Exception Handling with AD PowerShell

Hey Folks,

I am building a PowerShell script to create AD Groups (Global and DomainLocal) by Importing their names from a Csv file.
I am having a hard time handling exceptions that will be generated in case Groups already exist.
What I want to achieve is if the Groups do not exist by the name in Csv then PS should create them and show message “Groups have been created” and if they already exist then it should display “Groups already exist” line by line so that if one exists and the other one doesn’t then it should display the corresponding message.

What is happening is that PS doesn’t display a message when it has created groups and when exception does occur it displays message only for Global Group not Local.

Please advise

Here’s the code -

Try
{
New-ADGroup -Name TestGlobal -GroupCategory Security -GroupScope Global -ManagedBy TEMP01 -Description “Owner is TEMP01” -Path (Some OU)
}
Catch [Microsoft.ActiveDirectory.Management.ADException]
{
if ($_ -like “The specified group already exists”)
{
Write-Host “!!! GLOBAL GROUP ALREADY EXISTS !!!
}
elseif ($_ -eq $null)
{
Write-Host " GLOBAL GROUP CREATED SUCCESSFULLY "
}
}
Try
{
New-ADGroup -Name TestLocal -GroupCategory Security -GroupScope DomainLocal -ManagedBy TEMP02 -Description “Owner is TEMP02” -Path (Some OU)
}
Catch [Microsoft.ActiveDirectory.Management.ADException]
{
if ($_ -like “The specified group already exists”)
{
Write-Host “!!! LOCAL GROUP ALREADY EXISTS !!!
}
elseif ($_ -eq $null)
{
Write-Host " LOCAL GROUP CREATED SUCCESSFULLY "
}
}

First, please use the pre tags around your code under the text tab and instructions above when posting.

The issue you are running into is that $_ is an object, not a string, so you need to check the actual message:

if ($_.Exception.Message -like "The specified group already exists") {...

Another option that I typically use is logic like so:

$groupName = "Group123"

$group = Get-ADGroup -Filter {Name -eq $groupName}

if (!$group) {
    New-AdGroup...
}

A few suggestions added to your code - and a few assumptions:

$GroupData = Import-Csv -Path ""

foreach($g in $GroupData)
{
    Try
    {
        $GroupParam = @{
            Name = $g
            GroupCategory = "Security"
            GroupScope    = "Global"
            ManagedBy     = "TEMP01"
            Description = "Owner is TEMP01"
            Path          = "OU=Groups,DC=domain,DC=com"
            ErrorAction = "Stop" # to ensure errors go to a catch block, set this to Stop
        }
        # use parameter splatting to improve readability
        New-ADGroup @GroupParam

        Write-Host "$g GLOBAL GROUP CREATED SUCCESSFULLY "
    }
    Catch [Microsoft.ActiveDirectory.Management.ADException]
    {
        if ($_ -like "The specified group already exists")
        {
            Write-Host “***!!! GLOBAL GROUP ALREADY EXISTS !!!***”
        }
        <# This code only runs if there is an error -- if it succeed, it is never hit elseif ($_ -eq $null) { Write-Host " GLOBAL GROUP CREATED SUCCESSFULLY " } #>
    }
}

Depending upon the control you have, you could greatly simplify your process with the data included in your csv. For example, if you include GroupScope, ManagedBy, Description, OU – you only need to loop the data 1 time.