1

Below is a section of code I'm struggling to get operation. This is part of a larger script to create AD users. The purpose is to verify if the email address supplied exists and if it does, store it as the $UserManager (Manager) variable to be called upon when making the AD account.

I feel like I'm really close, I think I'm just struggling with the first part of the function or the initial query of the search. Do I need to specify a specific path?

Thank you for any assistance, this forum has allowed me to do some amazing things. Thank you all once again so much.

Credit for the base functionality of this script - https://github.com/HanSolo71/Active-Directory-Create-User-and-Mailbox/blob/master/CreateUserFullFunction.ps1

Import-Module ActiveDirectory

function ManagerCheck {
$UserManagerCheck = Get-ADUser -Filter {mail -eq "$UserManager"}
if ($UserManagerCheck = [string]::IsNullOrWhiteSpace($UserManagerCheck))
    {
      cls
      $global:UserManager = (Read-Host -Prompt "Manager email address not found please check the email and try again")
      $UserManagerCheck = $null
      ManagerCheck 
    }
else
    { 
        {continue}
        CLS
    }
}

$UserManager = @()
$UserManagerCheck = @()
$global:UserManager = @()
$EmployeeOU = "OU=Sample,OU=Path"

$UserManager = (Read-Host -Prompt "Please enter the users managers email address")
while ([string]::IsNullOrWhiteSpace($UserManager)) {$UserManager = Read-Host 'You left the email field empty, please input a manager email address'}
#Run manager check function
ManagerCheck

Write-Host
$UserManager

When running the command it prompts me to enter in an email address. It then immediately tells me "Manager email address not found please check the email and try again". It appears that it is not even searching for the supplied email address.

Any ideas?

CrowbarTM
  • 23
  • 4

1 Answers1

1

I'm not seeing any specific indication on why your current code could be failing however there are some points you should correct. Instead of setting a $global: variable from your ManagerCheck function, which is particularly a bad practice in my opinion and should be avoided whenever possible, you should make your function take one argument for the manager's email so that, in case the AD Object is not found and you enter that if condition, then you can pass that new address to the recursive call of the function. Aside from that, it's not clear what $EmployeeOU is for, I'm not seeing it being used hence I decided to remove it.

Import-Module ActiveDirectory

function ManagerCheck {
    [cmdletbinding()]
    param(
        [parameter(Mandatory)]
        [string] $ManagerMailAddress
    )
    
    $UserManagerCheck = Get-ADUser -Filter "mail -eq '$ManagerMailAddress'"
    if (-not $UserManagerCheck) {
        Clear-Host
        $tryAgain = Read-Host "Manager email address not found please check the email and try again"
        ManagerCheck -ManagerMailAddress $tryAgain
    }
    else {
        # return the ad object of the manager?
        $UserManagerCheck.SamAccountName
    }
}

$UserManager = Read-Host "Please enter the users managers email address"
while ([string]::IsNullOrWhiteSpace($UserManager)) {
    $UserManager = Read-Host 'You left the email field empty, please input a manager email address'
}
#Run manager check function
ManagerCheck -ManagerMailAddress $UserManager
Santiago Squarzon
  • 41,465
  • 5
  • 14
  • 37
  • 1
    Wow. I wish you could have seen the smile on my face just by reading your response, let alone the possibility of an answer. So! What I just learned and maybe I'm incorrect but the Manager property only takes a couple variables, specifically; GUID, SAM Account Name, Distinguished Name, or SID. Our SAM numbers are AC1428, JE8593, BJ2415, etc. So an email based search is more realistic and time effective. What's going to be the best way to convert our known good email address to a SAM that the New-ADUser command would like to read. Thank you again!!!! – CrowbarTM Apr 01 '22 at 20:11
  • 1
    Almost like once you verify that the $UserManager variable exists and is good, you then search that for the related SAMs tied to that email address. Should work since this is a unique value throughout the domain. – CrowbarTM Apr 01 '22 at 20:13
  • @CrowbarTM happy to help, and glad you could learn something new. I added a tiny update to my answer so that the function outputs the `samAccountName` of the Manager instead of the complete object. I guess, that's what you're looking for – Santiago Squarzon Apr 01 '22 at 20:17
  • which I would take the $UserManagerCheck.SamAccountName and use it on the New-ADUser command, below is my current build out. – CrowbarTM Apr 01 '22 at 20:26
  • New-ADUser -Name $DisplayName -DisplayName $DisplayName -SamAccountName $UsernameSAM -GivenName $FirstName -Surname $LastName -Initials $MiddleInitial -StreetAddress $DefaultAddress -City $DefaultCity -State $DefaultState -Description $JobDescription -PostalCode $DefaultZip -Country $DefaultCountry -UserPrincipalName $UserPrincipleName -Title $UserTitle -Department $Department -Office $Office -Company $DefaultCompany -Path $DepartmentOU -Manager $UserManagerCheck.SamAccountName – CrowbarTM Apr 01 '22 at 20:27
  • After dropping that in, the command executed without any issues, however, it did not populate the new users Manager field in ADUC. Hmmm – CrowbarTM Apr 01 '22 at 20:28
  • @CrowbarTM this seems part of a different question, I would advise you to ask a new question with these details. If this answer helped you with your initial question please consider accepting it – Santiago Squarzon Apr 01 '22 at 20:30
  • 1
    Ahh, totally understandable! Well I will try to work through this and see if I can do it on my own! I really really appreciate the help, been working on this project as a surprise tool for the guy who builds out our new hires and stuff. Thank you again so much, I've been expanding my powershell experience a lot in the last few months. Built some really cool stuff like changing gateways remotely. If I need further assistance I will be sure to generate a new question! Thank you!!!! – CrowbarTM Apr 01 '22 at 20:35