Active Directory Migrations: Setting user attributes

In the ongoing series of AD Migrations….

These next couple are very specific to our environment but I’m putting them out here for posterity. Both use the Quest AD Powershell tools, which are very powerful tools when it comes to object manipulation in AD. I suggest you go download and install them immediately – Quest

This first one sets an extended attribute on the user in the source domain so that we know they’ve been migrated. It’s more for a key for reports and stuff, but can be good info to have.

The second combines a couple of things. The first thing it does is set the displayname and UPN for the migrated user to go with our new standards (oh, did I mention we’re changing the UPN but leaving the SAM alone and changing the displayname?)

It also turns on ActiveSync for the users if they need it. Made the most sense for our scripts to put it here.

AttribMig.ps1:


##filename attribmig.ps1
## Set transcript output
$Tranoutput="d:\migration\Outputs\" + $date + "SourceSIP.txt"
start-transcript -path $Tranoutput -append

##call include file
. .\params.ps1

## import our import file
$import=import-csv $importfile

##Set migrated attribute in source
## We're just setting an extended attribute using QAD and piping that out to the screen.

ForEach ($item in $import){
 write-host "Attribute being set for " $item.sourcename -foregroundcolor yellow
 set-qaduser -service $SourceDC -identity $item.sourcename -objectAttributes @{"extensionattribute4"="MigratedToCorp"}
}
stop-transcript

DisplayName.ps1


## Set our transcript and output file
$Tranoutput="d:\migration\Outputs\" + $date + "UPN.txt"
start-transcript -path $Tranoutput -append

##call include file
. .\params.ps1

##Create Sessions to Exchange 2010 in Target
$ExchSession=New-PSSession -ConfigurationName Microsoft.Exchange -connectionuri $ExchURI -credential $LocalCredentials

## Import our file and session

$import=import-csv $importfile
import-pssession $ExchSession|out-null

##Perform set user to fix displayname and upn
## Set the displayname and UPN based off of input file

foreach ($item in $Import){
 $UPN=$item.newupn+"@csgicorp.com"
 $AS=$item.ActiveSync.ToUpper()
 write-host "Setting UPN and AS for " $item.smtp -foregroundcolor yellow
 set-user -identity $item.smtp -displayname $item.displayname -userprincipalname $UPN

## Check if user is supposed to have ActiveSync Enabled and turn it on if they do

if ($AS -eq "YES"){set-casmailbox -identity $item.smtp -activesyncenabled $true}

}

## Clean up after ourselves and stop transcript
remove-pssession $ExchSession
stop-transcript

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s