I wrote a script to take an AD user, disable the user, remove the user from group memberships and move the user to an OU. I originally wrote this on our Windows 2008 R2 DC (I know, bad idea) and I wanted to run the script locally on my Win 7 SP1 machine. It has the AD role installed as stated in this article (http://blogs.msdn.com/b/rkramesh/archive/2012/01/17/how-to-add-active-directory-module-in-powershell-in-windows-7.aspx)
I ran on both the DC and my Win7 machine $PSVersionTable and they are exactly the same. I can run ADSIEDIT.msc on the Win 7 machine. The error is occurring when doing an AD user lookup. See error output below:
Here is my script: https://github.com/nocode99/powershell/blob/master/UserDisableGroupRemoval.ps1
Property 'filter' cannot be found on this object; make sure it exists and is settable.
At C:\Admin\test.ps1:23 char:12
+ $ADsearch. <<<< filter = "(&(objectClass=user)(sAMAccountName=$user))"
+ CategoryInfo : InvalidOperation: (filter:String) [], RuntimeException
+ FullyQualifiedErrorId : PropertyNotFound
You cannot call a method on a null-valued expression.
At C:\Admin\test.ps1:24 char:32
+ $ADfind = $ADsearch.findOne <<<< ()
+ CategoryInfo : InvalidOperation: (findOne:String) [], RuntimeException
+ FullyQualifiedErrorId : InvokeMethodOnNull
Any ideas? The ActiveDirectory module imports with no issues and I want my users to run this locally on their machine rather than the DC.
Looks like I needed to include a filter before the lookup and added:
$adsearch = [adsisearcher]""
though I'm not sure why this works without the filter on AD server itself.