Change OU's and groups within AD using powershell and variables.

Alex
Alex used Ask the Experts™
on
Good morning all,

So I have a new issue, Shocker with it being a Monday Morning and all. I've been told that I need to change site codes for a number of OU's and change the associated groups which reside either in that OU or somewhere else.

Now

I need to change only the site part of the group, i'm kind of debating deleting and recreating the groups however in the (Likely) event that I'll need to do this again I'm trying to make it self contained.

$OUs = Read-Host "Please enter the OU and Associated groups you'd like to change"

$NewOU = Read-Host "Please enter the new name of the OU and groups"

Foreach ($OU in $OUs){
Get-ADOrganizationalUnit -filter "Name -like $ou" | Set-ADOrganizationalUnit -DisplayName $NewOU }

Get-ADGroup -filter "Name -like $ou"

Open in new window



This is where I've got to and it's pretty shocking, maybe because I broke myself on Friday night and I've still got a headache.

Any hints on how I can do this would be great. I'm still trying to learn the intricacies of PowerShell so please advise rather than giving the straight answer :D

I don't think this is a hash group thing either.

Thanks
ALex
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Managing Consultant
Commented:
Every AD object has a unique name called the distinguishedName. For example, my user object's dn is:

CN=Michael B. Smith,OU=HQUsers,DC=smithcons,DC=local

That first part is the "name" or the "commonName" (same thing).

A displayName is completely unrelated and is just an attribute associated with that object. It could be, for example "John Q. Public". But that doesn't affect the dn of the object.

That's the background.

If you create a new OU, say OU=NewHQ, and you want to MOVE other AD objects to that new OU, then you use Move-ADObject (or similar ADSI/System.DirectoServices interfaces).

If you want to RENAME an object (whether a user, a group, an OU, or anything else), you use Rename-ADObject (or similar ADSI/System.DirectoryServices interfaces).

So I'm not precisely sure what you are trying to do. But this should get you on the path.
Michael B. SmithManaging Consultant

Commented:
I answered the question. I should get credit for it. Not a big deal, but still...
AlexSenior Infrastructure Analyst

Author

Commented:
Yeah ok.... :-p

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial