Bug in Get-ActiveDirectoryDomainName

[githubths]

DN Conversion fails and DL Migration Fails

IF the DN have a '.' in the Name the DL Migration Fails

[4/2/2023 8:23:50 PM] - **** [4/2/2023 8:23:50 PM] - **** [4/2/2023 8:23:50 PM] - BEGIN GET-ActiveDirectoryDomainName [4/2/2023 8:23:50 PM] - **** [4/2/2023 8:23:50 PM] - DN to convert: CN=Room 5. OG,OU=RessourceBoxes,OU=Test,DC=Room 5,DC= OG,DC=contoso,DC=net [4/2/2023 8:23:50 PM] - Converting the distringuished name. [4/2/2023 8:23:50 PM] - DC=Room 5 [4/2/2023 8:23:50 PM] - DC= OG [4/2/2023 8:23:50 PM] - DC=contoso [4/2/2023 8:23:50 PM] - DC=net [4/2/2023 8:23:50 PM] - The FQDN of the object based on DN:Room 5. OG.contoso.net [4/2/2023 8:23:50 PM] - END GET-ActiveDirectoryDomainName [4/2/2023 8:23:50 PM] - **** [4/2/2023 8:23:50 PM] - Active Directory Domain Calculated: Room 5. OG.contoso.net [4/2/2023 8:23:50 PM] - Attepmting to find the user via distinguished name. get-adObject : Invalid URI: The server name 'Room 5. OG.contoso.net' could not be parsed. You might need to enable internationalized domain name support for class System.Uri. See help of class System.Uri for more details. At C:\Program Files\WindowsPowerShell\Modules\DLConversionV2\2.9.7.0\Get-NormalizedDN.ps1:113 char:37

• ... ctionTest = get-adObject -filter {distinguishedname -eq $dn} -propert ...

• 
  + CategoryInfo          : InvalidType: (:) [Get-ADObject], UriFormatException
  + FullyQualifiedErrorId : ActiveDirectoryCmdlet:System.UriFormatException,Microsoft.ActiveDirectory.Management.Com 
  mands.GetADObject

[timmcmic]

Stefan can you send me an example ldp dump If a dl so I can repro and fix.

Dlconversionv2 @ support dot Microsoft dot com

============================== Timothy J. McMichael Senior Support Escalation Engineer @.**@.> (980)-776-7465

Hours: Sunday – Wednesday 08:00 – 16:00 eastern time zone.

Manager: Tom Roughley @.**@.>)

Premier Support - (800)-936-3100 Broad Commercial Support - (800)-936-4900

==============================

---

From: Stefan Thoma @.> Sent: Sunday, April 2, 2023 2:55 PM To: timmcmic/DLConversionV2 @.> Cc: Subscribed @.***> Subject: [timmcmic/DLConversionV2] Bug in Get-ActiveDirectoryDomainName (Issue #133)

DN Conversion fails and DL Migration Fails

IF the DN have a '.' in the Name the DL Migration Fails

[4/2/2023 8:23:50 PM] - **** [4/2/2023 8:23:50 PM] - **** [4/2/2023 8:23:50 PM] - BEGIN GET-ActiveDirectoryDomainName [4/2/2023 8:23:50 PM] - **** [4/2/2023 8:23:50 PM] - DN to convert: CN=Room 5. OG,OU=RessourceBoxes,OU=Test,DC=Room 5,DC= OG,DC=contoso,DC=net [4/2/2023 8:23:50 PM] - Converting the distringuished name. [4/2/2023 8:23:50 PM] - DC=Room 5 [4/2/2023 8:23:50 PM] - DC= OG [4/2/2023 8:23:50 PM] - DC=contoso [4/2/2023 8:23:50 PM] - DC=net [4/2/2023 8:23:50 PM] - The FQDN of the object based on DN:Room 5. OG.contoso.net [4/2/2023 8:23:50 PM] - END GET-ActiveDirectoryDomainName [4/2/2023 8:23:50 PM] - **** [4/2/2023 8:23:50 PM] - Active Directory Domain Calculated: Room 5. OG.contoso.net [4/2/2023 8:23:50 PM] - Attepmting to find the user via distinguished name. get-adObject : Invalid URI: The server name 'Room 5. OG.contoso.net' could not be parsed. You might need to enable internationalized domain name support for class System.Uri. See help of class System.Uri for more details. At C:\Program Files\WindowsPowerShell\Modules\DLConversionV2\2.9.7.0\Get-NormalizedDN.ps1:113 char:37

• ... ctionTest = get-adObject -filter {distinguishedname -eq $dn} -propert ...

•     ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

  • CategoryInfo : InvalidType: (:) [Get-ADObject], UriFormatException
  • FullyQualifiedErrorId : ActiveDirectoryCmdlet:System.UriFormatException,Microsoft.ActiveDirectory.Management.Com mands.GetADObject

— Reply to this email directly, view it on GitHubhttps://github.com/timmcmic/DLConversionV2/issues/133, or unsubscribehttps://github.com/notifications/unsubscribe-auth/AKGTN6KLLLR5EHFHU7ELTWTW7HDTDANCNFSM6AAAAAAWQO6RFQ. You are receiving this because you are subscribed to this thread.Message ID: @.***>

[timmcmic]

The information provided shows that the distinguished name of the object contains spaces within the domain portions.

CN=OBJECTNAME,DC=SOMETHING SPACE,DC= SPACE,DC=COM

Typically distringuished names do not have spaces in them.

So the script is failing in determining the domain controller to make the referral to because it uses the DN to calculate the FQDN of the active directory call, but the FQDN has resulting spaces.

If confirmed that the DN does have spaces in it is legitimate but the FQDN does not - the answer would be to remove the spaces from the calculated domain name.

Tim

============================== Timothy J. McMichael Senior Support Escalation Engineer @.**@.> (980)-776-7465

Hours: Sunday - Wednesday 08:00 - 16:00 eastern time zone.

Manager: Tom Roughley @.**@.>)

Premier Support - (800)-936-3100 Broad Commercial Support - (800)-936-4900

==============================

From: Stefan Thoma @.> Sent: Sunday, April 2, 2023 2:56 PM To: timmcmic/DLConversionV2 @.> Cc: Subscribed @.***> Subject: [timmcmic/DLConversionV2] Bug in Get-ActiveDirectoryDomainName (Issue #133)

DN Conversion fails and DL Migration Fails

IF the DN have a '.' in the Name the DL Migration Fails

[4/2/2023 8:23:50 PM] - **** [4/2/2023 8:23:50 PM] - **** [4/2/2023 8:23:50 PM] - BEGIN GET-ActiveDirectoryDomainName [4/2/2023 8:23:50 PM] - **** [4/2/2023 8:23:50 PM] - DN to convert: CN=Room 5. OG,OU=RessourceBoxes,OU=Test,DC=Room 5,DC= OG,DC=contoso,DC=net [4/2/2023 8:23:50 PM] - Converting the distringuished name. [4/2/2023 8:23:50 PM] - DC=Room 5 [4/2/2023 8:23:50 PM] - DC= OG [4/2/2023 8:23:50 PM] - DC=contoso [4/2/2023 8:23:50 PM] - DC=net [4/2/2023 8:23:50 PM] - The FQDN of the object based on DN:Room 5. OG.contoso.net [4/2/2023 8:23:50 PM] - END GET-ActiveDirectoryDomainName [4/2/2023 8:23:50 PM] - **** [4/2/2023 8:23:50 PM] - Active Directory Domain Calculated: Room 5. OG.contoso.net [4/2/2023 8:23:50 PM] - Attepmting to find the user via distinguished name. get-adObject : Invalid URI: The server name 'Room 5. OG.contoso.net' could not be parsed. You might need to enable internationalized domain name support for class System.Uri. See help of class System.Uri for more details. At C:\Program Files\WindowsPowerShell\Modules\DLConversionV2\2.9.7.0\Get-NormalizedDN.ps1:113 char:37

• ... ctionTest = get-adObject -filter {distinguishedname -eq $dn} -propert ...

• • CategoryInfo : InvalidType: (:) [Get-ADObject], UriFormatException
  • FullyQualifiedErrorId : ActiveDirectoryCmdlet:System.UriFormatException,Microsoft.ActiveDirectory.Management.Com mands.GetADObject

• Reply to this email directly, view it on GitHubhttps://github.com/timmcmic/DLConversionV2/issues/133, or unsubscribehttps://github.com/notifications/unsubscribe-auth/AKGTN6KLLLR5EHFHU7ELTWTW7HDTDANCNFSM6AAAAAAWQO6RFQ. You are receiving this because you are subscribed to this thread.Message ID: @.**@.>>

[timmcmic]

Isolated the issue.

Specifically this was a problem when the data being fed in was based on canonical name and not DN. The function that converts canonical names used a search that found all portion of an array with a period. So in essence it was supposed to only break up the domain portion but ended up breaking up the group name also.

The function was adjusted to look at only the last entry of the array which contains the domain fqdn and splits the period there.

Fixed in 2.9.8.