Friends, Can you please help me, I want to Copy a multi-valued Active Directory attribute, (AltSecurityIdentities) from one user to another with PowerShell.
AltSecurityIdentities is not set in the Mary.Doe Record
Here is what I wrote:
PS C:\WINDOWS\system32> $OldUserAltSecurityIdentities = @((Get-ADUser -Identity Joe.Jones -Properties "altSecurityIdentities").altSecurityIdentities)
Set-ADUser -WhatIf -Identity Mary.Doe -Replace ([Array] $OldUserAltSecurityIdentities)
Set-ADUser : Cannot convert 'System.Object[]' to the type 'System.Collections.Hashtable' required by parameter 'Replace'. Specified method is not supported.
At line:2 char:56
+ ... ity Mary.Doe -Replace ([Array] $OldUserAltSecurityIdentities)
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidArgument: (:) [Set-ADUser], ParameterBindingException
+ FullyQualifiedErrorId : CannotConvertArgument,Microsoft.ActiveDirectory.Management.Commands.SetADUser
Then, If I look at $OldUserAltSecurityIdentities it shows two good values: (Names & Numbers Disguised)
PS C:\WINDOWS\system32> $OldUserAltSecurityIdentities
RJ77:<S>c=us,o=u.s. USMC t,ou=department of defense,ou=derived piv,cn=Joe Jones 17001070096712
RJ77:<S>C=US,O=U.S. USMC,OU=Department of DEFENSE,CN=Joe Jones OID.0.K.2342.85900300.180.K1.1=17001070096712
Then, If I look at $OldUserAltSecurityIdentities it shows it is an Array.
PS C:\WINDOWS\system32> $OldUserAltSecurityIdentities.gettype()
IsPublic IsSerial Name BaseType
-------- -------- ---- --------
True True Object[] System.Array
Thanks in advance for your help.