Solved

Help With a Powershell Command

Posted on 2011-09-02
9
1,672 Views
Last Modified: 2012-06-27
I have a PowerShell command to find all users that do not have the fields "Enable Federation", and " Enable Enhanced Presence" checked for Office communicator.

The command that works is;
Get-QADUser –Sizelimit 0 -IncludedProperties msRTCSIP-FederationEnabled,msRTCSIP-UserEnabled | Where {$_.'msRTCSIP-UserEnabled' -eq $true } | WHERE {$_.'msRTCSIP-FederationEnabled' -ne $true } |select name, msRTCSIP-FederationEnabled |

What I'm having trouble with is using this command to set the followiong value to true.
msRTCSIP-FederationEnabled

Any help would be appreciated.
0
Comment
Question by:LindyS
  • 6
  • 2
9 Comments
 
LVL 16

Expert Comment

by:Dale Harris
ID: 36474143
I would step it out to see if it's a null value, true/false, or empty string.

$User = Get-QADUser "TestUser" -includedproperties msRTCSIP-FederationEnabled

$User.msRTCSIP-FederationEnabled

$User.msRTCSIP-FederationEnabled = $True

Does that work?

If so, try this:
Get-QADUser –Sizelimit 0 -IncludedProperties msRTCSIP-FederationEnabled,msRTCSIP-UserEnabled | Where {$_.'msRTCSIP-UserEnabled' -eq $true } | WHERE {$_.'msRTCSIP-FederationEnabled' -ne $true } | %{$_.msRTCSIP-FederationEnabled = $True}

You can also make it a tiny bit easier for you to understand if you take away the last part in a pipeline and use an actual Foreach command like this:

$Users = Get-QADUser –Sizelimit 0 -IncludedProperties msRTCSIP-FederationEnabled,msRTCSIP-UserEnabled | ? {($_.'msRTCSIP-UserEnabled' -eq $true) -and ($_.'msRTCSIP-FederationEnabled' -ne $true) }

Foreach ($User in $Users){
Write-Host "Setting $($User.samaccountname) to Federation Enabled = True"
$User.msRTCSIP-FederationEnabled = $True
}


Haven't tested this code, just shooting from the hip, but I think that should get you where you need to be.  Please don't just copy and paste it and say "It doesn't work" without trying to see where the error might be (could be a typo).  I've never worked with Officer Communicator but have worked with AD for a long time.

HTH,

Dale Harris
0
 
LVL 16

Expert Comment

by:Dale Harris
ID: 36474155
And does it matter if every single user is supposed to take this command, you could just set all users to enabled/true.

Would that work better?  Or do you need to avoid people that don't have UserEnabled = True?

Just a thought.

Dale
0
 
LVL 3

Author Comment

by:LindyS
ID: 36474446
No I can't set all accounts, it has to be just the ones that are msRTCSIP-UserEnabled.

Thanks for the suggestion, but I am not at work so I can't test the solution.
I will try when I get back in the morning.

I'll play with it a little more then.
0
 
LVL 16

Expert Comment

by:Dale Harris
ID: 36474495
Okay, then the other solution provided should work for you.  Looking forward to a response.

DH
0
Efficient way to get backups off site to Azure

This user guide provides instructions on how to deploy and configure both a StoneFly Scale Out NAS Enterprise Cloud Drive virtual machine and Veeam Cloud Connect in the Microsoft Azure Cloud.

 
LVL 27

Accepted Solution

by:
KenMcF earned 500 total points
ID: 36476698
You will need to use the set-qaduser cmdlet for this. Take the code that Dale has posted but just change this

Foreach ($User in $Users){
Write-Host "Setting $($User.samaccountname) to Federation Enabled = True"
Set-qaduser $user -objectattributes @{msRTCSIP-FederationEnabled=$True}
}


or from your original post you can add this

Get-QADUser –Sizelimit 0 -IncludedProperties msRTCSIP-FederationEnabled,msRTCSIP-UserEnabled | Where {$_.'msRTCSIP-UserEnabled' -eq $true} | Where {$_.'msRTCSIP-FederationEnabled' -ne $true } | Set-qaduser -ObjectAttributes @{msRTCSIP-FederationEnabled = $True}

Another option would be to use a LDAP filter.

get-qaduser -LDAPFILTER "(&(msRTCSIP-FederationEnabled=True)(msRTCSIP-UserEnabled=True))" | Set-qaduser -ObjectAttributes @{msRTCSIP-FederationEnabled=$True}



Like Dale I am unable to test these since I do not have Office communicator.
0
 
LVL 16

Expert Comment

by:Dale Harris
ID: 36476797
Ahh it's not a native property of AD, so it makes sense it would have to be changed through objectattributes.

Good catch, Ken.
0
 
LVL 3

Author Closing Comment

by:LindyS
ID: 36476838
This solution works as needed.
I only had to make one minor change and enclose the field in quotes.

 @{'msRTCSIP-FederationEnabled' = $True}

Thanks for the help!
0
 
LVL 16

Expert Comment

by:Dale Harris
ID: 36476884
Would it be too much to ask for a point split between myself and Ken?  I think Ken would agree.
0
 
LVL 16

Expert Comment

by:Dale Harris
ID: 36476889
At second glance, I see that you really only needed that one bit of code that Ken provided since you had everything else.  Disregard the last comment I made.
0

Featured Post

Is Your AD Toolbox Looking More Like a Toybox?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Resolve DNS query failed errors for Exchange
Find out how to use Active Directory data for email signature management in Microsoft Exchange and Office 365.
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…

920 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now