Powershell Script rename AD usernames

Hello

I need a powershell script that will change all of my AD user logon names in windows 2008

example: for a user named first name = John last name = Doe
I need to have his exsisting user logon name jdoe changed to john.doe



Thanks your help is appreciated!
AC-DAsked:
Who is Participating?
 
Jamie McKillopIT ManagerCommented:
Hello,

Try this:

Get-QADUser -SearchRoot "domain.com/SomeOU" | ForEach-Object {
  $FistName = $_.FirstName -replace " ",""
  $LastName = $_.LastName -replace " ",""
  $NewUsername = "$($FirstName)$(".")$($LastName)"

  $_ | Set-QADUser -SamAccountName $NewUsername -UserPrincipalName "$NewUsername@domain.com"

}

Open in new window


JJ
0
 
X_layerCommented:
Hi.

Try this script:
$Users = Get-ADUser -Filter * -Properties *

foreach ($User in $Users) {
	$NewSAM = $User.GivenName + "." + $User.Surname
	Set-ADUser -SamAccountName $NewSAM -WhatIf
}

Open in new window

This script just shows what to be performed on which objects. If you want to actually perform this actions just remove  -whatif.
0
 
AC-DAuthor Commented:
Thanks ,, I will give it a try later today
0
How do you know if your security is working?

Protecting your business doesn’t have to mean sifting through endless alerts and notifications. With WatchGuard Total Security Suite, you can feel confident that your business is secure, meaning you can get back to the things that have been sitting on your to-do list.

 
AC-DAuthor Commented:
Hi, I am having trouble with the script. Could you tell me what the givenName and Surname our looking for in AD?

Also I get the following error when I jut run the first part of the script
Get-ADUser -Filter * -Properties *

PS C:\Windows\system32> Get-ADUser -Filter * -Properties *


The term 'Get-ADUser' is not recognized as the name of a cmdlet, function, script file, or operable program. Check the spelling of the name, or if a path was included, verify that the path is correct and try
again.
At line:1 char:11
+ Get-ADUser <<<<  -Filter * -Properties *
    + CategoryInfo          : ObjectNotFound: (Get-ADUser:String) [], CommandNotFoundException
    + FullyQualifiedErrorId : CommandNotFoundException
 


__________________
0
 
X_layerCommented:
Sorry, you must load AD module first.
Add this line to start of the script:
Import-Module ActiveDirectory

Open in new window

And if you running this on workstation you need Win7 and RSAT.
0
 
AC-DAuthor Commented:
Hi I am still having trouble, when I run the follwing I get the error below?

Import-Module ActiveDirectory
$Users = Get-ADUser -Filter * -Properties *

foreach ($User in $Users) {
      $NewSAM = $User.GivenName + "." + $User.Surname
      Set-ADUser -SamAccountName $NewSAM -WhatIf
}

Set-ADUser : Parameter set cannot be resolved using the specified named parameters.
At E:\Scripts\LogonName.ps1:6 char:12
+     Set-ADUser <<<<  -SamAccountName $NewSAM -WhatIf
    + CategoryInfo          : InvalidArgument: (:) [Set-ADUser], ParameterBindingException
    + FullyQualifiedErrorId : AmbiguousParameterSet,Microsoft.ActiveDirectory.Management.Commands.SetAD 
   User
 
Set-ADUser : Parameter set cannot be resolved using the specified named parameters.
At E:\Scripts\LogonName.ps1:6 char:12
+     Set-ADUser <<<<  -SamAccountName $NewSAM -WhatIf
    + CategoryInfo          : InvalidArgument: (:) [Set-ADUser], ParameterBindingException
    + FullyQualifiedErrorId : AmbiguousParameterSet,Microsoft.ActiveDirectory.Management.Commands.SetAD 
   User
 
Set-ADUser : Parameter set cannot be resolved using the specified named parameters.
At E:\Scripts\LogonName.ps1:6 char:12
+     Set-ADUser <<<<  -SamAccountName $NewSAM -WhatIf
    + CategoryInfo          : InvalidArgument: (:) [Set-ADUser], ParameterBindingException
    + FullyQualifiedErrorId : AmbiguousParameterSet,Microsoft.ActiveDirectory.Management.Commands.SetAD 
   User
 
Set-ADUser : Parameter set cannot be resolved using the specified named parameters.
At E:\Scripts\LogonName.ps1:6 char:12
+     Set-ADUser <<<<  -SamAccountName $NewSAM -WhatIf
    + CategoryInfo          : InvalidArgument: (:) [Set-ADUser], ParameterBindingException
    + FullyQualifiedErrorId : AmbiguousParameterSet,Microsoft.ActiveDirectory.Management.Commands.SetAD 
   User
 
Set-ADUser : Parameter set cannot be resolved using the specified named parameters.
At E:\Scripts\LogonName.ps1:6 char:12
+     Set-ADUser <<<<  -SamAccountName $NewSAM -WhatIf
    + CategoryInfo          : InvalidArgument: (:) [Set-ADUser], ParameterBindingException
    + FullyQualifiedErrorId : AmbiguousParameterSet,Microsoft.ActiveDirectory.Management.Commands.SetAD 
   User
 
Set-ADUser : Parameter set cannot be resolved using the specified named parameters.
At E:\Scripts\LogonName.ps1:6 char:12
+     Set-ADUser <<<<  -SamAccountName $NewSAM -WhatIf
    + CategoryInfo          : InvalidArgument: (:) [Set-ADUser], ParameterBindingException
    + FullyQualifiedErrorId : AmbiguousParameterSet,Microsoft.ActiveDirectory.Management.Commands.SetAD 
   User
 
Set-ADUser : Parameter set cannot be resolved using the specified named parameters.
At E:\Scripts\LogonName.ps1:6 char:12
+     Set-ADUser <<<<  -SamAccountName $NewSAM -WhatIf
    + CategoryInfo          : InvalidArgument: (:) [Set-ADUser], ParameterBindingException
    + FullyQualifiedErrorId : AmbiguousParameterSet,Microsoft.ActiveDirectory.Management.Commands.SetAD 
   User
 
Set-ADUser : Parameter set cannot be resolved using the specified named parameters.
At E:\Scripts\LogonName.ps1:6 char:12
+     Set-ADUser <<<<  -SamAccountName $NewSAM -WhatIf
    + CategoryInfo          : InvalidArgument: (:) [Set-ADUser], ParameterBindingException
    + FullyQualifiedErrorId : AmbiguousParameterSet,Microsoft.ActiveDirectory.Management.Commands.SetAD 
   User
 
Set-ADUser : Parameter set cannot be resolved using the specified named parameters.
At E:\Scripts\LogonName.ps1:6 char:12
+     Set-ADUser <<<<  -SamAccountName $NewSAM -WhatIf
    + CategoryInfo          : InvalidArgument: (:) [Set-ADUser], ParameterBindingException
    + FullyQualifiedErrorId : AmbiguousParameterSet,Microsoft.ActiveDirectory.Management.Commands.SetAD 
   User[/b]

Open in new window

0
 
AC-DAuthor Commented:
I was able to get it working with the folowing script that I found on another post.

I have just one thing I need to resolve.

Our users first names have a space ? example   first name = OPS John
last name= Doe

How would you modify the script to remove the space so the user logon name would be
opsjohn.doe

Get-QADUser -SearchRoot "domain.com/SomeOU" | ForEach-Object {
  $NewUsername = "$($_.FirstName)$(".")$($_.LastName)"

  $_ | Set-QADUser -SamAccountName $NewUsername -UserPrincipalName "$NewUsername@domain.com"

  }

Open in new window

0
 
AC-DAuthor Commented:
Thanks All! Note I downloaded the Quest powershell cmdlets to make this work.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.