Hey guys! I've been working on a little project recently and I had a little error, the project is simple, a little program to create users in active directory by clicking on a button. I used that sentence for the creation:

#############################################################################

 

New-ADUser -Name "$username" -AccountExpirationDate "4/10/2016" -AccountNotDelegated $false -AccountPassword (Read-Host -AsSecureString "Give the generated password") -AllowReversiblePasswordEncryption $false -AuthType Negotiate -CannotChangePassword $false -Certificates $null -ChangePasswordAtLogon $false -City "" -Company "" -Country "" -Credential Administrator -Department "" -Description "" -DisplayName "" -Division "" -EmailAddress "" -EmployeeID "" -EmployeeNumber "" -Enabled $true  -Fax "" -GivenName ""  -HomeDirectory "P:\Dossiers Personnels\$username" -HomeDrive "P:" -HomePage "http://google.ch" -HomePhone "" -Initials "" -Instance "" -LogonWorkstations "" -Manager Administrator -MobilePhone "" -Office "" -OfficePhone "" -Organization "" -OtherAttributes @{title="user"} -OtherName "" -PassThru  -PasswordNeverExpires $true -PasswordNotRequired $false -Path "ou=Users,dc=WIN-VENUOMRLOOG" -POBox "25662" -PostalCode "" -ProfilePath "C:\Users\" -SamAccountName "$username" -ScriptPath "" -Server MyName -ServicePrincipalNames "" -SmartcardLogonRequired $false -State "" -StreetAddress "" -Surname "" -Title "" -TrustedForDelegation $false -Type "" -UserPrincipalName "" -Confirm

#############################################################################

Basically, I just wanna create the simplest user possible, but I get the error:

New-ADUser : The server is unwilling to process the request
At C:\Users\Administrator\Documents\Myproject.ps1:47 char:2
+  New-ADUser -Name "$username" -AccountExpirationDate "4/10/2016" -AccountNotDele ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : NotSpecified: (CN=b.a,ou=Users,dc=WIN-VENUOMRLOOG:String) [New-ADUser], ADException
    + FullyQualifiedErrorId : ActiveDirectoryServer:0,Microsoft.ActiveDirectory.Management.Commands.NewADUser

Can you guys help me please? Thanks already.

• Edited by EMFHofer Friday, February 27, 2015 12:19 PM

Hi,

try dropping each parameter that doesn't do a thing anyway (all those empty strings for example).

Will this error repeat if you create the user with minimal parameters? Try adding Parameters until the error occurs again. That way you can narrow down the source of your errors.

Cheers,
Fred

Ps.: Wouldn't splatting be more efficient to use here?

Yhea I get the same error even with dropping all those useless parameters. What is splatting ^^' I'm not a Powershell expert but I have to use it for a project so I'm learning while doing.

You are trying to set a lot of blank fields.  That will cause errors. 

Here is an example without a splat.  It will likely work because I have removed all blank and incorrect properties.

$AccountPassword=Read-Host -AsSecureString "Give the generated password"
New-ADUser `
	-Name $username `
	-AccountExpirationDate '4/10/2016' `
	-AccountPassword $AccountPassword `
	-Credential Administrator `
	-Enabled $true  `
	-HomeDirectory "P:\Dossiers Personnels\$username" `
	-HomeDrive 'P:' `
	-HomePage 'http://google.ch' `
	-Manager Administrator `
	-title 'user' `
	-POBox '25662' `
	-ProfilePath "C:\Users\$username" `
	-SamAccountName $username 

With splatting:

$props=@{
	Name=$username
	AccountExpirationDate='4/10/2016'
	AccountPassword=(ConvertTo-SecureString -String P@ssw0rd -AsPlainText Force)
	Credential='Administrator'
	Enabled=$true
	HomeDirectory="P:\Dossiers Personnels\$username"
	HomeDrive='P:'
	HomePage='http://google.ch'
	Manager='Administrator'
	title='user'
	POBox='25662'
	ProfilePath="C:\Users\$username"
	SamAccountName=$username
}
New-ADUser @props

HELP splat

Hey guys! I've been working on a little project recently and I had a little error, the project is simple, a little program to create users in active directory by clicking on a button. I used that sentence for the creation:

#############################################################################

 

New-ADUser -Name "$username" -AccountExpirationDate "4/10/2016" -AccountNotDelegated $false -AccountPassword (Read-Host -AsSecureString "Give the generated password") -AllowReversiblePasswordEncryption $false -AuthType Negotiate -CannotChangePassword $false -Certificates $null -ChangePasswordAtLogon $false -City "" -Company "" -Country "" -Credential Administrator -Department "" -Description "" -DisplayName "" -Division "" -EmailAddress "" -EmployeeID "" -EmployeeNumber "" -Enabled $true  -Fax "" -GivenName ""  -HomeDirectory "P:\Dossiers Personnels\$username" -HomeDrive "P:" -HomePage "http://google.ch" -HomePhone "" -Initials "" -Instance "" -LogonWorkstations "" -Manager Administrator -MobilePhone "" -Office "" -OfficePhone "" -Organization "" -OtherAttributes @{title="user"} -OtherName "" -PassThru  -PasswordNeverExpires $true -PasswordNotRequired $false -Path "ou=Users,dc=WIN-VENUOMRLOOG" -POBox "25662" -PostalCode "" -ProfilePath "C:\Users\" -SamAccountName "$username" -ScriptPath "" -Server MyName -ServicePrincipalNames "" -SmartcardLogonRequired $false -State "" -StreetAddress "" -Surname "" -Title "" -TrustedForDelegation $false -Type "" -UserPrincipalName "" -Confirm

#############################################################################

Basically, I just wanna create the simplest user possible, but I get the error:

New-ADUser : The server is unwilling to process the request
At C:\Users\Administrator\Documents\Myproject.ps1:47 char:2
+  New-ADUser -Name "$username" -AccountExpirationDate "4/10/2016" -AccountNotDele ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : NotSpecified: (CN=b.a,ou=Users,dc=WIN-VENUOMRLOOG:String) [New-ADUser], ADException
    + FullyQualifiedErrorId : ActiveDirectoryServer:0,Microsoft.ActiveDirectory.Management.Commands.NewADUser

Can you guys help me please? Thanks already.

I should have read the error at the end of the script before posting bellow ;) !!!

I believe the path you are using is incorrect.

You are either missing the ending of your domain or its incorrect. 

For example if your domain is:

Test.com

the path setting should be 

"ou=users,dc=test,dc=com"

Also you will need to remove the "" around  SamAccountName  option as I assume you are using a variable called $username. Otherwise the above will create a user called $username. 

This is the same for the -Name option at the start of the script. 

For profile path either remove this option or set it to a network share I would not put c:\ in there. 

Lastly I would remove all blank options from the above. 

Enjoy :D

• Edited by RandomTechGuy Friday, February 27, 2015 1:13 PM

Thanks, but now he won't recognize anything, he takes -Name as a cmdlet and won't do anything if it's not on the same line:

-Name : The term '-Name' is not recognized as the name of a cmdlet, function, script file, or operable program. Check the spelling of the name, or if a path was included, verify that the 
path is correct and try again.
At C:\Users\Administrator\Documents\MyProject.ps1:49 char:2
+     -Name $username
+     ~~~~~
    + CategoryInfo          : ObjectNotFound: (-Name:String) [], CommandNotFoundException
    + FullyQualifiedErrorId : CommandNotFoundException

okay, thanks, I'll try and tell you back

There is no "ou=users,dc=test,dc=com"

In AD it is: "CN=users,dc=test,dc=com"

We do not need to specify this as a default because it is the default.

You cannot set parameters to empty strings.  It is syntax violation.

In a "Splat" we can passing parameters to $null but still not to "" or any variable that evaluates to "".

Finally found the answer, thanks to everyone and big thanks to JRV, it works fine with your splatting, and it's a lot easier to read, once again, thank you ^^' =3

Sorry - I forgot the ` at the end of the first line.  This is why splatting is better than line continuation characters.

Whenever we have more than three or four parameters it is usually best to splat.

JRV,

Should the profile path not be:

ProfilePath ="C:\users\" + $username ?

As the "C:\users\$username" would enter the profile path as exactly that. 

Even better it would be better to put profile path as:

ProfilePath ="C:\users\%username%" Ad fill then change it to the username. 

Though I still dont think using C:\ is a good idea or even work though I have never tried. 

sorry I did mean CN. :) copyed from the above

JRV,

Should the profile path not be:

ProfilePath ="C:\users\" + $username ?

As the "C:\users\$username" would enter the profile path as exactly that. 

Even better it would be better to put profile path as:

ProfilePath ="C:\users\%username%" Ad fill then change it to the username. 

Though I still dont think using C:\ is a good idea or even work though I have never tried. 

No - it works as I posted it.  I suggest reviewing how expandable strings work in PowerShell. The % won't work in PowerShell.  That only works in ADUC.  Again - basic PowerShell and basic ADSI/LDAP.  You are thinking GUI.

Thanks!

sorry I did mean CN. :) copyed from the above

Still it is not necessary to use path when you want the default. In fact, we can change the default container in ADSI an have new users show up where we want them.  SBS and WS2008R2 do that by default.  We don not want to put users in a container that cannot receive Group Policy. You cannot add GPOs to a folder; only an OU.

Having a bad day you totally are right and I was not paying attention. Thanks for correcting me, I should sometimes think before answering ;)

Having a bad day you totally are right and I was not paying attention. Thanks for correcting me, I should sometimes think before answering ;)

It takes a little bit to switch to PowerShell thinking but it does happen with experience.  Keep coding and it will become more predictable.

And another quick question ^^'

I need to take all my ADUsers and to put them into a listbox, to get them, no problem. To display them, that's the problem. I used

  $listeUsers = Get-ADUser -Filter {title -like 'user'} -AuthType Negotiate -Server "Servname.hofer.root"
  $Users.Items.Add("$listeUsers")

and this only gives me a long line into my listbox, which I can select, but instead of having something like that:

--------------------------

I need this

-
-
-
-
-
 shame I can't post any screenshot, thanks for the help.

shame I can't post any screenshot, thanks for the help.

You can get your account verified for posting images and links by posting in the verification thread stuck to the top of the following forum (currently named Verify Your Account 25):

https://social.technet.microsoft.com/Forums/en-US/home?forum=reportabug

As a side note, we generally try to keep each thread to a single question.

You need to spend a bit oftimelearning the basics of PowerShell.  You keep doing things that are going to cause you issues. 

#1 - stop putting quotes around every variable.
#2 - stop adding unnecessary parameters on you CmdLets.

$listeUsers = Get-ADUser -Filter "title -like 'user'"
$Users.DataSource=[System.Collections.Arraylist]$listeUsers
$users.DisplayMember='Name'

Also this is a new question so you really should open a new topic.

Exactly what I did, I took that week for some learning and I managed to finish the whole thing, it actually works well, I have 2 issues left:

I get an error when I've only 1 user:

################################################################

Cannot convert the "CN=Florian Hofer,CN=Users,DC=hofer,DC=root" value of type "Microsoft.ActiveDirectory.Management.ADUser" to type "System.Collections.ArrayList".
At C:\Users\Administrator\Documents\MyProjext.ps1:109 char:5
+     $Users.DataSource=[System.Collections.Arraylist]$listeUsersss
+     ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : InvalidArgument: (:) [], RuntimeException
    + FullyQualifiedErrorId : ConvertToFinalInvalidCastException

################################################################

and the last one is that I cannot login with the users I've created, simply doesn't work ^^' Did I miss something?

FIX:

$Users.DataSource=[System.Collections.Arraylist]@($listeUsersss)