Check if a group exists in AD using PowerShell
14,360
As you stated, the users are successfully added to the AD and then only you are getting the error. So you can avoid the error using two ways. You can try using
Get-ADGroupMember -Identity $groupmember -Recursive | Select -ExpandProperty SAMAccountName | -ErrorAction SilentlyContinue
or you could try like this
try {
Get-ADComputer -Identity “something”
}
catch [Microsoft.ActiveDirectory.Management.ADIdentityNotFoundException]
{
Write-Warning “AD computer object not found”
}
catch {}
Author by
Dexter
Updated on June 04, 2022Comments
-
Dexter almost 2 years
I wanted to create the code for the group to check whether the group exist or not exist. However, I couldn't get to work as it was successful adding the user and part members of the group only one but not the other groups because I manage to create a group in active directory and also reading from the csv. Here is my code and the result. Seems I get the error always after it successfully adding the user and including adding the members of the group
Result
#Import required modules Import-Module ActiveDirectory # Prompt user for CSV file path #$filepath = Read-Host -Prompt " Please enter the path to your CSV file".Trim() #Store the data from Test.csv in the $listusers variable $filepath = "C:\Test.csv" # Create a new password for every each users $securepassword = ConvertTo-SecureString "Password456!" -AsPlainText -Force # Import the file into a variable $listusers = Import-Csv $filepath # Loop through each row and gather information ForEach ($user in $listusers){ # #Getting values from the CSV headers contains the user's information $fname = $user.'Frist Name' $lname = $user.'Last Name' $username = $user.'Username' $emailaddress = $user.'Email Address' $OUpath = $user.'Organizational Unit' $users = Get-ADUser -Filter {SamAccountName -like $username} # Echo output for the each new user echo "Account created for $fname $lname in $OUpath" #Check to see if the user already exists in AD if ($users) # or (Get-ADUser -Filter {SamAccountName -eq $username}) { #If user does exist, give a warning Write-Warning "A user account with username $username already exist in Active Directory." } else { #if the user does not exist then proceed to create new account # Create new AD user for each user read from the CSV file. # The new account will be in created in OU directory path by the $Path variable New-ADUser ` -SamAccountName $username ` -Name "$fname $lname" ` -GivenName $fname ` -Surname $lname ` -UserPrincipalName "[email protected]" ` -Path $OUpath ` -AccountPassword $securepassword ` -EmailAddress $emailaddress ` -Enabled $True } } #Add members of the group Foreach($user in $listusers){ #Getting values from the CSV headers $username = $user.'Username' $groupmember = $user.'GroupName' $groupmember2 = $user.'GroupName2' $groupmember3 = $user.'GroupName3' $GroupExists = Get-ADGroup -Filter {SamAccountName -like $groupmember} $GroupExists2 = Get-ADGroup -Filter {SamAccountName -like $groupmember2} $GroupExists3 = Get-ADGroup -Filter {SamAccountName -like $groupmember3} $Members = Get-ADGroupMember -Identity $groupmember -Recursive | Select -ExpandProperty SAMAccountName $Members2 = Get-ADGroupMember -Identity $groupmember2 -Recursive | Select -ExpandProperty SAMAccountName $Members3 = Get-ADGroupMember -Identity $groupmember3 -Recursive | Select -ExpandProperty SAMAccountName ##Check to see if the user is already member in AD. If the user is not a member it will then add into the members of the group if($Members -contains $username) { Write-Host "$username is member of $groupmember".Trim() Write-Host "$username is member of $groupmember2".Trim() Write-Host "$username is member of $groupmember3".Trim() } if ($GroupExists , $GroupExists2 , $GroupExists3){ Write-Warning "A group name $groupmember, $groupmember2, $groupmember3 did not exsist" } else { Write-Host "$Username is not a member. Adding the account now".Trim() #Add members of the group add-ADGroupMember -Identity $groupmember -Members $Username add-ADGroupMember -Identity $groupmember2 -Members $Username add-ADGroupMember -Identity $groupmember3 -Members $Username } } #Exit the program Read-Host -Prompt "Press Enter to exit.".Trim()This is the error:
Account created for John Doe in OU=Users,OU=Razorfc,DC=Razorfc,DC=net WARNING: A user account with username John Doe already exist in Active Directory. Account created for Jake Doe in OU=Users,OU=Razorfc,DC=Razorfc,DC=net WARNING: A user account with username Jake Doe already exist in Active Directory. Account created for Jane.Doe in OU=Users,OU=Razorfc,DC=Razorfc,DC=net WARNING: A user account with username Jane.D already exist in Active Directory. Account created for Jim.Doe in OU=Users,OU=Razorfc,DC=Razorfc,DC=net WARNING: A user account with username Jim.Doe already exist in Active Directory. Get-ADGroupMember : Cannot find an object with identity: 'SI & Joko World's' under: 'DC=Razorfc,DC=net'. At C:\Create Users Read From CSV and Adding to the group members by John Doeo Han Xiang.ps1:73 char:17 + ... $Members2 = Get-ADGroupMember -Identity $groupmember2 -Recursive | Se ... + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + CategoryInfo : ObjectNotFound: (SI & Joko World's:ADGroup) [Get-ADGroupMember], ADIdentityNotFoundException + FullyQualifiedErrorId : ActiveDirectoryCmdlet:Microsoft.ActiveDirectory.Management.ADIdentityNotFoundException,Microsoft.ActiveDirectory.Management.Commands.GetADGroupMember Get-ADGroupMember : Cannot find an object with identity: 'PAN CI' under: 'DC=Razorfc,DC=net'. At C:\Create Users Read From CSV and Adding to the group members by John Doeo Han Xiang.ps1:74 char:17 + ... $Members3 = Get-ADGroupMember -Identity $groupmember3 -Recursive | Se ... + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + CategoryInfo : ObjectNotFound: (PAN CI:ADGroup) [Get-ADGroupMember], ADIdentityNotFoundException + FullyQualifiedErrorId : ActiveDirectoryCmdlet:Microsoft.ActiveDirectory.Management.ADIdentityNotFoundException,Microsoft.ActiveDirectory.Management.Commands.GetADGroupMember John Doe is member of DL_Razorfc John Doe is member of SI & Joko World's John Doe is member of PAN CI WARNING: A group name DL_Razorfc, SI & Joko World's, PAN CI did not exsist Get-ADGroupMember : Cannot find an object with identity: 'SI & Joko World's' under: 'DC=Razorfc,DC=net'. At C:\Create Users Read From CSV and Adding to the group members by John Doeo Han Xiang.ps1:73 char:17 + ... $Members2 = Get-ADGroupMember -Identity $groupmember2 -Recursive | Se ... + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + CategoryInfo : ObjectNotFound: (SI & Joko World's:ADGroup) [Get-ADGroupMember], ADIdentityNotFoundException + FullyQualifiedErrorId : ActiveDirectoryCmdlet:Microsoft.ActiveDirectory.Management.ADIdentityNotFoundException,Microsoft.ActiveDirectory.Management.Commands.GetADGroupMember Get-ADGroupMember : Cannot find an object with identity: 'PAN CI' under: 'DC=Razorfc,DC=net'. At C:\Create Users Read From CSV and Adding to the group members by John Doeo Han Xiang.ps1:74 char:17 + ... $Members3 = Get-ADGroupMember -Identity $groupmember3 -Recursive | Se ... + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + CategoryInfo : ObjectNotFound: (PAN CI:ADGroup) [Get-ADGroupMember], ADIdentityNotFoundException + FullyQualifiedErrorId : ActiveDirectoryCmdlet:Microsoft.ActiveDirectory.Management.ADIdentityNotFoundException,Microsoft.ActiveDirectory.Management.Commands.GetADGroupMember Jake Doe is member of DL_Razorfc Jake Doe is member of SI & Joko World's Jake Doe is member of PAN CI WARNING: A group name DL_Razorfc, SI & Joko World's, PAN CI did not exsist Get-ADGroupMember : Cannot find an object with identity: 'SI & Joko World's' under: 'DC=Razorfc,DC=net'. At C:\Create Users Read From CSV and Adding to the group members by John Doeo Han Xiang.ps1:73 char:17 + ... $Members2 = Get-ADGroupMember -Identity $groupmember2 -Recursive | Se ... + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + CategoryInfo : ObjectNotFound: (SI & Joko World's:ADGroup) [Get-ADGroupMember], ADIdentityNotFoundException + FullyQualifiedErrorId : ActiveDirectoryCmdlet:Microsoft.ActiveDirectory.Management.ADIdentityNotFoundException,Microsoft.ActiveDirectory.Management.Commands.GetADGroupMember Get-ADGroupMember : Cannot find an object with identity: 'PAN CI' under: 'DC=Razorfc,DC=net'. At C:\Create Users Read From CSV and Adding to the group members by John Doeo Han Xiang.ps1:74 char:17 + ... $Members3 = Get-ADGroupMember -Identity $groupmember3 -Recursive | Se ... + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + CategoryInfo : ObjectNotFound: (PAN CI:ADGroup) [Get-ADGroupMember], ADIdentityNotFoundException + FullyQualifiedErrorId : ActiveDirectoryCmdlet:Microsoft.ActiveDirectory.Management.ADIdentityNotFoundException,Microsoft.ActiveDirectory.Management.Commands.GetADGroupMember Jane.D is member of DL_Razorfc Jane.D is member of SI & Joko World's Jane.D is member of PAN CI WARNING: A group name DL_Razorfc, SI & Joko World's, PAN CI did not exsist Get-ADGroupMember : Cannot find an object with identity: 'SI & Joko World's' under: 'DC=Razorfc,DC=net'. At C:\Create Users Read From CSV and Adding to the group members by John Doeo Han Xiang.ps1:73 char:17 + ... $Members2 = Get-ADGroupMember -Identity $groupmember2 -Recursive | Se ... + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + CategoryInfo : ObjectNotFound: (SI & Joko World's:ADGroup) [Get-ADGroupMember], ADIdentityNotFoundException + FullyQualifiedErrorId : ActiveDirectoryCmdlet:Microsoft.ActiveDirectory.Management.ADIdentityNotFoundException,Microsoft.ActiveDirectory.Management.Commands.GetADGroupMember Get-ADGroupMember : Cannot find an object with identity: 'PAN CI' under: 'DC=Razorfc,DC=net'. At C:\Create Users Read From CSV and Adding to the group members by John Doeo Han Xiang.ps1:74 char:17 + ... $Members3 = Get-ADGroupMember -Identity $groupmember3 -Recursive | Se ... + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + CategoryInfo : ObjectNotFound: (PAN CI:ADGroup) [Get-ADGroupMember], ADIdentityNotFoundException + FullyQualifiedErrorId : ActiveDirectoryCmdlet:Microsoft.ActiveDirectory.Management.ADIdentityNotFoundException,Microsoft.ActiveDirectory.Management.Commands.GetADGroupMember Jim.Doe is member of DL_Razorfc Jim.Doe is member of SI & Joko World's Jim.Doe is member of PAN CI