Simple question about get-ADuser and SearchBase

19 views
Skip to first unread message

Mike Leone

unread,
Jan 31, 2023, 10:11:19 AM1/31/23
to NTPowershell Mailing List
OK, I know this is simple, and I'm just not seeing it. I'm trying to get a user info, and I want to limit the search to a specific OU and it's sub-OUs. (the user may exist in another OU, but I only need to work on the account if it's within this specific OU structure).

So the user's SamAccountName is "publicjq". And I wanna know if it's located in the OU "Terminated" or a sub-OU there.

Get-ADUser -Identity publicjq -SearchBase "OU=Terminated,DC=xxx,DC=xxx,DC=xxx,DC=xxx,DC=xxx" -SearchScope 2

And I keep getting 

Get-ADUser : Parameter set cannot be resolved using the specified named parameters.
At line:1 char:1
+ Get-ADUser -Identity publicjq -SearchBase "OU=Terminated,DC=xxx,DC=xxx ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : InvalidArgument: (:) [Get-ADUser], ParameterBindingException
    + FullyQualifiedErrorId : AmbiguousParameterSet,Microsoft.ActiveDirectory.Management.Commands.GetADUser

I know that I can determine the user OU by finding the user and doing

$userOU = ($user.DistinguishedName -split ",",2)[1]

But why is my actual Get-ADUser search itself failing? From everything I've looked at, the format of the Get-ADUser command I am using should work. So why doesn't it? I mean, I would expect to get a response of  "Cannot find an object with that identity". That would make sense, as that user actually isn't in that OU. But not the error I am getting ...

Thanks for any insight.

--

Mike. Leone, <mailto:tur...@mike-leone.com>

PGP Fingerprint: 0AA8 DC47 CB63 AE3F C739 6BF9 9AB4 1EF6 5AA5 BCDF
Photo Gallery: <http://www.flickr.com/photos/mikeleonephotos>

Solodow, Damien

unread,
Jan 31, 2023, 10:20:01 AM1/31/23
to ntpowe...@googlegroups.com

So this error: “Parameter set cannot be resolved using the specified named parameters” is a fancy way of saying “you used mutually exclusive parameters”

 

You can use either Identity OR SearchBase/SearchScope but not both in the same command.

For what you’re trying to do, I’d use SearchBase, SearchScope and Filter:

Get-aduser -SearchBase "OU=Terminated,DC=xxx,DC=xxx,DC=xxx,DC=xxx,DC=xxx" -SearchScope 2 -filter “samaccountname -eq ‘publicjq’”

 

Gaylor Electric logo

Gaylor Electric Website

Facebook

Twitter

LinkedIn

Damien Solodow

IS Senior Systems Engineer

Gaylor Electric, Inc.

5750 Castle Creek Pkwy N Drive, Suite 400

Indianapolis

IN

46250

O: 317.815.3103 

M: 317.506.8521

317.759.0077 emergency IS support

--
You received this message because you are subscribed to the Google Groups "ntpowershell" group.
To unsubscribe from this group and stop receiving emails from it, send an email to ntpowershell...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/ntpowershell/CAHBr%2B%2BiG0rtGfM3Ts8aLQ5vafovhoq3ueP%3DUtFoVic%2BO%3Dvxv3A%40mail.gmail.com.

Mike Leone

unread,
Feb 1, 2023, 8:46:32 AM2/1/23
to ntpowe...@googlegroups.com
OK, that did work. I would have sworn I had tried that ... Thanks!

Reply all
Reply to author
Forward
0 new messages