Set-ADUser : Cannot bind parameter 'Replace' to the target

Microsoft Windows
Post Reply
User avatar
MigrationUser
Posts: 336
Joined: 2021-Jul-12, 1:37 pm
Contact:

Set-ADUser : Cannot bind parameter 'Replace' to the target

Post by MigrationUser »

03 Oct 2014 20:09
lousyd


The Set-ADUser page on SS64.com has an example of setting a user's logon hours. That is invaluable information, thank you.

However, if I run that code this sometimes happens:

Code: Select all

[byte[]]$hours = @(0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0)
$logonHoursHashTable = New-Object HashTable
$logonHoursHashTable.Add("logonHours", $hours)
Set-ADUser -Identity $username -Replace $logonHoursHashTable -Credential $cred

Set-ADUser : Cannot bind parameter 'Replace' to the target. Exception setting "Replace": "Object reference not set to an instance of an 
object."
At F:\Scripts\Disable-ADUser.ps1:154 char:41
+ Set-ADUser -Identity $username -Replace $logonHoursHashTable -Credential $cred
+                                         ~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : WriteError: (:) [Set-ADUser], ParameterBindingException
    + FullyQualifiedErrorId : ParameterBindingFailed,Microsoft.ActiveDirectory.Management.Commands.SetADUser
...but then sometimes doesn't. I don't understand why. My best guess is that for approximately 75% of users in my environment the logonHours property does not exist when I query the user in PowerShell. If I use Active Directory Users & Computers I can set logonHours, and then the property exists when querying AD with PowerShell. But until it's set for the first time the property doesn't exist. Therefore, perhaps, it tries to set a property that doesn't yet exist and this causes the error?

But that theory is undermined by two facts: 1) it does work sometimes, even in similar situations where I query a user and no logonHours property is returned, and 2) when I try to set the property "blahblahblah", which clearly does not exist, I get a different, more explicit, error that says there's no such property.

So, I don't know why I would sometimes get that "Cannot bind parameter 'Replace' to the target" error. I ask here because perhaps there's some simple error check or setup line that I could add to this code to avoid this situation.

----------------------------

# 05 Oct 2014 11:01
Simon Sheppard


When you say it sometimes works and sometimes doesn't, is this with the same user or different users?

"Object reference not set to an instance of an object."

This error usually means that you tried to connect to a user account in a specific OU, but it failed, most likely because the account is in a different OU.

----------------------------

# 06 Oct 2014 15:36
lousyd


What I've been able to see is that it works the few times I've run the code alone. Running it embedded in a larger script has failed. Every time, come to think of it. So I'm not entirely sure yet what the difference is when it works and when it doesn't work.

The script I'm running takes a samaccountname as input and stores it in $username. It does all sorts of other things with this username, removing security groups, etc, all of which works. Then it comes to this:

Code: Select all

## Set disabled
Disable-ADAccount -Identity $username -Credential $adm
Set-ADUser -Identity $username -Replace $logonHoursHashTable -Credential $adm
"`tDisabled account."
The disable line works, I get an error on the Set-ADUser line, and then it prints the text. I go on to move the account to a different OU after this point, but up to this point it's remained the same. And, anyway, I would think that by using the samaccountname instead of a user object, I would avoid the problem of referencing an object that no longer exists.

After the script ran, with everything successful except this Set-ADUser, I tried running just that line again, alone. It failed again with the same error.

----------------------------

#06 Oct 2014 15:43
lousyd


Okay... I found the problem... <sheepish grin> This was my set up, earlier in the script:

Code: Select all

[byte[]]$NOLOGONHOURS = @(0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0)
$logonHoursHashTable = New-Object HashTable; $logonHoursHashTable.Add("logonHours", $hours)
I had changed the variable name to $NOLOGONHOURS from what it was in the example code on this site, but hadn't also changed the variable name in the second line. So the hash table had a name, but value was empty. It should, of course, be:

Code: Select all

[byte[]]$NOLOGONHOURS = @(0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0)
$logonHoursHashTable = New-Object HashTable; $logonHoursHashTable.Add("logonHours", $NOLOGONHOURS )
So, my original hypothesis was wrong. Thank you for your help, and for making me double-triple check my code. =)
Post Reply