Script Error Help?! Basic Powershell

Hi guys,

No doubt this will be an easy one for most PS experts but i’m struggling here as someone who delves into powershell from time to time. The below script is supposed to target an OU, target all users who haven’t logged in in 30 days then disable them and move to a disabled users OU.

I’m receiving error: “Select-Object : Property “SamAccountName” cannot be found.
At line:x char:xxx”. (line and character will be different on here but it suggests the error is right before “Expand-Property”)

I’ve no clue why this is appearing as SamAccountName is a valid property is it not? Script below

Any suggestions would be amazing thank you.

P.S i’m also looking for the script not to target users who have never logged in, although i’ve no clue how to begin fitting that in. Bonus points! Thanks :slight_smile:

### Import AD Module
Import-module ActiveDirectory

#Declare current date
$Date = Get-Date

### Search 2016 Infrastructure OU and query for last login over 30 days and output to a txt file
get-aduser -searchbase "OU=Users,OU=User Accounts,OU=2016 Infrastructure,DC=uk,DC=esure,DC=com" -filter * -properties SamAccountName,lastlogondate | Where-object {{$_.lastlogondate -lt (get-date).AddDays(-30)} | Select-Object -ExpandProperty SamAccountName >>'\\uk.esure.com\shared\Information Technology\IT Operations\Service Desk\PS Scripts\Reports\Inactive Users.csv'
}

### Scan the .csv file for SAMAccountName and disable accounts then move to "Disabled Users" OU
get-content "\\uk.esure.com\shared\Information Technology\IT Operations\Service Desk\PS Scripts\Reports\Inactive Users.csv" | Foreach-Object {Get-ADUser -Filter {samaccountname -eq $_} | Set-ADUser -Enabled $false -Replace @{info= "This account has been disabled under 30 day lockout policy on " + $date}
$local=Get-ADUser -Filter {samaccountname -eq $_}
Move-ADObject -Identity $local.DistinguishedName -TargetPath "OU=Disabled Users,OU=Users,OU=User Accounts,OU=2016 Infrastructure,DC=uk,DC=esure,DC=com"
}

Looks like the issue was a pair of curly braces surrounding both the Where-Object and Select-Object statements. By removing that it started working fine. Could you also clarify what you mean by your last statement about for bonus points? Are you wanting to report on users that have never logged in?

 

[pre]

### Import AD Module
Import-module ActiveDirectory
#Declare current date
$Date = Get-Date
### Search 2016 Infrastructure OU and query for last login over 30 days and output to a txt file
get-aduser -searchbase "OU=Users,OU=User Accounts,OU=2016 Infrastructure,DC=uk,DC=esure,DC=com" -filter * -properties SamAccountName,lastlogondate | Where-object {$_.lastlogondate -lt (get-date).AddDays(-30)} | Select-Object -ExpandProperty SamAccountName >>'\\uk.esure.com\shared\Information Technology\IT Operations\Service Desk\PS Scripts\Reports\Inactive Users.csv'
### Scan the .csv file for SAMAccountName and disable accounts then move to "Disabled Users" OU
get-content "\\uk.esure.com\shared\Information Technology\IT Operations\Service Desk\PS Scripts\Reports\Inactive Users.csv" | Foreach-Object {Get-ADUser -Filter {samaccountname -eq $_} | Set-ADUser -Enabled $false -Replace @{info= "This account has been disabled under 30 day lockout policy on " + $date}
$local=Get-ADUser -Filter {samaccountname -eq $_}
Move-ADObject -Identity $local.DistinguishedName -TargetPath "OU=Disabled Users,OU=Users,OU=User Accounts,OU=2016 Infrastructure,DC=uk,DC=esure,DC=com"
}
[/pre]