question

cornenietnodig-5642 avatar image
0 Votes"
cornenietnodig-5642 asked AndreasBaumgarten commented

powershell script to disable and move computers to other ou

I want to disable a bunch of computers and move them to another OU in AD thru Powershell. Cannot get to work though, have tried several scripts but it does not work: cannot find object beneath dc=xxx,dc=xxx

However when i do a move adcomputer in powershell directly it does work, so there is something wrong with the get-content when i want to get the input from a file, can someone tell me what is wrong in the script?

Disable computeraccounts via een txt file

$Pclist = Get-Content C:\scripts\Computers.txt # Specify the path to the computers list.
Foreach($pc in $Pclist)
{
Disable-ADAccount -Identity "$pc."
Get-ADComputer -Identity "$pc" | Move-ADObject -TargetPath "OU=1,OU=2,OU=3,DC=domain,DC=name"
}


In computers.txt there are the computers:

computer1

computer2

computer3



When i do this it works:

get-adcomputer computername | Move-ADObject -TargetPath "OU=1,OU=2,OU=3,DC=domain,DC=name"







This is the error when launching the script:

Disable-ADAccount : Kan geen object met id computer1 vinden onder DC=domain,DC=name.
At line:4 char:1
+ Disable-ADAccount -Identity "$pc"
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : ObjectNotFound: (computer1 :ADAccount) [Disable-ADAccount], ADIdentityNotFoundException
+ FullyQualifiedErrorId : ActiveDirectoryCmdlet:Microsoft.ActiveDirectory.Management.ADIdentityNotFoundException,Microsoft.ActiveDirectory.Management.Commands.DisableADAccount


Get-ADComputer : Kan geen object met id computer1 vinden onder DC=domain,DC=name.
At line:5 char:1
+ Get-ADComputer -Identity "$pc" | Move-ADObject -TargetPath "OU=1OU ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : ObjectNotFound: (computer1 :ADComputer) [Get-ADComputer], ADIdentityNotFoundException
+ FullyQualifiedErrorId : ActiveDirectoryCmdlet:Microsoft.ActiveDirectory.Management.ADIdentityNotFoundException,Microsoft.ActiveDirectory.Management.Commands.GetADComputer


windows-server-powershell
5 |1600 characters needed characters left characters exceeded
Toggle Comment visibility. Current Visibility: Visible to all users

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

19 Answers

IanXue-MSFT avatar image
0 Votes"
IanXue-MSFT answered IanXue-MSFT edited

Hi,

See if this works for you. Tested in Windows Server 2016.

 $pclist = Get-Content C:\scripts\Computers.txt 
 $targetOU = "OU=1,OU=2,OU=3,DC=domain,DC=name"
 foreach($pc in $pclist){
     if ($pc.Trim()) {
         Get-ADComputer $pc.Trim() | Disable-ADAccount -PassThru | Move-ADObject -TargetPath $targetOU
     }
 }

Best Regards,
Ian Xue
============================================
If the Answer is helpful, please click "Accept Answer" and upvote it.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.


5 |1600 characters needed characters left characters exceeded
Toggle Comment visibility. Current Visibility: Visible to all users

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

MohdArif-3235 avatar image
0 Votes"
MohdArif-3235 answered

I think you do not even need to create loop. you could use simple command to achieve this task. I did not test it, but I think it should work

$Pclist = Get-Content C:\scripts\Computers.txt

$Pclist | Get-ADComputer | Set-ADComputer -Enabled $false

$Pclist | Get-ADComputer | Move-ADObject -TargetPath "OU=1,OU=2,OU=3,DC=domain,DC=name"

5 |1600 characters needed characters left characters exceeded
Toggle Comment visibility. Current Visibility: Visible to all users

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

cornenietnodig-5642 avatar image
0 Votes"
cornenietnodig-5642 answered

Unfortunally when i use your script it also gives the same errormessages..

5 |1600 characters needed characters left characters exceeded
Toggle Comment visibility. Current Visibility: Visible to all users

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

AndreasBaumgarten avatar image
0 Votes"
AndreasBaumgarten answered AndreasBaumgarten edited

Maybe this is helpful to find the computer objects in AD (not tested by myself):

 $Pclist = Get-Content C:\scripts\Computers.txt
 $Pclist | Get-ADComputer -SearchScope Subtree | Disable-ADAccount
 $Pclist | Get-ADComputer -SearchScope Subtree | Move-ADObject -TargetPath "OU=1,OU=2,OU=3,DC=domain,DC=name"

(If the reply was helpful please don't forget to upvote and/or accept as answer, thank you)

Regards
Andreas Baumgarten


5 |1600 characters needed characters left characters exceeded
Toggle Comment visibility. Current Visibility: Visible to all users

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

cornenietnodig-5642 avatar image
0 Votes"
cornenietnodig-5642 answered

Andreas,

When i do that, run that script with the right OU name then it givves me a question to give a fillter:

What am i supposed to fill in there? it says:
cmdlet Get-ADComputer at command pipeline position 1
Supply values for the following parameters:
(Type !? for Help.)
Filter:

5 |1600 characters needed characters left characters exceeded
Toggle Comment visibility. Current Visibility: Visible to all users

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

AndreasBaumgarten avatar image
0 Votes"
AndreasBaumgarten answered

What happens if you try this?

 $Pclist = Get-Content C:\scripts\Computers.txt # Specify the path to the computers list.
 Foreach($pc in $Pclist)
     {
     Get-ADComputer -Identity "$pc" -SearchScope Subtree | Disable-ADAccount
     Get-ADComputer -Identity "$pc" -SearchScope Subtree | Move-ADObject -TargetPath "OU=1,OU=2,OU=3,DC=domain,DC=name"
     }

(If the reply was helpful please don't forget to upvote and/or accept as answer, thank you)

Regards
Andreas Baumgarten



5 |1600 characters needed characters left characters exceeded
Toggle Comment visibility. Current Visibility: Visible to all users

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

cornenietnodig-5642 avatar image
0 Votes"
cornenietnodig-5642 answered

Get-ADComputer : Parameter set cannot be resolved using the specified named parameters.
At line:5 char:6
+ Get-ADComputer -Identity "$pc" -SearchScope Subtree | Move-ADObj ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidArgument: (:) [Get-ADComputer], ParameterBindingException
+ FullyQualifiedErrorId : AmbiguousParameterSet,Microsoft.ActiveDirectory.Management.Commands.GetADComputer

5 |1600 characters needed characters left characters exceeded
Toggle Comment visibility. Current Visibility: Visible to all users

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

AndreasBaumgarten avatar image
0 Votes"
AndreasBaumgarten answered

Here we go. This is tested and it's working here:

 $DeletedCompOU = "OU=DisabledComputers,DC=whatever,DC=local"
    
 $Pclist = Get-Content C:\scripts\Computers.txt # Specify the path to the computers list.
  Foreach($pc in $Pclist)
      {
      $CompDN = (Get-ADComputer -Filter 'Name -eq $pc' -SearchScope Subtree).DistinguishedName
      Disable-ADAccount $CompDN
      Move-ADObject $CompDN -TargetPath $DeletedCompOU
      }

(If the reply was helpful please don't forget to upvote and/or accept as answer, thank you)

Regards
Andreas Baumgarten

5 |1600 characters needed characters left characters exceeded
Toggle Comment visibility. Current Visibility: Visible to all users

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

MohdArif-3235 avatar image
0 Votes"
MohdArif-3235 answered AndreasBaumgarten commented

Instead of setting a loop or variable, can you please try to run below command and see if it works.

Get-Content C:\scripts\Computers.txt | Get-ADComputer | Set-ADComputer -Enabled $false

Get-Content C:\scripts\Computers.txt | Get-ADComputer | Move-ADObject -TargetPath "OU=1,OU=2,OU=3,DC=domain,DC=name"

· 1
5 |1600 characters needed characters left characters exceeded
Toggle Comment visibility. Current Visibility: Visible to all users

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

AndreasBaumgarten avatar image AndreasBaumgarten ·

Works as well. But you have to read the file two times and get the computers from AD twice.
Does this make sense if the list contains a large amount of computers?


Kind regards
Andreas Baumgarten

0 Votes 0 ·
MohdArif-3235 avatar image
0 Votes"
MohdArif-3235 answered

I think you need to just prepare text files once and simply paste this command in powershell ISE and hit enter button. power shell first execute first line command and after that second line command and so on. So it is very simple and easy. Personally, I also try to avoid setting up logic if not required. if you could do something without loop, condition or function then do it :). I do not know why it was not working for you but loop was correct, it should have worked. May be try to update your powershell as well. Well, I am glad it worked for you :)

5 |1600 characters needed characters left characters exceeded
Toggle Comment visibility. Current Visibility: Visible to all users

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.