This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(41.6, 23%, 14%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ERS%3C/text%3E%3C/svg%3E)
Hi! Everyone,
I have hit another brick wall, but as usually, I'm clueless and hope I can get some knowledge here.
I have completed the creation of a Runbook to unlock AD User accounts following the workflow attached. The steps includes;
I test run this Runbook in 3 ways;
"$CurrentUserGroupObj = Get-ADUser -Identity $CurrentUser -Properties MemberOf"
Can someone shed some light what is going on?
Thank you and best regards.
Ronald
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(150.4, 92%, 24%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EXM%3C/text%3E%3C/svg%3E)
Hi,
What's your Orchestrator version?
Here are some tips for your reference.
How to run Active Directory cmdlets in Orchestrator .Net Activity
Hi! XinGuo,
You are right, I check your article and I immediately encountered the error in the version 2 environment. I followed the guide and remodify the Registry (I did it few days back). I am still getting the error running the Runbook in Orchestrator Console with the following error;
Name : Check Group
Type : Run .Net Script
Status : Failed
Publish Data : Error Summary Text
Value : Cannot find an object with identity: '2016SVR3$' under: 'DC=test,DC=com'.
Maybe the other day after I modified the Registry, Runbook Tester can execute my script and now the error is on Console side.
Do you have any idea about this error?
Appreciate your kind advise.
Thank you and best regards.
Ronald
>Value : Cannot find an object with identity: '2016SVR3$' under: 'DC=test,DC=com'.
'2016SVR3$' looks like a computer account not a user account.
Hi XinGuo,
Yes, 2016SVR3 is the computer object of the Orchestrator Server. All the roles of Orchestrator sits on this Server except for the SQL Database Server.
Do you know why this computer object is requested for my Runbook? I have posted the scripts for "Check Group" just now, so you can reference that. Prior to this action, I do have a few more Run .Net Script objects that are also querying AD for user info and no such error. Hence, I have been knocked off course as I do test at every stage.
Kindly advise if you know of anything that can resolve this error.
Thank you.
Ronald
The options are:
Hi! Leon/Stefan/Andreas,
After reading XinGuo-MSFT post, I did try loading up Powershell Version 2 on the 32bits Powershell and indeed I encountered the error. I then followed by redo modification of the registry key "hklm\software\wow6432node\microsoft.netframework\OnlyUseLatestCLR" and it worked thereafter. However, the Runbook is still failing at the "Check Group" with the below error.
Name : Check Group
Type : Run .Net Script
Status : Failed
Publish Data : Error Summary Text
Value : Cannot find an object with identity: '2016SVR3$' under: 'DC=test,DC=com'.
I do not know why it is looking for the SCO server object name. Do you have any clue?
Appreciate your kind advise.
Thank you and best regards.
Ronald
Maybe you can post your script here?
Regards
Andreas Baumgarten
Good afternoon! Andreas,
Here's the script attached for all.
Thank you.
Ronald
As XinGuo already mentioned:
$ENV:Username doesn't work here if the Runbook is executed by the Orchestrator Runbook Service.
A better way is to use an "existing user" to compare with the $InputUser details.
$currentuser = "<SamAccountName of User>"
Maybe this is helpful.
Regards
Andreas Baumgarten
(Please don't forget to Accept as answer if the reply is helpful)