Active Directory
A set of directory-based technologies included in Windows Server.
6,245 questions
This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
Hello,
I would like to know what is wrong with my code. I can't figure it out. I will post the error underneath. I hid the OU for security purposes. I copy and paste the distinguishedName from the attribute editor so I know I don't make mistake in the script. Some part are in french. Feel free to ask for a translation if necessary.
I'm still learning powershell please forgive my lack of knowledge.
Thanks!
Get-ADUser : Impossible de lier le paramètre «SearchScope». Impossible de convertir la valeur «OU=blabla,OU=blabla BLA,DC=BLA,DC=local» en type «
Microsoft.ActiveDirectory.Management.ADSearchScope». Erreur: «Impossible de faire correspondre le nom d'identificateur OU=LAME,OU=Groupe LSP,DC=lsp,DC=local à un nom d'énumérateur valide.
Spécifiez l'un des noms d'énumérateur suivants et réessayez :
Base, OneLevel, Subtree »
Au caractère C:\Users\Admin\Desktop\set never expire off in ou.ps1:3 : 43
+ Get-ADUser -filter * -SearchScope $OUs -properties Name, Pass ...
+ ~~~~
+ CategoryInfo : InvalidArgument : (:) [Get-ADUser], ParameterBindingException
+ FullyQualifiedErrorId : CannotConvertArgumentNoMessage,Microsoft.ActiveDirectory.Management.Commands.GetADUser
$OUs = 'OU=blabla,OU=blabla BLA,DC=BLA,DC=local'
ForEach ($OU in $OUs){
Get-ADUser -filter * -SearchScope $OU -properties Name, PasswordNeverExpires |
Where-Object { $_.passwordNeverExpires -eq "true" } |
Where-Object {$_.enabled -eq "true"} |
Set-ADUser -PasswordNeverExpires:$false
}
The OU name would be used with the Get-ADUser -SearchBase parameter. The "-SearchScope" parameter would be used to determine how much of the OU is to be seached. E.G.,