0

I have a script that works good overall, but one of the parameters doesn't show as it should.

Script :

# Create user account in AD. After execution, you will ask to set the password.
New-ADUser `
    -Name "John Travolta" `
    -GivenName "John" `
    -Surname "Travolta" `
    -UserPrincipalName "JohnT"`
    -DisplayName "John Travolta" `
    -AccountPassword (Read-Host -AsSecureString "Input User Password") `
    -ChangePasswordAtLogon $True `
    -Company "CLASS" `
    -Title "Actor" `
    -State "ON" `
    -City "Kitchener" `
    -Description "Bold dude from face off" `
    -EmployeeNumber "4" `
    -Department "Paramount Cinema" `
    -Country "CA" `
    -PostalCode "N2B G5T" `
    -SamAccountName "JohnT"`
    -MobilePhone "519-7218652"`
    -Enabled $True

#Add user to the specific OU.
$MOVEOU = Move-ADObject -Identity "CN=John Travolta,CN=Users,DC=class,DC=com" -TargetPath "OU=paramount cinema,DC=class,DC=com"
if ($moveou -eq "error") {
    Write-Host "Move ADObject failed" -ForegroundColor DarkRed
}
else {
    Write-Host "Move ADObject completed" -ForegroundColor Cyan
}

#Add user to the specific group
$MoveToGroup = Add-ADGroupMember -Identity SG-ParamountCinema -Members JohnT
if ($movetogroup -eq "error") {
    Write-Host "Add ADGroupMember Failed" -ForegroundColor DarkRed
}
else {
    Write-Host "Add ADGroupMember completed" -ForegroundColor Cyan
}

The result is good but, in case of an error it doesn't show the "Failed" in dark red, only the success one.

Please Help, thank you!

Improve this question
1
  • You can always add the -ErrorAction Stop parameter, and wrap things in a Try{}Catch{}. Such as Try{$MoveToGroup = Add-ADGroupMember -Identity SG-ParamountCinema -Members JohnT -ErrorAction Stop;Write-Host "Add ADGroupMember completed" -ForegroundColor Cyan}Catch{Write-Host "Add ADGroupMember Failed" -ForegroundColor DarkRed} Commented Jun 1, 2021 at 17:56

1 Answer 1

Reset to default
1

By default, if successful Add-ADGroupmember doesn't produce any output. Assigning nothing to $MoveToGroup will therefore never equal "error". This is probably the same for Move-ADObject. Regardless of output, this is the wrong way to handle errors. You should take a look at about_Try_Catch_Finally, but here's how it might look:

Try {
    $MoveToGroup = Add-ADGroupMember -Identity SG-ParamountCinema -Members JohnT -ErrorAction Stop -passThru
    Write-Host "Add ADGroupMember completed" -ForegroundColor Cyan
}
Catch {
    Write-Host "Add ADGroupMember Failed" -ForegroundColor DarkRed
}

Notice the addition of -passThru. While you do not need to assign any output to a variable for error handling, I don't know if the group object is needed elsewhere. Generally -passThru instructs a cmdlet to emit the object it worked on. So if the $MoveToGroup variable is needed elsewhere etc...

Generally using backticks to continue a line is frowned on. Instead try splatting. That might look something like:

$Params = @{
    Name                  = "John Travolta"
    GivenName             = "John"
    Surname               = "Travolta"
    UserPrincipalName     = "JohnT"
    DisplayName           = "John Travolta"
    AccountPassword       = (Read-Host -AsSecureString "Input User Password")
    ChangePasswordAtLogon = $True
    Company               = "CLASS"
    Title                 = "Actor"
    State                 = "ON"
    City                  = "Kitchener"
    Description           = "Bold dude from face off"
    EmployeeNumber        = "4"
    Department            = "Paramount Cinema"
    Country               = "CA"
    PostalCode            = "N2B G5T"
    SamAccountName        = "JohnT"
    MobilePhone           = "519-7218652"
    Enabled               = $True
    Path                  = "OU=paramount cinema,DC=class,DC=com"
}

New-ADUser @Params

Also, you don't need to move the ADUser after the fact. Simply use the -Path parameter in the New-ADUser command. Create it right where you intend it to be.

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.