Teams
Q&A for work
Connect and share knowledge within a single location that is structured and easy to search.
Learn more
I am trying to create some Active Directory security groups using the New-ADGroup but I need to be able to execute these within a batch file. My goal is to have the script prompt the user running it to enter the OU and a branch prefix that is used in front of the group name.
I just started working with Powershell so I'm still not 100% on when to use the different brackets and quotes and I suspect that is my issue.
This is my original code:
SET /P OU=Enter OU:
Set /P Prefix=Enter Prefix:
Powershell New-ADGroup -Name “%Prefix%-OWA Test” -SamAccountName “%Prefix%-OWA Test” -GroupCategory Security -GroupScope Global -path "OU=Groups,OU=%OU%,OU=Test1,DC=Test2,DC=Test3,DC=Test4,DC=com”
I am able to execute the command inside PowerShell so its something within the batch file that is causing my problem. I also tried removing the variables from the equation and just executed the following:
powershell New-ADGroup -Name "ORF-OWA Test" -SamAccountName "ORF-OWA Test" -GroupCategory Security -GroupScope Global -path "OU=Groups,OU=Branch1,OU=Test1,DC=Test2,DC=Test3,DC=Test4,DC=com”
I receive the following error in both cases:
New-ADGroup : Cannot convert 'System.Object[]' to the type 'System.String'
required by parameter 'Path'. Specified method is not supported.
At line:1 char:110
+ ... e Global -path OU=Groups,OU=Branch1
,OU=Test,DC=Test1,DC=Test2,DC=Test3,DC=com -Des ...
+ ~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidArgument: (:) [New-ADGroup], ParameterBin
dingException
+ FullyQualifiedErrorId : CannotConvertArgument,Microsoft.ActiveDirectory.
Management.Commands.NewADGroup
The way I read this something is wrong with the "Path" parameter but I'm just not sure why is is successful in PowerShell but not from the cmd prompt or bat file.
Any suggestions would be appreciated.
When working with PowerShell inside a batch file, you have to remember that the line will be parsed twice. First by CMD and then by PowerShell. My personal rules when doing this are to
use single quotation marks for PowerShell when used in batch or on the command line.
enclose entire powershell command in double quotations if containing special characters
Example: Single Quotations:
Powershell New-ADGroup -Name '%Prefix%-OWA Test' -SamAccountName '%Prefix%-OWA Test' -GroupCategory Security -GroupScope Global -path 'OU=Groups,OU=%OU%,OU=Test1,DC=Test2,DC=Test3,DC=Test4,DC=com'
Example: Explicit Command, Scoped, and enclosed in double quotations:
PowerShell -Command "&{New-ADGroup -Name '%Prefix%-OWA Test' -SamAccountName '%Prefix%-OWA Test' -GroupCategory Security -GroupScope Global -path 'OU=Groups,OU=%OU%,OU=Test1,DC=Test2,DC=Test3,DC=Test4,DC=com'}"
I did not have the time to test whether these work, but give em a try ;) For illustration of a working command (note it also requires two input variables), here is one of my batch powershell commands that I use:
PowerShell -Command "&{$nlm = [Activator]::CreateInstance([Type]::GetTypeFromCLSID([Guid]'{DCB00C01-570F-4A9B-8D69-199FDBA5723B}')); $connections = $nlm.getnetworkconnections(); $connections | foreach { if ($_.GetNetwork().GetCategory() -eq %Filter%) { $_.GetNetwork().SetCategory(%Category%); } }; }"
–
–
Thanks for contributing an answer to Stack Overflow!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
