尝试为Active Directory运行PowerShell脚本时遇到错误解析错误 [英] Getting error parsing error when trying to run PowerShell script for Active Directory

问题描述

我正在编写一个脚本，该脚本将从CSV文件更新Active Directory中的用户属性.我现在只有一个错误，这与语法有关.不确定正确的语法是什么；我提供了运行脚本时收到的错误.

I am writing a script that will update user attributes in Active Directory from a CSV file. I am down to only one error now and it is to do with the syntax. Not sure what the correct syntax is; I have provided the error that I receive when I run the script.

这是从CSV文件更新AD用户的脚本.

Here is the script to update AD users from CSV file.

#Updates AD user attributes from CSV file

$credential = Get-Credential

#Load data from file.csv
$ADUsers = Import-csv file_location

# Server
$server = "127.0.0.1"

# Count variable for number of users update
$count = 0

#Go through each row that has user data in the CSV we just imported 
foreach ($User in $ADUsers)
{
    # Read user data from each field in each row and assign to variables.

    $Username = $User.Username
    $Title = $User.Title
    $Office = $User.Office
    $Description = $User.Description


    #Check to see if the user already exists in AD. If they do, we update.
    if (Get-ADUser -Filter "SamAccountName -eq $Username" -Server $server -Credential $credential)
    {

         #Set User attributes
         Set-ADUser -Title $Title -WhatIf `
            -Office $Office -WhatIf `
            -Description $Description -WhatIf

         # Print that the user was updated 
         Write-Host $Username "- User attributes have been updated." -ForegroundColor Yellow

         # Update Count
         $count += 1    
     }


}

# Print the number of updated users
Write-Host $count "Users have been updated" -ForegroundColor Green

这是我运行脚本时遇到的错误

Here is the error I am getting when I run the script

Get-ADUser : Error parsing query: 'SamAccountName -eq ADUSER' Error Message: 'syntax error' at position: '20'.
At file_location from CSV.ps1:35 char:6
+     if (Get-ADUser -Filter "SamAccountName -eq $Username" -Server $se ...
+         ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : ParserError: (:) [Get-ADUser], ADFilterParsingException
    + FullyQualifiedErrorId : ActiveDirectoryCmdlet:Microsoft.ActiveDirectory.Management.ADFilterParsingException,Microsoft.ActiveDirectory.Management.Commands.GetADUse 
   r

0 Users have been updated

推荐答案

该错误很可能是由字符串扩展引起的，在$UserName周围加上了单引号，例如:

Purely the error is probably caused by string expansion put single quotes around $UserName like:

Get-ADUser -Filter "SamAccountName -eq '$Username'" # and the rest of the parameters...

但是，我应该指出，您通常不需要带有samAccountName的filter参数. JUst做类似的事情:

However, I should point out you usually don't need the filter parameter with the samAccountName. JUst do something like:

Get-ADUser $UserName # and the rest of the parameters...

还可以在Set-ADUser命令中多次指定-Whatif.克服当前问题后，这将导致问题.

Also You have -Whatif specified multiple times in the Set-ADUser command. This will cause issues after you get past the current issue.

您应该尝试避免所有回溯.改用喷溅.这是一个未经试用的示例:

You should try to avoid all that back-ticking. Use splatting instead. Here's an untested splatting example:

# Updates AD user attributes from CSV file

$credential = Get-Credential

# Load data from file.csv
$ADUsers = Import-csv file_location


# Count variable for number of users update
$count = 0

# Go through each row that has user data in the CSV we just imported 
ForEach($User in $ADUsers)
{
    # Ppopulate hash table for Get-ADUser splatting:
    $GetParams =
    @{
        Identity     = $User.Username
        Server       = '127.0.0.1'
        Credential   = $Credential
    }

    # Initialize hash table for Set-ADUser splatting:
    $SetParams =
    @{
        Server       = '127.0.0.1'
        Identity     = $User.Username
        Title        = $User.Title
        Office       = $User.Office
        Description = $User.Description
        Credential   = $Credential
    }

    # Check to see if the user already exists in AD. If they do, we update.
    if ( Get-ADUser @GetParams)
    {
         # Set User attributes
         Set-ADUser @SetParams -WhatIf

         # Print that the user was updated 
         Write-Host -ForegroundColor Yellow "$User - User attributes have been updated." 

         # Update Count
         $count += 1    
     }
}

# Print the number of updated users
Write-Host $count "Users have been updated" -ForegroundColor Green

请注意，这不一定是我完成代码的方式.有很多方法可以做事，而很多事情是由个人喜好等指导的.在这种情况下，我将对您原始示例的修改加以限制，以仅演示某些内容，例如飞溅.何时何地为什么实施取决于您.

Please note this is not necessarily how I'd finish up the code. There are so many ways to do things and so much is guided by personal preference etc... In this case I'm limiting modifications to your original example to demonstrate only certain points like splatting. When, where & why to implement is up to you.

您可能要考虑的另一个问题是，您需要此脚本或任何脚本的坚固程度如何.您是否需要错误处理?当在AD中找不到CSV文件中的用户时，是否要报告(其本身会产生错误)?您需要一个日志文件吗?这是一次努力还是会持续数年等等?

Another question you may want to think about is how robust you need this or any script to be. Do you need error handling? Do you want to report when a user in the CSV file isn't found in AD (which itself will echo an error)? Do you need a log file? Is this a one time effort or something that will run for years etc...

无论如何，我希望其他示例对您有所帮助.让我知道事情的后续.很高兴与您进一步合作.

At any rate I hope the additional example is helpful. Let me know how it goes. Happy to work with you further.

这篇关于尝试为Active Directory运行PowerShell脚本时遇到错误解析错误的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！