Powershell won't display results if followed by more code

I am having issues wtih the following Powershell Script:

Function Get-ADUserLockouts {
        DefaultParameterSetName = 'All'
    param (
            ValueFromPipeline = $true,
            ParameterSetName = 'ByUser'
        $filterHt = @{
            LogName = 'Security'
            ID = 4740
        if ($PSBoundParameters.ContainsKey('StartTime')){
            $filterHt['StartTime'] = $StartTime
        if ($PSBoundParameters.ContainsKey('EndTime')){
            $filterHt['EndTime'] = $EndTime
        $PDCEmulator = (Get-ADDomain).PDCEmulator
        # Query the event log just once instead of for each user if using the pipeline
        $events = Get-WinEvent -ComputerName $PDCEmulator -FilterHashtable $filterHt
    Process {
        if ($PSCmdlet.ParameterSetName -eq 'ByUser'){
            $user = Get-ADUser $Identity
            # Filter the events
            $output = $events | Where-Object {$_.Properties[0].Value -eq $user.SamAccountName}
        } else {
            $output = $events
        foreach ($event in $output){
                UserName = $event.Properties[0].Value
                CallerComputer = $event.Properties[1].Value
                TimeStamp = $event.TimeCreated

$AccountLocked = Get-ADUser SXDSH1 -Server ECC-ROOTDC -Properties * | Select-Object -ExpandProperty LockedOut;
$TargetAcct = "SXDSH1"

if ( $AccountLocked -eq $false ) {


Write-Host "############################"
Write-Host -ForeGroundColor Green "Account $TargetAcct is not locked"
Write-Host "############################"
Write-Host ""

Read-Host -Prompt "Press Enter to exit"

} else {

Unlock-AdAccount SXDSH1 -Server ECC-ROOTDC 


Write-Host "########################" 
Write-Host -ForeGroundColor Cyan "Account $TargetAcct unlocked." 
Write-Host "########################"
Write-Host ""
Write-Host -ForeGroundColor Yellow "Possible server sessions causing lockout are:"
Write-Host ""

Get-ADUser SXDSH1 -Server ECC-ROOTDC | Get-ADUserLockouts -StartTime (Get-Date).AddDays(-1) -EndTime (Get-Date).AddDays(0)

$RemoteServer = Read-Host "Enter server name to log user off of: "

$scriptBlock = {
     $ErrorActionPreference = 'Stop'
     try {
         ## Find all sessions matching the specified username
         $sessions = quser | Where-Object {$_ -match 'SXDSH1'}
         ## Parse the session IDs from the output
         $sessionIds = ($sessions -split ' +')[2]
         Write-Host "Found SXDSH1 $(@($sessionIds).Count) logged into sessions on this computer."
         ## Loop through each session ID and pass each to the logoff command
         $sessionIds | ForEach-Object {
             Write-Host "Logging off session id [$($_)]..."
             logoff $_
     } catch {
         if ($_.Exception.Message -match 'No user exists') {
             Write-Host "The user is not logged in."
         } else {
             throw $_.Exception.Message

 Invoke-Command -ComputerName $RemoteServer -ScriptBlock $scriptBlock

The line that is supposed to return the list of servers doesn’t work if there is script after that:

Get-ADUser SXDSH1 -Server ECC-ROOTDC | Get-ADUserLockouts -StartTime (Get-Date).AddDays(-1) -EndTime (Get-Date).AddDays(0)

If I run this by itself it works fine and returns a list of servers, but when I have it followed by the rest of the code that starts with "$Remote Server = Read-Host "Enter server name to log users off of: " it doesn’t list the servers, it just promprts for the server name and then continues with the rest of the code on down. I can’t figure out why it doesn’t show the list of servers first.

Hmmm … call me picky but Get-ADUser does sound as it should not show servers at all. :man_shrugging:t3::wink:

Have you tried forcing the output with

Since you seem to list the possible options with a command before this one why don’t you use an Out-GridView and let the user select the server with the mouse? That might even reduce errors because it avoids typos. :man_shrugging:t3:

Get-ADUser SXDSH1 -Server ECC-ROOTDC | GetADUserLockouts -StartTime (Get-Date).AddDays(-1) -EndTime (Get-Date).AddDays(0)

Calls the function Get-ADUser and it uses the output from the Get-ADUser SXDSH1 and lists all instances of that user being locked out the day before or the day of.

Honestly I’m pretty darn new at PowerShell and just trying to piece this all together.

If I don’t follow that line with more code it outputs this:


I’ve got this already …

Maybe I should add <SARKASM> tags next time. :wink:

But again …

And again again - I’d recommend using an Out-GridView to give the user of this script the option to select the desired element by mouse.

Please read the help for the cmdlets you’re about to use completely including the examples to learn how to use them.

Exactly what is not needed in places like this is sarcasm. And people who like to say “RTFM”.

Obviously I’m turning to this forum for help, not snide remarks.

Yup, it doesn’t sound like it should return a list of servers, but as you can see in my screenshot - it does.

I’ve read the CMDLETS to learn more about these functions and was happy to have gotten this far to begin with.

As I stated in the post, I cannot figure out why it does not show the list of servers if I add the code I want to use below it.

Perhaps an example that would be appropriate for what this script is and what I’m trying to accomplish would be more helpful.

Do you actually read my replies?

Have you tried the suggestion I made twice already? :man_shrugging:t3:

1 Like

I have looked over the Out-Host that you have mentioned, as it is above my pay grade.

Do you have an example of how i can implement this with my code?

You mentioned forcing it to Out-host and such, but everything I have tried doesn’t work.

Remember, I’m a bit of a novice when it comes to Powershell.

What have you tried? Show it! :man_shrugging:t3:

Does that mean you cannot try things yourself and we have to write your code? :man_shrugging:t3:

WHY is everyone in Powershell forums so abrasive?

I clearly said everything I have tried does not work. That is the entire reason for reaching out for help.

Why are all PowerShell newbies so stubborn? :man_shrugging:t3: What’s so hard to share what you’ve tried?

You want the output of a command shown to your console host but it doesn’t. I suggested to try to use Out-Host to force the output to be shown on the console host.

Another option might be to avoid using Invoke-Command altogether since both “Quser” and “Logoff” support remote hosts via the



$sessions = quser /SERVER:$RemoteServer | Where-Object {$_ -match 'SXDSH1'}
if($sessions) {
	$sessionIds = ($sessions -split ' +')[2]
        Write-Output"Found SXDSH1 $(@($sessionIds).Count) logged into sessions on this computer."
        $sessionIds | ForEach-Object {
             Write-Output "Logging off session id [$($_)] on Host: $RemoteHost"
             logoff $_ /SERVER:$RemoteServer
else {
    Write-Output "The user is not logged in."

I was not able to test on a server, just a client so I was unable to validate if this works for multiple logins. I basically used your code.

Along the lines of Olaf’s suggestion, this might help and Olaf is never wrong :slight_smile:

I debated for a bit commenting on this. I felt ultimately there were a couple things that needed to be said regarding the communication here and as a mod I felt it was important enough to address. My aim isn’t to call anyone out but to comment and provide some guiding principles. My intent is to show messages can be received in different ways by folks. Communication is difficult and forums like this, things can be lost to really take away from the goal.

  1. Sarcasm doesn’t really come through in all contexts of written prose. There’s certainly a time and place for it, but I don’t think it’s here, in a PowerShell online forum. As to why, it does not add value to these types of conversations. Additionally, I think ways of declaring sarcasm can have multiple meanings. I think it’s an assumption to say a winky face = sarcasm, as it could mean different things to different people, and it also depends on the context of the message. I think this clouds any message and only adds to the confusion of communication.
  2. I do also want to mention the response did not come off as sarcastic to me. I did look at each version of the post to make sure the message wasn’t change from OP to ensure I would not read it differently. When I read the response, it read more like a misunderstanding of what the code did, maybe not seeing the thing it was being piped too at first glance, and it came off as ‘obviously Get-ADUser doesn’t return computer objects, look at what the cmdlet name says’. I don’t see what value sarcasm adds to this or why it would have been used. Just a reminder that regardless of intent, messages are interpreted by the people who are receiving it. Sometimes, asking for clarification, giving folks the benefit of the doubt, and even a simple apology goes a long way. We can’t always know if someone would read that as sarcastic or not given the context, so it’s better to avoid in this context.
  3. It’s possible I misinterpreted this but when provided some things to try, I would avoid saying ‘it’s above my pay grade’. I would also avoid stating ‘I tried everything’ then ask for how to implement it, and not share any of the code that you tried as a follow up. if it is above your paygrade, then you have someone else who is managing the code at your company, and you should start there. It’s highly unlikely you’ve tried ‘everything’. Perhaps it might be helpful to know why we are asking for it. Simply put, we need to know what you tried to help you. We aren’t here to write code for folks, though occasionally people are nice enough to do that. In order to get help, you do need to provide what you tried specifically. I’m pointing this out as this was stated in reference to Out-Host, and simply saying ‘I’m a novice’ doesn’t help folks who do genuinely wish to help, but we certainly can’t translate what ‘tried everything means’. In general folks who help on forums often get roped into helping a bit more than they should. When someone says “I tried everything” but doesn’t share or says something like above my paygrade, it comes off as you’re not willing to put in the effort, so you’re asking someone else to do that to ‘fix it’ for you. While it occasionally happens, that isn’t what these forums are for and that’s not the expectation of anyone responding to a thread. I’m sure it wasn’t your intention to come off this way and from your perspective you’re thinking it’s probably something quick to write but we’re really about helping others learn and sometimes that means writing some code, failing, and coming back with ’ I tried to add this code here, and it’s erroring with this message. I tried to address the error like this, but I have not been successful, what else can I do to accomplish X task? It’s going to be much easier to assist you, and furthermore, it’s clear you’re putting in the effort to solve your problems by writing code and it might just be that something needs slightly tweaked. I hope that makes sense.

Again, I am not trying to hurt anyone’s feelings or call anyone out, I just want to take a moment to share some things and hopefully we can all grow a bit from it.

Oh, wow. I really wish that would be true. Trust me, I do fail. … and I do it quite often. :man_shrugging:t3: