Adding a User Principal Name

Hello all
I am trying to update 3500 accounts to add the User Principal names for them with no luck. Below is the code that I am trying to use

Const ADS_PROPERTY_UPDATE = 2

Set User = GetObject("LDAP://CN=magnus,OU=Network,OU=IT,OU=Information Technology,OU=Users and Groups,DC=mycompany,DC=net")

User.Put "userPrincipalName", "magnus"
User.SetInfo

When I run the above I get the followong error
C:\Support\UPNs\upn.vbs(3, 1) (null): A referral was returned from the server

Please help

Thanks
magnus
magsdtevAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

TooKoolKrisCommented:
This is not a default property that is apart of the User container within AD. If you want to script out adding this then you will need to extend the Schema so that it will add your userPrincipalName as a property of the User.
0
TooKoolKrisCommented:
I'm sorry just caught my mistake there already is a property for that. The only thing that I can suggest is to make sure your path is correct. You have an OU called "Users and Groups"?

Try creating a new user called "testuser" right in the default "Users" OU and then try this code:

Lets say the Domain Controller with AD is called PDC.mydomain.com

Set objUser = GetObject("LDAP://cn=testuser,ou=Users,dc=PDC DC,dc=mydomain,dc=com")
objUser.Put "userPrincipalName", "magnus"
objUser.SetInfo

I think your code is ok just the Qualified Path is incorrect.
0
magsdtevAuthor Commented:
TooKoolKris
I can create a brand new user with the UserPrincipleName attribute with no problem it is trying to add it after the user has already been created that I cant do for one reason or another

Magnus
0
Big Business Goals? Which KPIs Will Help You

The most successful MSPs rely on metrics – known as key performance indicators (KPIs) – for making informed decisions that help their businesses thrive, rather than just survive. This eBook provides an overview of the most important KPIs used by top MSPs.

TooKoolKrisCommented:
Sorry that should be:

Set objUser = GetObject("LDAP://cn=testuser,ou=Users,dc=PDC,dc=mydomain,dc=com")
objUser.Put "userPrincipalName", "magnus"
objUser.SetInfo
0
TooKoolKrisCommented:
Maybe you should try using the PutEx method instead of the Put method:
Try using this command instead

objUser.PutEx ADS_PROPERTY_UPDATE, "userPrincipalName", "magnus"
0
magsdtevAuthor Commented:
TooKoolKris
Thanks for the response

I tried
objUser.PutEx ADS_PROPERTY_UPDATE, "userPrincipalName", "magnus"

and
Set objUser = GetObject("LDAP://cn=testuser,ou=Users,dc=PDC,dc=mydomain,dc=com")
objUser.Put "userPrincipalName", "magnus"
objUser.SetInfo

with the same result
C:\Support\UPNs\upn.vbs(5, 1) (null): There is no such object on the server

I also verified the LDAP path as well and it is correct

Any other Ideas?

Magnus
0
RainUKCommented:
Quote [ When I run the above I get the followong error
C:\Support\UPNs\upn.vbs(3, 1) (null): A referral was returned from the server ]

This could be because the UPN you are trying to assign already exists. You need to check that the UPN does not already exist for another account before trying to update an account with the new UPN.

Quote [ with the same result
C:\Support\UPNs\upn.vbs(5, 1) (null): There is no such object on the server ]

This would definitely be an incorrect LDAP path name. Check your path using ADSI Edit (Use mmc)? Silly question to ask, but you know that an object CN (Container Name) is not equivalent to a users ADs 'FirstName' or 'DisplayName' properties.

Do you have a mixed mode Setup for NT4 Server backward compatibility on your domain?
Also when you run your script, under what user/security context (Administrator)?
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
magsdtevAuthor Commented:
RainUK
Thanks for the response

I did verify that they user did not have a UPN as well as that UPN was unique
I double checked the LDAP path as well and ran it as an administrator both with no luck

Right now I am in Mixed mode as well

Any other Ideas?
0
RainUKCommented:
Hmmmm, well thats pretty strange. Do you have multiple UPN Suffixes on your doman e.g.
Domain1.Com, Domain2.net. You could try updating the UPN by specifying the full UPN. e.g

objUser.Put "userPrincipalName", "magnus@yourDomain.yourSuffix"

Have never encountered the problem you are getting. If the above doesn't work, any chance of you dumping the exact code e.g. the real domain etc etc?
0
magsdtevAuthor Commented:
RainUK
I did the above with no success.  We are only running one suffix  (mycompany.com)  I did dig a bit deeper with ADSI edit and the path was correct but the CN=magnus was wrong.  It looks like someone in my company changed the schema a bit (mainly for a groupwise connector and address list sycnh) and the cn was actually CN=Smith\, Magnus  Once I changed it in the script it work fine

Thanks for the help

Magnus
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Visual Basic Classic

From novice to tech pro — start learning today.