Avatar of antmax00
antmax00
Flag for United States of America asked on

Powershell Script to change the SamAcountName and UPN for AD users

I'm looking for a powershell script to change the samAccountname and UPN for all AD users.

I would like the samAccountname to be changed to use the first character of the givenName and the full surName.
 e.g.  : Bob Marley <to> bmarley  

The UPN needs to also be changed to the first character of the givenName and the full surName  using my existing upn suffix
  e.g. : bmarley@mydomain.com
Active DirectoryPowershell

Avatar of undefined
Last Comment
X_layer

8/22/2022 - Mon
X_layer

Hi.

Test this script first. After you satisfied whit result simply remove "-WhatIf" at the end of "Set-ADUser" line and script will change this for all users in domain.
Import-Module ActiveDirectory
$ADUsers = Get-ADUser -Filter *
foreach ($ADUser in $ADUsers) {
	$GivenName = $ADUser.GivenName
	$SurName = $ADUser.Surname
	
	$newSAM = $GivenName.Substring(0,1).ToLower() + $SurName.ToLower()
	$newUPN = $newSAM + "@mydomain.com"

	Set-ADUser $ADUser -SamAccountName $newSAM -UserPrincipalName $newUPN -WhatIf
}

Open in new window

antmax00

ASKER
Thanks for the quick response. I'm in the midst of testing it out.

Is it possible to have the script skip an Ad user object if either the surName or GivenName is blank/null?  also indicate which AD users were successfully modified?
ASKER CERTIFIED SOLUTION
X_layer

Log in or sign up to see answer
Become an EE member today7-DAY FREE TRIAL
Members can start a 7-Day Free trial then enjoy unlimited access to the platform
Sign up - Free for 7 days
or
Learn why we charge membership fees
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.
Not exactly the question you had in mind?
Sign up for an EE membership and get your own personalized solution. With an EE membership, you can ask unlimited troubleshooting, research, or opinion questions.
ask a question
SOLUTION
Log in to continue reading
Log In
Sign up - Free for 7 days
Get an unlimited membership to EE for less than $4 a week.
Unlimited question asking, solutions, articles and more.
X_layer

Is it possible to have the script skip an Ad user object if either the surName or GivenName is blank/null?
Experts Exchange has (a) saved my job multiple times, (b) saved me hours, days, and even weeks of work, and often (c) makes me look like a superhero! This place is MAGIC!
Walt Forbes
Neil Russell

Yes but you have used the -ne NOT EQUAL to null.

So in your original code.....

if we use Givenname = John and Surname = $null.

(($GivenName -ne $null) -or ($SurName -ne $null))

(("john" -ne $null) -or ($null -ne $null))

(($true ) -or ($false))

($true)

Will evaluate to TRUE and therefore the code WILL be executed.

Mine will evaluate as FALSE and the code will be skipped.
Neil Russell

So please read both the question AND your answer and evaluate the logic before
Using big bold quotes to contradict somebody please.
X_layer

True.

My fault. Sorry if I've upset you.
Get an unlimited membership to EE for less than $4 a week.
Unlimited question asking, solutions, articles and more.
Neil Russell

No problem, not upset at all, just dont like to see posts that will mislead the questioner.

Have a good rest of the day :D
antmax00

ASKER
thank you both, much appreciated.

the script works with the adjustment(-and) !

Can this script also be adjusted to target a specific OU?
X_layer

Sure can be. Change:
ADUsers = Get-ADUser -Filter *

Open in new window

to:
ADUsers = Get-ADUser -Filter * -SearchBase "OU=Users,DC=my,DC=domain"

Open in new window

This is the best money I have ever spent. I cannot not tell you how many times these folks have saved my bacon. I learn so much from the contributors.
rwheeler23
antmax00

ASKER
Can the "($SurName -ne $null)" in the if statement be adjused to skip Ad user objects that have less than 6 characters in the surname?
X_layer

Sure:
if (($GivenName -ne $null) -and ($SurName -ne $null) -and ($SurName.Length -gt 6))

Open in new window