Modify Custom AD attribute

We have a custom AD user attribute called gmailaddress. I am attempting to populate this attribute with an email address. The following cmd results in an error:

set-aduser -Identity “bstest2” -Add @{gmailaddress=“glenjohn@fabrikam.com”}

 

set-aduser : The parameter is incorrect
At line:1 char:1

  • set-aduser -Identity “bstest2” -Add @{gmailaddress=“glenjohn@fabrikam.com”}
  • CategoryInfo         : InvalidOperation: (bstest2:ADUser) [Set-ADUser], ADInvalidOperationException
  • FullyQualifiedErrorId : The parameter is incorrect,Microsoft.ActiveDirectory.Management.Commands.SetADUser

I’m not sure how to proceed. It works, or rather -replace works, on standard attributes, but -add errors out on my custom attribute.

Thanks in advance for any guidance.

-Bill

The first thing i would do is to make sure that AD is seeing it with that name. I would use Active Directory Users and Computers with the advanced features turned on, then look in the Attribute Editor tab. Hopefully you will see the custom attribute in there.

Thanks for your response Matt. I do see the custom attribute on the attribute editor tab.  Any idea why it is erroring out.

 

Thanks,

-Bill

Hmmm, it should be working. My next guess is to follow the examples in help more precisely and swap the " to ’ to get @{gmailaddress=‘blah’}. You could also try without the quote marks at all, not sure that would work. I would test it but I’m stuck in a hotel with diabolical wifi.

Thanks Matt, but still no love…

PS C:\Users\songstadw> set-aduser -Identity “bstest2” -Add @{gmailaddress=‘glenjohn@fabrikam.com’}
set-aduser : The parameter is incorrect
At line:1 char:1

  • set-aduser -Identity “bstest2” -Add @{gmailaddress=‘glenjohn@fabrikam.com’}
  •   + CategoryInfo          : InvalidOperation: (bstest2:ADUser) [Set-ADUser], ADInvalidOperationException
      + FullyQualifiedErrorId : The parameter is incorrect,Microsoft.ActiveDirectory.Management.Commands.SetADUser
    
    
    
    

PS C:\Users\songstadw> set-aduser -Identity “bstest2” -Add @{gmailaddress=glenjohn@fabrikam.com}
glenjohn@fabrikam.com : The term ‘glenjohn@fabrikam.com’ is not recognized as the name of a cmdlet, function, script file, or operable program. Check the
spelling of the name, or if a path was included, verify that the path is correct and try again.
At line:1 char:52

  • set-aduser -Identity “bstest2” -Add @{gmailaddress=glenjohn@fabrikam.com}
  •                                                ~~~~~~~~~~~~~~~~~~~~~
    
    • CategoryInfo : ObjectNotFound: (glenjohn@fabrikam.com:String) [], CommandNotFoundException
    • FullyQualifiedErrorId : CommandNotFoundException

I’m going to guess I’m missing something obvious. Maybe the answer is that set-aduser can’t access custom properties at all. In that case you could try having a look at set-adobject instead. Maybe it won’t make a difference but its worth a go.

PS C:\Users\songstadw> set-adobject -Identity “526d1e62-f3b7-47ca-ad8d-8061209c0e3b” -replace @{mail=“glenjohn@fabrikam.com”} works. (it is using a well known attribute…

However, both -replace and -add error out when using the custom attribute.

PS C:\Users\songstadw> set-adobject -Identity “526d1e62-f3b7-47ca-ad8d-8061209c0e3b” -replace @{gmailaddress=“glenjohn@fabrikam.com”}
set-adobject : The parameter is incorrect
At line:1 char:1

  • set-adobject -Identity “526d1e62-f3b7-47ca-ad8d-8061209c0e3b” -replace @{gmailad …
  •   + CategoryInfo          : InvalidOperation: (526d1e62-f3b7-47ca-ad8d-8061209c0e3b:ADObject) [Set-ADObject], ADInvalidOperationException
      + FullyQualifiedErrorId : The parameter is incorrect,Microsoft.ActiveDirectory.Management.Commands.SetADObject
    
    

So I am back to square 0.

Bill

For the benefit of anyone that finds themselves reading this thread, I discovered the problem: The custom attribute I created had an incorrect syntax type. I must have clicked UTC Time instead of Unicode String…

Once corrected, set-aduser bstest2 -replace @{gmailaddress2=glenn.john@fabrikam.com} worked.

Bill