1
Import-CSV "C:\users\Balbahagw\desktop\test1.csv" | 
  Foreach-Object {
    $aduser = Get-ADUser -Filter { EmailAddress -eq $_.'EmailAddress' }
    if( $aduser ) {
      Write-Output "Adding user $($aduser.SamAccountName) to groupname"
      Add-ADGroupMember -Identity tech-103 -Members $aduser
    } else {
      Write-Warning "Could not find user in AD with email address $($_.EmailAddress)"
    }
  }

Script is working now, however it can't find the user in AD with the email address.

codewario
  • 19,553
  • 20
  • 90
  • 159
B A
  • 11
  • 1
  • 4
  • The error message tells you precisely what went wrong. – Bill_Stewart Jun 29 '18 at 19:54
  • You want -Members not -User. At a powershell prompt type: `Get-Help Add-ADGroupMember -Detailed` – EBGreen Jun 29 '18 at 19:54
  • Dude, don't invent parameters that don't exist. PowerShell tends to take issue with that. Read up on the cmdlet here: https://learn.microsoft.com/en-us/powershell/module/addsadministration/add-adgroupmember?view=win10-ps> – Sid Jun 29 '18 at 19:58
  • The object that I'm trying to import can't be found under the domain – B A Jun 29 '18 at 20:08
  • Instead of lambasting a user for misunderstanding an API, maybe try answering the question with how they can do it correctly and explain where they were wrong. – codewario Jun 29 '18 at 20:44
  • @BelairAlbahagwi I updated your question to use the correct column name in your original command. – codewario Jun 29 '18 at 21:43
  • @BelairAlbahagwi at this point I think we will need to see a sample of your CSV file. This code works for me. – codewario Jun 29 '18 at 22:04
  • nevermind, found some strangeness with the brackets. I'm updating my answer below – codewario Jun 29 '18 at 22:07

1 Answers1

1

You need to first resolve the ADUser object matching that email address, the -Identity parameter won't auto-resolve based on the EmailAddress field of an ADUser. Assuming the EmailAddress property is set appropriately on the user object in AD, and assuming the column name for the email address in your CSV is ExternalEmailAddress, this should work:

Import-CSV "C:\users\user\desktop\test1.csv" | Foreach-Object {
  $aduser = Get-ADUser -Filter "EmailAddress -eq '$($_.EmailAddress)'"
  if( $aduser ) {
    Write-Output "Adding user $($aduser.SamAccountName) to groupname"
    Add-ADGroupMember -Identity groupname -Members $aduser
  } else {
    Write-Warning "Could not find user in AD with email address $($_.EmailAddress)"
  }
}

Note that if the ADUser does not have the email address set, you will not be able to match that AD user to an email.

Here are the docs for Add-ADGroupMember, you may want to read up on them for more information: https://learn.microsoft.com/en-us/powershell/module/activedirectory/add-adgroupmember?view=winserver2012-ps&viewFallbackFrom=winserver2012r2-ps

EDIT: Found some strangeness with using brackets and the $PSitem, so I changed it to use a string-based filter.

EDIT 2: Found the cause for why using a variable in a bracket-based -Filter doesn't work (which is how I had originally written this), and in fact is not recommended when scripting: Get-Aduser -Filter will not accept a variable

codewario
  • 19,553
  • 20
  • 90
  • 159
  • I'm receiving a new error that the email address is not found in object of type – B A Jun 29 '18 at 21:14
  • Not sure which version of the AD cmdlets or Powershell you are running, you might try adding `-Properties EmailAddress` parameter to the `Get-ADuser` cmdlet. But the code as I wrote it above is working for me without having to specify the additional EmailAddress parameter. – codewario Jun 29 '18 at 21:23
  • Nvm... Command worked! but the script can't find the email address. However, when I open the exchange console and when I run get-aduser the email address is there... – B A Jun 29 '18 at 21:24
  • What do you mean the script can't find the email address? Is it outputting "WARNING: Could not find user in AD with email address...."? – codewario Jun 29 '18 at 21:27
  • Yes. The script worked but the output is saying WARNING: Could not find user in AD with email address. I used the get-aduser -identity user -properties emailaddress command and the email is there – B A Jun 29 '18 at 21:34
  • In your CSV, what is the name of the column with the email address in it? If there are spaces in the column name make sure to include those. – codewario Jun 29 '18 at 21:35
  • The name of the column is emailaddress. No spaces. – B A Jun 29 '18 at 21:40
  • The command in your question suggests it's **externalemailaddress**. I'll update my answer quick. – codewario Jun 29 '18 at 21:40
  • Thank you so much Bender! I have a new distribution list that needs 3200 users and I need an efficient way to add them. – B A Jun 29 '18 at 21:43
  • What did you update? I took out external in the script – B A Jun 29 '18 at 21:46
  • Same thing, changed `$_.ExternalEmailAddress` to `$_.EmailAddress` – codewario Jun 29 '18 at 21:47
  • Still unable to find user in AD with the email address. That's really weird – B A Jun 29 '18 at 21:49
  • I found some strangeness when using the brackets and trying to use the $PSItem object. I changed it to use a double-quotation based Filter, and the ADUser resolution is working from my local test case. – codewario Jun 29 '18 at 22:09
  • Better. New error states that I have insufficient access rights to perform the operation. I'm going to work with Identity Management and go from there. Thanks Bender! – B A Jul 02 '18 at 13:15
  • Sounds good. If you're getting far enough to see that you don't have permission to perform the operation then the script is working. Just gotta get your access fixed. – codewario Jul 02 '18 at 13:31