PowerShell 4.0: “Get-ADUser : One or more properties are invalid”


This applies to Get-ADComputer cmdlet too. When I try to get all properties of an AD account like Get-ADUser JohnDoe –Properties * it gives following error.

Get-ADUser : One or more properties are invalid.
Parameter name: msDS-AssignedAuthNPolicy

It used to work in older PowerShell versions (Windows 8 or Windows 7). Now my scripts are all stopped working.

Well I believe it is a bug in ActiveDirectory PowerShell module. But also on other hand we should NOT be using –Properties * in a script. That would be a bad scripting practice, it takes more time to process obviously. Right way is use it like –Properties <propertyname1>,<propertyname2>.

What if I don’t know the properties I want. What if I have to figure the correct property name. Do NOT worry, there is a workaround. Pipe the Get-ADUser or Get-ADComputer to a Get-ADObject cmdlet like below.

Get-ADuser JohnDoe | Get-ADObject –Properties *

Hopefully it will be fixed on next updates or MS don’t want us to use * in properties parameter. Enjoy. Open-mouthed smile

Advertisements

2 thoughts on “PowerShell 4.0: “Get-ADUser : One or more properties are invalid”

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s