Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Creating custom attribute using ExtensionAttribute Exchange 2010

Posted on 2014-02-12
7
Medium Priority
?
1,457 Views
Last Modified: 2014-02-19
As always, I'm coming to my wonderful source for solutions to my question.
I work for a school district and we're becoming a Google district.  The email address needs to be "username@domain.us" and our main email address is longer (username@domain.k12.ca.us).  We have 2 accepted domains (the k12.ca.us and just the .us) but the authoritative domain is the k12.ca.us one.
I thought I had changed the AD mail attribute to the shorter "domain.us" but something (probably an Exchange server reboot) changed it back.  This has caused an issue with the synchronization of our AD accounts with Google drive.
I'm pretty sure I can use any of the ExtensionAttribute1-15 attributes to create a custom attribute without having to extend the schema.
What I need is assistance with the powershell command or script that will allow me to first name the attribute and then use a .CSV file to populate the email address for each staff and student account.
Please point me in the right direction.  I'm still somewhat new to powershell and am not a programmer but I can handle up to moderately complex commands and scripts.
Thanks for any input.
0
Comment
Question by:skbarnard
  • 4
  • 2
7 Comments
 
LVL 4

Expert Comment

by:pcmghouse
ID: 39855772
Just few questions:

1. Do you mean .us is default authoritative domain? I suppose both should be authoritative domains and one is default.
2. WHat e-mail address policies do you have? Maybe you have only one and this has changed all the users back to the old e-mail address.
3. Do you want both e-mail addresses to be set for the users?


I can provide you the script, but solve your issue with the above suggestions.
0
 

Author Comment

by:skbarnard
ID: 39856439
Both domains are authoritative, the k12.ca.us is the default.  I'm hesitant to change the default to the .us domain because I don't know what will happen with the email flow.
We have 1 email policy but it's not applied (not enabled)
If we weren't going Google, it wouldn't matter which email address is used but we've told Google that the .us email is what we want to use so it can now only be the .us email.
We'll very likely be switching our staff email to gmail in a couple of months but until we make that transition, I need the account synchronization to function in our current environment.  Google suggested creating a new attribute to put the email address in so that if the mail attribute changes back to the k12.ca.us address, synchronization will sitll work because Google won't be looking at the mail attribute.
0
 
LVL 37

Expert Comment

by:Jamie McKillop
ID: 39857273
Changing the default domain won't fix your issue. My suggestion would be to use an email address policy to apply the correct default email address to each account. If you want to use a custom attribute, you can do that but you can't rename the attribute. You can only set a value.

-JJ
0
What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

 

Accepted Solution

by:
skbarnard earned 0 total points
ID: 39857708
Turns out I can use an existing attribute - userPrincipalName.  There's a value already in there - the student email address but it's pointing to the main domain (domain.us).  We've decided the students will be student.domain.us so I need to change the value in userPrincipalName to student.domain.us.
I had to do a custom search query to get all the users I needed to add (or change) the userPrincipalName attribute on.
I imported that list to a .CSV file and then imported that file into powershell.
I'm still currently running this PS command
foreach($user in $StuData){Set-ADUser $user.StudentNumber -userPrincipalName $user.UPName}
It appears to be working but there's a lot of users for it to iterate through.
0
 
LVL 37

Assisted Solution

by:Jamie McKillop
Jamie McKillop earned 400 total points
ID: 39857781
I would be extremely careful as changing the UPN could cause things to break. If your users use the UPN to log on to any systems they will need to use the new format.

-JJ
0
 

Author Comment

by:skbarnard
ID: 39860551
Thank you for the warnng jjmck.  We have succeeded with using the UPN; we haven't heard of anything going awry (yet) but I'll be monitoring to make sure we don't.
0
 

Author Closing Comment

by:skbarnard
ID: 39869830
This is the solution that worked in my particular case.  All the comments were very helpful
0

Featured Post

 The Evil-ution of Network Security Threats

What are the hacks that forever changed the security industry? To answer that question, we created an exciting new eBook that takes you on a trip through hacking history. It explores the top hacks from the 80s to 2010s, why they mattered, and how the security industry responded.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Here in this article, you will get a step by step guidance on how to restore an Exchange database to a recovery database. Get a brief on Recovery Database and how it can be used to restore Exchange database in this section!
Eseutil Hard Recovery is part of exchange tool and ensures Exchange mailbox data recovery when mailbox gets corrupt due to some problem on Exchange server.
This video discusses moving either the default database or any database to a new volume.
A short tutorial showing how to set up an email signature in Outlook on the Web (previously known as OWA). For free email signatures designs, visit https://www.mail-signatures.com/articles/signature-templates/?sts=6651 If you want to manage em…

824 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question