WARNING: Cannot index into a null array error

PowerShell Help
1

I wrote below function and called it in last line. Once I tried to execute, it resulted below message.

WARNING: Cannot index into a null array error.

Kindly help to resolve this.

Function Get-ADTrustsInfo { 
    <# 
    .SYNOPSIS 
        Query AD for all trusts in the specified domain and check their state. 
    .DESCRIPTION 
        This cmdlet query AD and return a custom object with informations suach as the trust name, the creation date, the last modification date, the direction, the type, the SID of the trusted domain, the  
trusts attributes, and the trust state. 
    .PARAMETER DomainName 
        Domain name to query. 
        Default : Current user domain. 
    .EXAMPLE 
        Get-ADTrustsInfo -DomainName contoso.com 
    .LINK 
        http://ItForDummies.net 
    #> 
    [cmdletbinding()] 
    param( 
        [Parameter(Mandatory=$false, 
            HelpMessage='Provide a domain name !')] 
        [ValidateScript({Test-Connection $_ -Count 1 -Quiet})] 
        [String]$DomainName=$env:USERDNSDOMAIN 
    ) 
    Begin{ 
    } 
    Process{ 
        $searcher=[ADSIsearcher]"(objectclass=trustedDomain)" 
        $searcher.searchroot.Path="LDAP://$DomainName" 
        $searcher.PropertiesToLoad.AddRange(('whenChanged','whenCreated','trustPartner','trustAttributes','trustDirection','trustType','securityIdentifier')) | Out-Null 
        Write-Verbose "Searching in AD for trusts..." 
        try { 
            $trusts=$searcher.FindAll() 
            $trusts | % { 
                switch ($_.Properties.trustdirection) 
                { 
                     1 {$TrustDirection="Inbound"} 
                     2 {$TrustDirection="Outbound"} 
                     3 {$TrustDirection="Bidirectional"} 
                     default {$TrustDirection="N/A"} 
                } 
 
                switch ($_.Properties.trusttype) 
                { 
                    1 {$TrustType="Windows NT"} #Downlevel (2000 et inférieur) 
                    2 {$TrustType="Active Directory"}#Uplevel (2003 et supérieur) 
                    3 {$TrustType="Kerberos realm"}#Not AD Based 
                    4 {$TrustType="DCE"} 
                    default {$TrustType="N/A"} 
                } 
                #Convertion du System.Byte[] en SID lisible. 
                Write-Verbose "Converting the SID..." 
                $SID=(New-Object -TypeName System.Security.Principal.SecurityIdentifier -ArgumentList $_.properties.securityidentifier[0], 0).value 
                Write-Verbose "Querying WMI..." 
                $wmitrust=Get-WmiObject -namespace "root/MicrosoftActiveDirectory" -class Microsoft_DomainTrustStatus -ComputerName $DomainName -Filter "SID='$SID'" 
                 
                [String[]]$TrustAttributes=$null 
                if([int32]$_.properties.trustattributes[0] -band 0x00000001){$TrustAttributes+="Non Transitive"} 
                if([int32]$_.properties.trustattributes[0] -band 0x00000002){$TrustAttributes+="UpLevel"} 
                if([int32]$_.properties.trustattributes[0] -band 0x00000004){$TrustAttributes+="Quarantaine"} #SID Filtering 
                if([int32]$_.properties.trustattributes[0] -band 0x00000008){$TrustAttributes+="Forest Transitive"} 
                if([int32]$_.properties.trustattributes[0] -band 0x00000010){$TrustAttributes+="Cross Organization"}#Selective Auth 
                if([int32]$_.properties.trustattributes[0] -band 0x00000020){$TrustAttributes+="Within Forest"} 
                if([int32]$_.properties.trustattributes[0] -band 0x00000040){$TrustAttributes+="Treat as External"} 
                if([int32]$_.properties.trustattributes[0] -band 0x00000080){$TrustAttributes+="Uses RC4 Encryption"} 
                #http://msdn.microsoft.com/en-us/library/cc223779.aspx 
                Write-Verbose "Constructing object..." 
                $Object = New-Object PSObject -Property @{ 
                    'Trust Name'         = $($_.Properties.trustpartner) 
                    'Created on'          = $($_.Properties.whencreated) 
                    'Last Changed'        = $($_.Properties.whenchanged) 
                    'Direction'           = $TrustDirection 
                    'Type'                = $TrustType 
                    'Domain SID'          = $SID 
                    'Status'              = $wmitrust.TrustStatusString 
                    'Attributes'          = $TrustAttributes -join ',' 
                }#End object 
                Write-Output $Object 
            }#End trusts % 
        }catch {Write-Warning "$_" } 
    }#End process 
    End{ 
    } 
}

Get-ADTrustsInfo -DomainName contoso.com
2

You will have to me more explicit in a technical forum. What’s the exact and COMPLETE error message you get. And please format it as code as well with the code tag button named “PRE”.

3

Below the the function to Get Active Directory trusts information and status. I wrote the function in ISE and called it in last line. Then I tried to execute, it resulted below message. The output should be a custom object with those properties : Trust name Created on Last changed Direction Type Domain SID. However, it generated Warning message rather than any error instead of Output.

WARNING: Cannot index into a null array error.

Function Get-ADTrustsInfo { 
    <# 
    .SYNOPSIS 
        Query AD for all trusts in the specified domain and check their state. 
    .DESCRIPTION 
        This cmdlet query AD and return a custom object with informations suach as the trust name, the creation date, the last modification date, the direction, the type, the SID of the trusted domain, the  
trusts attributes, and the trust state. 
    .PARAMETER DomainName 
        Domain name to query. 
        Default : Current user domain. 
    .EXAMPLE 
        Get-ADTrustsInfo -DomainName contoso.com 
    .LINK 
        http://ItForDummies.net 
    #> 
    [cmdletbinding()] 
    param( 
        [Parameter(Mandatory=$false, 
            HelpMessage='Provide a domain name !')] 
        [ValidateScript({Test-Connection $_ -Count 1 -Quiet})] 
        [String]$DomainName=$env:USERDNSDOMAIN 
    ) 
    Begin{ 
    } 
    Process{ 
        $searcher=[ADSIsearcher]"(objectclass=trustedDomain)" 
        $searcher.searchroot.Path="LDAP://$DomainName" 
        $searcher.PropertiesToLoad.AddRange(('whenChanged','whenCreated','trustPartner','trustAttributes','trustDirection','trustType','securityIdentifier')) | Out-Null 
        Write-Verbose "Searching in AD for trusts..." 
        try { 
            $trusts=$searcher.FindAll() 
            $trusts | % { 
                switch ($_.Properties.trustdirection) 
                { 
                     1 {$TrustDirection="Inbound"} 
                     2 {$TrustDirection="Outbound"} 
                     3 {$TrustDirection="Bidirectional"} 
                     default {$TrustDirection="N/A"} 
                } 
 
                switch ($_.Properties.trusttype) 
                { 
                    1 {$TrustType="Windows NT"} #Downlevel (2000 et inférieur) 
                    2 {$TrustType="Active Directory"}#Uplevel (2003 et supérieur) 
                    3 {$TrustType="Kerberos realm"}#Not AD Based 
                    4 {$TrustType="DCE"} 
                    default {$TrustType="N/A"} 
                } 
                #Convertion du System.Byte[] en SID lisible. 
                Write-Verbose "Converting the SID..." 
                $SID=(New-Object -TypeName System.Security.Principal.SecurityIdentifier -ArgumentList $_.properties.securityidentifier[0], 0).value 
                Write-Verbose "Querying WMI..." 
                $wmitrust=Get-WmiObject -namespace "root/MicrosoftActiveDirectory" -class Microsoft_DomainTrustStatus -ComputerName $DomainName -Filter "SID='$SID'" 
                 
                [String[]]$TrustAttributes=$null 
                if([int32]$_.properties.trustattributes[0] -band 0x00000001){$TrustAttributes+="Non Transitive"} 
                if([int32]$_.properties.trustattributes[0] -band 0x00000002){$TrustAttributes+="UpLevel"} 
                if([int32]$_.properties.trustattributes[0] -band 0x00000004){$TrustAttributes+="Quarantaine"} #SID Filtering 
                if([int32]$_.properties.trustattributes[0] -band 0x00000008){$TrustAttributes+="Forest Transitive"} 
                if([int32]$_.properties.trustattributes[0] -band 0x00000010){$TrustAttributes+="Cross Organization"}#Selective Auth 
                if([int32]$_.properties.trustattributes[0] -band 0x00000020){$TrustAttributes+="Within Forest"} 
                if([int32]$_.properties.trustattributes[0] -band 0x00000040){$TrustAttributes+="Treat as External"} 
                if([int32]$_.properties.trustattributes[0] -band 0x00000080){$TrustAttributes+="Uses RC4 Encryption"} 
                #http://msdn.microsoft.com/en-us/library/cc223779.aspx 
                Write-Verbose "Constructing object..." 
                $Object = New-Object PSObject -Property @{ 
                    'Trust Name'         = $($_.Properties.trustpartner) 
                    'Created on'          = $($_.Properties.whencreated) 
                    'Last Changed'        = $($_.Properties.whenchanged) 
                    'Direction'           = $TrustDirection 
                    'Type'                = $TrustType 
                    'Domain SID'          = $SID 
                    'Status'              = $wmitrust.TrustStatusString 
                    'Attributes'          = $TrustAttributes -join ',' 
                }#End object 
                Write-Output $Object 
            }#End trusts % 
        }catch {Write-Warning "$_" } 
    }#End process 
    End{ 
    } 
}

Get-ADTrustsInfo -DomainName contoso.com
4

This way it is bit difficult to find out an exact issue…

You can debug the code line by line and see which line is the culprit.

Or you can use debugging CmdLets Set-PSDebug or Set-StrictMode and run the code to see any issues.

Thank you.

 

5

On line 79 you have “}catch {Write-Warning “$" }". You may extend this to "}catch {Write-Warning "My special Warning '$($)'” } ”.
This way you could at least confirm that the warning comes from this line of code. It seems like your code does not find any trusts. … or maybe just one.

6

Thanks for your suggestion Olaf. It looks like you’re right I changed the warning text to “My special Warning ‘$($_)'” and tried to execute the script. Below is the output generated.

PS C:\Temp> C:\Temp\Get-ADTrustsInfo.ps1
WARNING: My special Warning ‘Access is denied. (Exception from HRESULT: 0x80070005 (E_ACCESSDENIED))’

Kindly help to resolve above error message or at least share any workaround to retrieve all “trustedDomain” objects in the specified domain, analyses the object’s attributes, and uses WMI to check the status. The output is a custom object with those properties : Trust name, Created on, Last changed, Direction Type, Domain SID