I was trying to get a list of all users on a client’s domain that had either a logon script, profile, or a mapped drive that was being set on their AD user object. But when I ran the command I got this error;
Get-ADUser : Unable to find a default server with Active Directory Web Services running.
Solution
Active Directory Web services was introduced in Server 2008 R2, but I was running the command on a 2012 R2 server? Well the problem is the main server onsite was a Small Business Server. To get this command to run successfully I needed to run it again but target a particular domain controller by adding “-Server {Server-Name}” to the command;
Note: Obviously MAKE SURE that the AD Web Services service is actually running on the server you are targeting (run services.msc).
Related Articles, References, Credits, or External Links
Earlier in the year, I had a problem with Certificate Services, every time it tried to issue a ‘user’ certificate it gave me an error because the user did not have an email address specified on their user object in AD. At the time I thought “I wish I know enough PowerShell, to just put an email address in all the users e-mail attribute”. So while building an 802.1x lab the same problem came up again, this time I had a bit more time to solve the problem.
Solution
OK, I’m the first to admit this is a ‘quick and dirty’ fix, it might not be what you want, but it may send you in the right direction. My test network had about 500 users and no Exchange etc, so my thought was, “Why not see if I can copy all the users UPN’s to the email address fields?”. Because even though they are not email addresses they look like them, and if I did have Exchange, then username@domain-name.domain-extention would work anyway, (unless I’d changed the addressing policy from the default).
1. Lets enumerate all the domain users, and see who has an entry in the email address field.
2. Either download this one, or use the following to create a PowerShell Script, and run it.
Populate “mail” attribute with UPN Import-Module ActiveDirectory.