Solved

Help With a Powershell Command

Posted on 2011-09-02
9
1,684 Views
Last Modified: 2012-06-27
I have a PowerShell command to find all users that do not have the fields "Enable Federation", and " Enable Enhanced Presence" checked for Office communicator.

The command that works is;
Get-QADUser –Sizelimit 0 -IncludedProperties msRTCSIP-FederationEnabled,msRTCSIP-UserEnabled | Where {$_.'msRTCSIP-UserEnabled' -eq $true } | WHERE {$_.'msRTCSIP-FederationEnabled' -ne $true } |select name, msRTCSIP-FederationEnabled |

What I'm having trouble with is using this command to set the followiong value to true.
msRTCSIP-FederationEnabled

Any help would be appreciated.
0
Comment
Question by:LindyS
  • 6
  • 2
9 Comments
 
LVL 16

Expert Comment

by:Dale Harris
ID: 36474143
I would step it out to see if it's a null value, true/false, or empty string.

$User = Get-QADUser "TestUser" -includedproperties msRTCSIP-FederationEnabled

$User.msRTCSIP-FederationEnabled

$User.msRTCSIP-FederationEnabled = $True

Does that work?

If so, try this:
Get-QADUser –Sizelimit 0 -IncludedProperties msRTCSIP-FederationEnabled,msRTCSIP-UserEnabled | Where {$_.'msRTCSIP-UserEnabled' -eq $true } | WHERE {$_.'msRTCSIP-FederationEnabled' -ne $true } | %{$_.msRTCSIP-FederationEnabled = $True}

You can also make it a tiny bit easier for you to understand if you take away the last part in a pipeline and use an actual Foreach command like this:

$Users = Get-QADUser –Sizelimit 0 -IncludedProperties msRTCSIP-FederationEnabled,msRTCSIP-UserEnabled | ? {($_.'msRTCSIP-UserEnabled' -eq $true) -and ($_.'msRTCSIP-FederationEnabled' -ne $true) }

Foreach ($User in $Users){
Write-Host "Setting $($User.samaccountname) to Federation Enabled = True"
$User.msRTCSIP-FederationEnabled = $True
}


Haven't tested this code, just shooting from the hip, but I think that should get you where you need to be.  Please don't just copy and paste it and say "It doesn't work" without trying to see where the error might be (could be a typo).  I've never worked with Officer Communicator but have worked with AD for a long time.

HTH,

Dale Harris
0
 
LVL 16

Expert Comment

by:Dale Harris
ID: 36474155
And does it matter if every single user is supposed to take this command, you could just set all users to enabled/true.

Would that work better?  Or do you need to avoid people that don't have UserEnabled = True?

Just a thought.

Dale
0
 
LVL 3

Author Comment

by:LindyS
ID: 36474446
No I can't set all accounts, it has to be just the ones that are msRTCSIP-UserEnabled.

Thanks for the suggestion, but I am not at work so I can't test the solution.
I will try when I get back in the morning.

I'll play with it a little more then.
0
Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

 
LVL 16

Expert Comment

by:Dale Harris
ID: 36474495
Okay, then the other solution provided should work for you.  Looking forward to a response.

DH
0
 
LVL 27

Accepted Solution

by:
KenMcF earned 500 total points
ID: 36476698
You will need to use the set-qaduser cmdlet for this. Take the code that Dale has posted but just change this

Foreach ($User in $Users){
Write-Host "Setting $($User.samaccountname) to Federation Enabled = True"
Set-qaduser $user -objectattributes @{msRTCSIP-FederationEnabled=$True}
}


or from your original post you can add this

Get-QADUser –Sizelimit 0 -IncludedProperties msRTCSIP-FederationEnabled,msRTCSIP-UserEnabled | Where {$_.'msRTCSIP-UserEnabled' -eq $true} | Where {$_.'msRTCSIP-FederationEnabled' -ne $true } | Set-qaduser -ObjectAttributes @{msRTCSIP-FederationEnabled = $True}

Another option would be to use a LDAP filter.

get-qaduser -LDAPFILTER "(&(msRTCSIP-FederationEnabled=True)(msRTCSIP-UserEnabled=True))" | Set-qaduser -ObjectAttributes @{msRTCSIP-FederationEnabled=$True}



Like Dale I am unable to test these since I do not have Office communicator.
0
 
LVL 16

Expert Comment

by:Dale Harris
ID: 36476797
Ahh it's not a native property of AD, so it makes sense it would have to be changed through objectattributes.

Good catch, Ken.
0
 
LVL 3

Author Closing Comment

by:LindyS
ID: 36476838
This solution works as needed.
I only had to make one minor change and enclose the field in quotes.

 @{'msRTCSIP-FederationEnabled' = $True}

Thanks for the help!
0
 
LVL 16

Expert Comment

by:Dale Harris
ID: 36476884
Would it be too much to ask for a point split between myself and Ken?  I think Ken would agree.
0
 
LVL 16

Expert Comment

by:Dale Harris
ID: 36476889
At second glance, I see that you really only needed that one bit of code that Ken provided since you had everything else.  Disregard the last comment I made.
0

Featured Post

VMware Disaster Recovery and Data Protection

In this expert guide, you’ll learn about the components of a Modern Data Center. You will use cases for the value-added capabilities of Veeam®, including combining backup and replication for VMware disaster recovery and using replication for data center migration.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article explains how to prepare an HTML email signature template file containing dynamic placeholders for users' Azure AD data. Furthermore, it explains how to use this file to remotely set up a department-wide email signature policy in Office …
In this article, I am going to show you how to simulate a multi-site Lab environment on a single Hyper-V host. I use this method successfully in my own lab to simulate three fully routed global AD Sites on a Windows 10 Hyper-V host.
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …

809 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question