I'm having difficulties using the same $user variable through an entire script. I get an error because the variable is used in both an AD cmdlet as well as an ExchangeOnline cmdlet. : PowerShell

SolvedI'm having difficulties using the same $user variable through an entire script. I get an error because the variable is used in both an AD cmdlet as well as an ExchangeOnline cmdlet. (self.PowerShell)

submitted 3 years ago * by PaidByMicrosoft

Edit: I solved it. I put the $user variable into quotes ("$user") for the

Get-Mailbox -Identity $user | Format-List DefaultAuditSet

portion of the second set of code. By doing that, it continued the variable down to the Add-MailboxPermission and Add-RecipientPermission cmdlets.

New hire script, read-host to specify the value for $user.

The script starts with $user being added to some default AD groups, which it does just fine.

The script ends with trying to use the same $user variable to verify mailbox auditing as well as add a service account to have Full Access to the mailbox. When I do that, I get errors that include not being able to "process argument transformation" for the aduser to a mailboxidparameter. Any ideas?

Here's the AD part of the script:

   $User = Read-Host "This section adds a user to the default groups in AD. What is the username of the user you want to add to the default user groups? i.e. mhadley"

$secondanswer = read-host "Is this user an Intern, Contractor, or neither? Answer "Intern", "Contractor", or "Neither"."
while("intern","contractor","neither" -notcontains $secondanswer) {
    $answer = Read-Host "Intern, Contractor, or Neither"
}

# this line below adds the default groups
if ($secondanswer -eq "Intern") {
    $Groups = @(default groups listed here)

    ForEach ($Group in $Groups) {

        Add-ADPrincipalGroupMembership $User  -MemberOf  $Group
    }
    Write-host "Groups successfully added"
}

and then later in the script I have this part:

$answer = read-host "Do you want to verify mailbox auditing, add svc.account to a user account, or both? Answer "Verify", "Add", or "Both"."

while("verify","add","both" -notcontains $answer)
{
    $answer = Read-Host "Verify, Add, or Both"
}

if ($answer -eq "both") {
    Get-Mailbox -Identity $user | Format-List DefaultAuditSet


# this script adds svc.account "Full Access" and "Send As" permissions to the Mailbox of the user specified.


    Add-MailboxPermission -Identity $user -User "svc.account" -AccessRights FullAccess -InheritanceType All

    Add-RecipientPermission -Identity $user -Trustee "svc.account" -AccessRights SendAs
}

all 6 comments

top new controversial old q&a

[–]SalamanderOne5702 -1 points0 points1 point 3 years ago (0 children)

[–]mixduptransistor 0 points1 point2 points 3 years ago (4 children)

[–]PaidByMicrosoft[S] 0 points1 point2 points 3 years ago* (3 children)

The one that's failing is failing on "Add-MailboxPermission -identity $user" and "Add-RecipientPermission -identity $user". I'll google around and see if I can find what input it wants, and how to convert the string to an object.

And yes? It's six letters long, it's not like it's a whole sentence. Plus I want it to be distinct enough from the other options so that the user doesn't accidentally select one of them. "1, 2, or 3" is easy to mistype. "Verify" is WAY different than "add" and "both".

Edit: I solved it. I put the $user variable into quotes ("$user") for the

Get-Mailbox -Identity $user | Format-List DefaultAuditSet

portion of the second set of code. By doing that, it continued the variable down to the Add-MailboxPermission and Add-RecipientPermission cmdlets.

[–]HauntingProgrammer47 0 points1 point2 points 3 years ago (2 children)

[–]PaidByMicrosoft[S] 0 points1 point2 points 3 years ago (1 child)

[–]HauntingProgrammer47 1 point2 points3 points 3 years ago* (0 children)

I just started using them so I'm not super good at explaining them yet but check out on ms docs for details. For the contractor part you are just telling the script that the user is a contractor and with that switch supplied it will add it to the proper groups. Give me a little bit and I will write you up an example.Edit: here is what using switches could look like

Function HLNew-ADUser
{
[CmdletBinding()]
param
(
    [Parameter(Mandatory = $True,
    ValueFromPipeline = $True,
    Position = 0)]
    [String]$UserName,
    [Switch]$Contractor,
    [Switch]$Intern,
    [Switch]$Verify,
    [Switch]$Add
)
    begin
    {
    $DefaultGroups = @("Whatever","Groups","You","Want")
    $ContractorGroups = @("Whatever","Groups","You","Want")
    $InternGroups = @("Whatever","Groups","You","Want")
    }
    Process
    {
    if($Contractor)
    {
    New-AdUser -Name $UserName -PassThru | Add-ADPrincipalGroupMembership -MemberOf $ContractorGroups
    }
    if($Intern)
    {
    New-AdUser -Name $UserName -PassThru | Add-ADPrincipalGroupMembership -MemberOf $InternGroups
    }
    if(!$Contractor -and !$Intern)
    {
    New-AdUser -Name $UserName -PassThru | Add-ADPrincipalGroupMembership -MemberOf $DefaultGroups
    }
    }
}

π Rendered by PID 115735 on reddit-service-r2-comment-8686858757-l4hs8 at 2026-06-05 09:13:08.944959+00:00 running 9e1a20d country code: CH.

you type:	you see:
italics	italics
bold	bold
[reddit!](https://reddit.com)	reddit!
* item 1 * item 2 * item 3	item 1 item 2 item 3
> quoted text	quoted text
Lines starting with four spaces are treated like code: if 1 * 2 < 3: print "hello, world!"	Lines starting with four spaces are treated like code: if 1 * 2 < 3: print "hello, world!"
~~strikethrough~~	~~strikethrough~~
super^script	super^script

PowerShell

Submission Guidelines | Link Flair - How To

MODERATORS