Oh. Are you running this in a PowerShell session with elevated administrator privs?
From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On Behalf Of Lutz, Ken Sent: Monday, November 17, 2014 4:49 PM To: powershell@lists.myitforum.com Subject: [powershell] RE: ADSI help Michael, Thanks for the reply. Yes, you are correct with your examples. I have verified that the user value for $useradm is a valid domain group. ("WinNT://$Domain/" + ($useradm -Replace ("$($domain)\\","")) + ",group") Returns: WinNT://Example/Michael,group Isn't that what it should return, and isn't that what the adsi command is looking for? Thanks, Ken ... From: listsad...@lists.myitforum.com<mailto:listsad...@lists.myitforum.com> [mailto:listsad...@lists.myitforum.com] On Behalf Of Michael B. Smith Sent: Monday, November 17, 2014 12:07 PM To: powershell@lists.myitforum.com<mailto:powershell@lists.myitforum.com> Subject: [powershell] RE: ADSI help Without knowing the contents of $Domain or $useradm, it's practically impossible to guess. If you assume that $Domain = 'example' And that $useradm = 'example\michael' Then what that line is attempting to do is strip off "example\" in front of $useradm, and then add the user to the group identified by $adsi. $adsi.Add( "WinNT://example/michael,group" ) The error says that "michael" doesn't exist as a domain user in the "example" domain. From: listsad...@lists.myitforum.com<mailto:listsad...@lists.myitforum.com> [mailto:listsad...@lists.myitforum.com] On Behalf Of Lutz, Ken Sent: Monday, November 17, 2014 2:26 PM To: 'powershell@lists.myITforum.com' Subject: [powershell] ADSI help I'm using the two scripts from this web site (http://thedesktopteam.com/blog/raphael/local-administrators-group-and-compliance-settings/) to verify and update membership of a local group on my workstations. In the second script is this command: $adsi.Add("WinNT://$Domain/" + ($useradm -Replace ("$($Domain)\\","")) + ",group") When I run the script I get this error, and I have no idea as to what the issue is. I am running this from an 'Administrative' level PowerShell session. At this point I'm just trying to verify that the script is doing what I want it to do before I go to SCCM and setup the Compliance stuff. What am I missing, or have wrong? $Domain has a valid value, and $useradm is also valid, in this format <domain name>\<user name> $members is also a valid list of 3 users in the same format as $useradm. [cid:image001.png@01D00288.318A9D40] Thanks! Ken Lutz Senior Systems Administrator Information Systems Department Spokane County 815 N. Jefferson Spokane, Washington 99260 [cid:image002.png@01D00288.318A9D40] ================================================ Did you know you can also post and find answers on PowerShell in the forums? http://www.myitforum.com/forums/default.asp?catApp=1 ================================================ Did you know you can also post and find answers on PowerShell in the forums? http://www.myitforum.com/forums/default.asp?catApp=1 ================================================ Did you know you can also post and find answers on PowerShell in the forums? http://www.myitforum.com/forums/default.asp?catApp=1 ================================================ Did you know you can also post and find answers on PowerShell in the forums? http://www.myitforum.com/forums/default.asp?catApp=1
