Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

Update "managedBy" attribute for OU

64 views
Skip to first unread message

CptrAddict

unread,
Aug 11, 2009, 5:55:32 AM8/11/09
to

When I use the following command:


Code:
--------------------

$Group = [adsi]"LDAP://CN=SomeGroup,CN=Users,dc=TestDomain,dc=com"
$Group.managedBy = "CN=SomeUser,cn=Users,dc=TestDomain,dc=com"
$Group.SetInfo()

--------------------


Everything works as expected. But when I use the Following:


Code:
--------------------

$OU = [adsi]LDAP://OU=SomeOU,dc=TestDomain,dc=com
$OU.managedBy = "CN=SomeUser,cn=Users,dc=TestDomain,dc=com"
$OU.SetInfo()

--------------------


The error that I recieve is:
>
> Exception calling "SetInfo" with "0" argument(s): "A constraint
> violation occurred. (Exception from HRESULT: 0x8007202F)"
>

The account that I am running the script from is a Domain admin with
full permissions to all of the objects in question. Does anyone have any
idea why I am getting an error when I try to modify the ManagedBy
property for an OU?

CptrAddict

P.S. - Using qad cmdlets or other cmdlet solutions are not an option
for me.


--
CptrAddict

Jan Egil Ring

unread,
Aug 11, 2009, 3:38:31 PM8/11/09
to
Hi!

I just made a quick test in my lab environment, and the following code
worked without errors:
$OU = [adsi]"LDAP://OU=Lab,dc=rbk,dc=ad"
$OU.managedBy = CN=Test User,CN=Users,dc=rbk,dc=ad
$OU.SetInfo()

What domain/forest functional level are your domain running?

--
Jan Egil Ring
---------------------
http://janegilring.wordpress.com
http://powershellug.ning.com

"CptrAddict" <gu...@unknown-email.com> wrote in message
news:d3c984dc367ebcb1...@nntp-gateway.com...

CptrAddict

unread,
Aug 12, 2009, 7:23:26 AM8/12/09
to

I am running Windows 2000 mixed domain.

Strangest thing happened though. I went back through my command history
and reran the same code and everything worked. I am running the code in
a lab environment with only 1 DC so I don't think that it a replication
issue. The snippet that I was questioning was part of a larger script to
build out the environment. so the proceeding step created the user
account then created the OU but I was constantly getting failures when I
tried to add the user account to the managedby attribute. I will
investigate further when I get back to the lab.


--
CptrAddict

Al Dunbar

unread,
Aug 14, 2009, 7:26:38 PM8/14/09
to

"Jan Egil Ring" <j...@powershell.no> wrote in message
news:AD9BD461-CCE8-47D3...@microsoft.com...

> Hi!
>
> I just made a quick test in my lab environment, and the following code
> worked without errors:
> $OU = [adsi]"LDAP://OU=Lab,dc=rbk,dc=ad"
> $OU.managedBy = CN=Test User,CN=Users,dc=rbk,dc=ad

Interesting that the distinguished name did not need to be enclosed in
quotes...

/Al

TPGBrennan

unread,
Sep 14, 2009, 7:41:02 PM9/14/09
to
I have a similiar problem with the ManagedBy attribute, but for a group. I
ran the following to populate the attribute:
sv -path c:\orgunits.csv | ForEach {set-qadgroup -id $_.MGroup
-objectattributes @{"ManagedBy"=$_.Mgr}}

the csv file has two columns; one named mgroup the other the DN of the
manager. this command worked on server A last week and server B this
morning. It is now getting this errpr on server A.
Set-QADGroup : A constraint violation occurred. (Exception from HRESULT:
0x8007202F)
At line:1 char:48
+ import-csv c:\book9.csv | ForEach {set-qadgroup <<<< -id $_.mgroup
-objectattributes @{"ManagedBy"=$_.Mgr}}

The command was copied from server to server with no manual typing. like
cptraddict I am finding that powershell is inconsistent; the exact same
command will run sometimes and not run other times. I copy the command from
the PS window to avoid typos, but it still happens. I guess I'll wait and
see if it "heals" itself like it did for you.

0 new messages