none
New-ADUser adding otherattributes error .

    Question

  • Hello,

    this is the error I'm getting: 

    New-ADUser : Cannot Validate argument on parameter 'otherAttributes". The argument is null or an element of the argument collection contains a null value.

    is there a way to get the new-aduser command to ignore the Nulls, not all of my users have a IPPhone for example.

    I tried to use error action but it doesn't seem to work.

    

    Thursday, December 6, 2018 6:15 PM

Answers

  • My solution is always to test for nulls, and only attempt to update if there is a value. The only other option is to use a Try/Catch, in which case the command is skipped. With New-ADUser that means the user is not created.

    Testing for nulls can mean a series of If statements, with many different New-ADUser statements. Sometimes it is best to create the user with mandatory attributes, then use Set-ADUser for other attributes.


    Richard Mueller - MVP Enterprise Mobility (Identity and Access)

    • Marked as answer by Montbot Thursday, December 6, 2018 6:51 PM
    Thursday, December 6, 2018 6:46 PM

All replies

  • My solution is always to test for nulls, and only attempt to update if there is a value. The only other option is to use a Try/Catch, in which case the command is skipped. With New-ADUser that means the user is not created.

    Testing for nulls can mean a series of If statements, with many different New-ADUser statements. Sometimes it is best to create the user with mandatory attributes, then use Set-ADUser for other attributes.


    Richard Mueller - MVP Enterprise Mobility (Identity and Access)

    • Marked as answer by Montbot Thursday, December 6, 2018 6:51 PM
    Thursday, December 6, 2018 6:46 PM
  • Thanks Richard, I will use if statements and set-aduser.

    Thursday, December 6, 2018 6:50 PM
  • Actually, the -OtherAttributes parameter takes a hash table. Set up the hash table. If a value exists, add the (attribute, value) pair to the hash table. At the end, if the hash table has at least one entry, a single New-ADUser statement can assign all of the attributes in the hash table. I have done similar with Set-ADUser with great success.

    Richard Mueller - MVP Enterprise Mobility (Identity and Access)

    Thursday, December 6, 2018 7:08 PM
  • A quick example (not tested). Note, you could use the -OfficePhone parameter below, for example, but it is easier to use the actual telephoneNumber attribute when you are concerned about blank values. This example has just one New-ADUser statement if there are any attributes in the hash table, and one other if there are none.

    $CsvFile = ".\Users.csv"
    
    # Import the CSV file.
    $Users = Import-Csv $CsvFile
    
    # Enumerate the users in the CSV file, one line at a time.
    ForEach ($User In $Users)
    {
        # Retrieve values from the CSV file for this user.
        $ID = $User.sAMAcctName.Trim()
        $Path = $User.Path.Trim()
        $RDN = $User.Name.Trim()
        $Title = $User.Title.Trim()
        $Phone = $User.Phone.Trim()
        $Dept = $User.Department.Trim()
        $Mail = $User.Mail.Trim()
    
        # Hash table of attribute names and values.
        $OtherAttrs = @{}
    
        # Only consider attributes with values in the CSV file.
        If ($Title) {$OtherAttrs.Add("title", $Title)}
        If ($Phone) {$OtherAttrs.Add("telephoneNumber", $Phone)}
        If ($Dept) {$OtherAttrs.Add("department", $Dept)}
        If ($Mail) {$OtherAttrs.Add("mail", $Mail)}
    
        # Number of attributes to be assigned.
        $NumAttr = $OtherAttrs.Count
    
        If ($NumAttrs -ge 1) {New-ADUser -Name $RDN -Path $Path -OtherAttributes $OtherAttrs}
        Else {New-ADUser -Name $RDN -Path $Path}
    }
    



    Richard Mueller - MVP Enterprise Mobility (Identity and Access)

    Thursday, December 6, 2018 7:51 PM