search

vmware / PowerCLI-Example-Scripts

http://blogs.vmware.com/powercli
Other
746 stars 603 forks source link

run remove-UserFromSsoGroup error #532

Open yanlu2 opened 2 years ago

yanlu2 commented 2 years ago

Describe the bug

@bwuch

I have tested and followed run script second time failed #530. but it seems got another error see update in #530 and made this error. I got error when I run command Get-SsoPersonUser -Name $oldusername -Domain $corpdomain | Remove-UserFromSsoGroup -TargetGroup $vcgroup

PS C:\Users\luy13> Get-SsoPersonUser -Name $oldusername -Domain $corpdomain | Remove-UserFromSsoGroup -TargetGroup $vcgroup Remove-UserFromSsoGroup : One or more errors occurred. At line:1 char:60

Reproduction steps

1. Close PS ISE
2. reopen PS ISE
3. run vCenter-remove-corpuser.ps1
4. got error

here is vCenter-remove-corpuser.ps1
. "C:\PS_scripts\vCenter\Group.ps1"
$path="C:\Temp\Reports\vCenters\"                                                                        # output report file location
$server="server.com"                                                 # VCD server
$sysgrouplist = "Users", 
                "Systcorponfiguration.BashShellAdministrators", 
                "Systcorponfiguration.SupportUsers", 
                "Systcorponfiguration.ReadOnly", 
                "WorkloadStorage", 
                "CAAdmins",
                "SolutionUsers",
                "ComponentManager.Administrators",
                "ServiceProviderUsers",
                "ActAsUsers",
                ""
$username = "administrator@vsphere.local"
$passwd = password
$localdomain="vsphere.local"
$corpdomain="corp.com"
Write-host "`nRemove users in vCenter $server"
$vcenterfile=$path+"vcenterlist.txt"
$vcenterlist = get-content $vcenterfile

# 
Foreach ($server in $vcenterlist) {
    $hostname=$server.Split(".")[0] 
    $imptfile=$path+$hostname+"-grpmbr.txt"
    $rptfile=$path+"usrimpt-"+$hostname+".txt"
    $grouplist = get-content $imptfile
#    Write-host "`nImport users in groups in vCenter $server"
    Read-Host -Prompt "`nPress any key to continue remove users to groups in $server"

    Connect-SsoAdminServer -Server $server -User $username -Password $passwd -SkipCertificateCheck

    For ($i = 0; $i -le ($grouplist.length - 1); $i += 1) {
        $groupname=$grouplist[$i].Split(",")[1].Trim()
        $oldusername=$grouplist[$i].Split(",")[2].Trim()
        $useremail=$grouplist[$i].Split(",")[3].Trim()
        $newaccount=$useremail.Split('@')[0]
        If (($groupname -notin $sysgrouplist) -and ($useremail -ne "")) {
            if ($groupname -eq "ELS"){
                $vcgroup = Get-SsoGroup -Name $groupname -Domain $localdomain
                Get-SsoPersonUser -Name $oldusername -Domain $corpdomain | Remove-UserFromSsoGroup -TargetGroup $vcgroup
                write-host "deleting $oldusername in $groupname Group is done, $useremail, $newaccount"
                "$i, $groupname , $oldusername, $useremail, $newaccount"  | Out-File -FilePath $rptfile -Append
            }
        }
    }
    Disconnect-SsoAdminServer -Server $server
}

Expected behavior

the scirpt should remove user from group. and it worked yesterday.

Additional context

No response

bwuch commented 2 years ago

The loop near the end of the script has a lot of splitting on characters, specifically the comma. If there is something off/missing with the input file, it could cause all sorts of errors, especially the kind where it works one day and not the next.

I'd suggest adding a line where you write out the variable values to the screen right before you run the Get-SsoPersonUser line, just so you can see if there is some issue with text parsing prior to errors being throw.

Also, is $path+$hostname+"-grpmbr.txt" actually a CSV file? If so, it might be easier to use Import-Csv instead of Get-Content, because that can deal a bit better with changing input files. For example, I've seen CSV files contain text that looks like both of the following rows:

Group,OldUser,Email,NewUser
"Group","OldUser","Email","NewUser"

If you are splitting on commas expecting the format from the first line, but your file actually has the second, that could inject unneeded quotes into your actual variable values.

bwuch commented 2 years ago

Hello @yanlu2 - I wanted to follow up on this issue -- I noticed you closed out Issues #530 and #534 but was curious if the issue described here in #532 was still applicable? Thanks!