0

I am trying to script a little application that would make possible to copy AD user's security groups and paste them to another one's profile.

I am good with this part but I want to make it a little bit more difficult by implementing some input boxes that would search for the AD user, errors out in case it does not exit in my AD and prompt once again until user has been found.

ipmo activedirectory

Add-type -assemblyName Microsoft.VisualBasic
Add-Type -AssemblyName System.Windows.Forms

$userref = [Microsoft.VisualBasic.Interaction]::Inputbox("Enter username 
", "Prime User")
$usertar = [Microsoft.VisualBasic.Interaction]::Inputbox("Enter username", 
"Target")

$userref, $usertar | foreach {

if ([bool](Get-ADUser -Filter {samaccountname -eq $_})  -ne $true) {

[System.Windows.Forms.MessageBox]::Show("This user does not exist!")
}

else {Write-Host "User Ok"}

}
Improve this question
2
  • 2
    You've not told us what the problem with your code is? Commented Sep 7, 2018 at 13:41
  • Sorry... The thing is that I want it to set a variable with the proper samaccountname eventually. I had tried with do...until but I could not make it to work. Commented Sep 7, 2018 at 13:48

1 Answer 1

Reset to default
1

Since you need to validate the existance of two AD users before the rest of your code can run, you are basically asking the same thing twice using inputboxes. In that case I would suggest adding a small custom function to do that.

Something like this perhaps:

Import-Module ActiveDirectory

Add-type -AssemblyName Microsoft.VisualBasic
Add-Type -AssemblyName System.Windows.Forms

function Get-UserFromInputbox ([string]$Title) {
    do {
        $account = [Microsoft.VisualBasic.Interaction]::Inputbox("Enter user accountname", $Title)
        # On Cancel the InputBox function simply returns an empty string.
        # in that case, just return $null so the calling code can handle it
        if ([string]::IsNullOrEmpty($account)) { return $null }

        # Check if the user can be found
        $user = Get-ADUser -Filter "SamAccountName -eq '$account'" –Properties MemberOf -ErrorAction SilentlyContinue
        if (!$user) {
            # If not found, show the same InputBox again until a valid 
            # accountname was given or the dialog is cancelled.
            [System.Windows.Forms.MessageBox]::Show("User '$account' does not exist!")
        }
    }
    while (!$user)

    return $user
}

# Get the AD User object for the source user
$userref = Get-UserFromInputbox -Title "Source User"
if (!$userref) { exit }

# Ditto for the target user
$usertar = Get-UserFromInputbox -Title "Target User"
if (!$usertar) { exit }

# From here on you should have two valid AD user objects with the default properties `DistinguishedName, Enabled,
# GivenName, Name, ObjectClass, ObjectGUID, SamAccountName, SID, Surname, UserPrincipalName`.
# In the function we extended that to also have the `MemberOf` property.

Hope this helps

Improve this answer
Sign up to request clarification or add additional context in comments.

2 Comments

It works like a charm! Thank you for this. I definitely need to practice...
@Charlypop Glad my answer helped you! Please consider accepting it by clicking the outlined checkmark to help others finding it sooner.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.