Hi
In AD by preference the Users Email address is SamAccountName + @mydomain.com.
I recently noticed that there are differences here where the SamAccountName is not following this standard(don’t ask me why)
in my offboarding script it can happen that the $user.samAccountName returns an error because the standard convention as mentioned above has not been respected, or the user has asked to change his name From Paulus into Paul.
my script looks as follows
in the CSV I have 2 headers SamAccountName and Email
example
SamAccountName, Email
Paul,Paul@mydomain.com
userPrincipalName = Paulus@mydomain.com
SamAccounName = Paulus
What I would like to achieve is that if $user.SamAccountName fails that I will take the required steps to Modify the samAccountName Based upon the $User.email
this code I use to capture the difference in samaccountName
[pre]
$users = import-csv c:\temp\toRemove.csv
$test = get-aduser -filter{EmailAddress -eq $email} -properties Emailaddress
$Emailaddress = get-aduser -identity $user -properties Emailaddress
$UserPrincipalName = get-aduser $user -properties UserPrincipalName
If(!($UserPrincipalName.UserPrincipalName -eq $Emailaddress.EmailAddress)){
write-host “$($EmailAddress.EmailAddress) is not equal to $($UserPrincipalName.UserPrincipalName)”
$NewUser = $($UserPrincipalName.UserPrincipalName) -split(“@”)
$newuser[0]
}
[/pre]
and would like to integrate this in the below for each I only don’t know what the best way is using the IF statement or a select case senario?
[pre]
$users = import-csv c:\temp\toRemove.csv
foreach($user in $users){
$testSamAccountName = get-aduser -Identity $user.SamAccountName # this fails
if(!($testSamAccountName)){
$TestEmail = Get-ADUser -filter{EmailAddress -eq $user.email} -properties EmailAddress
}
}
[/pre]
thanks for your input
Paul
you may use Try catch block as it throws error and may be in catch block you can read the error continue based on the error.
Try{
$testSamAccountName = get-aduser -Identity $user.SamAccountName -ErrorAction Stop
}
Catch{
if($_ -match "the expectederror message"){
$TestEmail = Get-ADUser -filter{EmailAddress -eq $user.email} -properties EmailAddress
}
else{
Throw $_
}
}
Another option is to just search for both values, but it would be possible to return more than one user:
$users = import-csv c:\temp\toRemove.csv
foreach ( $user in $users ){
$samAccountName = $user.SamAccountName
$email = $user.Email
$adUser = Get-ADUser -Filter { (EmailAddress -eq $Email) -or (SamAccountName -eq $samAccountName) } -Properties EmailAddress
if ($adUser) {
'Found user with lookup {0} or {1}' -f $email,$samAccountName
$adUser
}
else {
'No user found with lookup {0} or {1}' -f $email,$samAccountName
}
}
I now face the following issue that when I want to update the SamAccountName with the New SamAccountName
in this example it works [pre]
$users = import-csv c:\temp\toRemove.csv
foreach ( $user in $users ){
$samAccountName = $user.SamAccountName
$email = $user.Email
$adUser = Get-ADUser -Filter { (EmailAddress -eq $Email) -or (SamAccountName -eq $samAccountName) } -Properties EmailAddress
if ($adUser) {
‘Found user with lookup {0} or {1}’ -f $email,$samAccountName
$NewUser= $($adUser.UserPrincipalName) -split(“@”)
$user = $NewUser[0]
$user
}
else {
‘No user found with lookup {0} or {1}’ -f $email,$samAccountName
}
}
[/pre]
error that I now get is
[pre]
Cannot find an object with identity: ‘Paul’ under: ‘DC=mydomain,DC=com’.
- CategoryInfo : ObjectNotFound: (akir:ADUser) [Get-ADUser], ADIdentityNotFoundException
- FullyQualifiedErrorId : ActiveDirectoryCmdlet:Microsoft.ActiveDirectory.Management.ADIdentityNotFoundException,Microsoft.ActiveDirectory.Management.Commands.GetAD
User
- PSComputerName : cfdc01.mydomain.com
[/pre]
How can I make sure that the $user.SamaccountName is populated with “Paulus” instead of the value found in the CSV file?
Do I need to update the CSV file first or is there a different way other then what I tried above?
hi
I discovered that when I use Bob’s solution it works while directly working on the AD server with PSSession it’s not any suggestions?
Paul