PowerShell for Windows Admins

Nov 8 2013   3:01PM GMT

Get-ADUser issue fixed



Posted by: Richard Siddaway
Tags:
Active Directory
PowerShell v4
Windows 8.1
Windows Server 2012 R2

I reported in this post http://richardspowershellblog.wordpress.com/2013/11/06/get-aduser-issue/ an issue with Get-ADUser under PowerShell 4.0 on Windows 8.1/2012 R2 where using –Properties * caused a failure.

I had a comment that this is schema related and a schema upgrade fixes the problem.

My starting point is a Windows 20012 domain

£> Get-ADDomain | ft DomainMode -a

DomainMode
———-
Windows2012Domain

And I have schema version 56

On a Windows 2012 R2 member server I try get-aduser

£> Get-ADUser -Identity richard -Properties *
Get-ADUser : One or more properties are invalid.
Parameter name: msDS-AssignedAuthNPolicy
At line:1 char:1
+ Get-ADUser -Identity richard -Properties *
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidArgument: (richard:ADUser) [Get-ADUser], ArgumentException
+ FullyQualifiedErrorId : ActiveDirectoryCmdlet:System.ArgumentException,Microsoft.ActiveDirectory.Management.Comm
ands.GetADUser

Now lets try the schema upgrade – looks like it goes to version 69 – that’s quite a big upgrade. Once the upgrade has been performed – let the schema replication occur & reboot the Windows 2012 R2 member server just to make sure nothing is cached that could affect the result.

Now to re-try Get-AdUser

Get-ADUser -Identity richard -Properties *
Get-ADUser -Identity richard -Property *

Both work – we have a winner. If you are seeing this problem the answer is to upgrade your schema. You don’t need to upgrade the Domain Controllers just the schema.

Its a bit naught that this happens – I don’t remember similar problems putting a Windows 8/2012 machine with PowerShell 3.0 into a Windows 2008 r2 domain

 Comment on this Post

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: