question

kardon-6773 avatar image
0 Votes"
kardon-6773 asked IanXue-MSFT answered

Set-AdUser a referral was returned from the server

I'm trying to set a new company value for users from a CSV.

I read that you get the error when not setting the server in my Set-AdUser command.

 At line:18 char:18
 + ...    $query | Set-ADUser -Server tstdc01 -Company "New Company"
 +                 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  + CategoryInfo          : ResourceUnavailable: (CN=testUser\, H...DC=domain,DC=local:ADUser) [Set-ADUser], ADReferralException
  + FullyQualifiedErrorId : ActiveDirectoryServer:8235,Microsoft.ActiveDirectory.Management.Commands.SetADUser
    
 --------------------------------------------------------------------------------------------------------
    
 Import-Module ActiveDirectory
 $users = Import-Csv -Path "pathToCsv.csv" -Encoding UTF8 -Delimiter ";"
 $setUsers = @()
 $domain = "domain.local:3268"
 foreach ($user in $users) {
  $samAccountName = $user.samAccountName
  $query = Get-ADUser -Filter {Samaccountname -eq $samAccountName} -Server $domain
  if ($query) {
      $query | Set-ADUser -server tstdc01-Company "New Company"
      $setUsers += $query
  }
 }
windows-server-powershellwindows-active-directory
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

AndreasBaumgarten avatar image
0 Votes"
AndreasBaumgarten answered AndreasBaumgarten edited

Hi @kardon-6773 ,

please try this:

 Import-Module ActiveDirectory
  $users = Import-Csv -Path "users.csv" -Encoding UTF8 -Delimiter ";"
  $setUsers = @()
  $domain = "TEST.LOCAL"
  foreach ($user in $users) {
   $samAccountName = $user.samAccountName
   $query = Get-ADUser -Filter {Samaccountname -eq $samAccountName} -Server $domain
   if ($query) {
      $query | Set-ADUser -server $domain -Company "New Company"
      $setUsers += $query
   }
  }

Here in my environment it's working. Only modification I did:
I removed the port in $domain = "domain.local:3268"

Get-ADUser accepts for -server:

Domain name values:
Fully qualified domain name (FQDN)
NetBIOS name

Directory server values:
Fully qualified directory server name
NetBIOS name
Fully qualified directory server name and port

Source: https://docs.microsoft.com/en-us/powershell/module/activedirectory/get-aduser?view=windowsserver2019-ps
For the domain FQDN no port allowed
For domain controller FQDN a port is ok

I changed the -server value here ``$query | Set-ADUser -server tstdc01 -Company "New Company" `


(If the reply was helpful please don't forget to upvote and/or accept as answer, thank you)

Regards
Andreas Baumgarten

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

IanXue-MSFT avatar image
0 Votes"
IanXue-MSFT answered

Hi,

I ran your script on my server but it worked well. What about ADSI?

 $user = [ADSI]"LDAP://cn=testuser,ou=testou,dc=domain,dc=local"
 $user.company = "New Company"
 $user.setinfo()

Best Regards,
Ian Xue
============================================
If the Answer is helpful, please click "Accept Answer" and upvote it.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.