Categories
Powershell

Adding User Principal Names in Active Directory via PowerShell for Federation

I wanted to update the UPN or User Principal Names in our AD, as we had a couple thousand users that had been in our AD for over 10 years, in the NT days. So they were created without UPN’s.

This will print out the list of users and output it to a file so you can review who will be changed. We did not want to change the admin users so I added a notlike clause.

get-aduser -Filter * -SearchBase ‘CN=Users,dc=vivithemage,dc=com’ | where {($_.userprincipalname -eq $null) -and ($_.name -notlike “*admin*”)} | format-table samaccountname,givenname,surname | Out-File c:\test\UPN-prechange2.txt

Reviewed the list, looked good, so I can now run this to make the blanket change, while manually specifying the domain name:

get-aduser -Filter * -SearchBase ‘CN=Users,dc=vivithemage,dc=com’ | where {($_.userprincipalname -eq $null) -and ($_.name -notlike “*admin*”)} | foreach { Set-ADUser $_ -UserPrincipalName (“{0}@{1}” -f $_.name,”vivithemage.com”)}

Lots of help from this article: http://blogs.technet.com/b/heyscriptingguy/archive/2013/08/13/add-user-principal-names-in-active-directory-via-powershell.aspx
and ss64.com

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.