I have a group in AD “SS_PROXY”, we need a custom attribute “mcdFormattedName” to be copied to displayname.
Please help! Currently using the below script. We can copy non extended attributes like sAMAccountName but if we change this to the custom attribute it clears displayname instead.
Get-ADGroupMember -Identity SS_PROXY |
where {$.objectclass -eq “user”} |
foreach {Set-ADUser -Identity $($.distinguishedName) -Displayname $($_.sAMAccountName)}
This is because your code is directly overwriting it.
For non-existent data points, adding them should be expected to be successful.
If you are trying to add additional information to a data point, you need to first read what is in the data field, capture it, then append the additional data to that capture and then write it back.
Yet, you need to show more of your code and the results of what is said happening, otherwise it’s left to assumption. You can even create a screen capture (.gif/.jpg) and post here as per the forums guidelines. It’s kind of difficult to imagine that what you state should be happening. Unless you target a data point, it should not be impacted.
Also, before making change to critical data points, it should be tested, to determine what is planned to happen will happen.
You’d do this with conditional statements, like -whatif when using your commands or try/catch, etc., in your code as validation steps.
Hi Chris
I think the issue might be due to the type of object being returned by Get-ADGroupMember . According to the Microsoft documentation this is an ADPrincipal object which doesn’t have access to all of the same properties as say, Get-ADUser which returns an ADUser object.
the reason it works for samaccountname vs an extension attribute is get-adgroupmember only returns 6 properties, one of which is samaccountname.
the object does not contain any of the other ad attributes, so we need to pass the object to get-aduser first, and specify what property we need.
Get-ADGroupMember -Identity SS_PROXY |
where {$_.objectclass -eq "user"} |
get-aduser -prop extensionattribute1|Set-ADUser -Displayname $($_.extensionattribute1)