Author Posts

January 1, 2012 at 12:00 am

by bgibb at 2012-09-13 11:57:33

We are getting ready to change our AD display name, so that our Exchange GAL will show users as Lastname, Firstname {middle initial, if available}.

Changing it for new users is an easy task, however, for existing users across two domains is beginning to look like a pain. We have found some commands that, on the surface, look promising but can't get anything to work.

I'm sure it's just a simple scripting issue, but we haven't found it yet.

Thanks in advance.

by DonJ at 2012-09-13 12:03:40

I'd think the Set-ADUser command would be pretty useful. Or the Quest Set-QADUser command. Something similar to what viewtopic.php?f=9&t=280 was trying to do, right?

by bgibb at 2012-09-13 12:17:10

Somewhat, the following works for a single user, but we don't want to have to manually type it in, or even go so far as use a csv, if we can avoid it.

set-aduser -identitiy bgibb -displayname "Gibb, Brian H."

by DonJ at 2012-09-13 12:21:11

so...


get-aduser | foreach { set-aduser -identity $_ -displayname "$($_.lastname), $($_.firstname)" }

?

by bgibb at 2012-09-13 12:44:37

Thanks

by bgibb at 2012-09-13 13:14:39

I spoke too soon. This changes all display names to " . "

by DonJ at 2012-09-13 13:22:22

Well, not sure why. I didn't have any periods in there :).

My fault – I apologize. I wasn't offering that as a ready-made solution for what you needed; I was laying it out as more of a framework. I'll explain what it does, and you'll need to modify it to suit your specific needs.

First, Get-ADUser requires a -Filter parameter. To get all users, it'd be Get-ADUser -filter *. AD has some limitations on how many results it'll normally return; you'll have to read the help for the cmdlet so that you can tweak other parameters to fit your needs. For example, using -SearchBase would let you start in a particular OU.

Inside the ForEach loop, $_ represents whatever users Get-ADUser produced for you. You can then access their individual properties. Because AD users don't have a firstname property, you can't use $_.firstname – I'm sorry I didn't make it clear that I was kinda pseudo-coding. You'd use $_.sn for the surname (last name), for example. I think it's givenName for the first name.

If you run Get-ADUser -filter * -prop * | Get-Member it'll display a list of all available properties.

by bgibb at 2012-09-13 14:05:47

The kicker seems to be getting the initial to display, but we seem to be on the correct track now.

by DonJ at 2012-09-13 14:11:54

There's an "initials" attribute, if you've put it into the Initials field in ADUC. See http://www.kouti.com/tables/userattributes.htm – it's a good cross-reference from the GUI fields to the internal attribute names.

Do make sure you add "-prop *" to Get-ADUser – not all attributes are returned by default if you don't use that.

by coderaven at 2012-09-17 12:57:04

I apologize it took so long to get back to you on this, it has been a busy few days.

As Don put, this will get you very close.

Get-ADUser -Filter * -Properties sn, givenname, initials | Foreach-object { set-aduser -Identity $_ -replace @{displayname=(([string]"$($_.sn), $($_.givenname) $($_.initials)").Trim())} -WhatIf }

Notice the trim at the end of the sting, this will keep those users with out a middle initial or anything in the initials field from having blank spaces that could result in some odd query results. I left the whatif in place so you would have to modify the statement to get it to work.

Also, this is a old but relevant article that shows how to make something like this affect newly created users. This is a small schema update so be careful!