Clearing users with certain UPN

Currently I have a list of users with a certain upn However the list also contains users with the new UPN, and

What i Want to do is import that list any user with i want to clear the attribute completly. However any user with the @newdomain1,2 and to leave it alone. The other portion of my problem is these users are on the 3 different domains. so I want it to cycle through. I'm also using QAD Cmdlets, this is what i have so far

add-pssnapin quest.activeroles.admanagement

$Domains = @(  

$Domains |%{ $domain = $_

import-csv .\Test.csv | foreach-object{Get-QADUser -service $_ -Identity {$_.samaccountname} | where {$_.userprincipalName -like '*'} |`
set-qaduser -objectAttributes @{userPrincipalName=$null}}


Open in new window

The error i receive is:
Get-QADUser : Cannot evaluate parameter 'Identity' because its argument is
specified as a script block and there is no input. A script block cannot be
evaluated without input.
At C:\Users\user1\Documents\UpdateUserUPNv2.ps1:16 char:50
+ foreach-object{Get-QADUser -service $_ -Identity {$_.samaccountname} | where
{$_ ...
+                                                  ~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : MetadataError: (:) [Get-QADUser], ParameterBindi
    + FullyQualifiedErrorId : ScriptBlockArgumentNoInput,Quest.ActiveRoles.Ars
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Will SzymkowskiSenior Solution ArchitectCommented:
Why not try something like below...
Import-Module activedirectory
$FindUPN = Import-Csv "c:\test.csv"
ForEach ($User in $FindUPN) 
            Get-ADUser -Identity $User.UPN -Properties sAMAccountName, UserPrincipalName

        If ($User.UserPrincipalName -like "*") 


            Set-ADUser -Identity $User.sAMAccountName -UserPrincipalName $null

     } else {

            Write-Output "$User.UPN has NOT been modified"   



Open in new window

The CSV needs to have a Column Heading titled UPN for the above script to work. Run this in a test lab first or with a single user, as i have not tested this myself.

ntr2defAuthor Commented:
well its a multi-domain environment and needs to cycle through the domains to find the users, so this will not work
Will SzymkowskiSenior Solution ArchitectCommented:
Are these domains child domains within the same forest or do you have forest trusts and each domain is a forest root domain?

Also, if you only want to modify the UPN why do you need to query againts all of them?


Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
ntr2defAuthor Commented:
Sorry i meant multi forest, they have a trust between each root domain.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today

From novice to tech pro — start learning today.