0

Good afternoon! Hope everyone's getting settled in with warm drinks and snowshoes.

I am working on a user creation script for AD and came across some curious behaviour. The goal here is to check if the person's SAMID already exists, and if it does, to append "1" to the SAMID.

For example, let's use "Jaina Proudmoore" as our user.

import-csv $inputCSV | foreach {
$FullName = $_.FullName
$company = $_.Company
$Givenname = $fullname.Split(" ")[0]
$Surname = $fullname.split(" ")[1]
$firstInitial = ($fullname.substring(0,1)).ToLower()
$surnameLower = $surname.ToLower()
$GivennameLower = $Givenname.ToLower()
$samid = $firstInitial + $surnameLower

$samidcheck = get-aduser $samid
if ($samid -ne $null) {
$samid = $samid + 1
}

$Description = "Created By NewUserCreation Script $DateFormat"
$global:Department = $_.Department
$Title = $_.Title
$Office = $_.Office
$StreetAddress = $_.StreetAddress
$PostalCode = $_.PostalCode
$ManagerFullName = $_.Manager
$ManagerDN = (get-aduser -filter 'Name -like $ManagerFullName').DistinguishedName
$Country = "CA"
$co = "Canada"
$OfficePhone = $_.OfficePhone
$MobilePhone = $_.MobilePhone
$countryCode = "124"
$City = $_.Location
$GroupSourceUser = $_.GroupSourceUser
$GroupSourceUserDN = (get-aduser -filter "Name -like '$GroupSourceUser'").DistinguishedName

$ADUserCheck = get-aduser -Filter 'Name -like $FullName' -ErrorAction SilentlyContinue

In this case, the SAMID check should give me:

$samidcheck = get-aduser jproudmoore

If I were to execute this manually:

get-aduser : Cannot find an object with identity: 'jproudmoore' under: 'DC=home,DC=local'.
At line:1 char:1
+ get-aduser jproudmoore
+ ~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : ObjectNotFound: (jproudmoore:ADUser) [Get-ADUser], ADIdentityNotFoundException
    + FullyQualifiedErrorId : ActiveDirectoryCmdlet:Microsoft.ActiveDirectory.Management.ADIdentityNotFoundException,Microsoft.ActiveDirectory.Management.Commands.GetADUser

If I understand this correctly, it means "user wasn't found". So therefore, my SAMID should be created as "jproudmoore". However, the script creates "jproudmoore1", as if it were detecting the output as NOT null.

if ($samid -ne $null) {

Since there was an object not found error, I would assume that the output is indeed not equal to null, and therefore:

$samid = $samid + 1
}

What am I missing here? I feel like it's something obvious.

Thanks in advance for your time and have a fabulous week!

  • EDIT -

I also tried this manually:

$test = get-aduser jproudmoore
if (!$test) {write-host "variable is null"}
PS > variable is null

If I'm correct here, then that would mean the SAMID check should not have appended "1".

Dewey
  • 37
  • 9
  • I think you should be checking `$samidcheck` like so: `if ($samidcheck -ne $null)`. Also what happens if for example `Jsmith` and `Jsmith1` already exist? – Jacob Sep 26 '18 at 22:36
  • The result of the manual check is not $null. Try `$x = 3; $x = Get-AdUser 'nonexistentuser'; $x -eq $null; $x` Probably try/catch exception handling needed. – lit Sep 26 '18 at 22:44
  • Thanks Jacob for the samidcheck -ne $null bit. Totally missed that! Will re-test in AM. Lit: will try your code tomorrow as well; thanks for commenting. – Dewey Sep 27 '18 at 05:31
  • 1
    The general rule for checking against `$Null` in PowerShell is to follow the [PSScriptAnalizer](https://github.com/PowerShell/PSScriptAnalyzer) rule and have the `$Null` always on the left hand side: `if ($Null -ne $samidcheck) {...}`. One of the reasons for this is that condition checks against empty arrays, as: `If (@() -eq $Null)' and `If (@() -ne $Null)' (either using `-eq` or `-ne`) are both considered false. See: https://github.com/PowerShell/PSScriptAnalyzer/issues/1021 – iRon Sep 27 '18 at 06:48
  • Possible duplicate of [How to test for $null array in PowerShell](https://stackoverflow.com/questions/5111572/how-to-test-for-null-array-in-powershell) – iRon Sep 27 '18 at 06:57

1 Answers1

0

Thanks to Jacob, found error in my code:

$samidcheck = get-aduser $samid
if ($samid -ne $null) {
$samid = $samid + 1
}

Should be

$samidcheck = get-aduser $samid
if ($samidcheck -ne $null) {
$samid = $samid + 1
}

Thanks also to iRon for the reference to checking for $null in Powershell : How to test for $null array in PowerShell. Readers beware: the first read-through of how Powershell behaves gave me a headache.

TLDR: End user newbie coder error! My bad, but thank you all for pitching in to help. Have a fabulous week!

Dewey
  • 37
  • 9