Updating UPN and SAM in one pass

This topic contains 3 replies, has 2 voices, and was last updated by Profile photo of Don Jones Don Jones 1 year, 9 months ago.

  • Author
    Posts
  • #22517
    Profile photo of Grant Harrington
    Grant Harrington
    Participant

    I've got a .csv file formatted as shown below.

    I want to take
    UPN: lastf@domain.com
    SAM: lastf

    and update them to:
    UPN: first.last@domain.com
    SAM: first.last

    CSV format for import
    samaccountname,NewUserPrincipleName,NewSamAccountName
    currentSamAccountName,newUPN@domain.com,newSamAccountName

    I've already combined GivenName.SN@domain.com (UPN) and GivenName.SN (SAM) in the CSV file and have that ready for import.

    My question is, will it work as written, or does it need to be two separate actions, first change the UPN, then change the SAM?

    
    function Update-ADSamAccountName_UPN {
        [CMDLETBINDING(SupportsPaging = $true,
                    SupportsShouldProcess = $true)]
        param(
            )
        
        BEGIN {
        
        } #end BEGIN
        
        PROCESS {
        Import-Csv c:\temp\Sam_UPN-Import.csv | ForEach-Object {Set-ADUser -Identity $_.samAccountName -Replace @{UserPrincipalName=$_.NewUserPrincipleName;SamAccountName=$_.NewSamAccountName}}
        } #end PROCESS
    
        END {
        
        } #end END
    
    } #end Update-ADSamAccountName_UPN
  • #22520
    Profile photo of Don Jones
    Don Jones
    Keymaster

    Have you tried it?

  • #22524
    Profile photo of Grant Harrington
    Grant Harrington
    Participant

    I just did on a test user, and it did in fact work quite well. My concern was if I changed the SAM as part of the script when I went to look for it in the ForEach-Object, it's now gone. I was probably over-thinking it, but it does in fact work quite well as written. I've got several of these scripts I'm using for batch updating ADUC fields, but always use the SAM as the fixed variable on import of .csv, and since that was changing, I second guessed myself.

    Thanks!

  • #22525
    Profile photo of Don Jones
    Don Jones
    Keymaster

    Oh, OK. No, ForEach object isn't individually querying the data from AD as it goes. You query the data, ForEach enumerates across what you've got. It'll be a problem if you have more than 1k or so users, because you won't get them all in one query.

You must be logged in to reply to this topic.