Error when adding bulk users in AD with PowerShell script

5,343

PowerShell 2.0 supports try/catch blocks, so you can catch and handle any exceptions.

You can put a Write-Host in your catch block to echo to the console which user is causing your script the problem.

Your script for example would look like this.

$objOU=[ADSI]“LDAP://OU=People,DC=testdomain,DC=com”
$dataSource=import-csv “test users2.csv”
foreach($dataRecord in $datasource)
{
    try
    {
        $cn=$dataRecord.FirstName + ” ” + $dataRecord.LastName
        $sAMAccountName=$dataRecord.UserName
        $givenName=$dataRecord.FirstName
        $sn=$dataRecord.LastName
        $sAMAccountName=$sAMAccountName.ToLower()
        $displayName=$givenName + " " + $sn
        $userPrincipalName=$sAMAccountName + “@testdomain.com”
        $sISID=$dataRecord.Sisid
        $objUser=$objOU.Create(“user”,”CN=”+$cn)
        $objUser.Put(“sAMAccountName”,$sAMAccountName)
        $objUser.Put(“userPrincipalName”,$userPrincipalName)
        $objUser.Put(“displayName”,$displayName)
        $objUser.Put(“givenName”,$givenName)
        $objUser.Put(“sn”,$sn)
        $objUser.Put("description",$dataRecord.Gender + ", " + "Class of " + $dataRecord.Graduation + ", " + $sISID)
        $objUser.SetInfo()
        $objUser.SetPassword($dataRecord.Password)
        $objUser.psbase.InvokeSet(“AccountDisabled”,$false)
        $objUser.SetInfo()
    }
    catch
    {
        Write-Host "*** Exception Handler ***"
        Write-Host "Problem username: " $dataRecord.UserName
        Write-Host "*************************"
    }
}

As for reasons the script might crash out, is the sAMAccountName unique (for example John Smith and James Smith both being jsmith) and does sAMAccountName contain any special characters (symbols, letters with accents etc)? There's a few reasons I can think off the top of my head why it might cause an exception.

5,343

Holocryptic

Updated on September 17, 2022

Comments

Holocryptic over 1 year

I'm trying to add users to AD using a PowerShell script that pulls info from a csv file. I've got it mostly working, in that users are created and they seem to work. However, I'm getting some exceptions when the script is run, and I need some help to debug it and figure out where it's failing. The script, csv snippet, and errors follow. Also note, that it looks like the errors do not occur on every user creation; I only have a few iterations of the errors.

Is there a way I can wrap this in an if/then statement to print out what's happening at the error point, or to see what AD object is failing and why? Or some other way to debug this?

$objOU=[ADSI]“LDAP://OU=People,DC=testdomain,DC=com”
$dataSource=import-csv “test users2.csv”
foreach($dataRecord in $datasource) {
    $cn=$dataRecord.FirstName + ” ” + $dataRecord.LastName
    $sAMAccountName=$dataRecord.UserName
    $givenName=$dataRecord.FirstName
    $sn=$dataRecord.LastName
    $sAMAccountName=$sAMAccountName.ToLower()
    $displayName=$givenName + " " + $sn
    $userPrincipalName=$sAMAccountName + “@testdomain.com”
    $sISID=$dataRecord.Sisid
    $objUser=$objOU.Create(“user”,”CN=”+$cn)
    $objUser.Put(“sAMAccountName”,$sAMAccountName)
    $objUser.Put(“userPrincipalName”,$userPrincipalName)
    $objUser.Put(“displayName”,$displayName)
    $objUser.Put(“givenName”,$givenName)
    $objUser.Put(“sn”,$sn)
    $objUser.Put("description",$dataRecord.Gender + ", " + "Class of " + $dataRecord.Graduation + ", " + $sISID)
    $objUser.SetInfo()
    $objUser.SetPassword($dataRecord.Password)
    $objUser.psbase.InvokeSet(“AccountDisabled”,$false)
    $objUser.SetInfo()
   }

USERNAME,PASSWORD,SISID,FIRSTNAME,LASTNAME,GRADUATION,GENDER
usera,dfqt4d,1111110681,Akeem,xxxxx,2016,M
userb,nw97ph,1111166963,Ariel,xxxxx,2015,F

Exception calling "SetInfo" with "0" argument(s): "A device attached to the system is not functioning. " At C:\For Sharing\add users script.ps1:19 char:17
    + $objUser.SetInfo <<<< ()
        + CategoryInfo          : NotSpecified: (:) [], MethodInvocationException
        + FullyQualifiedErrorId : CatchFromBaseAdapterMethodInvokeTI   

Exception calling "SetPassword" with "1" argument(s): "There is no such object on the server. " At C:\For Sharing\add users script.ps1:20 char:21
    + $objUser.SetPassword <<<< ($dataRecord.Password)
        + CategoryInfo          : NotSpecified: (:) [], MethodInvocationException
        + FullyQualifiedErrorId : CatchFromBaseAdapterMethodInvokeTI   

Exception calling "InvokeSet" with "2" argument(s): "The directory property cannot be found in the cache. " At C:\For Sharing\add users script.ps1:21 char:26
    + $objUser.psbase.InvokeSet <<<< (“AccountDisabled”,$false)
        + CategoryInfo          : NotSpecified: (:) [], MethodInvocationException
        + FullyQualifiedErrorId : DotNetMethodTargetInvocation

Holocryptic over 13 years

You are spot on in your last paragraph. I won't bore you with details, but I found 3 entries that had a period in the sAMAccountName (they were Jr.'s). I removed those and it seemed to go through fine after that. I'll play around with the try/catch handling a little later this week, but I'm confident enough to give you the points.