Hi everyone
I'm currently working on a LDAP query to lookup every user of my company who are affected by some of my GPO and so my querry returns all of the user who are member of the group in my OU. My problem is sometimes I have groups who are member of the first group and then if I do a Get-ADUser of the group my powershell returns me an error and its normal. I have read on the forum that doing nested try was really a bad thing and then I though I could do a if in a try but was wandering if it could cause a problem? My script with the if and try together look something like this
function Group_Member_AD([string]$filePath,[string]$DNgroup){
$UserListLvl1= Get-ADGroupMember $DNgroup
foreach ($UserDN in $UserListLvl1){
Try{
if ($UserSurname = Get-ADUser $UserDN -Properties * -ea 0){
$DomainOwner="1"
}elseif($UserSurname = Get-ADUser -server subone.domain.com $UserDN -Properties * -ea 0){
$DomainOwner="2"
}elseif($UserSurname = Get-ADUser -server subtwo.domain.com $UserDN -Properties * -ea 0){
$DomainOwner="3"
}
}
Catch{
Group_Member_AD $filePath $UserDN
}
I'm all ear to any thing I could improve in here
