Solved

Help With a Powershell Command

Posted on 2011-09-02
9
1,729 Views
Last Modified: 2012-06-27
I have a PowerShell command to find all users that do not have the fields "Enable Federation", and " Enable Enhanced Presence" checked for Office communicator.

The command that works is;
Get-QADUser –Sizelimit 0 -IncludedProperties msRTCSIP-FederationEnabled,msRTCSIP-UserEnabled | Where {$_.'msRTCSIP-UserEnabled' -eq $true } | WHERE {$_.'msRTCSIP-FederationEnabled' -ne $true } |select name, msRTCSIP-FederationEnabled |

What I'm having trouble with is using this command to set the followiong value to true.
msRTCSIP-FederationEnabled

Any help would be appreciated.
0
Comment
Question by:LindyS
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 6
  • 2
9 Comments
 
LVL 16

Expert Comment

by:Dale Harris
ID: 36474143
I would step it out to see if it's a null value, true/false, or empty string.

$User = Get-QADUser "TestUser" -includedproperties msRTCSIP-FederationEnabled

$User.msRTCSIP-FederationEnabled

$User.msRTCSIP-FederationEnabled = $True

Does that work?

If so, try this:
Get-QADUser –Sizelimit 0 -IncludedProperties msRTCSIP-FederationEnabled,msRTCSIP-UserEnabled | Where {$_.'msRTCSIP-UserEnabled' -eq $true } | WHERE {$_.'msRTCSIP-FederationEnabled' -ne $true } | %{$_.msRTCSIP-FederationEnabled = $True}

You can also make it a tiny bit easier for you to understand if you take away the last part in a pipeline and use an actual Foreach command like this:

$Users = Get-QADUser –Sizelimit 0 -IncludedProperties msRTCSIP-FederationEnabled,msRTCSIP-UserEnabled | ? {($_.'msRTCSIP-UserEnabled' -eq $true) -and ($_.'msRTCSIP-FederationEnabled' -ne $true) }

Foreach ($User in $Users){
Write-Host "Setting $($User.samaccountname) to Federation Enabled = True"
$User.msRTCSIP-FederationEnabled = $True
}


Haven't tested this code, just shooting from the hip, but I think that should get you where you need to be.  Please don't just copy and paste it and say "It doesn't work" without trying to see where the error might be (could be a typo).  I've never worked with Officer Communicator but have worked with AD for a long time.

HTH,

Dale Harris
0
 
LVL 16

Expert Comment

by:Dale Harris
ID: 36474155
And does it matter if every single user is supposed to take this command, you could just set all users to enabled/true.

Would that work better?  Or do you need to avoid people that don't have UserEnabled = True?

Just a thought.

Dale
0
 
LVL 3

Author Comment

by:LindyS
ID: 36474446
No I can't set all accounts, it has to be just the ones that are msRTCSIP-UserEnabled.

Thanks for the suggestion, but I am not at work so I can't test the solution.
I will try when I get back in the morning.

I'll play with it a little more then.
0
Efficient way to get backups off site to Azure

This user guide provides instructions on how to deploy and configure both a StoneFly Scale Out NAS Enterprise Cloud Drive virtual machine and Veeam Cloud Connect in the Microsoft Azure Cloud.

 
LVL 16

Expert Comment

by:Dale Harris
ID: 36474495
Okay, then the other solution provided should work for you.  Looking forward to a response.

DH
0
 
LVL 27

Accepted Solution

by:
KenMcF earned 500 total points
ID: 36476698
You will need to use the set-qaduser cmdlet for this. Take the code that Dale has posted but just change this

Foreach ($User in $Users){
Write-Host "Setting $($User.samaccountname) to Federation Enabled = True"
Set-qaduser $user -objectattributes @{msRTCSIP-FederationEnabled=$True}
}


or from your original post you can add this

Get-QADUser –Sizelimit 0 -IncludedProperties msRTCSIP-FederationEnabled,msRTCSIP-UserEnabled | Where {$_.'msRTCSIP-UserEnabled' -eq $true} | Where {$_.'msRTCSIP-FederationEnabled' -ne $true } | Set-qaduser -ObjectAttributes @{msRTCSIP-FederationEnabled = $True}

Another option would be to use a LDAP filter.

get-qaduser -LDAPFILTER "(&(msRTCSIP-FederationEnabled=True)(msRTCSIP-UserEnabled=True))" | Set-qaduser -ObjectAttributes @{msRTCSIP-FederationEnabled=$True}



Like Dale I am unable to test these since I do not have Office communicator.
0
 
LVL 16

Expert Comment

by:Dale Harris
ID: 36476797
Ahh it's not a native property of AD, so it makes sense it would have to be changed through objectattributes.

Good catch, Ken.
0
 
LVL 3

Author Closing Comment

by:LindyS
ID: 36476838
This solution works as needed.
I only had to make one minor change and enclose the field in quotes.

 @{'msRTCSIP-FederationEnabled' = $True}

Thanks for the help!
0
 
LVL 16

Expert Comment

by:Dale Harris
ID: 36476884
Would it be too much to ask for a point split between myself and Ken?  I think Ken would agree.
0
 
LVL 16

Expert Comment

by:Dale Harris
ID: 36476889
At second glance, I see that you really only needed that one bit of code that Ken provided since you had everything else.  Disregard the last comment I made.
0

Featured Post

Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Recently we ran in to an issue while running some SQL jobs where we were trying to process the cubes.  We got an error saying failure stating 'NT SERVICE\SQLSERVERAGENT does not have access to Analysis Services. So this is a way to automate that wit…
Had a business requirement to store the mobile number in an environmental variable. This is just a quick article on how this was done.
Are you ready to implement Active Directory best practices without reading 300+ pages? You're in luck. In this webinar hosted by Skyport Systems, you gain insight into Microsoft's latest comprehensive guide, with tips on the best and easiest way…
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…

688 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question