Two lines not working...

Can anyone see why this script isn't working - see comment in code.

Code:

---

function get-dn ([string]$SAMName,[string]$type)
{
        $root = [ADSI]''
        $searcher = new-object System.DirectoryServices.DirectorySearcher($root)
           
    switch($type)
    {
        contact{
            $searcher.filter = "(&(objectClass=contact)(cn=$SAMName))"   
        }
        group{
            $searcher.filter = "(&(objectClass=group)(cn=$SAMName))"
        }
        user{
            $searcher.filter = "(&(objectClass=user)(sAMAccountName=$SAMName))"
        }
        computer{
            $searcher.filter = "(&(objectClass=computer)(name=$SAMName))"
        }
        employeeID{
            $searcher.Filter = "(&(objectClass=user)(employeeID=$SAMName))"
        }
    }

        $user = $searcher.findall()
   
        if ($user.count -gt 1){
                $count = 0
                foreach($i in $user){
                        write-host $count ": " $i.path
                        $count = $count + 1
                }
                $selection = Read-Host "Please select item: "
                return $user[$selection].path.toString()
        }
        else{       
                return $user[0].path
        }
}

function generateUniqueUserName([string] $PreferedSurename, [string] $PreferedForename, [string] $YearofEntry, [int] $repeate, [int] $forenameIncremant)
{
    #If using whole forname for username kill script 
    if(($PreferedForename.length) -eq 1+$forenameIncremant)
    {
        echo "No Unique name found"
        BREAK;
    }

    #If using full surname start incrementing the forename
    if(($PreferedSurname.length) -lt (3+$Repeate))
    {
        $firstletter = $PreferedForename.substring(0,1+$forenameIncremant);
        $lastletters = $PreferedSurename
        $forenameIncremant = $forenameIncremant+1
    }
    #Use Default Naming alowing increase in surname chars
    else
    {
        $firstletter = $PreferedForename.substring(0,1);   
        $lastletters = $PreferedSurename.substring(0,3+$repeate);
    }
   
    $YearNumber = $YearofEntry.substring(3,1);
   
    $username = $yearNumber+"-"+$Firstletter+$lastLetters
   
    if(((get-dn $username user) -as [string]).contains("ou"))
    {
        generateUniqueUserName $PreferedSurname $Preferedforename $YearofEntry ($repeate+1) $forenameIncremant
    }
    else
    {
        return $username
    }   
}

ADD-PSSNAPIN -name Microsoft.Exchange.Management.Powershell.Admin
Add-pssnapin -name Quest.ActiveRoles.ADManagement
#Change legal forname field to forename1
import-csv "s:\studentsimport.csv" | foreach-object {

    $newUser = $false

    #Set Working Varables
    $LegalSurname = $_.Surname
    $LegalForename = $_.Forename
    $PreferedSurname = $_.'Legal Surname'
    $PreferedForename = $_.Forename1
    $YearofEntry = $_.'Year of entry'
    $TempPassword = read-host -AsSecureString
    $admissionNumber= $_.adno -as [int]
    $RegGroup = $_.reg  -as [string]
   
    #check if user with admission number exists
    $LDAPPath = (get-dn $admissionNumber employeeID) -as [string]
   
    if($LDAPPath.Contains("ou"))
    {
        #update User       
        $workingUserName = $LDAPPath.Substring(10,$LDAPPath.IndexOf(',')-10)
        echo "known user"
             
    }
    else
    {
        #new User       
        $workingUserName = generateUniqueUserName $PreferedSurname $Preferedforename $YearofEntry 0 0
        #Safty
        $workingUserName = "Test"+$workingUserName 
        $newUser = $true           
    }
   
    $Sam =  $workingUserName
    $max=$Sam.Length
    if ($max -gt 20) {$max=20}
    $Sam=$Sam.Substring(0,$max)
       
    $Name=$workingUserName
    $DisplayName=$PreferedForename+" "+$PreferedSurname
    $Alias=$workingUserName
    $UPN=$workingUserName+"@shsg.org"
   
    $ProfilePath ='\\SHSG-D02-FNP01\Users$\'+$Alias
    $HomeDir='\\SHSG-D02-FNP01\StudentUserData$\'+$Alias
    $HomeDrive='U:'
   
    $Company='Southend High School for Girls - Student'
    $Office=$RegGroup
    $Description='Student'
    $ourdomain='@olympus.local'

    $HomeFolderMasterDir='\\SHSG-D02-FNP01\StudentUserData$\'   

    if($RegGroup.contains("7") -or $RegGroup.contains("8") -or $RegGroup.contains("9"))
    {
        $MailDatabase = "shsg-d03-exs01\SHSG KeyStage 3\SHSGKeystage3"
    }

    if($newUser -eq $True)
    {
        new-item -path $HomeFolderMasterDir -name $Alias -type directory
        New-Mailbox -Name $Name -Alias $Alias -OrganizationalUnit 'olympus.local/Creation' -UserPrincipalName $UPN -SamAccountName $SAM -FirstName $LegalForename -Initials '' -LastName $LegalSurname -Password $TempPassword -ResetPasswordOnNextLogon $true -Database $MailDatabase
        set-qaduser -identity $alias -homedirectory $HomeDir -homedrive $Homedrive -company $Company -office $Office -displayname $displayname -profilePath $ProfilePath
    }
    else
    {
        #Why does this not work?
        #Permission Denied Errors
        Set-Mailbox -Identity $alias -Name $Name -Alias $Alias -UserPrincipalName $UPN -SamAccountName $SAM
        get-qaduser $alias | set-qaduser -homedirectory $HomeDir -homedrive $Homedrive -company $Company -office $Office -displayname $displayname -profilePath $ProfilePath
    }

    $Foldername=$HomeFolderMasterDir+$Alias
    $DomainUser='olympus\'+$Alias

    $ACL=Get-acl $Foldername
    $Ar = New-Object  system.security.accesscontrol.filesystemaccessrule($DomainUser,"FullControl","Allow")
    $Acl.SetAccessRule($Ar)
    Set-Acl $Foldername $Acl
}

---