I have a script that's searching active directory for all users with a specific email domain then the script is moving all the users to a specific OU.
Example:
User1@domain1.com
user2@domain2.com
User3@domain3.com
I need to move user1@domain1.com from its current OU to a new OU called domain1.
I have a text file with the list of OUs but its not the dn or cn. I have another text file with OUs that should be excluded.
Sample Script below:
$outputfilelocation = "c:\temp\output.txt"
Try {
$QuestSnapInLoaded = $true
Add-PSSnapin Quest.Activeroles.ADManagement -EA stop -ErrorVariable err
}
Catch {
Write-Warning " Quest PS Snapin failed to load. Please download and install Quest snapin"
$err | Out-File $OutputFileLocation -Append
$QuestSnapInLoaded = $false
}
$ous = get-content c:\temp\ou.txt
foreach ($ou in $ous) {
if ((get-content c:\temp\excludeou.txt) -eq $ou) {
write-host "OU is on exclude OU list"
pause}
else {
$oupath = Get-QADObject -type organizationalunit |Where-Object {$_.name -like "$ou"} |selectCanonicalName
$users = Get-QADUser | where-object {$_.email -like "*@$ou.com"}
foreach ($user in $users) {
Move-QADObject -id $user -NewParentContainer "$oupath" }
}}
When I run the script, I get the following error message.
Move-QADObject : Cannot resolve directory object for the given identity: '@{CanonicalName=domain.com/domain}'.
I'm not sure how to extract only "domain.com/domain" from the CanonicalName prior to passing the variable to move-object. Any help provided will be greatly appreciated. Thanks in advance.