1

I'm trying to prepend any groups the user is a member of with "MW-" (that is working). But when I try to do a loop to add another user to those group names with the "MW-" that I stored in $var I get an error

Cannot bind parameter 'Identity'. Cannot convert value "@{MW-" + $_.name=MW-DFS-share1}" to value of type "Selected.Microsoft.ActiveDirectory.Management.ADGroup"

$var = Get-ADUser -Identity TestUser -Properties memberof |
       Select-Object -ExpandProperty memberof |
       Where {$_ -match "CN=DFS*"} |
       Get-ADGroup -Properties name |
       Select-Object {"MW-"+ $_.name}

foreach ($group in $var) {
    Add-ADGroupMember -Identity $group -Member TestUser
}

Note; When I run the Get-ADUser command it produces the output below:

"MW-"+ $_.name
--------------
MW-DFS-share1
MW-DFS-files
MW-DFS-archive
Improve this question

1 Answer 1

Reset to default
1

A calculated property is the easiest way to fix your issue. Then you need to either expand that property or access the property directly in your loop.

$var = Get-ADUser -Identity TestUser -Properties memberof |
           Select-Object -ExpandProperty memberof |
               Where {$_ -match "CN=DFS*"} |
                   Get-ADGroup -Properties name |
                       Select-Object @{Label='Name';Expression={"MW-"+ $_.name}}

foreach ($group in $var.Name) {
    Add-ADGroupMember -Identity $group -Member TestUser
}

The issues with your attempt was that you never provided a property name but rather just did the calculation. In the loop, you needed to access just the calculated values rather than the object that contained a property with the values.

If the goal is to read a user list from a file and then update each user's membership, you may do the following:

foreach ($user in (Get-Content c:\userlist.txt)) {
    $var = Get-ADUser -Identity $user -Properties memberof |
               Select-Object -ExpandProperty memberof |
                   Where {$_ -match "CN=DFS*"} |
                       Get-ADGroup -Properties name |
                           Select-Object @{Label='Name';Expression={"MW-"+ $_.name}}

    Add-ADPrincipalGroupMembership -Identity $user -MemberOf $var.Name
}

Using a foreach loop allows for assigning each user to a variable as you iterate through the list. That variable can then be referenced at any point within the loop.

Improve this answer
Sign up to request clarification or add additional context in comments.

7 Comments

Awesome, that makes sense. If I want to replace TestUser with a file containing the list of users would I do $var = Get-Content c:\userlist.txt | Foreach-Object {Get-Aduser
actually, I guess I'd need to edit the foreach loop as well? It should read the user from the file and make the changes then go to the next user and make the changes. etc. Not sure how to think about this
I tried the following, but failed. $var = Get-Content c:\userlist.txt | Get-ADUser -Properties memberof | Select-Object -ExpandProperty memberof | Where {$_ -match "CN=DFS*"} | Get-ADGroup -Properties name | Select-Object @{Label='Name';Expression={"MW-"+ $_.name}} foreach ($group in $var.Name) { Add-ADGroupMember -Identity $group -Member $_ }
If you have a list in a file, you will need to process each line individually in the pipeline. get-content file | foreach-object { get-aduser $_ -properties memberof }
Does this look right? $var = Get-Content c:\userlist.txt | foreach-object{Get-ADUser $_ -Properties memberof | Select-Object -ExpandProperty memberof | Where {$_ -match "CN=DFS*"} | Get-ADGroup -Properties name | Select-Object @{Label='Name';Expression={"MW-"+ $_.name}}} foreach ($group in $var.Name) { Add-ADGroupMember -Identity $group -Member $_ }
|

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.