我试图获取特定的AD用户并更改他们的UPN,但不是他们的UPN后缀。
正如你所看到的那样,我必须手动输入他们当前的UPN后缀,这有点毫无意义,因为你必须进入AD才能找到它,是否有像$_.UPNSuffix这样的字符串会调用用户当前的后缀?
$container = "OU=MyOU,DC=MyDomain,DC=local"
$Filter = Read-Host -Prompt "Enter users Username/P-number"
$UPNSuffix = Read-Host -Prompt "Enter users current UPN Suffix"
$users = Get-ADUser -Filter "UserPrincipalName -like '$Filter*'" -SearchBase $container
Foreach ($user in $users)
{
$newFQDN = $user.GivenName + "." + $user.Surname
$NewDN = $user.GivenName + " " + $user.Surname
Set-ADUser -Identity $user -UserPrincipalName $newFQDN@$UPNSuffix -SamAccountName $newFQDN
Write-Host "User's UPN is now $newFQDN@$UPNSuffix"
}
答案 0 :(得分:2)
您可以通过拆分@符号来获取UPN组件。 我会按照以下方式做点什么:
$container = "OU=MyOU,DC=MyDomain,DC=local"
$Filter = Read-Host -Prompt "Enter users Username/P-number"
$users = Get-ADUser -Filter "UserPrincipalName -like '$Filter@*'" -SearchBase $container
Foreach ($user in $users)
{
$null, $UPNSuffix = $user.UserPrincipalName -split '@' # Dump the first part, store the 2nd
$newFQDN = $user.GivenName + "." + $user.Surname
$NewDN = $user.GivenName + " " + $user.Surname
Set-ADUser -Identity $user -UserPrincipalName "$newFQDN@$UPNSuffix" -SamAccountName $newFQDN
Write-Host "User's UPN is now $newFQDN@$UPNSuffix"
}
答案 1 :(得分:1)
从一个快速的Google看来,似乎没有一个专用字段用于后缀,但我想你可以得到UserPrincipalName属性,然后只需拆分@并抓住分割的第二个元素:
$UPN = (Get-ADUser -Identity $user -Property UserPrincipalName).UserPrincipalName
If ($UPN) {
$UPNSuffix = ($UPN -Split '@')[1]
} Else {
Write-Warning "Failed to get UserPrincipalName for $User"
}
注意:这是未经测试的代码。
答案 2 :(得分:0)
可以从位于以下位置的 Partitions 对象的 uPNSuffixes 字段中获取UPN后缀:
CN =分区,CN =配置,DC = xxxxx,DC = com
感谢本文提供的C#示例: List all UPN Suffixes from Active Directory
我不知道如何在powershell中实现它,但是在PHP中,这很简单:
ldap_read($ldapConnection, "CN=Partitions,CN=Configuration,DC=xxxxx,DC=com", "(objectclass=*)", array("*");
也许带有 Get-UserPrincipalNamesSuffix : https://docs.microsoft.com/en-us/powershell/module/exchange/active-directory/get-userprincipalnamessuffix?view=exchange-ps
希望这对某人有帮助!