I have created a custom attribute in AD, it is visible in the user properties but when running powershell to create a new user the custom attribute is not usable.
The create user script is attached, the custom attribute name is libraryCardNumber. The error I get is -
New-ADUser : A parameter cannot be found that matches parameter name 'libraryCardNumber'.
Searching other forums I have found that maybe a custom attribute might not be able to be used as it isn't a default AD attribute.
Any help would be appreciated.
param (
[Parameter(ValueFromPipelineByPropertyname)]
[ValidateNotNullOrEmpty()]
[string]$FirstName = 'attribute',
[Parameter(ValueFromPipelineByPropertyname)]
[ValidateNotNullOrEmpty()]
[string]$LastName = 'edit15',
[Parameter(ValueFromPipelineByPropertyname)]
[ValidateNotNullOrEmpty()]
[string]$libraryCardNumber = '123456',
[Parameter(ValueFromPipelineByPropertyname)]
[ValidateNotNullOrEmpty()]
[string]$Email = 'fbcl@coolin.co.uk',
[Parameter(ValueFromPipelineByPropertyname)]
[ValidateNotNullOrEmpty()]
[string]$MobilePhone = '',
[Parameter()]
[ValidateNotNullOrEmpty()]
[string]$Department = 'Public Users',
[Parameter(ValueFromPipelineByPropertyname)]
[ValidateNotNullOrEmpty()]
[string]$PostalCode = 'n10 1aq',
#-----------------------------------------
[Parameter(ValueFromPipelineByPropertyname)]
[ValidateNotNullOrEmpty()]
[string]$DateofBirth = 'Adult',
#-----------------------------------------
[Parameter(ValueFromPipelineByPropertyname)]
[ValidateNotNullOrEmpty()]
[string]$Location = 'OU=fbcl-users',
[Parameter()]
[ValidateNotNullOrEmpty()]
[string]$DefaultGroup = 'PublicUsers',
[Parameter(ValueFromPipelineByPropertyname)]
[ValidateNotNullOrEmpty()]
[string]$Password = 'Pa$$w0rd',
[Parameter()]
[ValidateScript({ Test-Path -Path $_ })]
[string]$BaseHomeFolderPath = ''
)
$dot = '.'
## Find the distinguished name of the domain the current computer is a part of.
$DomainDn = (Get-AdDomain).DistinguishedName
## Define the 'standard' username (first initial and last name)
##$Username = "$($FirstName.SubString(0, 1))$LastName"
$Username = "$($FirstName)$dot$LastName"
#region Check if an existing user already has the first initial/last name username taken
Write-Verbose -Message "Checking if [$($Username)] is available"
if (Get-ADUser -Filter "Name -eq '$Username'")
{
Write-Warning -Message "The username [$($Username)] is not available. Checking alternate..."
## If so, check to see if the first initial/middle initial/last name is taken.
$Username = "$($FirstName.SubString(0, 1))$MiddleInitialLastName"
if (Get-ADUser -Filter "Name -eq '$Username'")
{
throw "No acceptable username schema could be created"
}
else
{
Write-Verbose -Message "The alternate username [$($Username)] is available."
}
}
else
{
Write-Verbose -Message "The username [$($Username)] is available"
}
#endregion
#region Ensure the OU the user's going into exists
$ouDN = "$Location,$DomainDn"
if (-not (Get-ADOrganizationalUnit -Filter "DistinguishedName -eq '$ouDN'"))
{
throw "The user OU [$($ouDN)] does not exist. Can't add a user there"
}
#endregion
#region Ensure the group the user's going into exists
if (-not (Get-ADGroup -Filter "Name -eq '$DefaultGroup'"))
{
throw "The group [$($DefaultGroup)] does not exist. Can't add the user into this group."
}
#if (-not (Get-ADGroup -Filter "Name -eq '$Department'"))
#{
#throw "The group [$($Department)] does not exist. Can't add the user to this group."
#}
#endregion
#region Ensure the home folder to create doesn't already exist
$homeFolderPath = "$BaseHomeFolderPath$UserName"
if (Test-Path -Path $homeFolderPath)
{
throw "The home folder path [$homeFolderPath] already exists."
}
#endregion
#region Create the new user
$NewUserParams = @{
'UserPrincipalName' = $Username
'Name' = $Username
'GivenName' = $FirstName
'Surname' = $LastName
'libraryCardNumber' = $libraryCardNumber
'EmailAddress' = $Email
'MobilePhone' = $Mobilephone
'Department' = $DefaultGroup
'Description' = $DateofBirth
'SamAccountName' = $Username
'AccountPassword' = (ConvertTo-SecureString $Password -AsPlainText -Force)
'Enabled' = $true
'postalCode' = $PostalCode
'Path' = "$Location,$DomainDn"
'ChangePasswordAtLogon' = $false
}
Write-Verbose -Message "Creating the new user account [$($Username)] in OU [$($ouDN)]"
New-AdUser @NewUserParams
#endregion
#region Add user to groups
Write-Verbose -Message "Adding the user account [$($Username)] to the group [$($DefaultGroup)]"
Add-ADGroupMember -Members $Username -Identity $DefaultGroup
#Write-Verbose -Message "Adding the user account [$($Username)] to the group [$($Department)]"
#Add-ADGroupMember -Members $Username -Identity $Department
#endregion
#region Add user to roaming profile list
#Set-ADUser -Identity $Username -ProfilePath \FBCL2019-DC01\profiles\%username%
Set-ADUser -Identity $Username -ProfilePath \\FBCL2019-DC01\profiles\%username%
#endregion
#region Set protect from accidental deletion on all user objects : NOT WORKING AS OF 28 JULY 2019
#Set-ADObject -Identity $Username -ProtectedFromAccidentalDeletion:$true
#endregion
if ($Host.Name -eq "ConsoleHost")
{
write-host "-------------------------------------------------------------------------"
write-host "The new user was added successfully."
Write-Host "Please press any key to continue…"
#$Host.UI.RawUI.ReadKey("NoEcho,IncludeKeyUp") > $null
}
#region Create the home folder
#Write-Verbose -message "Creating the home folder [$homeFolderPath]..."
#$null = mkdir $homeFolderPath
#endregion
Colin Thomson