Assistance: creation script

mrsilent · 2021-12-08T22:51:03.000Z

I’ve been given this absolute dumpster fire of a script to look at and try decipher why it’s not working. I’m only really semi-proficient so unfortunately, I can’t get to the bottom of this. This is supposed to pull data from a SharePoint Online list and create an Active Directory user based on the information it gets. I’ve done user creation scripts before, but nothing at all like this .

EDITS:
After getting rid of the “SilentlyContinue” out of this thing, It is giving me this error

Get-ADUser : The search filter cannot be recognized At line:62 char:9 + if (Get-ADUser -Filter {SAMAccountName -eq $BaseSam} ) #-ErrorAct … + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + CategoryInfo : NotSpecified: ( [Get-ADUser], ADException + FullyQualifiedErrorId : ActiveDirectoryServer:8254,Microsoft.ActiveDirectory.Management.Commands.GetADUser

.
- Edited. Decided to go another way with this thing. Was just too much
of a mess to deal with :(

Evan7191 · 2021-12-09T13:18:00.000Z

You should sanitize the script, because it looks like it contains a real domain name and possibly a real password.

mike9019 · 2021-12-09T13:23:37.000Z

“I am more than happy to pay for like… an hour or so of someone’s time to look over this” - I’d be willing if you’d agree to a charitable donation somewhere

Can you tell us what exactly is not working? Are you getting errors? More detail would be nice before diving into code.

Neally · 2021-12-09T14:37:16.000Z

If you post code, please use the ‘Insert Code’ button. Please and thank you!

PLEASE READ BEFORE POSTING! Read if you're new to the PowerShell forum! Programming & Development

Hi, and welcome to the PowerShell forum! Don’t apologize for being a “noob” or “newbie” or “n00b.” There’s just no need – nobody will think you’re stupid, and the forums are all about asking questions. Just ask! Use a descriptive subject. Don’t say “Need help” or “PowerShell Help”, actually summarize what the problem is. It helps the rest of us keep track of which problem is which. Don’t post massive scripts. We’re all volunteers and we don’t have time to read all that, nor will we copy…

192033ab-bb8f-4032-88a5-8e2313af0344-codebutton_small.png

Neally Bot

mike9019 · 2021-12-10T03:36:36.000Z

See attached for general comments within the script. Some things I’d do differently and some things I don’t understand the goal/need but I don’t know your operation either. Look for “#ORIGINAL”, “#CHANGE”, or “#COMMENT” in the code to find my documentation.

Other comments I didn’t know where to put them within the script I’ll leave in the post…

Write-Verbose will not display output until the $VerbosePreference Preference Variable is set accordingly
Since you have M/O365 and are using username/password in the document I wonder if you have modern authentication turned off or AAD security defaults turned off? App passwords and basic auth won’t work with this enabled. Providing a default level of security in Microsoft Entra ID - Microsoft Entra | Microsoft Learn
You commented out the random password generator, wonder why you wouldn’t keep that?
The ASCII conversion is slick, but I’ve always done that via XSLT. Sounds odd but it’s easier to maintain and does character translation better than any .NET I’ve ever come across.
You continue to use Convert-ToLatinCharacters for $Firstname and $Lastname in differing functions. Set it once and forget it.

As for the error you’re getting;

Get-ADUser : The search filter cannot be recognized At line:62 char:9 + if (Get-ADUser -Filter {SAMAccountName -eq $BaseSam} ) #-ErrorAct ...

My best guess is that $BaseSam is returning a null value, thus not able to filter. Add more logging output in that section to see what you’re getting.

Also, has this script ever worked? If it has, what’s changed since the last time it ran?

Edit: one other kind of major thing I forgot. Should really look at securely storing your credentials, outside of the script.

f693c676-ad1f-45ba-95cb-9fadcc3a5fe1-2341672.txt (12.5 KB)

mrsilent · 2021-12-10T03:48:50.000Z

Holy crap Mike!!!

Dear god!!

You’re an absolute legend mate :O. I appreciate your effort more than I can express…

I’ll take these changes you’ve suggested, put them into play and see how I go.

Thank you again!!!

mike9019 · 2021-12-10T03:53:53.000Z

To be clear, there’s no real changes I’ve made - just a lot of comments to lead you down the right path. I can see some things that I would change but I don’t know the reasoning for some of the things you’re doing so I can’t really make suggestions without talking with you about them.