Powershell ActiveDirectory Rename SamAcctName

Hello!

I work on a powershell script for my Active Directory.
My mission is simple: Search every samaccountname contains uppercase and export it to a CSV and then rename the samaccountname in lowercase.

And it work with that code for extract samaccountname in uppercase :  
Get-ADUser -filter * -Searchbase 'OU=users,DC=contoso,DC=com' | ? {$_.sAMAccountname -cmatch'^[a-z A-Z .]+$'}  | Select Name | Export-csv -path C:\Users\me\username.csv -NoTypeInformation

Why "-cmatch'^[a-z A-Z .]+$'"? Cause all of my samaccountname are written like that: x.XXxxx .

Next step, i try to rename in lowercase all the samaccountname in the list of username.csv contained in Active DIrectory.
And i'm blocked with that code :
Import-Csv C:\Users\me\username.csv | foreach{Set-ADUser -identity $_-SamAccountName  $_.sAMAccountName.tolower()}
.
It doesn't work.

Can you help me? Im a newbie.

The hardest point is after executing that script in powershell,  i want to see the result in the AD.
For example: There is an oldSamAccountName: J.smiTH , after executing the script, im able to see in AD (not in the powershell console) the new Account name: j.smith in Properties->Account. Is it possible?

Thanks in advance.
CLR BenjaminAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Joseph DalyCommented:
Import-Csv C:\Users\me\username.csv | foreach{Set-ADUser -identity $_-SamAccountName  $_.sAMAccountName.tolower()}

Open in new window


You have a - instead of a . listed in this code should be.

Import-Csv C:\Users\me\username.csv | foreach{Set-ADUser -identity $_.SamAccountName  $_.sAMAccountName.tolower()}

Open in new window

0
CLR BenjaminAuthor Commented:
No, always the error :
Set-ADUser : Impossible de trouver un paramètre positionnel acceptant l'argumen
t « me ».
Au niveau de ligne : 1 Caractère : 74
+ Import-Csv C:\Users\me\username.csv | foreach{Set-ADUser <<<
<  -identity $_.SamAccountName  $_.sAMAccountName.tolower()}
    + CategoryInfo          : InvalidArgument: (:) [Set-ADUser], ParameterBind
   ingException
    + FullyQualifiedErrorId : PositionalParameterNotFound,Microsoft.ActiveDire
   ctory.Management.Commands.SetADUser

Set-ADUser : Impossible de trouver un paramètre positionnel acceptant l'argumen
t « t.desk ».
Au niveau de ligne : 1 Caractère : 74
+ Import-Csv C:\Users\me\username.csv | foreach{Set-ADUser <<<
<  -identity $_.SamAccountName  $_.sAMAccountName.tolower()}
    + CategoryInfo          : InvalidArgument: (:) [Set-ADUser], ParameterBind
   ingException
    + FullyQualifiedErrorId : PositionalParameterNotFound,Microsoft.ActiveDire
   ctory.Management.Commands.SetADUser

Open in new window


In english: A positional parameter cannot be found that accepts argument "me".

I want to be more precise: I want import the samaccountname contained in the csv file, in powershell and for EACH name, apply the function Lowercase to the SamAccountName. And i want to see the result in the AD console when i right click-Properties-Account on the user.
Here my list in the CSV :
"sAMaccountname"
"t.DESK2"
"t.Desk"

Open in new window

0
Joseph DalyCommented:
First get rid of the " in your CSV file. I have done imports many times and never used quotes in my csv file.

Try this

Import-Csv C:\Users\me\username.csv | foreach {
$samid= $_.samaccountname
$samid=$samid.tolower()
Set-ADUser -identity $_.samaccoutname -samaccoutname $samid
}
0
How do you know if your security is working?

Protecting your business doesn’t have to mean sifting through endless alerts and notifications. With WatchGuard Total Security Suite, you can feel confident that your business is secure, meaning you can get back to the things that have been sitting on your to-do list.

CLR BenjaminAuthor Commented:
I tried, but i have this error now :
Set-ADUser : Impossible de valider l'argument sur le paramètre « Identity ». L'
argument est null. Indiquez un argument non-null et réessayez.
Au niveau de C:\Users\me\dc.ps1 : 4 Caractère : 21
+ Set-ADUser -identity <<<<  $_.samaccoutname -samaccoutname $samid
    + CategoryInfo          : InvalidData: (:) [Set-ADUser], ParameterBindingV
   alidationException
    + FullyQualifiedErrorId : ParameterArgumentValidationError,Microsoft.Activ
   eDirectory.Management.Commands.SetADUser

Set-ADUser : Impossible de valider l'argument sur le paramètre « Identity ». L'
argument est null. Indiquez un argument non-null et réessayez.
Au niveau de C:\Users\me\dc.ps1 : 4 Caractère : 21
+ Set-ADUser -identity <<<<  $_.samaccoutname -samaccoutname $samid
    + CategoryInfo          : InvalidData: (:) [Set-ADUser], ParameterBindingV
   alidationException
    + FullyQualifiedErrorId : ParameterArgumentValidationError,Microsoft.Activ
   eDirectory.Management.Commands.SetADUser

Open in new window


Translation : impossible to validate an argument on a parameter: identity.
Mhh now i have a doubt about the command: Set-ADUser -identity $_.samaccoutname -samaccoutname $samid.


PS: if i have the " in my csv it's because i opened it with the text editor. Or not? (on my server i can't read csv for the moment.)
0
Joshua GrantomSenior Systems AdministratorCommented:
samaccoutname should be samaccountname. It is misspelled.

Import-Csv C:\Users\me\username.csv | foreach {
$samid = $($_.samaccountname).tolower()
Set-ADUser -identity $_.samaccountname -samaccountname $samid
}

Open in new window

0
Joseph DalyCommented:
Good catch. Sorry about that.
0
Joshua GrantomSenior Systems AdministratorCommented:
It happens to the best of us!
0
CLR BenjaminAuthor Commented:
OK really thank you, it's working... Or not i have not the result i looking for. With screenshot;  screenshotAs you can see the SAMACCOUNTNAME is in lowercase as i asked =).
But in AD: screenshot
Why it's always t-DESK?

Use another commande like Rename instead "-samaccountname"?

Thank you a lot btw now i understand few more things in powershell.
0
Joseph DalyCommented:
How many DCs do you have? The info could be changed and may need time to replicate if you have multiple DCs.
0
Joshua GrantomSenior Systems AdministratorCommented:
Joseph has a point. Depending on your replication schedule it could take a bit.
0
CLR BenjaminAuthor Commented:
Only two DC. Are you sure this command change the parameter in AD? Cause i always suceed today to made the change in powershell and i got the same problem.
The replication took only 5-10 minutes. I can wait.
0
Joshua GrantomSenior Systems AdministratorCommented:
it may be because of the UserPrincipalName as well
0
CLR BenjaminAuthor Commented:
So i need to change the UPN too? What's the command -UserprincipalName?
0
Joshua GrantomSenior Systems AdministratorCommented:
-UserPrincipalName

Import-Csv C:\Users\me\username.csv | foreach {
$samid = $($_.samaccountname).tolower()
Set-ADUser -identity $_.samaccountname -samaccountname $samid -UserPrincipalName "$($samid)@contoso.com"
}
0
CLR BenjaminAuthor Commented:
Ok ,i did it but no change.
As you can see, when i rename on the AD the user t.desk i have this windows. And this is ALWAYS in t.DESK.regc.jpg
0
CLR BenjaminAuthor Commented:
Is this another command like SET-ADOBJECT?
0
Joshua GrantomSenior Systems AdministratorCommented:
Try this

Import-Csv C:\Users\me\username.csv | foreach {
$samidoriginal = $($_.samaccountname).tolower()
$samid = $($_.samaccountname).tolower()
$samid = $samid + "1"
Set-ADUser -identity $_.samaccountname -samaccountname $samid -UserPrincipalName "$($samid)@contoso.com"
Set-ADUser -identity $samid -samaccountname $samidoriginal -UserPrincipalName "$($samidoriginal)@contoso.com"
}

Open in new window


There might be a better way but it should work.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
CLR BenjaminAuthor Commented:
Wow nice, it work!! But, didn't understand your code yet. I will work on it. Just why $samid +"1" ? And the last line, what did it change in the script?
0
Joshua GrantomSenior Systems AdministratorCommented:
All it does is change the name to
t.desk1 then changes it back to t.desk.

It seems ADUC doesn't update if the case changes unless you completely rename it first
0
CLR BenjaminAuthor Commented:
Ah i understand now, strange.
Thank you!
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Active Directory

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.