I am working on an orchestration for when users go on leave that will block their logon by editing the “logonhours” attribute in AD to block logon.
I am able to edit other attributes in the custom_attributes field without an issue, but when I go to update logonhours, I get the following error in the screenshot below:
In case the picture doesn’t load for anyone, the error is:
The request is not supported At line:1 char:1 + Set-ADUser -Identity 'CN=Test User,OU=************************************************ ... + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + CategoryInfo : NotSpecified: (CN=Test User,OU...s,DC=*********************) [Set-ADUser], ADException + FullyQualifiedErrorId : ActiveDirectoryServer:50,Microsoft.ActiveDirectory.Management.Commands.SetADUser
Disabling the user is not an option as it will kick off other automation that will break other things in the domain including their IP phone setup.
Is this field not able to be updated through orchestration? Or is there something I am missing here? I have tested on more than just the test user with the same results.
