In the Active Directory, we can find different attributs like Name, DisplayName, SAMAccountName, and one is interesting for me, the FullName atttribut who set the text you see when you open the Users And Computers Active Directory at the “Name” Column.
I want to add a suffix “_OUT” in a specific OU.
I found that to modify this attribut, I have to use Rename-ADObject function but I don’t know how can I do.
I want to get all the users in the SearchBase “OU=TEST, DC=TEST, DC=local” and add if is not already added the suffix “_OUT”.
I think I have to combine the function Get-ADUser with Rename-ADObject.
Maybe to make this easier, we can modify in a first step the SAMAccountName and after that, make a condition if the SAMAccountName has “_out”, then modify the FullName attribut with a “_OUT” suffix too.
In terms of finding, you can probably use Get-ADUser with -filter to find names that are -notlike “*_OUT”, I think, and you can obviously specify a search base, so that should let you at least get the accounts you want.
Rename-ADObject is only for displayName - just want to ensure that’s what you mean to change. Otherwise you would use Set-ADUser.
Once you get the users you want to change, you will need to use ForEach-Object to go through them one at a time. Pipe the user to the Set- or Rename- cmdlet, and you can use $_ within ForEach-Object to refer to the original Name property (if that’s what you’re changing), like “$($_.Name)_OUT” or whatever, so specify the new name.
But I have a problem who say Object Not Found:
Rename-ADObject : Cannot find an object with identity: ‘Jack, Spirow’ under: ‘DC=maquette,DC=local’.
At line:10 char:148
I have this script :
I have an error :
Rename-ADObject : An attempt was made to add an object to the directory with a name that is already
in use
At line:33 char:5
Now, more ideally, you’ll have the rename command in a try/catch statement with logging, and of course, be sure to use -whatif the first time so you have a better idea of what will happen.
It finally works. Thank you. By the way, I’m in another one problem with a script for deleting Description attribut if it contains “TOTO”
I try to use that but I have a problem :
This indeed is a syntax error.
I see you used {Description like “TOTO”}, whilst it should be {Description -like “TOTO”}.
You forgot the “-” before like.
Also is it supposed to delete the attribute if it CONTAINS “TOTO”, or if it EQUALS “TOTO”.
For instance:
TOTO 123
123 TOTO
TOTO
Are they all supposed to come up in the search result or only the last one?
If they should all come up in the search result, I would suggest using {Description -like “TOTO”}.
I tried your script and I think I have a problem with the pipe of the function Remove-ADObject.
As you can see in the error below :
Remove-ADObject : The input object cannot be bound to any parameters for the command either because the command does not take pipeline input or the input and its properties do not match any of the parameters that take pipeline input.
At line:14 char:136