Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Question
Friday, November 2, 2018 10:22 AM
I have opened this discussion because the moderator did not give me the opportunity to reply in this thread.
Consider the following script:
$user = 'ValidUser'
try {
Get-ADUser -Identity $user
} catch {
$notexist = $true
}
if ($notexist) {
$roamingprofile = "\\FILESERVER\ROAMINGPROFILES\$user"
if (Test-Path -Path $roamingprofile) {
Remove-Item -Path $roamingprofile -Recurse -Force
}
}
In most cases this would work. What if I add -Server DCNameWithTypo or -Server DecommissionedDC to Get-ADUser?
The roamingprofile is deleted even though the ValidUser exists because Get-ADUser gives an exception, but not the exception we were counting on.
In my opinion it would be better to catch a specific exception:
try {
Get-ADUser -Identity UserName
} catch [Microsoft.ActiveDirectory.Management.ADIdentityNotFoundException] {
Write-Host 'User does not exist'
} catch {
Write-Host 'Other exception'
}
All replies (6)
Friday, November 2, 2018 10:32 AM
Get-AdUser cannot be trapped. No Cmdlet can be trapped with using the "Stop" action.
The correct method was posted in the thread you started in. If you actually read it you will find at least three ways to do this. " Get-AdUser <userid>" is not one of those methods.
\(ツ)_/
Friday, November 2, 2018 10:48 AM
My post was in reply to jfloyd01. I tried to point out the danger of assuming that any exception means the user does not exist.
Friday, November 2, 2018 11:14 AM
My post was in reply to jfloyd01. I tried to point out the danger of assuming that any exception means the user does not exist.
Try/Catch will still not work no matter what you are trying to do.
Also the old thread was getting so far off topic that it was becoming pointlessly filled with bad and wrong advise.
\(ツ)_/
Friday, November 2, 2018 12:21 PM
You can do it like this:
$user = 'f00'$server = 'mydc.local'
Try {
Get-AdUser -Identity $user -Server $server
}
Catch [Microsoft.ActiveDirectory.Management.ADIdentityNotFoundException]
{
Write-Host "object not found"$error[0].exception.message
Write-Host "Delete profile" ## insert your actions here
}
Catch
{
Write-Host "unknown error"
}
Type in a valid user and it will match the user. Type in an invalid user and the exception will catch. Type in fake server name and the unknown exception will catch.
Friday, November 2, 2018 12:29 PM
In most cases this would work. What if I add -Server DCNameWithTypo or -Server DecommissionedDC to Get-ADUser?
My example will put you in a different loop if the server cannot be found and not execute any destructive code. But rather than specify an exact server, you could use the FQDN of the domain - "mydomain.com" instead of "dc01.mydomain.com". The lookup should always go to an online server.
Or another approach; you can Test-NetConnection to $SERVER before running Get-ADUser.
Friday, November 2, 2018 12:32 PM
My post was in reply to jfloyd01. I tried to point out the danger of assuming that any exception means the user does not exist.
Try/Catch will still not work no matter what you are trying to do.
Also the old thread was getting so far off topic that it was becoming pointlessly filled with bad and wrong advise.
\(ツ)_/
The following returns error, so how does try catch not work?
try{
Get-ADUser noone
}catch{
Write-Host Error
}
If you find that my post has answered your question, please mark it as the answer. If you find my post to be helpful in anyway, please click vote as helpful. (99,108,97,121,109,97,110,50,64,110,121,99,97,112,46,114,114,46,99,111,109|%{[char]$_})-join''