Hi Guys,
I have the below code that I’m using to compare the SID attribute of a user from one domain to the SIDHistory attribute of users in another domain. If the SID matches then I know an account already exists for that user in the new domain. My problem is that if the account doesn’t exist - i.e. nothing returns true in the below if statement - how do I show output to say “No account exists for this user. Moving on to next user”. Hope that makes sense. Thanks!
$OldDomainUserSIDs = Get-ADGroupMember -Identity 'OldDomainUsers' -Server OldDC.OldDomain.Com | select name, SID
$NewDomainUsersSIDHistory = Get-ADUser -Filter * -Properties SIDHistory - Server newDC.NewDomain.Local | select name, SIDHistory
foreach($OldDomainUserSID in $OldDomainUserSIDs){
foreach($NewDomainUserSIDHistory in $NewDomainUserSIDHistory){
if($OldDomainUserSID.SID -eq $NewDomainUserSIDHistory.SIDHistory){
Write-Host "A user account already exists for $($OldDomainUserSID.Name) - Username is $($NewDomainUserSIDHistory.Name)"
}
}
}
A else statement added to your if statement that compares the SID will do that
$OldDomainUserSIDs = Get-ADGroupMember -Identity 'OldDomainUsers' -Server OldDC.OldDomain.Com | select name, SID
$NewDomainUsersSIDHistory = Get-ADUser -Filter * -Properties SIDHistory - Server newDC.NewDomain.Local | select name, SIDHistory
foreach($OldDomainUserSID in $OldDomainUserSIDs){
foreach($NewDomainUserSIDHistory in $NewDomainUserSIDHistory){
if($OldDomainUserSID.SID -eq $NewDomainUserSIDHistory.SIDHistory){
Write-Host "A user account already exists for $($OldDomainUserSID.Name) - Username is $($NewDomainUserSIDHistory.Name)"
}else{Write-Host "No account exists for this user. Moving on to next user"}
}
}
Hi Jonathan - I think that will tell me that the user’s SID doesn’t match the SIDHistory of the object currently being evaluated. What I need is some output if the user’s SID doesn’t match the SIDHistory attribute of any object.
Try setting a “default” output message indicating nothing is found, then overwriting it if a user is found.
foreach($OldDomainUserSID in $OldDomainUserSIDs){
$output = "No Account exists for this users. Moving on to next user"
foreach($NewDomainUserSIDHistory in $NewDomainUserSIDHistory){
if($OldDomainUserSID.SID -eq $NewDomainUserSIDHistory.SIDHistory){
$output = "A user account already exists for $($OldDomainUserSID.Name) - Username is $($NewDomainUserSIDHistory.Name)"
}
}
Write-Output $output
}
Simple as that - excellent! Thanks for the help, Jeremy.