How to Handle Errors in PowerShell Script for Getting LAPS Password?

By
Elli Mongillo
-
0
0
Asked By TechWiz09 On

I'm working on a PowerShell script that retrieves the LAPS password from Intune. The script ensures that users can't enter a blank computer name, but I'm struggling with error handling. Specifically, I want to prompt the user again and display a message if the provided PC name doesn't exist. Any suggestions on how to implement this effectively? Here's the script I have so far:

```powershell
if (Get-Module -ListAvailable -Name Microsoft.Graph) {}
else { Install-Module Microsoft.Graph -Force; Import-Module Microsoft.Graph }

Connect-MgGraph -Scope DeviceLocalCredential.Read.All, Device.Read.All -NoWelcome

# Get PC Name
$Name = $null
While ( ($null -eq $name) -or ($name -eq '') ) {
$Name = Read-Host -Prompt "Computer name"
}

# Remove spaces
$NameTrim = $name.TrimStart().TrimEnd()

Get-LapsAADPassword -DeviceIds $NameTrim -IncludePasswords -AsPlainText
Disconnect-MgGraph | Out-Null
```

I'm looking for ways to add validation for the computer name input and friendly error messages for when the name doesn't exist.

4 Answers

Answered By CodeMaster42 On

Using a try/catch block can really help handle errors gracefully. You could enclose your call to `Get-LapsAADPassword` in a try/catch to suppress the error output when a computer isn't found. Additionally, consider using a do/until loop to keep prompting the user until they provide a valid name or hit a failure limit. Here’s a quick example:

```powershell
$Counter = 0
$Complete = $false
Do {
try {
$Name = Read-Host -Prompt "Computer name"
$NameTrim = $Name.Trim()
Get-LapsAADPassword -DeviceIds $NameTrim -IncludePasswords -AsPlainText -ErrorAction Stop
$Complete = $true
} catch {
$Counter++
Write-Warning "Computer not found, try again. Attempts: $Counter"
}
} Until ($Complete -or $Counter -eq 4)

if (-not($Complete)) {
Write-Warning "Failed to retrieve LAPS password"
}
```

PowerNerd88 -

Nice suggestion! This keeps the user informed while allowing them multiple attempts!

Answered By ScriptKiddy42 On

Just a thought: why not make your script a function that takes the computer name as a parameter? Then you can handle everything more cleanly and even allow it to be used in pipelines effectively. Here’s a rough structure:

```powershell
function Get-LAPSPassword {
param(
[string]$ComputerName
)
# Your LAPS password retrieval code here
}
```

Answered By ScriptingGuru11 On

You might want to check if the computer exists in a separate step before attempting to retrieve the LAPS password. Another approach could be to capture the output from the LAPS query in a variable and see if it's empty or not. This would allow you to give a streamlined message based on the actual results of your query.

Answered By DevOpsDude3 On

It could be beneficial to first import the module, and if that fails, then install it. There are also some best practices you should consider, like setting up a parameter block for your `ComputerName`, which can ensure it's validated as not null or empty right from the start.

Related Questions

LEAVE A REPLY

Please enter your comment!
Please enter your name here

This site uses Akismet to reduce spam. Learn how your comment data is processed.