurationManagement.ManagementProv...
EPAntispywareSignatureLastUpdateDateTime Property Microsoft.ConfigurationManagement.ManagementProv...
EPAntispywareSignatureLastVersion Property Microsoft.ConfigurationManagement.ManagementProv...
EPAntivirusEnabled Property Microsoft.ConfigurationManagement.ManagementProv...
EPAntivirusSignatureLastUpdateDateTime Property Microsoft.ConfigurationManagement.ManagementProv...
EPAntivirusSignatureLastVersion Property Microsoft.ConfigurationManagement.ManagementProv...
EPClientVersion Property Microsoft.ConfigurationManagement.ManagementProv...
EPDeploymentDescription Property Microsoft.ConfigurationManagement.ManagementProv...
EPDeploymentErrorCode Property Microsoft.ConfigurationManagement.ManagementProv...
EPDeploymentState Property Microsoft.ConfigurationManagement.ManagementProv...
EPEnabled Property Microsoft.ConfigurationManagement.ManagementProv...
EPEngineVersion Property Microsoft.ConfigurationManagement.ManagementProv...
EPInfectionStatus Property Microsoft.ConfigurationManagement.ManagementProv...
EPLastFullScanDateTimeEnd Property Microsoft.ConfigurationManagement.ManagementProv...
EPLastFullScanDateTimeStart Property Microsoft.ConfigurationManagement.ManagementProv...
EPLastInfectionTime Property Microsoft.ConfigurationManagement.ManagementProv...
EPLastQuickScanDateTimeEnd Property Microsoft.ConfigurationManagement.ManagementProv...
EPLastQuickScanDateTimeStart Property Microsoft.ConfigurationManagement.ManagementProv...
EPLastThreatName Property Microsoft.ConfigurationManagement.ManagementProv...
EPPendingFullScan Property Microsoft.ConfigurationManagement.ManagementProv...
EPPendingManualSteps Property Microsoft.ConfigurationManagement.ManagementProv...
EPPendingOfflineScan Property Microsoft.ConfigurationManagement.ManagementProv...
EPPendingReboot Property Microsoft.ConfigurationManagement.ManagementProv...
EPPolicyApplicationDescription Property Microsoft.ConfigurationManagement.ManagementProv...
EPPolicyApplicationErrorCode Property Microsoft.ConfigurationManagement.ManagementProv...
EPPolicyApplicationState Property Microsoft.ConfigurationManagement.ManagementProv...
EPProductStatus Property Microsoft.ConfigurationManagement.ManagementProv...
ExchangeOrganization Property Microsoft.ConfigurationManagement.ManagementProv...
ExchangeServer Property Microsoft.ConfigurationManagement.ManagementProv...
IMEI Property Microsoft.ConfigurationManagement.ManagementProv...
IsActive Property Microsoft.ConfigurationManagement.ManagementProv...
IsAlwaysInternet Property Microsoft.ConfigurationManagement.ManagementProv...
IsAOACCapable Property Microsoft.ConfigurationManagement.ManagementProv...
IsApproved Property Microsoft.ConfigurationManagement.ManagementProv...
IsAssigned Property Microsoft.ConfigurationManagement.ManagementProv...
IsBlocked Property Microsoft.ConfigurationManagement.ManagementProv...
IsClient Property Microsoft.ConfigurationManagement.ManagementProv...
IsDecommissioned Property Microsoft.ConfigurationManagement.ManagementProv...
IsDirect Property Microsoft.ConfigurationManagement.ManagementProv...
IsInternetEnabled Property Microsoft.ConfigurationManagement.ManagementProv...
IsMDMActive Property Microsoft.ConfigurationManagement.ManagementProv...
IsObsolete Property Microsoft.ConfigurationManagement.ManagementProv...
IsSupervised Property Microsoft.ConfigurationManagement.ManagementProv...
IsVirtualMachine Property Microsoft.ConfigurationManagement.ManagementProv...
LastActiveTime Property Microsoft.ConfigurationManagement.ManagementProv...
LastClientCheckTime Property Microsoft.ConfigurationManagement.ManagementProv...
LastDDR Property Microsoft.ConfigurationManagement.ManagementProv...
LastHardwareScan Property Microsoft.ConfigurationManagement.ManagementProv...
LastInstallationError Property Microsoft.ConfigurationManagement.ManagementProv...
LastLogonUser Property Microsoft.ConfigurationManagement.ManagementProv...
LastMPServerName Property Microsoft.ConfigurationManagement.ManagementProv...
LastPolicyRequest Property Microsoft.ConfigurationManagement.ManagementProv...
LastSoftwareScan Property Microsoft.ConfigurationManagement.ManagementProv...
LastStatusMessage Property Microsoft.ConfigurationManagement.ManagementProv...
LastSuccessSyncTimeUTC Property Microsoft.ConfigurationManagement.ManagementProv...
LastSyncNowRequest Property Microsoft.ConfigurationManagement.ManagementProv...
LatestProcessingAttempt Property Microsoft.ConfigurationManagement.ManagementProv...
ManagementAuthority Property Microsoft.ConfigurationManagement.ManagementProv...
Name Property Microsoft.ConfigurationManagement.ManagementProv...
PasscodeResetState Property Microsoft.ConfigurationManagement.ManagementProv...
PasscodeResetStateTimeStamp Property Microsoft.ConfigurationManagement.ManagementProv...
PhoneNumber Property Microsoft.ConfigurationManagement.ManagementProv...
PolicyApplicationStatus Property Microsoft.ConfigurationManagement.ManagementProv...
PrimaryUser Property Microsoft.ConfigurationManagement.ManagementProv...
PSComputerName Property System.String PSComputerName {get;}
PSShowComputerName Property System.Boolean PSShowComputerName {get;set;}
RemoteLockState Property Microsoft.ConfigurationManagement.ManagementProv...
RemoteLockStateTimeStamp Property Microsoft.ConfigurationManagement.ManagementProv...
ResourceID Property Microsoft.ConfigurationManagement.ManagementProv...
ResourceType Property Microsoft.ConfigurationManagement.ManagementProv...
RetireStatus Property Microsoft.ConfigurationManagement.ManagementProv...
SerialNumber Property Microsoft.ConfigurationManagement.ManagementProv...
SiteCode Property Microsoft.ConfigurationManagement.ManagementProv...
SMSID Property Microsoft.ConfigurationManagement.ManagementProv...
SmsProviderObjectPath Property System.String SmsProviderObjectPath {get;}
Status Property Microsoft.ConfigurationManagement.ManagementProv...
SuppressAutoProvision Property Microsoft.ConfigurationManagement.ManagementProv...
SyncNowStatus Property Microsoft.ConfigurationManagement.ManagementProv...
Unknown Property Microsoft.ConfigurationManagement.ManagementProv...
UserDomainName Property Microsoft.ConfigurationManagement.ManagementProv...
UserName Property Microsoft.ConfigurationManagement.ManagementProv...
WipeStatus Property Microsoft.ConfigurationManagement.ManagementProv...

Wednesday, April 24, 2019 12:02 AM

0

Sign in to vote
Try this and see if you get an array of names:

$devices = Get-CMDevice -CollectionName "DEVICECOLLECTIONNAMEHERE" | Select -ExpandProperty Name

The "Name" property isn't a simple string. It looks to be a Microsoft.ConfigurationManagement.ManagementProvider.IResultObject object.

I don't have a SCCM to work with, so I'm not sure I can be of much more help.

--- Rich Matheisen MCSE&I, Exchange Ex-MVP (16 years)
Wednesday, April 24, 2019 1:26 AM

Reply

|

Quote
0

Sign in to vote

I can try to help, I use SCCM daily. The output of the Get-CMDevice returns objects that have a Name property, at least in two of my environment.

Wednesday, April 24, 2019 1:45 PM

Reply

|

Quote
0

Sign in to vote
I just ran the following code and it listed all device names in a collection. Here is what I did

1. Opened SCCM console

2. In the console in the top left corner, select the drop down and select "Connect Via Windows PowerShell ISE"

3. In the PowerShell ISE that opened, at the end of the code that is auto generated, I entered the following

$devices = Get-CMDevice -CollectionName "All Systems" foreach($device in $devices) { $device.Name }

I hit F5 and I get a list of names in the All Systems collection.
Wednesday, April 24, 2019 2:15 PM

Reply

|

Quote
0

Sign in to vote
Try this and see if you get an array of names:

$devices = Get-CMDevice -CollectionName "DEVICECOLLECTIONNAMEHERE" | Select -ExpandProperty Name

The "Name" property isn't a simple string. It looks to be a Microsoft.ConfigurationManagement.ManagementProvider.IResultObject object.

I don't have a SCCM to work with, so I'm not sure I can be of much more help.

--- Rich Matheisen MCSE&I, Exchange Ex-MVP (16 years)

I get the list of names when i enter that array.

PS BW1:\> $devices2 = Get-CMDevice -CollectionName "Intl Home Worker PCI Subnet" | Select -ExpandProperty Name PS BW1:\> $devices2 YOUWN74880 YOUWD72873 YOUWD72865 YOUWD74346 YOUWD75196 YOUWD75198 YOUWD75199 YOUWD75197 YOUWD77254 YOUWD77253 YOUWD77220 PS BW1:\>
Wednesday, April 24, 2019 3:21 PM

Reply

|

Quote
0

Sign in to vote
I just ran the following code and it listed all device names in a collection. Here is what I did

1. Opened SCCM console

2. In the console in the top left corner, select the drop down and select "Connect Via Windows PowerShell ISE"

3. In the PowerShell ISE that opened, at the end of the code that is auto generated, I entered the following

$devices = Get-CMDevice -CollectionName "All Systems" foreach($device in $devices) { $device.Name }

I hit F5 and I get a list of names in the All Systems collection.

My issue isnt inside SCCM console or SCCM console ISE. It's from the regular powershell prompt. Also we know that it is reading from SCCM, because i am getting the names listed in the errors. So it is reading the device collection just like a list.
Wednesday, April 24, 2019 3:22 PM

Reply

|

Quote
0

Sign in to vote
stay with me, in that same code, where you get a list of devices, make it look like below

$devices = Get-CMDevice -CollectionName "All Systems" foreach($device in $devices) { Add-ADGroupMember -Identity "ADGROUPNAMEHERE" -Members $device.Name }

If the above doesn't work, the issue must be with the data types, does -Members look for a string? $device.Name is a string...

I would run the Add-AdGroupMember cmdlet in the same powershell session and manually enter the data and see if that works.
Wednesday, April 24, 2019 3:29 PM

Reply

|

Quote

That's good!

Now try this:

Get-CMDevice -CollectionName "Intl Home Worker PCI Subnet" | 
    Select -ExpandProperty Name | 
        ForEach-Object{ Add-ADGroupMember "ADDGROUPNAMEHERE" -Members $_ }

--- Rich Matheisen MCSE&I, Exchange Ex-MVP (16 years)

Wednesday, April 24, 2019 3:38 PM

That's good!

Now try this:
Get-CMDevice -CollectionName "Intl Home Worker PCI Subnet" | 
    Select -ExpandProperty Name | 
        ForEach-Object{ Add-ADGroupMember "ADDGROUPNAMEHERE" -Members $_ }
--- Rich Matheisen MCSE&I, Exchange Ex-MVP (16 years)

Ran it and I get the same error as before.

Add-ADGroupMember : Cannot find an object with identity: 'MILWN74880' under: 'DC=sub,DC=domain,DC=com'.
At C:\SCCM-ADD-ADGroupMember6.ps1:13 char:25
+ ... ach-Object{ Add-ADGroupMember "SCCM_Intl_Home_Worker_PCI_Subnet" -Mem ...
+                 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : ObjectNotFound: (MILWN74880:ADPrincipal) [Add-ADGroupMember], ADIdentityNotFoundException
    + FullyQualifiedErrorId : SetADGroupMember.ValidateMembersParameter,Microsoft.ActiveDirectory.Management.Commands.AddADGroupMember
 
Add-ADGroupMember : Cannot find an object with identity: 'MILWD72873' under: 'DC=sub,DC=domain,DC=com'.
At C:\SCCM-ADD-ADGroupMember6.ps1:13 char:25
+ ... ach-Object{ Add-ADGroupMember "SCCM_Intl_Home_Worker_PCI_Subnet" -Mem ...
+                 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : ObjectNotFound: (MILWD72873:ADPrincipal) [Add-ADGroupMember], ADIdentityNotFoundException
    + FullyQualifiedErrorId : SetADGroupMember.ValidateMembersParameter,Microsoft.ActiveDirectory.Management.Commands.AddADGroupMember
 
Add-ADGroupMember : Cannot find an object with identity: 'MILWD72865' under: 'DC=sub,DC=domain,DC=com'.
At C:\SCCM-ADD-ADGroupMember6.ps1:13 char:25
+ ... ach-Object{ Add-ADGroupMember "SCCM_Intl_Home_Worker_PCI_Subnet" -Mem ...
+                 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : ObjectNotFound: (MILWD72865:ADPrincipal) [Add-ADGroupMember], ADIdentityNotFoundException
    + FullyQualifiedErrorId : SetADGroupMember.ValidateMembersParameter,Microsoft.ActiveDirectory.Management.Commands.AddADGroupMember
 
Add-ADGroupMember : Cannot find an object with identity: 'MILWD74346' under: 'DC=sub,DC=domain,DC=com'.
At C:\SCCM-ADD-ADGroupMember6.ps1:13 char:25
+ ... ach-Object{ Add-ADGroupMember "SCCM_Intl_Home_Worker_PCI_Subnet" -Mem ...
+                 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : ObjectNotFound: (MILWD74346:ADPrincipal) [Add-ADGroupMember], ADIdentityNotFoundException
    + FullyQualifiedErrorId : SetADGroupMember.ValidateMembersParameter,Microsoft.ActiveDirectory.Management.Commands.AddADGroupMember
 
Add-ADGroupMember : Cannot find an object with identity: 'MILWD75196' under: 'DC=sub,DC=domain,DC=com'.
At C:\SCCM-ADD-ADGroupMember6.ps1:13 char:25
+ ... ach-Object{ Add-ADGroupMember "SCCM_Intl_Home_Worker_PCI_Subnet" -Mem ...
+                 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : ObjectNotFound: (MILWD75196:ADPrincipal) [Add-ADGroupMember], ADIdentityNotFoundException
    + FullyQualifiedErrorId : SetADGroupMember.ValidateMembersParameter,Microsoft.ActiveDirectory.Management.Commands.AddADGroupMember
 
Add-ADGroupMember : Cannot find an object with identity: 'MILWD75198' under: 'DC=sub,DC=domain,DC=com'.
At C:\SCCM-ADD-ADGroupMember6.ps1:13 char:25
+ ... ach-Object{ Add-ADGroupMember "SCCM_Intl_Home_Worker_PCI_Subnet" -Mem ...
+                 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : ObjectNotFound: (MILWD75198:ADPrincipal) [Add-ADGroupMember], ADIdentityNotFoundException
    + FullyQualifiedErrorId : SetADGroupMember.ValidateMembersParameter,Microsoft.ActiveDirectory.Management.Commands.AddADGroupMember
 
Add-ADGroupMember : Cannot find an object with identity: 'MILWD75199' under: 'DC=sub,DC=domain,DC=com'.
At C:\SCCM-ADD-ADGroupMember6.ps1:13 char:25
+ ... ach-Object{ Add-ADGroupMember "SCCM_Intl_Home_Worker_PCI_Subnet" -Mem ...
+                 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : ObjectNotFound: (MILWD75199:ADPrincipal) [Add-ADGroupMember], ADIdentityNotFoundException
    + FullyQualifiedErrorId : SetADGroupMember.ValidateMembersParameter,Microsoft.ActiveDirectory.Management.Commands.AddADGroupMember
 
Add-ADGroupMember : Cannot find an object with identity: 'MILWD75197' under: 'DC=sub,DC=domain,DC=com'.
At C:\SCCM-ADD-ADGroupMember6.ps1:13 char:25
+ ... ach-Object{ Add-ADGroupMember "SCCM_Intl_Home_Worker_PCI_Subnet" -Mem ...
+                 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : ObjectNotFound: (MILWD75197:ADPrincipal) [Add-ADGroupMember], ADIdentityNotFoundException
    + FullyQualifiedErrorId : SetADGroupMember.ValidateMembersParameter,Microsoft.ActiveDirectory.Management.Commands.AddADGroupMember
 
Add-ADGroupMember : Cannot find an object with identity: 'MILWD77254' under: 'DC=sub,DC=domain,DC=com'.
At C:\SCCM-ADD-ADGroupMember6.ps1:13 char:25
+ ... ach-Object{ Add-ADGroupMember "SCCM_Intl_Home_Worker_PCI_Subnet" -Mem ...
+                 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : ObjectNotFound: (MILWD77254:ADPrincipal) [Add-ADGroupMember], ADIdentityNotFoundException
    + FullyQualifiedErrorId : SetADGroupMember.ValidateMembersParameter,Microsoft.ActiveDirectory.Management.Commands.AddADGroupMember
 
Add-ADGroupMember : Cannot find an object with identity: 'MILWD77253' under: 'DC=sub,DC=domain,DC=com'.
At C:\SCCM-ADD-ADGroupMember6.ps1:13 char:25
+ ... ach-Object{ Add-ADGroupMember "SCCM_Intl_Home_Worker_PCI_Subnet" -Mem ...
+                 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : ObjectNotFound: (MILWD77253:ADPrincipal) [Add-ADGroupMember], ADIdentityNotFoundException
    + FullyQualifiedErrorId : SetADGroupMember.ValidateMembersParameter,Microsoft.ActiveDirectory.Management.Commands.AddADGroupMember
 
Add-ADGroupMember : Cannot find an object with identity: 'MILWD77220' under: 'DC=sub,DC=domain,DC=com'.
At C:\SCCM-ADD-ADGroupMember6.ps1:13 char:25
+ ... ach-Object{ Add-ADGroupMember "SCCM_Intl_Home_Worker_PCI_Subnet" -Mem ...
+                 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : ObjectNotFound: (MILWD77220:ADPrincipal) [Add-ADGroupMember], ADIdentityNotFoundException
    + FullyQualifiedErrorId : SetADGroupMember.ValidateMembersParameter,Microsoft.ActiveDirectory.Management.Commands.AddADGroupMember

Wednesday, April 24, 2019 3:58 PM

0

Sign in to vote
stay with me, in that same code, where you get a list of devices, make it look like below

$devices = Get-CMDevice -CollectionName "All Systems" foreach($device in $devices) { Add-ADGroupMember -Identity "ADGROUPNAMEHERE" -Members $device.Name }

If the above doesn't work, the issue must be with the data types, does -Members look for a string? $device.Name is a string...

I would run the Add-AdGroupMember cmdlet in the same powershell session and manually enter the data and see if that works.

Tested Command ADD-ADGroupMember in same window and it works fine. Also works fine in the Powershell ISE and Regular Powershell windows.

I believe you are right on the datatypes. It's having trouble tying the strings together or it could be that the property for " Name " needs to specified for SCCM and then for Active Directory. Not sure how i would do that. But that is something i have explored.

OR

Else If I could write a script to automatically open the SCCM console powershell window and automatically execute the script that would work too.

I figure I will eventually have to figure this issue out. I need to be able work with both SCCM and Active Directory.
Wednesday, April 24, 2019 4:36 PM

Reply

|

Quote
0

Sign in to vote
That's good!

Now try this:

Get-CMDevice -CollectionName "Intl Home Worker PCI Subnet" | Select -ExpandProperty Name | ForEach-Object{ Add-ADGroupMember "ADDGROUPNAMEHERE" -Members $_ }

--- Rich Matheisen MCSE&I, Exchange Ex-MVP (16 years)

Rich... I think you might have solved it. I just added an extra " $ "
Get-CMDevice -CollectionName "DEVICECOLLECTIONNAMEHERE" |
Select -ExpandProperty Name |
ForEach-Object{ Add-ADGroupMember -Identity "SCCM_Intl_Home_Worker_PCI_Subnet" -Members $_$ }

It works!!!! No more error. That one little Select piece with Expand property did it! Now I will Automate it by Schedule to know for sure it works. Thanks for helping figure this out!
- Marked as answer by Chris480602 Wednesday, April 24, 2019 5:17 PM
- Edited by Chris480602 Wednesday, April 24, 2019 5:42 PM
Wednesday, April 24, 2019 4:43 PM

Reply

|

Quote
0

Sign in to vote

Glad you got it to work, I'm not entirely sure about the $_$ thing, but if it works :)

Wednesday, April 24, 2019 5:16 PM

Reply

|

Quote
0

Sign in to vote

Glad you got it to work, I'm not entirely sure about the $_$ thing, but if it works :)

Thanks again.

Wednesday, April 24, 2019 5:17 PM

Reply

|

Quote
0

Sign in to vote

I don't know if there's another property in the object returned by Get-CMDevice that holds the samAccountName of the computer. The "name" property looks to be only the CN property of the computer object, and the Add-ADGroupMember want the samAccountName.

The CN property of a computer object doesn't have the trailing "$", but the samAccountName (being the NetBIOS name of the computer) does. The NetBIOS name must be unique within the AD, but the CN only has to be unique within the organizational unit.

You might want to look around and see if there is another property with the samAccountName in it. There are a couple that might fit the bill: PSComputerName, and UserName

--- Rich Matheisen MCSE&I, Exchange Ex-MVP (16 years)

Wednesday, April 24, 2019 5:58 PM

Reply

|

Quote

Products

Resources

Solutions

Updates

Trials

Related Sites

Training

Certifications

Other resources

Support options

More support

Not an IT pro?

Answered by:

SCCM Device Collection Members TO AD Security Group - Error Cannot find an object with identity: '$'

Question

Answers

All replies